Zwinky Internet Explorer Toolbar

Zwinky Internet Explorer Toolbar

Known Toolbar

by Mindspark Interactive Network

What is Zwinky Internet Explorer Toolbar?

Zwinky Internet Explorer Toolbar is software application developed by Mindspark Interactive Network. It is most commonly found on computers running Windows 7 with nearly 56.84% of installations running this operating system. Zwinky Internet Explorer Toolbar's installer is typically 8.00 MB in size and installs around 63 files.

Zwinky Internet Explorer Toolbar is most popular in the United States with 42.46% of installations residing in this country.

Zwinky Internet Explorer Toolbar adds 3 scheduled tasks to the Windows Task Scheduler launching the program at randomly scheduled times.

About Zwinky Internet Explorer Toolbar?

During the Toolbar download process, users have the option to reset their internet browser's homepage to an Ask homepage product and/or reset their new tab page to an Ask new tab product. To decline or opt-out of these features, users can check or uncheck the appropriate boxes during the download process for the Toolbar.

Multiple virus scanners have detected malware in Zwinky Internet Explorer Toolbar.

AppIntegrator64.exe (MD5: 143d634f4f93155d3a4d430c2cf60d11) has been flagged by 15 scanners:
Scanner Software Result
AhnLab-V3 PUP/Win32.MyWebSearch
Antiy-AVL RiskWare[WebToolbar:not-a-virus]/Win32.MyWebSearch
avast! Win32:Mindspark-A [PUP]
AVG Zango
Baidu-International Adware.Win32.MyWebSearch.Aki
Fortinet FortiGate Riskware/MyWebSearch
Kaspersky not-a-virus:WebToolbar.Win32.MyWebSearch.si
Malwarebytes PUP.Optional.MindSpark
Panda Antivirus Adware/WebSearch
Qihoo-360 Win32/Virus.WebToolbar.30b
Tencent Win32.Trojan.Falsesign.Dvqb
VIPRE Antivirus MyWebSearch.J (v) (not malicious)
ESET-NOD32 Win32/Toolbar.MyWebSearch.T
F-Prot W32/Mywebsearch.H2.gen!Eldorado
Kingsoft AntiVirus Win32.Troj.Undef.(kcloud)
APPINTEGRATOR.EXE (MD5: b6940fe9d6fc34ef59f1028ae6018fe1) has been flagged by 19 scanners:
Scanner Software Result
AhnLab-V3 PUP/Win32.MyWebSearch
Antiy-AVL RiskWare[WebToolbar:not-a-virus]/Win32.MyWebSearch
avast! Win32:Mindspark-A [PUP]
AVG MyWebSearch
AVware MyWebSearch.J (v)
Baidu-International Adware.Win32.MyWebSearch.am
ESET-NOD32 a variant of Win32/Toolbar.MyWebSearch.AJ
Fortinet FortiGate Riskware/MyWebSearch
G Data Win32.Adware.Mindspark.C
Kaspersky not-a-virus:WebToolbar.Win32.MyWebSearch.si
Kingsoft AntiVirus Win32.Troj.MyWebSearch.si.(kcloud)
Malwarebytes PUP.Optional.MindSpark
Qihoo-360 Win32/Virus.WebToolbar.30b
Tencent Win32.Trojan.Falsesign.Pgcq
TrendMicro-HouseCall Suspicious_GEN.F47V0812
VIPRE Antivirus MyWebSearch.J (v) (not malicious)
Zillya Adware.MyWebSearch.Win32.1392
Panda Antivirus Adware/WebSearch
F-Prot W32/Mywebsearch.H2.gen!Eldorado
NP5qStub.dll (MD5: 7358839e8dbca116f2358b0226f41314) has been flagged by 8 scanners:
Scanner Software Result
avast! Win32:Mindspark-A [PUP]
AVG Zango
ESET-NOD32 Win32/Toolbar.MyWebSearch.T
F-Prot W32/Mywebsearch.H2.gen!Eldorado
Kingsoft AntiVirus Win32.Troj.Undef.(kcloud)
Panda Antivirus Trj/Genetic.gen
Tencent Win32.Trojan.Falsesign.Afrk
VIPRE Antivirus MyWebSearch.J (v) (not malicious)
5qSrchMn.exe (MD5: 3c93215de9cc97c60b1892ad8dbe4411) has been flagged by 19 scanners:
Scanner Software Result
AhnLab-V3 Trojan/Win32.Buzus
Antiy-AVL RiskWare[WebToolbar:not-a-virus]/Win32.MyWebSearch
avast! Win32:Mindspark-A [PUP]
AVG MyWebSearch
AVware MyWebSearch.J (v)
Baidu-International Adware.Win32.MyWebSearch.abZ
ESET-NOD32 a variant of Win32/Toolbar.MyWebSearch.AJ
Fortinet FortiGate Riskware/MyWebSearch
G Data Win32.Adware.Mindspark.C
Kaspersky not-a-virus:WebToolbar.Win32.MyWebSearch.si
Kingsoft AntiVirus Win32.Troj.MyWebSearch.si.(kcloud)
Malwarebytes PUP.Optional.MindSpark
Qihoo-360 Win32/Virus.WebToolbar.30b
Tencent Win32.Trojan.Falsesign.Lmut
VIPRE Antivirus MyWebSearch.J (v) (not malicious)
Zillya Adware.MyWebSearch.Win32.1351
TrendMicro-HouseCall Suspicious_GEN.F47V0812
Panda Antivirus Adware/WebSearch
F-Prot W32/Mywebsearch.H2.gen!Eldorado
5qSrcAs.dll (MD5: 779662595f6b51bb86f96eccc230f13c) has been flagged by 21 scanners:
Scanner Software Result
AhnLab-V3 PUP/Win32.MyWebSearch
Antiy-AVL RiskWare[WebToolbar:not-a-virus]/Win32.MyWebSearch
avast! Win32:Mindspark-A [PUP]
AVG MyWebSearch
AVware MyWebSearch.J (v)
Baidu-International Adware.Win32.MyWebSearch.aRmS
ESET-NOD32 a variant of Win32/Toolbar.MyWebSearch.AC
Fortinet FortiGate Riskware/MyWebSearch
G Data Win32.Adware.Mindspark.C
Kaspersky not-a-virus:WebToolbar.Win32.MyWebSearch.si
Kingsoft AntiVirus Win32.Troj.MyWebSearch.si.(kcloud)
Malwarebytes PUP.Optional.MindSpark
NANO AntiVirus Riskware.Win32.Toolbar.dfqike
Qihoo-360 Win32/Virus.WebToolbar.30b
Tencent Win32.Trojan.Falsesign.Aisc
TrendMicro-HouseCall Suspicious_GEN.F47V0812
VIPRE Antivirus MyWebSearch.J (v) (not malicious)
Zillya Adware.MyWebSearch.Win32.902
Agnitum Outpost PUA.Toolbar.MyWebSearch!
Panda Antivirus Adware/WebSearch
F-Prot W32/Mywebsearch.H2.gen!Eldorado

Software Behaviors

Services:
  • 5qbarsvc.exe runs as a service named 'InboxNowService' (InboxNow_drService).
Scheduled tasks:
  • AppIntegrator64.exe is scheduled as a task named 'Price Fountain' (runs daily at 4:45 PM).
  • 5qmedint.exe is scheduled as a task with the class '{CEC2F177-6434-48CF-AEA5-AB1F3AD5E60A}' (runs on registration).
  • 5qSrchMn.exe is scheduled as a task named 'MetaCrawler' (runs daily at 15:24).

Startup Entries

Startup tasks:
  • AppIntegrator64.exe is automatically launched at startup through a scheduled task named 7.
  • 5qSrchMn.exe is automatically launched at startup through a scheduled task named 3.
  • 5qmedint.exe is automatically launched at startup through a scheduled task named 2.
  • APPINTEGRATOR.EXE is automatically launched at startup through a scheduled task named OnlineMapFinder AppIntegrator 32-bit_Reg_HKLMWow6432Run.
Registry entries:
  • APPINTEGRATOR.EXE is loaded in the current user (HKCU) registry as an auto-starting executable named 'PowerSuite' and executes as "C:\Program Files1\Uniblue\POWERS~1\launcher.exe" delay 20000 -m.
  • AppIntegrator64.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'Hoolapp Android' and executes as "C:\users\user\appdata\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized.

Software Details

URL:
https://support.mindspark.com
Support:
–
Installation path:
C:\Program Files\Zwinky_5q\bar\1.bin
Uninstaller:
rundll32 "C:\Program Files\Zwinky_5q\bar\1.bin\5qBar.dll",O mindsparktoolbarkey="Zwinky_5q" uninstalltype="IE"
Size:
8.00 MB
Language:
English

Zwinky Internet Explorer Toolbar Executable Details

Primary executable:
5qbar.dll
Name:
Zwinky Internet Explorer Toolbar
Path:
C:\Program Files\Zwinky_5q\bar\1.bin\5qbar.dll
MD5:
96a060cf33a2c42617cf13224a47db07
SHA-1:
–
SHA-256:
–
Files installed by Zwinky Internet Explorer Toolbar
File Type Filename MD5
DLL
verify.dll
4cff1713045ac5c97861953e97d9a01d
EXE
TPIMANAGERCONSOLE.EXE
d60a04730095d0ec97edeb522572e894
DLL
TOOLBARGUARD64.DLL
97ce03692546766a5fd4b69aa950e04c
DLL
TOOLBARGUARD.DLL
a700eaf96f3247a19a6712aa8eb4e104
DLL
T8TICKER.DLL
7dca62cf49f4f29fb2a4002bf9a3a17c
DLL
T8RES.DLL
106bdd493845042eb1953ce2e9e4e959
DLL
T8HTML.DLL
0a5cd0107d4ac7beba3bd67b800f59fd
DLL
T8EXTPEX.DLL
7a3fc6154d8a96d625150a28be4befbf
DLL
T8EXTEX.DLL
34a8be864c08c42a7b71ee22d944b8e8
DLL
T8EPMSUP.DLL
fd7ee723718078825bc79e360e4f04d3