What is QuotationCafe Internet Explorer Toolbar?

QuotationCafe Internet Explorer Toolbar is software application developed by Mindspark Interactive Network. It is most commonly found on computers running Windows 7 with nearly 60.29% of installations running this operating system. QuotationCafe Internet Explorer Toolbar's installer is typically 8.00 MB in size and installs around 49 files.

QuotationCafe Internet Explorer Toolbar is most popular in the United States with 85.19% of installations residing in this country.

QuotationCafe Internet Explorer Toolbar adds 3 scheduled tasks to the Windows Task Scheduler launching the program at randomly scheduled times.

About QuotationCafe Internet Explorer Toolbar?

QuotationCafe is a web browser toolbar developed by Mindspark that customizes the user's search and home pages to Ask.com or MyWebSearch.

Multiple virus scanners have detected malware in QuotationCafe Internet Explorer Toolbar.

AppIntegrator64.exe (MD5: 143d634f4f93155d3a4d430c2cf60d11) has been flagged by 15 scanners:

Scanner Software	Version	Result
AhnLab-V3	2014.10.09.00	PUP/Win32.MyWebSearch
Antiy-AVL	1.0.0.1	RiskWare[WebToolbar:not-a-virus]/Win32.MyWebSearch
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	14.0.0.4037	Zango
Baidu-International	3.5.1.41473	Adware.Win32.MyWebSearch.Aki
Fortinet FortiGate	5.1.152.0	Riskware/MyWebSearch
Kaspersky	12.0.0.1225	not-a-virus:WebToolbar.Win32.MyWebSearch.si
Malwarebytes	1.75.0.1	PUP.Optional.MindSpark
Panda Antivirus	10.0.4.2	Adware/WebSearch
Qihoo-360	1.0.0.1015	Win32/Virus.WebToolbar.30b
Tencent	1.0.0.1	Win32.Trojan.Falsesign.Dvqb
VIPRE Antivirus	33754	MyWebSearch.J (v) (not malicious)
ESET-NOD32	8943	Win32/Toolbar.MyWebSearch.T
F-Prot	4.7.1.166	W32/Mywebsearch.H2.gen!Eldorado
TrendMicro-HouseCall	9.700.0.1001	TROJ_GEN.F47V0805

APPINTEGRATOR.EXE (MD5: b6940fe9d6fc34ef59f1028ae6018fe1) has been flagged by 19 scanners:

Scanner Software	Version	Result
AhnLab-V3	2014.10.30.00	PUP/Win32.MyWebSearch
Antiy-AVL	1.0.0.1	RiskWare[WebToolbar:not-a-virus]/Win32.MyWebSearch
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	14.0.0.4040	MyWebSearch
AVware	1.5.0.21	MyWebSearch.J (v)
Baidu-International	3.5.1.41473	Adware.Win32.MyWebSearch.am
ESET-NOD32	10639	a variant of Win32/Toolbar.MyWebSearch.AJ
Fortinet FortiGate	5.0.999.0	Riskware/MyWebSearch
G Data	24	Win32.Adware.Mindspark.C
Kaspersky	12.0.0.1225	not-a-virus:WebToolbar.Win32.MyWebSearch.si
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.MyWebSearch.si.(kcloud)
Malwarebytes	1.75.0.1	PUP.Optional.MindSpark
Qihoo-360	1.0.0.1015	Win32/Virus.WebToolbar.30b
Tencent	1.0.0.1	Win32.Trojan.Falsesign.Pgcq
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0812
VIPRE Antivirus	34342	MyWebSearch.J (v) (not malicious)
Zillya	2.0.0.1966	Adware.MyWebSearch.Win32.1392
Panda Antivirus	10.0.4.2	Adware/WebSearch
F-Prot	4.7.1.166	W32/Mywebsearch.H2.gen!Eldorado

NP45Stub.dll (MD5: 52a638f29166973a68b8ad6cafe9aa28) has been flagged by 6 scanners:

Scanner Software	Version	Result
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	13.0.0.3169	Zango
ESET-NOD32	8943	Win32/Toolbar.MyWebSearch.T
F-Prot	4.7.1.166	W32/Mywebsearch.H2.gen!Eldorado
TrendMicro-HouseCall	9.700.0.1001	TROJ_GEN.F47V0805
VIPRE Antivirus	22588	MyWebSearch.J (v) (not malicious)

45SrchMn.exe (MD5: 3c93215de9cc97c60b1892ad8dbe4411) has been flagged by 19 scanners:

Scanner Software	Version	Result
AhnLab-V3	2014.11.14.00	Trojan/Win32.Buzus
Antiy-AVL	1.0.0.1	RiskWare[WebToolbar:not-a-virus]/Win32.MyWebSearch
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	15.0.0.4189	MyWebSearch
AVware	1.5.0.21	MyWebSearch.J (v)
Baidu-International	3.5.1.41473	Adware.Win32.MyWebSearch.abZ
ESET-NOD32	10722	a variant of Win32/Toolbar.MyWebSearch.AJ
Fortinet FortiGate	5.0.999.0	Riskware/MyWebSearch
G Data	24	Win32.Adware.Mindspark.C
Kaspersky	12.0.0.1225	not-a-virus:WebToolbar.Win32.MyWebSearch.si
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.MyWebSearch.si.(kcloud)
Malwarebytes	1.75.0.1	PUP.Optional.MindSpark
Qihoo-360	1.0.0.1015	Win32/Virus.WebToolbar.30b
Tencent	1.0.0.1	Win32.Trojan.Falsesign.Lmut
VIPRE Antivirus	34774	MyWebSearch.J (v) (not malicious)
Zillya	2.0.0.1982	Adware.MyWebSearch.Win32.1351
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0812
Panda Antivirus	10.0.4.2	Adware/WebSearch
F-Prot	4.7.1.166	W32/Mywebsearch.H2.gen!Eldorado

45SrcAs.dll (MD5: 779662595f6b51bb86f96eccc230f13c) has been flagged by 21 scanners:

Scanner Software	Version	Result
AhnLab-V3	2014.10.18.00	PUP/Win32.MyWebSearch
Antiy-AVL	1.0.0.1	RiskWare[WebToolbar:not-a-virus]/Win32.MyWebSearch
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	14.0.0.4040	MyWebSearch
AVware	1.5.0.21	MyWebSearch.J (v)
Baidu-International	3.5.1.41473	Adware.Win32.MyWebSearch.aRmS
ESET-NOD32	10579	a variant of Win32/Toolbar.MyWebSearch.AC
Fortinet FortiGate	5.1.152.0	Riskware/MyWebSearch
G Data	24	Win32.Adware.Mindspark.C
Kaspersky	12.0.0.1225	not-a-virus:WebToolbar.Win32.MyWebSearch.si
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.MyWebSearch.si.(kcloud)
Malwarebytes	1.75.0.1	PUP.Optional.MindSpark
NANO AntiVirus	0.28.2.62671	Riskware.Win32.Toolbar.dfqike
Qihoo-360	1.0.0.1015	Win32/Virus.WebToolbar.30b
Tencent	1.0.0.1	Win32.Trojan.Falsesign.Aisc
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0812
VIPRE Antivirus	34006	MyWebSearch.J (v) (not malicious)
Zillya	2.0.0.1958	Adware.MyWebSearch.Win32.902
Agnitum Outpost	5.5.1.3	PUA.Toolbar.MyWebSearch!
Panda Antivirus	10.0.4.2	Adware/WebSearch
F-Prot	4.7.1.166	W32/Mywebsearch.H2.gen!Eldorado

Software Behaviors

Services:

45barsvc.exe runs as a service named 'InboxNowService' (InboxNow_drService).

Scheduled tasks:

AppIntegrator64.exe is scheduled as a task named 'Price Fountain' (runs daily at 4:45 PM).
45medint.exe is scheduled as a task with the class '{CEC2F177-6434-48CF-AEA5-AB1F3AD5E60A}' (runs on registration).
45SrchMn.exe is scheduled as a task named 'MetaCrawler' (runs daily at 15:24).

Startup Entries

Startup tasks:

AppIntegrator64.exe is automatically launched at startup through a scheduled task named 7.
45SrchMn.exe is automatically launched at startup through a scheduled task named 3.
45medint.exe is automatically launched at startup through a scheduled task named 2.
APPINTEGRATOR.EXE is automatically launched at startup through a scheduled task named OnlineMapFinder AppIntegrator 32-bit_Reg_HKLMWow6432Run.

Registry entries:

45medint.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'MapsGalaxy EPM Support' and executes as "C:\Program Files2\MAPSGA~2\bar\1.bin\39medint.exe" T8EPMSUP.DLL,S.
APPINTEGRATOR.EXE is loaded in the current user (HKCU) registry as an auto-starting executable named 'PowerSuite' and executes as "C:\Program Files1\Uniblue\POWERS~1\launcher.exe" delay 20000 -m.
AppIntegrator64.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'Hoolapp Android' and executes as "C:\users\user\appdata\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized.
45SrchMn.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'Hoolapp Android' and executes as "C:\users\user\appdata\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized.

Software Details

URL:

https://support.mindspark.com

Support:

–

Installation path:

C:\Program Files\QuotationCafe_45\bar\1.bin

Uninstaller:

rundll32 "C:\Program Files\QuotationCafe_45\bar\1.bin\45Bar.dll",O mindsparktoolbarkey="QuotationCafe_45" uninstalltype="IE"

Size:

8.00 MB

Language: