Home
Library
Mindspark Interactive Network
MyWebFace Internet Explorer Toolbar

MyWebFace Internet Explorer Toolbar

Known Toolbar

What is MyWebFace Internet Explorer Toolbar?

MyWebFace Internet Explorer Toolbar is software application developed by Mindspark Interactive Network. It is most commonly found on computers running Windows 7 with nearly 53.09% of installations running this operating system. MyWebFace Internet Explorer Toolbar's installer is typically 8.00 MB in size and installs around 51 files. The most common release is 11.0.9600.16438 with 0.62% of all installations currently using this version.

MyWebFace Internet Explorer Toolbar is most popular in the United States with 51.42% of installations residing in this country.

MyWebFace Internet Explorer Toolbar adds 3 scheduled tasks to the Windows Task Scheduler launching the program at randomly scheduled times.

About MyWebFace Internet Explorer Toolbar?

Our software is a toolbar/web browser extension that is supported by advertisements and search revenue. It is commonly installed as an optional offer through bundling with third-party software. Upon installation, the toolbar will adjust the home page and new tab pages to an affiliate search portal using a primary search engine to generate shared search revenue. Additionally, it will modify the default search provider.

Multiple virus scanners have detected malware in MyWebFace Internet Explorer Toolbar.

AppIntegrator64.exe (MD5: f6dc4156b10629b1bcb37152d3523326) has been flagged by 20 scanners:

Scanner Software	Version	Result
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	13.0.0.3169	Zango
Dr.Web		Adware.MyWebSearch.47
ESET-NOD32	9268	Win64/Toolbar.MyWebSearch.A
K7 AntiVirus	9.175.10781	Trojan ( 004703fc1 )
K7GW	9.175.10786	Trojan ( 004703fc1 )
nProtect	2014-01-08.02	Adware/W32.Agent.548936
Rising Antivirus	25.0.0.11	PE:Trojan.Win32.Generic.14B467E4!347367396
VIPRE Antivirus	25246	MyWebSearch.J (v) (not malicious)
Baidu-International	3.5.1.41473	Adware.Win32.MyWebSearch.bQ
McAfee	6.0.4.564	Artemis!F384F5A411E3
McAfee-GW-Edition	2013.2	Artemis!F384F5A411E3
Panda Antivirus	10.0.3.5	Adware/WebSearch
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0716
Tencent	1.0.0.1	Win32.Trojan.Falsesign.Lkxk
Antiy-AVL	2.0.3.7	Trojan/win32.agent.gen
Bkav FE	1.3.0.4613	W32.Clodc29.Trojan.ff33
Kingsoft AntiVirus	2013.04.09.267	Win32.Troj.Undef.(kcloud)
Malwarebytes	1.75.0001	PUP.Optional.AudioToAudioToolBar.A
NANO AntiVirus	0.28.0.57029	Trojan.Win32..csafum

5abrmon.exe (MD5: 35d6caaa9e4d82974a74dbdb53801f98) has been flagged by 12 scanners:

Scanner Software	Version	Result
Antiy-AVL	2.0.3.7	Trojan/win32.agent.gen
avast!	8.0.1489.320	Win32:PUP-gen [PUP]
AVG	13.0.0.3169	AdInstaller.FunWeb
Bkav FE	1.3.0.4613	W32.Clodc29.Trojan.ff33
Dr.Web		Adware.BGuard.38
ESET-NOD32	9264	Win32/Toolbar.MyWebSearch.W
VIPRE Antivirus	25220	MyWebSearch.J (v) (not malicious)
Baidu-International	3.5.1.41473	Adware.Win32.Mindspark.71
Kingsoft AntiVirus	2013.04.09.267	Win32.Troj.Undef.(kcloud)
Malwarebytes	1.75.0001	PUP.Optional.AudioToAudioToolBar.A
TrendMicro-HouseCall	9.700-1001	TROJ_GEN.F47V0309
NANO AntiVirus	0.28.0.57029	Trojan.Win32..csafum

5abarsvc.exe (MD5: 5d31f1103d9927dcb0e731dde36df2e7) has been flagged by 8 scanners:

Scanner Software	Version	Result
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	13.0.0.3169	Zango
Baidu-International	3.5.1.41473	Adware.Win32.Mindspark.71
Kingsoft AntiVirus	2013.04.09.267	Win32.Troj.Undef.(kcloud)
Malwarebytes	1.75.0001	PUP.Optional.AudioToAudioToolBar.A
TrendMicro-HouseCall	9.700-1001	TROJ_GEN.F47V0309
VIPRE Antivirus	28506	MyWebSearch.J (v) (not malicious)
NANO AntiVirus	0.28.0.57029	Trojan.Win32..csafum

NP5aStub.dll (MD5: f384f5a411e33809235a35ba6d4809c9) has been flagged by 16 scanners:

Scanner Software	Version	Result
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	14.0.0.3986	Zango
Baidu-International	3.5.1.41473	Adware.Win32.MyWebSearch.bQ
McAfee	6.0.4.564	Artemis!F384F5A411E3
McAfee-GW-Edition	2013.2	Artemis!F384F5A411E3
Panda Antivirus	10.0.3.5	Adware/WebSearch
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0716
VIPRE Antivirus	31994	MyWebSearch.J (v) (not malicious)
Tencent	1.0.0.1	Win32.Trojan.Falsesign.Lkxk
Antiy-AVL	2.0.3.7	Trojan/win32.agent.gen
Bkav FE	1.3.0.4613	W32.Clodc29.Trojan.ff33
Dr.Web		Adware.BGuard.38
ESET-NOD32	9264	Win32/Toolbar.MyWebSearch.W
Kingsoft AntiVirus	2013.04.09.267	Win32.Troj.Undef.(kcloud)
Malwarebytes	1.75.0001	PUP.Optional.AudioToAudioToolBar.A
NANO AntiVirus	0.28.0.57029	Trojan.Win32..csafum

5aSrchMn.exe (MD5: fb85f333d10b1475650c4304f99a1ece) has been flagged by 20 scanners:

Scanner Software	Version	Result
Antiy-AVL	2.0.3.7	Trojan/Win32.Generic
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	13.0.0.3169	Skodna.Generic.AOF
Bkav FE	1.3.0.4613	W32.Cloddd7.Trojan.8c0b
Dr.Web		Adware.MyWebSearch.47
ESET-NOD32	9262	Win32/Toolbar.MyWebSearch.W
K7 AntiVirus	9.175.10766	Trojan ( 0047e1181 )
K7GW	9.175.10766	Trojan ( 0047e1181 )
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.Undef.(kcloud)
NANO AntiVirus	0.28.0.57029	Trojan.Win32.MyWebSearch.crhhqy
nProtect	2014-01-08.01	Trojan/W32.Agent.44784.D
VIPRE Antivirus	25210	MyWebSearch.J (v) (not malicious)
Rising Antivirus	25.0.0.11	PE:Trojan.Win32.Generic.14B467E4!347367396
Baidu-International	3.5.1.41473	Adware.Win32.MyWebSearch.bQ
McAfee	6.0.4.564	Artemis!F384F5A411E3
McAfee-GW-Edition	2013.2	Artemis!F384F5A411E3
Panda Antivirus	10.0.3.5	Adware/WebSearch
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0716
Tencent	1.0.0.1	Win32.Trojan.Falsesign.Lkxk
Malwarebytes	1.75.0001	PUP.Optional.AudioToAudioToolBar.A

Software Behaviors

Services:: 5abarsvc.exe runs as a service named 'HappinessInfusion Service' (HappinessInfusion_5wService).
Scheduled tasks:: AppIntegrator64.exe is scheduled as a task named 'Price Fountain' (runs daily at 4:45 PM).

5amedint.exe is scheduled as a task with the class '{CEC2F177-6434-48CF-AEA5-AB1F3AD5E60A}' (runs on registration).

5aSrchMn.exe is scheduled as a task named 'MetaCrawler' (runs daily at 15:24).

Startup Entries

Startup tasks:: AppIntegrator64.exe is automatically launched at startup through a scheduled task named 7.

5aSrchMn.exe is automatically launched at startup through a scheduled task named 3.

5amedint.exe is automatically launched at startup through a scheduled task named 2.

5abrmon.exe is automatically launched at startup through a scheduled task named 4.
Registry entries:: 5amedint.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'MapsGalaxy EPM Support' and executes as "C:\Program Files2\MAPSGA~2\bar\1.bin\39medint.exe" T8EPMSUP.DLL,S.

5abrmon.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'ctfmon.exe' and executes as C:\Program Files3\rundll32.exe C:\Program Files3\lni28.dat,FG00.

5aSrchMn.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'Hoolapp Android' and executes as "C:\users\user\appdata\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized.

Software Details

URL:: https://support.mindspark.com
Support:: –
Installation path:: C:\Program Files\MyWebFace_5a\bar\1.bin
Uninstaller:: rundll32 "C:\Program Files\MyWebFace_5a\bar\1.bin\5aBar.dll",O mindsparktoolbarkey="MyWebFace_5a" uninstalltype=IE
Size:: 8.00 MB
Language:: English

MyWebFace Internet Explorer Toolbar Executable Details

Primary executable:: 5abar.dll
Name:: MyWebFace Internet Explorer Toolbar
Path:: C:\Program Files\MyWebFace_5a\bar\1.bin\5abar.dll
MD5:: 3f7583821989e49412f4a3531f04744b
SHA-1:: –
SHA-256:: –

Files installed by MyWebFace Internet Explorer Toolbar

File Type	Filename	MD5
DLL	FF-NativeMessagingDispatcher.dll	b0c120a1ef6881e90f752d86a55d44aa
EXE	CrExtP5a.exe	c9fecbc3ec683b4b60cf45ebae9abfcd
EXE	5askplay.exe	6410e580737018f0ee3d6c484849c1c7
DLL	5aidle.dll	ef0dea6c28bb0ce3f330f143a5ac537e
DLL	5ahttpct.dll	aac3e0bdbb7974f21ce4ed0ffefed98b
DLL	5adatact.dll	0461585e454f38d737b424bdb933d45c
DLL	5askin.dll	6d29eadcc3a34bba2bd765465adb6b08
DLL	5ascript.dll	4f178b1daf96d641ce4f925f3e1582ea
DLL	5amlbtn.dll	25d2bb85f4daed2f7692579d3af747a2
DLL	5ahtmlmu.dll	84c758e3b0110b3cdd34cec08838445f