Home
Library
Mindspark Interactive Network
MyWebFace Internet Explorer Toolbar

MyWebFace Internet Explorer Toolbar

Known Toolbar

What is MyWebFace Internet Explorer Toolbar?

MyWebFace Internet Explorer Toolbar is software application developed by Mindspark Interactive Network. It is most commonly found on computers running Windows 7 with nearly 53.09% of installations running this operating system. MyWebFace Internet Explorer Toolbar's installer is typically 8.00 MB in size and installs around 51 files. The most common release is 11.0.9600.16438 with 0.62% of all installations currently using this version.

MyWebFace Internet Explorer Toolbar is most popular in the United States with 51.42% of installations residing in this country.

MyWebFace Internet Explorer Toolbar adds 3 scheduled tasks to the Windows Task Scheduler launching the program at randomly scheduled times.

About MyWebFace Internet Explorer Toolbar?

Our software is a toolbar/web browser extension that is supported by advertisements and search revenue. It is commonly installed as an optional offer through bundling with third-party software. Upon installation, the toolbar will adjust the home page and new tab pages to an affiliate search portal using a primary search engine to generate shared search revenue. Additionally, it will modify the default search provider.

Multiple virus scanners have detected malware in MyWebFace Internet Explorer Toolbar.

AppIntegrator64.exe (MD5: f6dc4156b10629b1bcb37152d3523326) has been flagged by 20 scanners:

Scanner Software	Version	Result
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	13.0.0.3169	Zango
Dr.Web		Adware.MyWebSearch.47
ESET-NOD32	9268	Win64/Toolbar.MyWebSearch.A
K7 AntiVirus	9.175.10781	Trojan ( 004703fc1 )
K7GW	9.175.10786	Trojan ( 004703fc1 )
nProtect	2014-01-08.02	Adware/W32.Agent.548936
Rising Antivirus	25.0.0.11	PE:Trojan.Win32.Generic.14B467E4!347367396
VIPRE Antivirus	25246	MyWebSearch.J (v) (not malicious)
Baidu-International	3.5.1.41473	Adware.Win32.MyWebSearch.bQ
McAfee	6.0.4.564	Artemis!F384F5A411E3
McAfee-GW-Edition	2013.2	Artemis!F384F5A411E3
Panda Antivirus	10.0.3.5	Adware/WebSearch
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0716
Tencent	1.0.0.1	Win32.Trojan.Falsesign.Lkxk
Antiy-AVL	2.0.3.7	Trojan/win32.agent.gen
Bkav FE	1.3.0.4613	W32.Clodc29.Trojan.ff33
Kingsoft AntiVirus	2013.04.09.267	Win32.Troj.Undef.(kcloud)
Malwarebytes	1.75.0001	PUP.Optional.AudioToAudioToolBar.A
NANO AntiVirus	0.28.0.57029	Trojan.Win32..csafum

5abrmon.exe (MD5: 35d6caaa9e4d82974a74dbdb53801f98) has been flagged by 12 scanners:

Scanner Software	Version	Result
Antiy-AVL	2.0.3.7	Trojan/win32.agent.gen
avast!	8.0.1489.320	Win32:PUP-gen [PUP]
AVG	13.0.0.3169	AdInstaller.FunWeb
Bkav FE	1.3.0.4613	W32.Clodc29.Trojan.ff33
Dr.Web		Adware.BGuard.38
ESET-NOD32	9264	Win32/Toolbar.MyWebSearch.W
VIPRE Antivirus	25220	MyWebSearch.J (v) (not malicious)
Baidu-International	3.5.1.41473	Adware.Win32.Mindspark.71
Kingsoft AntiVirus	2013.04.09.267	Win32.Troj.Undef.(kcloud)
Malwarebytes	1.75.0001	PUP.Optional.AudioToAudioToolBar.A
TrendMicro-HouseCall	9.700-1001	TROJ_GEN.F47V0309
NANO AntiVirus	0.28.0.57029	Trojan.Win32..csafum

5abarsvc.exe (MD5: 5d31f1103d9927dcb0e731dde36df2e7) has been flagged by 8 scanners:

Scanner Software	Version	Result
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	13.0.0.3169	Zango
Baidu-International	3.5.1.41473	Adware.Win32.Mindspark.71
Kingsoft AntiVirus	2013.04.09.267	Win32.Troj.Undef.(kcloud)
Malwarebytes	1.75.0001	PUP.Optional.AudioToAudioToolBar.A
TrendMicro-HouseCall	9.700-1001	TROJ_GEN.F47V0309
VIPRE Antivirus	28506	MyWebSearch.J (v) (not malicious)
NANO AntiVirus	0.28.0.57029	Trojan.Win32..csafum

NP5aStub.dll (MD5: f384f5a411e33809235a35ba6d4809c9) has been flagged by 16 scanners:

Scanner Software	Version	Result
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	14.0.0.3986	Zango
Baidu-International	3.5.1.41473	Adware.Win32.MyWebSearch.bQ
McAfee	6.0.4.564	Artemis!F384F5A411E3
McAfee-GW-Edition	2013.2	Artemis!F384F5A411E3
Panda Antivirus	10.0.3.5	Adware/WebSearch
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0716
VIPRE Antivirus	31994	MyWebSearch.J (v) (not malicious)
Tencent	1.0.0.1	Win32.Trojan.Falsesign.Lkxk
Antiy-AVL	2.0.3.7	Trojan/win32.agent.gen
Bkav FE	1.3.0.4613	W32.Clodc29.Trojan.ff33
Dr.Web		Adware.BGuard.38
ESET-NOD32	9264	Win32/Toolbar.MyWebSearch.W
Kingsoft AntiVirus	2013.04.09.267	Win32.Troj.Undef.(kcloud)
Malwarebytes	1.75.0001	PUP.Optional.AudioToAudioToolBar.A
NANO AntiVirus	0.28.0.57029	Trojan.Win32..csafum

5aSrchMn.exe (MD5: fb85f333d10b1475650c4304f99a1ece) has been flagged by 20 scanners:

Scanner Software	Version	Result
Antiy-AVL	2.0.3.7	Trojan/Win32.Generic
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	13.0.0.3169	Skodna.Generic.AOF
Bkav FE	1.3.0.4613	W32.Cloddd7.Trojan.8c0b
Dr.Web		Adware.MyWebSearch.47
ESET-NOD32	9262	Win32/Toolbar.MyWebSearch.W
K7 AntiVirus	9.175.10766	Trojan ( 0047e1181 )
K7GW	9.175.10766	Trojan ( 0047e1181 )
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.Undef.(kcloud)
NANO AntiVirus	0.28.0.57029	Trojan.Win32.MyWebSearch.crhhqy
nProtect	2014-01-08.01	Trojan/W32.Agent.44784.D
VIPRE Antivirus	25210	MyWebSearch.J (v) (not malicious)
Rising Antivirus	25.0.0.11	PE:Trojan.Win32.Generic.14B467E4!347367396
Baidu-International	3.5.1.41473	Adware.Win32.MyWebSearch.bQ
McAfee	6.0.4.564	Artemis!F384F5A411E3
McAfee-GW-Edition	2013.2	Artemis!F384F5A411E3
Panda Antivirus	10.0.3.5	Adware/WebSearch
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0716
Tencent	1.0.0.1	Win32.Trojan.Falsesign.Lkxk
Malwarebytes	1.75.0001	PUP.Optional.AudioToAudioToolBar.A

Software Behaviors

Services:: 5abarsvc.exe runs as a service named 'HappinessInfusion Service' (HappinessInfusion_5wService).
Scheduled tasks:: AppIntegrator64.exe is scheduled as a task named 'Price Fountain' (runs daily at 4:45 PM).

5amedint.exe is scheduled as a task with the class '{CEC2F177-6434-48CF-AEA5-AB1F3AD5E60A}' (runs on registration).

5aSrchMn.exe is scheduled as a task named 'MetaCrawler' (runs daily at 15:24).

Startup Entries

Startup tasks:: AppIntegrator64.exe is automatically launched at startup through a scheduled task named 7.

5aSrchMn.exe is automatically launched at startup through a scheduled task named 3.

5amedint.exe is automatically launched at startup through a scheduled task named 2.

5abrmon.exe is automatically launched at startup through a scheduled task named 4.
Registry entries:: 5amedint.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'MapsGalaxy EPM Support' and executes as "C:\Program Files2\MAPSGA~2\bar\1.bin\39medint.exe" T8EPMSUP.DLL,S.

5abrmon.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'ctfmon.exe' and executes as C:\Program Files3\rundll32.exe C:\Program Files3\lni28.dat,FG00.

5aSrchMn.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'Hoolapp Android' and executes as "C:\users\user\appdata\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized.

Software Details

URL:: https://support.mindspark.com
Support:: –
Installation path:: C:\Program Files\MyWebFace_5a\bar\1.bin
Uninstaller:: rundll32 "C:\Program Files\MyWebFace_5a\bar\1.bin\5aBar.dll",O mindsparktoolbarkey="MyWebFace_5a" uninstalltype=IE
Size:: 8.00 MB
Language:: English

MyWebFace Internet Explorer Toolbar Executable Details

Primary executable:: 5abar.dll
Name:: MyWebFace Internet Explorer Toolbar
Path:: C:\Program Files\MyWebFace_5a\bar\1.bin\5abar.dll
MD5:: 3f7583821989e49412f4a3531f04744b
SHA-1:: –
SHA-256:: –

Files installed by MyWebFace Internet Explorer Toolbar

File Type	Filename	MD5
DLL	T8HTML.DLL	e8298b19ec987061e98f83dff8c310be
DLL	T8EXTPEX.DLL	3ccd83d975e39d037cd209316b1bc139
DLL	T8EXTEX.DLL	dc7003576cce4a0d9429131a8c0d2bfd
DLL	T8EPMSUP.DLL	b8274b1454a8c3fca77dd48a7a91bf65
DLL	DPNMNGR.DLL	3c1f4921b60d3d0c81914e34c3b9da8a
DLL	CREXT.DLL	a28d57ddcb370918f6bc297fb7366ac9
DLL	AppIntegratorStub64.dll	c9349591497ff3d0149be8de8be73460
EXE	AppIntegrator64.exe Malware	f6dc4156b10629b1bcb37152d3523326
DLL	Hpg64.dll	ce06632eb3ccdee2f4e591fb58653c43
DLL	EXEMANAGER.DLL	119567b277d7e1d740d542bd0c30831f