Utility Chest Internet Explorer Toolbar

Utility Chest Internet Explorer Toolbar

Known Toolbar

by Mindspark Interactive Network

What is Utility Chest Internet Explorer Toolbar?

Utility Chest Internet Explorer Toolbar is software application developed by Mindspark Interactive Network. It is most commonly found on computers running Windows 7 with nearly 57.27% of installations running this operating system. Utility Chest Internet Explorer Toolbar's installer is typically 8.00 MB in size and installs around 50 files. The most common release is 10.0 with 0.54% of all installations currently using this version.

Utility Chest Internet Explorer Toolbar is most popular in the United States with 45.94% of installations residing in this country.

Utility Chest Internet Explorer Toolbar adds 1 scheduled task to the Windows Task Scheduler launching the program at randomly scheduled times.

About Utility Chest Internet Explorer Toolbar?

This software facilitates the installation of a Mindspark toolbar within your web browser, enabling the collection and storage of your browsing behavior data. This data is then sent to Mindspark, allowing them to offer personalized services and targeted advertisements through the toolbar.

Multiple virus scanners have detected malware in Utility Chest Internet Explorer Toolbar.

AppIntegrator64.exe (MD5: f6dc4156b10629b1bcb37152d3523326) has been flagged by 15 scanners:
Scanner Software Result
avast! Win32:Mindspark-A [PUP]
AVG Zango
Dr.Web Adware.MyWebSearch.47
ESET-NOD32 Win64/Toolbar.MyWebSearch.A
K7 AntiVirus Trojan ( 004703fc1 )
K7GW Trojan ( 004703fc1 )
nProtect Adware/W32.Agent.548936
Rising Antivirus PE:Trojan.Win32.Generic.14B467E4!347367396
VIPRE Antivirus MyWebSearch.J (v) (not malicious)
Baidu-International Adware.Win32.Toolbar.71
Kingsoft AntiVirus Win32.Troj.Undef.(kcloud)
McAfee Artemis!580BDA1CAA4D
McAfee-GW-Edition Artemis!580BDA1CAA4D
TrendMicro-HouseCall TROJ_GEN.F47V0311
Bkav FE W32.Clod500.Trojan.5533
49brmon.exe (MD5: 3e1dfacf17584f0aa2372f993ec15618) has been flagged by 24 scanners:
Scanner Software Result
Avira AntiVir TR/Trash.Gen
avast! Win32:FunWeb-K [PUP]
Comodo Security UnclassifiedMalware
Dr.Web Trojan.Damaged.1
IKARUS anti.virus Trojan.Trash
McAfee-GW-Edition Heuristic.BehavesLike.Exploit.CodeExec.I
PC Tools HeurEngine.MalPE
SUPERAntiSpyware Trojan.Agent/Gen-Nullo[Short]
Symantec Bloodhound.MalPE
TrendMicro-HouseCall TROJ_GEN.RCBH1KE
AVG Zango
Baidu-International Adware.Win32.Toolbar.45
Kingsoft AntiVirus Win32.Troj.Undef.(kcloud)
McAfee Artemis!AFB7164D26EC
NANO AntiVirus Trojan.Win32.FUbu2.cudmon
VIPRE Antivirus MyWebSearch.J (v) (not malicious)
Panda Antivirus Adware/WebSearch
Tencent Win32.Trojan.Falsesign.Wrgd
ESET-NOD32 Win64/Toolbar.MyWebSearch.A
K7 AntiVirus Trojan ( 004703fc1 )
K7GW Trojan ( 004703fc1 )
nProtect Adware/W32.Agent.548936
Rising Antivirus PE:Trojan.Win32.Generic.14B467E4!347367396
Bkav FE W32.Clod500.Trojan.5533
49barsvc.exe (MD5: 7e06d26fe4b8e771594d22ae7b8ee94e) has been flagged by 7 scanners:
Scanner Software Result
avast! Win32:Mindspark-A [PUP]
AVG Zango
Bkav FE W32.Clod500.Trojan.5533
Dr.Web Adware.MyWebSearch.47
Kingsoft AntiVirus Win32.Troj.Undef.(kcloud)
TrendMicro-HouseCall TROJ_GEN.F47V1012
VIPRE Antivirus MyWebSearch.J (v) (not malicious)
NP49Stub.dll (MD5: d6734d2afac3f631322bc4c88fd7a877) has been flagged by 18 scanners:
Scanner Software Result
avast! Win32:Mindspark-A [PUP]
AVG Zango
Baidu-International Adware.Win32.MyWebSearch.bQ
Kingsoft AntiVirus Win32.Troj.Undef.(kcloud)
Panda Antivirus Adware/WebSearch
SUPERAntiSpyware Trojan.Agent/Gen-Graftor
Tencent Win32.Trojan.Falsesign.Wrgd
TrendMicro-HouseCall TROJ_GEN.F47V0605
VIPRE Antivirus MyWebSearch.J (v) (not malicious)
Dr.Web Adware.MyWebSearch.47
ESET-NOD32 Win64/Toolbar.MyWebSearch.A
K7 AntiVirus Trojan ( 004703fc1 )
K7GW Trojan ( 004703fc1 )
nProtect Adware/W32.Agent.548936
Rising Antivirus PE:Trojan.Win32.Generic.14B467E4!347367396
McAfee Artemis!580BDA1CAA4D
McAfee-GW-Edition Artemis!580BDA1CAA4D
Bkav FE W32.Clod500.Trojan.5533
49SrchMn.exe (MD5: fb85f333d10b1475650c4304f99a1ece) has been flagged by 25 scanners:
Scanner Software Result
Antiy-AVL Trojan/Win32.Generic
avast! Win32:Mindspark-A [PUP]
AVG Skodna.Generic.AOF
Bkav FE W32.Cloddd7.Trojan.8c0b
Dr.Web Adware.MyWebSearch.47
ESET-NOD32 Win32/Toolbar.MyWebSearch.W
K7 AntiVirus Trojan ( 0047e1181 )
K7GW Trojan ( 0047e1181 )
Kingsoft AntiVirus Win32.Troj.Undef.(kcloud)
NANO AntiVirus Trojan.Win32.MyWebSearch.crhhqy
nProtect Trojan/W32.Agent.44784.D
VIPRE Antivirus MyWebSearch.J (v) (not malicious)
Avira AntiVir TR/Trash.Gen
Comodo Security UnclassifiedMalware
IKARUS anti.virus Trojan.Trash
McAfee-GW-Edition Heuristic.BehavesLike.Exploit.CodeExec.I
PC Tools HeurEngine.MalPE
SUPERAntiSpyware Trojan.Agent/Gen-Nullo[Short]
Symantec Bloodhound.MalPE
TrendMicro-HouseCall TROJ_GEN.RCBH1KE
Baidu-International Adware.Win32.Toolbar.45
McAfee Artemis!AFB7164D26EC
Panda Antivirus Adware/WebSearch
Tencent Win32.Trojan.Falsesign.Wrgd
Rising Antivirus PE:Trojan.Win32.Generic.14B467E4!347367396

Software Behaviors

Services:
  • 49barsvc.exe runs as a service named 'ConservativeTalkNowService' (ConservativeTalkNow_4nService).
Scheduled tasks:
  • AppIntegrator64.exe is scheduled as a task named 'Price Fountain' (runs daily at 4:45 PM).

Startup Entries

Startup tasks:
  • AppIntegrator64.exe is automatically launched at startup through a scheduled task named 7.
  • 49SrchMn.exe is automatically launched at startup through a scheduled task named 3.
  • 49medint.exe is automatically launched at startup through a scheduled task named 2.
  • 49brmon.exe is automatically launched at startup through a scheduled task named 4.
Registry entries:
  • 49medint.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'MapsGalaxy EPM Support' and executes as "C:\Program Files2\MAPSGA~2\bar\1.bin\39medint.exe" T8EPMSUP.DLL,S.
  • 49brmon.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'ctfmon.exe' and executes as C:\Program Files3\rundll32.exe C:\Program Files3\lni28.dat,FG00.
  • 49SrchMn.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'Hoolapp Android' and executes as "C:\users\user\appdata\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized.

Software Details

URL:
https://support.mindspark.com
Support:
–
Installation path:
C:\Program Files\UtilityChest_49\bar\1.bin
Uninstaller:
rundll32 "C:\Program Files\UtilityChest_49\bar\1.bin\49Bar.dll",O mindsparktoolbarkey="UtilityChest_49" uninstalltype="IE"
Size:
8.00 MB
Language:
English

Utility Chest Internet Explorer Toolbar Executable Details

Primary executable:
49bar.dll
Name:
Utility Chest Internet Explorer Toolbar
Path:
C:\Program Files\UtilityChest_49\bar\1.bin\49bar.dll
MD5:
3f7583821989e49412f4a3531f04744b
SHA-1:
–
SHA-256:
–
Files installed by Utility Chest Internet Explorer Toolbar
File Type Filename MD5
DLL
T8TICKER.DLL
3d4aca84349bff8642dc00145bbc51c4
DLL
T8RES.DLL
5aefe9c1a7bf946b88bef61abf7e45fa
DLL
T8HTML.DLL
e8298b19ec987061e98f83dff8c310be
DLL
T8EXTPEX.DLL
7f98949c5607f96114dd87a538f2b269
DLL
T8EXTEX.DLL
995c45ccb72ab2efdd3f1602ad8ec907
DLL
T8EPMSUP.DLL
b8274b1454a8c3fca77dd48a7a91bf65
DLL
DPNMNGR.DLL
500b47a48a172c0625692fdcc01b3889
DLL
CREXT.DLL
e83ba06c9fd18923c168a12e3f30e81d
DLL
AppIntegratorStub64.dll
205a514bd9275ac0e837c7ac1a80edf5
EXE
AppIntegrator64.exe
Malware
f6dc4156b10629b1bcb37152d3523326