Home
Library
Mindspark Interactive Network
PackageTracer Internet Explorer Toolbar

PackageTracer Internet Explorer Toolbar

Known Toolbar

What is PackageTracer Internet Explorer Toolbar?

PackageTracer Internet Explorer Toolbar is software application developed by Mindspark Interactive Network. It is most commonly found on computers running Windows 7 with nearly 51.09% of installations running this operating system. PackageTracer Internet Explorer Toolbar's installer is typically 8.00 MB in size and installs around 41 files.

PackageTracer Internet Explorer Toolbar is most popular in the United States with 91.28% of installations residing in this country.

PackageTracer Internet Explorer Toolbar adds 3 scheduled tasks to the Windows Task Scheduler launching the program at randomly scheduled times.

About PackageTracer Internet Explorer Toolbar?

The PackageTracer Internet Explorer Toolbar is a web browser extension designed to modify the browser's search and home pages, as well as deliver search advertising revenue. It is intended to protect and maintain the default browser search engine while also modifying the search provider. The toolbar is typically distributed through bundled offers within third-party software distribution and is often bundled with 3rd party publishers to maximize installation revenue. The toolbar has the ability to change the default search engine, including the browser's built-in search box and address bar, as well as the default home page and new tabs, while also protecting search settings.

Multiple virus scanners have detected malware in PackageTracer Internet Explorer Toolbar.

AppIntegrator64.exe (MD5: f6dc4156b10629b1bcb37152d3523326) has been flagged by 18 scanners:

Scanner Software	Version	Result
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	13.0.0.3169	Zango
Dr.Web		Adware.MyWebSearch.47
ESET-NOD32	9268	Win64/Toolbar.MyWebSearch.A
K7 AntiVirus	9.175.10781	Trojan ( 004703fc1 )
K7GW	9.175.10786	Trojan ( 004703fc1 )
nProtect	2014-01-08.02	Adware/W32.Agent.548936
Rising Antivirus	25.0.0.11	PE:Trojan.Win32.Generic.14B467E4!347367396
VIPRE Antivirus	25246	MyWebSearch.J (v) (not malicious)
Baidu-International	3.5.1.41473	Adware.Win32.Toolbar.71
Kingsoft AntiVirus	2013.04.09.267	Win32.Troj.Undef.(kcloud)
McAfee	6.0.4.564	Artemis!580BDA1CAA4D
McAfee-GW-Edition	2013	Artemis!580BDA1CAA4D
TrendMicro-HouseCall	9.700-1001	TROJ_GEN.F47V0311
Antiy-AVL	2.0.3.7	Trojan/win32.agent.gen
Bkav FE	1.3.0.4613	W32.Clodc29.Trojan.ff33
Malwarebytes	1.75.0001	PUP.Optional.AudioToAudioToolBar.A
F-Prot	4.7.1.166	W32/Mywebsearch.H2.gen!Eldorado

69brmon.exe (MD5: 35d6caaa9e4d82974a74dbdb53801f98) has been flagged by 12 scanners:

Scanner Software	Version	Result
Antiy-AVL	2.0.3.7	Trojan/win32.agent.gen
avast!	8.0.1489.320	Win32:PUP-gen [PUP]
AVG	13.0.0.3169	AdInstaller.FunWeb
Bkav FE	1.3.0.4613	W32.Clodc29.Trojan.ff33
Dr.Web		Adware.BGuard.38
ESET-NOD32	9264	Win32/Toolbar.MyWebSearch.W
VIPRE Antivirus	25220	MyWebSearch.J (v) (not malicious)
Baidu-International	3.5.1.41473	Adware.Win32.Mindspark.71
Kingsoft AntiVirus	2013.04.09.267	Win32.Troj.Undef.(kcloud)
Malwarebytes	1.75.0001	PUP.Optional.AudioToAudioToolBar.A
TrendMicro-HouseCall	9.700-1001	TROJ_GEN.F47V0309
F-Prot	4.7.1.166	W32/Mywebsearch.H2.gen!Eldorado

69barsvc.exe (MD5: 5d31f1103d9927dcb0e731dde36df2e7) has been flagged by 9 scanners:

Scanner Software	Version	Result
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	13.0.0.3169	Zango
Baidu-International	3.5.1.41473	Adware.Win32.Mindspark.71
Kingsoft AntiVirus	2013.04.09.267	Win32.Troj.Undef.(kcloud)
Malwarebytes	1.75.0001	PUP.Optional.AudioToAudioToolBar.A
TrendMicro-HouseCall	9.700-1001	TROJ_GEN.F47V0309
VIPRE Antivirus	28506	MyWebSearch.J (v) (not malicious)
ESET-NOD32	8943	Win32/Toolbar.MyWebSearch.T
F-Prot	4.7.1.166	W32/Mywebsearch.H2.gen!Eldorado

NP69Stub.dll (MD5: 41f60bb7c37442bef63052ef5048febb) has been flagged by 6 scanners:

Scanner Software	Version	Result
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	13.0.0.3169	Zango
ESET-NOD32	8943	Win32/Toolbar.MyWebSearch.T
F-Prot	4.7.1.166	W32/Mywebsearch.H2.gen!Eldorado
TrendMicro-HouseCall	9.700.0.1001	TROJ_GEN.F47V0910
VIPRE Antivirus	22588	MyWebSearch.J (v) (not malicious)

69SrchMn.exe (MD5: fb85f333d10b1475650c4304f99a1ece) has been flagged by 19 scanners:

Scanner Software	Version	Result
Antiy-AVL	2.0.3.7	Trojan/Win32.Generic
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	13.0.0.3169	Skodna.Generic.AOF
Bkav FE	1.3.0.4613	W32.Cloddd7.Trojan.8c0b
Dr.Web		Adware.MyWebSearch.47
ESET-NOD32	9262	Win32/Toolbar.MyWebSearch.W
K7 AntiVirus	9.175.10766	Trojan ( 0047e1181 )
K7GW	9.175.10766	Trojan ( 0047e1181 )
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.Undef.(kcloud)
NANO AntiVirus	0.28.0.57029	Trojan.Win32.MyWebSearch.crhhqy
nProtect	2014-01-08.01	Trojan/W32.Agent.44784.D
VIPRE Antivirus	25210	MyWebSearch.J (v) (not malicious)
Baidu-International	3.5.1.41473	Adware.Win32.Toolbar.45
McAfee	6.0.4.564	Artemis!AFB7164D26EC
McAfee-GW-Edition	2013	Artemis!AFB7164D26EC
TrendMicro-HouseCall	9.700-1001	TROJ_GEN.F47V0305
Rising Antivirus	25.0.0.11	PE:Trojan.Win32.Generic.14B467E4!347367396
Malwarebytes	1.75.0001	PUP.Optional.AudioToAudioToolBar.A
F-Prot	4.7.1.166	W32/Mywebsearch.H2.gen!Eldorado

Software Behaviors

Services:: 69barsvc.exe runs as a service named 'ConservativeTalkNowService' (ConservativeTalkNow_4nService).
Scheduled tasks:: AppIntegrator64.exe is scheduled as a task named 'Price Fountain' (runs daily at 4:45 PM).

69medint.exe is scheduled as a task with the class '{CEC2F177-6434-48CF-AEA5-AB1F3AD5E60A}' (runs on registration).

69SrchMn.exe is scheduled as a task named 'MetaCrawler' (runs daily at 15:24).

Startup Entries

Startup tasks:: AppIntegrator64.exe is automatically launched at startup through a scheduled task named 7.

69SrchMn.exe is automatically launched at startup through a scheduled task named 3.

69medint.exe is automatically launched at startup through a scheduled task named 2.

69brmon.exe is automatically launched at startup through a scheduled task named 4.
Registry entries:: 69medint.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'MapsGalaxy EPM Support' and executes as "C:\Program Files2\MAPSGA~2\bar\1.bin\39medint.exe" T8EPMSUP.DLL,S.

69brmon.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'ctfmon.exe' and executes as C:\Program Files3\rundll32.exe C:\Program Files3\lni28.dat,FG00.

69SrchMn.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'Hoolapp Android' and executes as "C:\users\user\appdata\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized.

Software Details

URL:: https://support.mindspark.com
Support:: –
Installation path:: C:\Program Files\PackageTracer_69\bar\1.bin
Uninstaller:: rundll32 "C:\Program Files\PackageTracer_69\bar\1.bin\69Bar.dll",O mindsparktoolbarkey="PackageTracer_69" uninstalltype="IE"
Size:: 8.00 MB
Language:: English

PackageTracer Internet Explorer Toolbar Executable Details

Primary executable:: 69bar.dll
Name:: PackageTracer Internet Explorer Toolbar
Path:: C:\Program Files\PackageTracer_69\bar\1.bin\69bar.dll
MD5:: 3f7583821989e49412f4a3531f04744b
SHA-1:: –
SHA-256:: –

Files installed by PackageTracer Internet Explorer Toolbar

File Type	Filename	MD5
DLL	T8TICKER.DLL	f3496480e0aa855c2ca1d954b5f4737d
DLL	T8HTML.DLL	e8298b19ec987061e98f83dff8c310be
DLL	T8EPMSUP.DLL	b8274b1454a8c3fca77dd48a7a91bf65
DLL	DPNMNGR.DLL	500b47a48a172c0625692fdcc01b3889
DLL	CREXT.DLL	e83ba06c9fd18923c168a12e3f30e81d
DLL	AppIntegratorStub64.dll	205a514bd9275ac0e837c7ac1a80edf5
EXE	AppIntegrator64.exe Malware	f6dc4156b10629b1bcb37152d3523326
DLL	Hpg64.dll	6837c7bb84d6c3200117e05b4fe1d147
DLL	EXEMANAGER.DLL	511cda01fb8a730349e0d6577136e053
EXE	CrExtP69.exe	a39fd864f89f77a3da2679f135ab7a67