Home
Library
Mindspark Interactive Network
MyWebFace Internet Explorer Toolbar

MyWebFace Internet Explorer Toolbar

Known Toolbar

What is MyWebFace Internet Explorer Toolbar?

MyWebFace Internet Explorer Toolbar is software application developed by Mindspark Interactive Network. It is most commonly found on computers running Windows 7 with nearly 53.09% of installations running this operating system. MyWebFace Internet Explorer Toolbar's installer is typically 8.00 MB in size and installs around 51 files. The most common release is 11.0.9600.16438 with 0.62% of all installations currently using this version.

MyWebFace Internet Explorer Toolbar is most popular in the United States with 51.42% of installations residing in this country.

MyWebFace Internet Explorer Toolbar adds 3 scheduled tasks to the Windows Task Scheduler launching the program at randomly scheduled times.

About MyWebFace Internet Explorer Toolbar?

Our software is a toolbar/web browser extension that is supported by advertisements and search revenue. It is commonly installed as an optional offer through bundling with third-party software. Upon installation, the toolbar will adjust the home page and new tab pages to an affiliate search portal using a primary search engine to generate shared search revenue. Additionally, it will modify the default search provider.

Multiple virus scanners have detected malware in MyWebFace Internet Explorer Toolbar.

AppIntegrator64.exe (MD5: f6dc4156b10629b1bcb37152d3523326) has been flagged by 20 scanners:

Scanner Software	Version	Result
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	13.0.0.3169	Zango
Dr.Web		Adware.MyWebSearch.47
ESET-NOD32	9268	Win64/Toolbar.MyWebSearch.A
K7 AntiVirus	9.175.10781	Trojan ( 004703fc1 )
K7GW	9.175.10786	Trojan ( 004703fc1 )
nProtect	2014-01-08.02	Adware/W32.Agent.548936
Rising Antivirus	25.0.0.11	PE:Trojan.Win32.Generic.14B467E4!347367396
VIPRE Antivirus	25246	MyWebSearch.J (v) (not malicious)
Baidu-International	3.5.1.41473	Adware.Win32.MyWebSearch.bQ
McAfee	6.0.4.564	Artemis!F384F5A411E3
McAfee-GW-Edition	2013.2	Artemis!F384F5A411E3
Panda Antivirus	10.0.3.5	Adware/WebSearch
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0716
Tencent	1.0.0.1	Win32.Trojan.Falsesign.Lkxk
Antiy-AVL	2.0.3.7	Trojan/win32.agent.gen
Bkav FE	1.3.0.4613	W32.Clodc29.Trojan.ff33
Kingsoft AntiVirus	2013.04.09.267	Win32.Troj.Undef.(kcloud)
Malwarebytes	1.75.0001	PUP.Optional.AudioToAudioToolBar.A
NANO AntiVirus	0.28.0.57029	Trojan.Win32..csafum

5abrmon.exe (MD5: 35d6caaa9e4d82974a74dbdb53801f98) has been flagged by 12 scanners:

Scanner Software	Version	Result
Antiy-AVL	2.0.3.7	Trojan/win32.agent.gen
avast!	8.0.1489.320	Win32:PUP-gen [PUP]
AVG	13.0.0.3169	AdInstaller.FunWeb
Bkav FE	1.3.0.4613	W32.Clodc29.Trojan.ff33
Dr.Web		Adware.BGuard.38
ESET-NOD32	9264	Win32/Toolbar.MyWebSearch.W
VIPRE Antivirus	25220	MyWebSearch.J (v) (not malicious)
Baidu-International	3.5.1.41473	Adware.Win32.Mindspark.71
Kingsoft AntiVirus	2013.04.09.267	Win32.Troj.Undef.(kcloud)
Malwarebytes	1.75.0001	PUP.Optional.AudioToAudioToolBar.A
TrendMicro-HouseCall	9.700-1001	TROJ_GEN.F47V0309
NANO AntiVirus	0.28.0.57029	Trojan.Win32..csafum

5abarsvc.exe (MD5: 5d31f1103d9927dcb0e731dde36df2e7) has been flagged by 8 scanners:

Scanner Software	Version	Result
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	13.0.0.3169	Zango
Baidu-International	3.5.1.41473	Adware.Win32.Mindspark.71
Kingsoft AntiVirus	2013.04.09.267	Win32.Troj.Undef.(kcloud)
Malwarebytes	1.75.0001	PUP.Optional.AudioToAudioToolBar.A
TrendMicro-HouseCall	9.700-1001	TROJ_GEN.F47V0309
VIPRE Antivirus	28506	MyWebSearch.J (v) (not malicious)
NANO AntiVirus	0.28.0.57029	Trojan.Win32..csafum

NP5aStub.dll (MD5: f384f5a411e33809235a35ba6d4809c9) has been flagged by 16 scanners:

Scanner Software	Version	Result
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	14.0.0.3986	Zango
Baidu-International	3.5.1.41473	Adware.Win32.MyWebSearch.bQ
McAfee	6.0.4.564	Artemis!F384F5A411E3
McAfee-GW-Edition	2013.2	Artemis!F384F5A411E3
Panda Antivirus	10.0.3.5	Adware/WebSearch
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0716
VIPRE Antivirus	31994	MyWebSearch.J (v) (not malicious)
Tencent	1.0.0.1	Win32.Trojan.Falsesign.Lkxk
Antiy-AVL	2.0.3.7	Trojan/win32.agent.gen
Bkav FE	1.3.0.4613	W32.Clodc29.Trojan.ff33
Dr.Web		Adware.BGuard.38
ESET-NOD32	9264	Win32/Toolbar.MyWebSearch.W
Kingsoft AntiVirus	2013.04.09.267	Win32.Troj.Undef.(kcloud)
Malwarebytes	1.75.0001	PUP.Optional.AudioToAudioToolBar.A
NANO AntiVirus	0.28.0.57029	Trojan.Win32..csafum

5aSrchMn.exe (MD5: fb85f333d10b1475650c4304f99a1ece) has been flagged by 20 scanners:

Scanner Software	Version	Result
Antiy-AVL	2.0.3.7	Trojan/Win32.Generic
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	13.0.0.3169	Skodna.Generic.AOF
Bkav FE	1.3.0.4613	W32.Cloddd7.Trojan.8c0b
Dr.Web		Adware.MyWebSearch.47
ESET-NOD32	9262	Win32/Toolbar.MyWebSearch.W
K7 AntiVirus	9.175.10766	Trojan ( 0047e1181 )
K7GW	9.175.10766	Trojan ( 0047e1181 )
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.Undef.(kcloud)
NANO AntiVirus	0.28.0.57029	Trojan.Win32.MyWebSearch.crhhqy
nProtect	2014-01-08.01	Trojan/W32.Agent.44784.D
VIPRE Antivirus	25210	MyWebSearch.J (v) (not malicious)
Rising Antivirus	25.0.0.11	PE:Trojan.Win32.Generic.14B467E4!347367396
Baidu-International	3.5.1.41473	Adware.Win32.MyWebSearch.bQ
McAfee	6.0.4.564	Artemis!F384F5A411E3
McAfee-GW-Edition	2013.2	Artemis!F384F5A411E3
Panda Antivirus	10.0.3.5	Adware/WebSearch
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0716
Tencent	1.0.0.1	Win32.Trojan.Falsesign.Lkxk
Malwarebytes	1.75.0001	PUP.Optional.AudioToAudioToolBar.A

Software Behaviors

Services:: 5abarsvc.exe runs as a service named 'HappinessInfusion Service' (HappinessInfusion_5wService).
Scheduled tasks:: AppIntegrator64.exe is scheduled as a task named 'Price Fountain' (runs daily at 4:45 PM).

5amedint.exe is scheduled as a task with the class '{CEC2F177-6434-48CF-AEA5-AB1F3AD5E60A}' (runs on registration).

5aSrchMn.exe is scheduled as a task named 'MetaCrawler' (runs daily at 15:24).

Startup Entries

Startup tasks:: AppIntegrator64.exe is automatically launched at startup through a scheduled task named 7.

5aSrchMn.exe is automatically launched at startup through a scheduled task named 3.

5amedint.exe is automatically launched at startup through a scheduled task named 2.

5abrmon.exe is automatically launched at startup through a scheduled task named 4.
Registry entries:: 5amedint.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'MapsGalaxy EPM Support' and executes as "C:\Program Files2\MAPSGA~2\bar\1.bin\39medint.exe" T8EPMSUP.DLL,S.

5abrmon.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'ctfmon.exe' and executes as C:\Program Files3\rundll32.exe C:\Program Files3\lni28.dat,FG00.

5aSrchMn.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'Hoolapp Android' and executes as "C:\users\user\appdata\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized.

Software Details

URL:: https://support.mindspark.com
Support:: –
Installation path:: C:\Program Files\MyWebFace_5a\bar\1.bin
Uninstaller:: rundll32 "C:\Program Files\MyWebFace_5a\bar\1.bin\5aBar.dll",O mindsparktoolbarkey="MyWebFace_5a" uninstalltype=IE
Size:: 8.00 MB
Language:: English

MyWebFace Internet Explorer Toolbar Executable Details

Primary executable:: 5abar.dll
Name:: MyWebFace Internet Explorer Toolbar
Path:: C:\Program Files\MyWebFace_5a\bar\1.bin\5abar.dll
MD5:: 3f7583821989e49412f4a3531f04744b
SHA-1:: –
SHA-256:: –

Files installed by MyWebFace Internet Explorer Toolbar

File Type	Filename	MD5
EXE	5amedint.exe Malware	59b38ccfd561682a7ee32d97656fa8fb
EXE	5ahighin.exe	635f5e4b01597d0baf2422245c8ff541
DLL	5abar.dll	3f7583821989e49412f4a3531f04744b
EXE	5abrmon64.exe	e1a3095f98b7b77a3578510d30face8c
DLL	5abrstub64.dll	cb7654d9c370d7d2dec396e969937151
DLL	5atpinst.dll	cc5f6dcfd1016e9ed5ca85eedac27619
DLL	5adyn.dll	edba68a948d550e7bb644f6fc14955fb
EXE	5aimpipe.exe	bbaec002fa688844cff72a41628af91c
DLL	5amsg.dll	b31dc5ce189bbb0f5437421e2b4018ae
DLL	5asknlcr.dll	9606c38058984604e5b953b52804baba