Mindspark Toolbars

By CagedTech in Potentially Unwanted Programs

Threat Scorecard

Popularity Rank:	50
Threat Level:	10 % (Normal)
Infected Computers:	4,062,774

First Seen:	April 28, 2014
Last Seen:	February 7, 2026
OS(es) Affected:	Windows

Mindspark is a company associated with the development and release of Web browser extensions and toolbars that may offer software that is said to improve their Web browser's performance and functionality. Some of Mindspark's more popular toolbars are Video Download Converter Toolbar, Elite Unzip Toolbar and FlightSearch Toolbar. Some of Mindspark web browser extensions and toolbars may be accompanied with unwanted changes to your Web browser's settings. However, there are a number of Mindspark programs that do not suggest or make changes in popular web browser applications.

Some Mindspark Toolbars add a toolbar to popular Web browsers and the functions of a 3rd party homepage search engine. Many of the activities of Mindspark Toolbars attempt to popularize generic search engines that may be associated with the distribution of Potentially Unwanted Programs or other software. Mindspark Toolbars may often advertise itself through legitimate advertisements and various forms of adware.

While the Mindspark Toolbars are not threatening, they may often be the cause of minor annoyances that may force you to change your browsing habits. Removal of Mindspark Toolbars may be accomplished by the use of an antimalware application.

Aliases

2 security vendors flagged this file as malicious.

Antivirus Vendor	Detection
AVG	Zango
Avast	Win32:Mindspark-A [PUP]

SpyHunter Detects & Remove Mindspark Toolbars

File System Details

Mindspark Toolbars may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	partnerid.js	ecdfb045323e5f31f04689de4223586b	847,792
Name: partnerid.js MD5: ecdfb045323e5f31f04689de4223586b Size: 16.4 KB (16402 bytes) Detections: 847,792 Type: JavaScript file Path: %SYSTEMDRIVE%\users\neide Group: Malware file Last Updated: February 7, 2026
2.	splashpageredirecthandler.js	bed60158e51b498d51e0871159d9da29	82,122
Name: splashpageredirecthandler.js MD5: bed60158e51b498d51e0871159d9da29 Size: 2.86 KB (2868 bytes) Detections: 82,122 Type: JavaScript file Path: %SYSTEMDRIVE%\users\neide Group: Malware file Last Updated: February 6, 2026
3.	0ebarsvc.exe	c20913066358f8627fb55d73b96503cd	320
Name: 0ebarsvc.exe MD5: c20913066358f8627fb55d73b96503cd Size: 35.19 KB (35192 bytes) Detections: 320 Type: Executable File Path: %PROGRAMFILES%\CieoNetUtilities_0e\bar\1.bin Group: Malware file Last Updated: March 23, 2016
4.	28barsvc.exe	13fe993e87203ff3caba998a3df53c4e	319
Name: 28barsvc.exe MD5: 13fe993e87203ff3caba998a3df53c4e Size: 28.76 KB (28766 bytes) Detections: 319 Type: Executable File Path: %PROGRAMFILES%\OurBabyMakerIE_28\bar\1.bin Group: Malware file Last Updated: March 23, 2016
5.	28brmon.exe	e2db62956b14ceefb7b33987c7ce610f	276
Name: 28brmon.exe MD5: e2db62956b14ceefb7b33987c7ce610f Size: 20.48 KB (20480 bytes) Detections: 276 Type: Executable File Path: %PROGRAMFILES%\OurBabyMakerIE_28\bar\1.bin Group: Malware file Last Updated: March 23, 2016
6.	M3SRCHMN.EXE	864a139fbd7beb081a68c8370c5cfdca	232
Name: M3SRCHMN.EXE MD5: 864a139fbd7beb081a68c8370c5cfdca Size: 34.33 KB (34336 bytes) Detections: 232 Type: Executable File Path: %PROGRAMFILES%\MyWebSearch\bar\1.bin Group: Malware file Last Updated: March 23, 2016
7.	PopularScreensaversSetup2.3.50.45.ZRman000.exe	9ec1cae698dc0832bbccad119748e11c	231
Name: PopularScreensaversSetup2.3.50.45.ZRman000.exe MD5: 9ec1cae698dc0832bbccad119748e11c Size: 2.76 MB (2766320 bytes) Detections: 231 Type: Executable File Path: %USERPROFILE%\My Documents Group: Malware file Last Updated: May 2, 2014
8.	AppIntegrator64.exe	81023fe149fb4393d3f333b78cdf2aa0	211
Name: AppIntegrator64.exe MD5: 81023fe149fb4393d3f333b78cdf2aa0 Size: 485.96 KB (485960 bytes) Detections: 211 Type: Executable File Path: %PROGRAMFILES(x86)%\PopularScreensavers_7i\bar\1.bin Group: Malware file Last Updated: January 8, 2020
9.	7dbar.dll	56f5cb5e662db1d3cb6dfeedf0561e79	165
Name: 7dbar.dll MD5: 56f5cb5e662db1d3cb6dfeedf0561e79 Size: 675.84 KB (675840 bytes) Detections: 165 Type: Dynamic link library Path: %PROGRAMFILES%\Webfetti\bar\1.bin Group: Malware file Last Updated: March 23, 2016
10.	AppIntegrator.exe	8436c5b7f8866dad1a956d95bf529c03	146
Name: AppIntegrator.exe MD5: 8436c5b7f8866dad1a956d95bf529c03 Size: 225.86 KB (225864 bytes) Detections: 146 Type: Executable File Path: %PROGRAMFILES(x86)%\MyScrapNook_12\bar\1.bin Group: Malware file Last Updated: June 4, 2020
11.	28SrcAs.dll	27eab7024ae16cf4573d4b742e021adc	122
Name: 28SrcAs.dll MD5: 27eab7024ae16cf4573d4b742e021adc Size: 53.24 KB (53248 bytes) Detections: 122 Type: Dynamic link library Path: %PROGRAMFILES%\OurBabyMakerIE_28\bar\1.bin Group: Malware file Last Updated: March 23, 2016
12.	9tmedint.exe	2c69360181647f842445c29f869ad527	117
Name: 9tmedint.exe MD5: 2c69360181647f842445c29f869ad527 Size: 19.52 KB (19524 bytes) Detections: 117 Type: Executable File Path: %PROGRAMFILES%\InternetSpeedTracker_9t\bar\1.bin Group: Malware file Last Updated: March 23, 2016
13.	win32.exe	07c5192b7843b83d7ae8f70bc2e47ed6	82
Name: win32.exe MD5: 07c5192b7843b83d7ae8f70bc2e47ed6 Size: 172.83 KB (172832 bytes) Detections: 82 Type: Executable File Path: %APPDATA% Group: Malware file Last Updated: March 25, 2016
14.	7iUninstall PopularScreensavers.dll	5c318dc50cddded8f736741296842aa5	43
Name: 7iUninstall PopularScreensavers.dll MD5: 5c318dc50cddded8f736741296842aa5 Size: 716.36 KB (716360 bytes) Detections: 43 Type: Dynamic link library Path: %PROGRAMFILES(x86)% Group: Malware file Last Updated: May 19, 2014
15.	64medint.exe	02dddedae31802fc7321248ad8aad700	25
Name: 64medint.exe MD5: 02dddedae31802fc7321248ad8aad700 Size: 20.59 KB (20598 bytes) Detections: 25 Type: Executable File Path: %PROGRAMFILES(x86)%\TelevisionFanatic\bar\1.bin Group: Malware file Last Updated: March 8, 2020
16.	xusmxlxyo.dll	26a0aa60d7ed1095410f03abb1b7fe44	25
Name: xusmxlxyo.dll MD5: 26a0aa60d7ed1095410f03abb1b7fe44 Size: 447.48 KB (447488 bytes) Detections: 25 Type: Dynamic link library Path: %LOCALAPPDATA%\TelevisionFanatic\Updater19962 Group: Malware file Last Updated: July 4, 2014
17.	64SrchMn.exe	0d9594aec05e25d01766c9bfefc21236	25
Name: 64SrchMn.exe MD5: 0d9594aec05e25d01766c9bfefc21236 Size: 38.44 KB (38440 bytes) Detections: 25 Type: Executable File Path: %PROGRAMFILES%\TelevisionFanatic\bar\1.bin Group: Malware file Last Updated: July 4, 2014
18.	TelevisionFanatic.exe	25fa43e13f338833a5adb16241d18b40	24
Name: TelevisionFanatic.exe MD5: 25fa43e13f338833a5adb16241d18b40 Size: 270.87 KB (270872 bytes) Detections: 24 Type: Executable File Path: D:\anti Group: Malware file Last Updated: July 4, 2014
19.	GLU32.dll	e8abc0c21bb78dcc176c08ba63257481	19
Name: GLU32.dll MD5: e8abc0c21bb78dcc176c08ba63257481 Size: 490.49 KB (490496 bytes) Detections: 19 Type: Dynamic link library Path: %LOCALAPPDATA%\TelevisionFanatic Group: Malware file Last Updated: July 4, 2014
20.	televisionfanaticauto.exe	60b998a077955eb1f2ab9a5be22834c6	18
Name: televisionfanaticauto.exe MD5: 60b998a077955eb1f2ab9a5be22834c6 Size: 90.23 KB (90230 bytes) Detections: 18 Type: Executable File Path: %LOCALAPPDATA% Group: Malware file Last Updated: July 4, 2014
21.	4zSrchMn.exe	ae24b243deab8029062c5e94798bacd6	7
Name: 4zSrchMn.exe MD5: ae24b243deab8029062c5e94798bacd6 Size: 116.26 KB (116264 bytes) Detections: 7 Type: Executable File Path: %PROGRAMFILES%\VideoDownloadConverter_4z\bar\1.bin Group: Malware file Last Updated: April 28, 2014
22.	4zbarsvc.exe	eccc46ecaf9a4ab62754c87c69fbf549	7
Name: 4zbarsvc.exe MD5: eccc46ecaf9a4ab62754c87c69fbf549 Size: 120.32 KB (120328 bytes) Detections: 7 Type: Executable File Path: %PROGRAMFILES%\VideoDownloadConverter_4z\bar\1.bin Group: Malware file Last Updated: April 28, 2014
23.	4zbrmon.exe	030b9ef9f9b3459fd72f8cfb5ed559d9	6
Name: 4zbrmon.exe MD5: 030b9ef9f9b3459fd72f8cfb5ed559d9 Size: 107.92 KB (107920 bytes) Detections: 6 Type: Executable File Path: %PROGRAMFILES%\VideoDownloadConverter_4z\bar\1.bin Group: Malware file Last Updated: April 28, 2014
24.	7ibar.dll	831ec56548b362259bf8e52513260051	1
Name: 7ibar.dll MD5: 831ec56548b362259bf8e52513260051 Size: 859.72 KB (859720 bytes) Detections: 1 Type: Dynamic link library Path: %PROGRAMFILES%\PopularScreensavers_7i\bar\2.bin Group: Malware file Last Updated: May 19, 2014
25.	7iSrchMn.exe	3397927d0793ea404594b34a289a70c2	1
Name: 7iSrchMn.exe MD5: 3397927d0793ea404594b34a289a70c2 Size: 114.41 KB (114416 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES(x86)%\PopularScreensavers_7i\bar\1.bin Group: Malware file Last Updated: May 19, 2014

More files

Registry Details

Mindspark Toolbars may create the following registry entry or registry entries:

File name without path

hp.myway[1].xml

http_ext.ask.com_0.localstorage

http_ext.ask.com_0.localstorage-journal

http_ext.dl.tb.ask.com_0.localstorage

http_ext.dl.tb.ask.com_0.localstorage-journal

http_hp.myway.com_0.localstorage

http_hp.myway.com_0.localstorage-journal

HKEY..\..\..\..{RegistryKeys}

Software\AppDataLow\Software\Mindspark

Software\Microsoft\Internet Explorer\BrowserStorage\DomainTrustStatus\myway.com

SOFTWARE\Microsoft\Internet Explorer\DOMStorage\hp.myway.com

SOFTWARE\Microsoft\Internet Explorer\DOMStorage\myway.com

SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\hp.myway.com

SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\myway.com

Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cab\OpenWithProgids\euz.cab

Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zip\OpenWithProgids\euz.zip

SOFTWARE\Mindspark

SOFTWARE\Wow6432Node\Mindspark

Directories

Mindspark Toolbars may create the following directory or directories:

%LOCALAPPDATA%\Mindspark

%LOCALAPPDATA%\Mindspark_Interactive_Net

%PROGRAMFILES%\FestiveBar_3g

%PROGRAMFILES%\Mindspark

%PROGRAMFILES(x86)%\FestiveBar_3g

%PROGRAMFILES(x86)%\Mindspark

%UserProfile%\Local Settings\Application Data\Mindspark

%UserProfile%\Local Settings\Application Data\Mindspark_Interactive_Net

Cookies

The following cookies may be associated with Mindspark Toolbars:

dl.myway.com

hp.myway.com

myway.com

search.myway.com

URLs

Mindspark Toolbars may call the following URLs:

"current":"Ask Web Sx

-SAE@iacsearchandmedia.com

Mindspark_

betterconverterpro.com

betterconverterprotab.com

dl.myway.com

extensions.toolbar.mindspark

https://search.mysearch.com/web?q=

https://search.myway.com/search/

mindspark._

mywebsearch.com

nativemessagingHostName": "com.mindspark.

search.myway.com

Analysis Report

General information

Family Name:	Mindspark Toolbars
Signature status:	Self Signed

Known Samples

MD5: f7d3498657123c847bbbddf6a622e521

SHA1: 67c6262cfa2c7656ea79da7146b52e79462a90f0

File Size: 318.51 KB, 318512 bytes

MD5: bbb4e748d63f092abc70ce025e227da8

SHA1: 4f02319a8d4ffbb25e3796aa3769428d1d313cbf

File Size: 5.82 MB, 5822808 bytes

MD5: eda948304851c5a589d8df073428e130

SHA1: e44b2fe8d371632cf9e27e23572d285cd0ba3613

File Size: 5.97 MB, 5970256 bytes

MD5: 4fb9d50ff2c568e310510124e8cb9ccf

SHA1: 4d1607bde42b3841038373e277c9539767e1f593

SHA256: F3A9CBA27DD5064C47CDF32D46CC6FC6AA90CE96CBC9151D9DAB9BF2FD801F16

File Size: 861.10 KB, 861103 bytes

MD5: 66aba538e8b362e75f8c1a6fc2415a59

SHA1: 8cd51f405cb1f9e30f5bc446565477a9990371eb

SHA256: 296C25FA26D93DC8EB382EFCC8A601D608B7DEB286854A367BAD2BB6913586EB

File Size: 3.30 MB, 3297688 bytes

MD5: 2d007d2b8cbad605260eef0ff07e2031

SHA1: b2f4e0f1bf2ff028451d43fc132bd805ac620b90

SHA256: 8FCC245C9A5EA9E5AA4FECF04B257A68AFA92EA6A1AB581DDFDCA00695774372

File Size: 6.07 MB, 6072712 bytes

MD5: 3ceaaea352bf83f741e6c71bb2e46e7d

SHA1: 7f8c30f21d465cc348c1f92438568b9ab72189e2

SHA256: 58E2C3829546168D35BD9FB59201ED3B58CE08B5BE71DA4520749A5F0E8BAE0C

File Size: 5.97 MB, 5970320 bytes

MD5: 083774c316f5ed65a46c0e92a617f397

SHA1: 69b2550cee828ccb3a94913692dc5ba59a7a54ca

SHA256: C7EC1701AC2D256706B49446C44788EF8214C6CCBFC8FAAFBA9557FCDEB599FE

File Size: 366.07 KB, 366072 bytes

MD5: 87d521d00f6d9abf5defd3d1a204c7b0

SHA1: 53ff09f427b89bb5935559d039bb01b6974257cb

SHA256: 25024A4951B733F074CB817C243B237A6FFB0E4CA50170B590AC0CE3923EF7EF

File Size: 5.82 MB, 5822848 bytes

MD5: 9b1d26efa77ef1330ea1f0604e48d92c

SHA1: 49a49c7d46d3b7e005182c114697ae7586c964b9

SHA256: A98CEB5EE65DD8B9974B581B5FACFFD36146F984C0B9CB9C8B33A8E89D459DFE

File Size: 5.85 MB, 5847512 bytes

MD5: 828d47bd72fcd5fcca98a8c3097f2a27

SHA1: 19e46877331a59547070cd141b12aea6b85ab28a

SHA256: F1D0450F2F6314B77C373C277D5A0CC2512C2B06663FA269D5D5A6087316F23B

File Size: 365.66 KB, 365656 bytes

MD5: 3ce9398559f19cf011a185f8ee24f5a2

SHA1: 4e1ff9993c5d5495db8f727f882cf520a0d8e023

SHA256: 8F5FA3C0A43466EA0A143EB6637042FE3FC1C9637F12D6EBC9AE487C166D59BB

File Size: 5.69 MB, 5686344 bytes

MD5: 8172e0984de6a4fb4720c6157faa7a5a

SHA1: cb96a19a3020d33f0b3252dba33aa38f8228b462

SHA256: 17C081599A7E92F9B44FE76173E6F1757A66EB28A3791DA97877D2F7FF14A735

File Size: 210.99 KB, 210992 bytes

MD5: 94c0fac06d8ad1cefbc50a5b3215813c

SHA1: ed1b25ab50096ed2567edadee0b80c21bc19ec0a

SHA256: 97FBFE6B6E90C5494C0B3509A1D53F67DA80EB39B249DA5DA87679FE22883ADB

File Size: 655.77 KB, 655768 bytes

MD5: 92ae50d1317ab6eb8334f5325b636642

SHA1: 01abc9bba4ede717eac4d66e5f341a2e15c64164

SHA256: A539719ED9B98A92D3495B4245E77131B622F43AE064840EF739969DAF9E3D1D

File Size: 399.66 KB, 399656 bytes

MD5: 1515b1f31ee56df6f4f4645e82e7b3b8

SHA1: f6852238c12a2ad5cde42710648568a5918ec0eb

SHA256: 953584E41A59ADD00E078F279C4B028A4062AB5C86F3B305B84614A1CCF2952F

File Size: 350.26 KB, 350256 bytes

MD5: ef3147b0e48591440123d18fd492762a

SHA1: 7ad7ee64f0e3d65eb8ccd3ae7dc3db509437b5e0

SHA256: 8554C974FA779666616BEF71B33273E86DC7CB0D8869E391740B2566BEAA694D

File Size: 657.36 KB, 657360 bytes

MD5: 55a00df1e9ce62bb490467216924f738

SHA1: 6b7de639eee8e422f98d7b2c20a2632acab00a9b

SHA256: E3DD317FA2D6B94BC866E5C6430494AAAF93C4CB0272C488D2B5F11F157C6A8C

File Size: 377.14 KB, 377144 bytes

MD5: 028ec3229905d1f2f0cb6967c27d62d7

SHA1: d6da98e79426580339a5f074b45b409754fb30eb

SHA256: 80BF377D31BE5DA28B69834795AF14302D7997118820E0A4828314C9BB2DA42E

File Size: 31.10 KB, 31096 bytes

MD5: 822ff08c8c8da83a15356ba82f9fac9d

SHA1: 01b96ee7b142ffce8fd547d19dff5adc1819aeee

SHA256: 9D69E3C504B03FB7D0D5839E08E071AB9F60220833B22930A37E9015987649FD

File Size: 30.65 KB, 30648 bytes

MD5: c5996faaa5bca71212d3464a62f3dc43

SHA1: 5949bcccc80c81fb62cd13fdf2522a6402c513de

SHA256: 297BA2AD3665693D97DA818811C9B5E39F26A02FC1286F7F2C84856AE681CFFD

File Size: 34.87 KB, 34872 bytes

MD5: 479603a94afb699ccb8c41bd89a054f8

SHA1: 2f632eff3c28aa609fae6c26a9522bb85e78869a

SHA256: EE6DDEF15536987DF3643061F1980678D31236BB46CE00DDE39D35A734F27B98

File Size: 229.38 KB, 229376 bytes

MD5: a97aeb9c0c1202a42e17eea68451901a

SHA1: d8760b27ad8f2d92a1723051f517842f5d82a91a

SHA256: 8181B7264FC8CC547F3FA54F27CD177E455DF05CCED5472CB7250B0D8CBDB990

File Size: 312.03 KB, 312032 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have debug information
File doesn't have exports table
File doesn't have relocations information
File doesn't have security information
File has exports table
File is 32-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)

File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name	Value
Comments	http://www.mindspark.com
Company Name	FromDocToPDF GamingWonderland MindSpark Mindspark Interactive Network Mindspark Interactive Network, Inc. MyFunCards MyWebFace OnlineMapFinder Retrogamer TotalRecipeSearch
File Description	Allin1Convert Setup AllInOneDocs Setup DownSpeedTest Setup Elite Unzip Setup FromDocToPDF GamingWonderland MindSpark Toolbar Platform Plugin Stub for 32-bit Windows MyFunCards My Scrap Nook Setup MyWebFace Show More OnlineMapFinder PDFConvertTools Setup RadioRage Setup Retrogamer SafePCRepair Setup TotalRecipeSearch
File Extents	1g 2p
File Open Name	MindSpark Toolbar Platform Plugin Stub
File Version	3.3.0.6 3.3.0.2 2.7.1.3000 2.7.1.1000 2.3.1.1000 2.0.1.6 2.0.1.2 2, 0, 5, 6 2, 0, 3, 1 1.2.8161.280 Show More 1.1.8920.35 1, 0, 1, 1 1, 0, 0, 12 1, 0, 0, 3 1, 0, 0, 0
Internal Name	2zauxstb 5aSetup 5mSetup 9pSetup 14Setup 65Setup Allin1Convert AllInOneDocs DownSpeedTest Elite Unzip Show More gtSetup MindSpark Toolbar PlatformPluginStub My Scrap Nook PDFConvertTools RadioRage SafePCRepair
Legal Copyright	Copyright © 2005, 2006, 2007, 2008, 2009, 2010, 2011 Copyright © 2009 - 2014 Copyright © 2009, 2010, 2011 Copyright © 2009, 2010, 2011, 2012 Copyright © 2012 © 2014 Mindspark Interactive Network, Inc. An IAC Company. All rights reserved. © 2015 Mindspark Interactive Network, Inc. An IAC Company. All rights reserved. © 2016 Mindspark Interactive Network, Inc. An IAC Company. All rights reserved.
Legal Trademarks	® & ™ Mindspark Interactive Network, Inc. An IAC Company. All rights reserved.
M I M E Type	application/x-couponalert_2pplugin application/x-inboxace_1gplugin
Original Filename	2zauxstb.DLL 5aSetup.exe 5mSetup.exe 9pSetup.exe 14Setup.exe 65Setup.exe gtSetup.exe NP1gStub.DLL NP2pStub.DLL suf_launch.exe
Product Name	Allin1Convert AllInOneDocs DownSpeedTest Elite Unzip FromDocToPDF GamingWonderland MindSpark Toolbar Platform Plugin Stub MyFunCards My Scrap Nook MyWebFace Show More OnlineMapFinder PDFConvertTools RadioRage Retrogamer SafePCRepair TotalRecipeSearch
Product Version	3.3.0.6 3.3.0.2 2.7.1.3000 2.7.1.1000 2.3.1.1000 2.0.1.6 2.0.1.2 2, 3, 0, 0 2, 0, 5, 6 2, 0, 3, 1 Show More 1.1.8920.35 1.1.8161.280 1, 0, 0, 12 1, 0, 0, 0

Digital Signatures

Signer	Root	Status
Mindspark Interactive Network	Class 3 Public Primary Certification Authority	Root Not Trusted
Mindspark Interactive Network	Mindspark Interactive Network	Root Not Trusted
Mindspark Interactive Network	Symantec Class 3 SHA256 Code Signing CA	Self Signed
Mindspark Interactive Network, Inc.	Symantec Class 3 SHA256 Code Signing CA	Self Signed
Mindspark Interactive Network	VeriSign Class 3 Code Signing 2010 CA	Hash Mismatch

Mindspark Interactive Network

VeriSign Class 3 Code Signing 2010 CA

Self Signed

File Traits

big overlay
Installer Manifest
Installer Version
SUF
x86

Block Information

Similar Families

Mindspark.DA

Files Modified

File	Attributes
c:\program files (x86)\gamingwonderland\bar\1.bin\gtbarsvc.exe	Generic Write,Read Attributes
c:\program files (x86)\gamingwonderland\bar\1.bin\gtbarsvc.exe	Synchronize,Write Attributes
c:\program files (x86)\gamingwonderland\bar\1.bin\t8epmsup.dll	Generic Write,Read Attributes
c:\program files (x86)\gamingwonderland\bar\1.bin\t8epmsup.dll	Synchronize,Write Attributes
c:\program files (x86)\gamingwonderland\bar\1.bin\t8res.dll	Generic Write,Read Attributes
c:\program files (x86)\gamingwonderland\bar\1.bin\t8res.dll	Synchronize,Write Attributes
c:\program files (x86)\mapsgalaxy_39ei\installr\1.bin\39eiplug.dl_	Generic Write,Read Attributes
c:\program files (x86)\mapsgalaxy_39ei\installr\1.bin\39eiplug.dl_	Synchronize,Write Attributes
c:\program files (x86)\mapsgalaxy_39ei\installr\1.bin\39eiplug.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files (x86)\mapsgalaxy_39ei\installr\1.bin\39eiplug.dll	Generic Write,Read Attributes

c:\program files (x86)\mapsgalaxy_39ei\installr\1.bin\39eiplug.dll	Synchronize,Write Attributes
c:\program files (x86)\mapsgalaxy_39ei\installr\1.bin\39ezsetp.dl_	Generic Write,Read Attributes
c:\program files (x86)\mapsgalaxy_39ei\installr\1.bin\39ezsetp.dl_	Synchronize,Write Attributes
c:\program files (x86)\mapsgalaxy_39ei\installr\1.bin\39ezsetp.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files (x86)\mapsgalaxy_39ei\installr\1.bin\39ezsetp.dll	Generic Write,Read Attributes
c:\program files (x86)\mapsgalaxy_39ei\installr\1.bin\39ezsetp.dll	Synchronize,Write Attributes
c:\program files (x86)\mapsgalaxy_39ei\installr\1.bin\np39eisb.dl_	Generic Write,Read Attributes
c:\program files (x86)\mapsgalaxy_39ei\installr\1.bin\np39eisb.dl_	Synchronize,Write Attributes
c:\program files (x86)\mapsgalaxy_39ei\installr\1.bin\np39eisb.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files (x86)\mapsgalaxy_39ei\installr\1.bin\np39eisb.dll	Generic Write,Read Attributes
c:\program files (x86)\mapsgalaxy_39ei\installr\1.bin\np39eisb.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mbar.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mbar.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mbarsvc.exe	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mbarsvc.exe	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mbprtct.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mbprtct.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mdatact.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mdatact.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mdlghk.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mdlghk.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mdlghk64.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mdlghk64.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mfeedmg.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mfeedmg.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mhighin.exe	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mhighin.exe	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mhkstub.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mhkstub.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mhtmlmu.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mhtmlmu.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mhttpct.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mhttpct.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5midle.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5midle.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mmedint.exe	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mmedint.exe	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mmlbtn.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mmlbtn.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mplugin.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mplugin.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mregfft.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mregfft.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mreghk.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mreghk.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mregiet.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mregiet.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mscript.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mscript.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mskin.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mskin.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mskplay.exe	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mskplay.exe	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5msrcas.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5msrcas.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5msrchmn.exe	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5msrchmn.exe	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5msrchmr.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5msrchmr.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mtpinst.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\5mtpinst.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\appintegrator.exe	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\appintegrator.exe	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\appintegrator64.exe	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\appintegrator64.exe	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\appintegratorstub.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\appintegratorstub.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\appintegratorstub64.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\appintegratorstub64.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\assistmonitor.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\assistmonitor.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\assistmonitor64.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\assistmonitor64.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\assists\ie_default_search_provider\arbiter.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\assists\ie_default_search_provider\arbiter.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\assists\ie_default_search_provider\arbiter64.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\assists\ie_default_search_provider\arbiter64.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\assists\ie_default_search_provider\assist.exe	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\assists\ie_default_search_provider\assist.exe	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\assists\ie_default_search_provider\config.xml	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\assists\ie_default_search_provider\config.xml	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\assists\ie_enable\arbiter.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\assists\ie_enable\arbiter.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\assists\ie_enable\arbiter64.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\assists\ie_enable\arbiter64.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\assists\ie_enable\config.xml	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\assists\ie_enable\config.xml	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\bootstrap.js	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\bootstrap.js	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\chrome.manifest	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\chrome.manifest	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\crext.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\crext.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\crextp5m.exe	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\crextp5m.exe	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\dpnmngr.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\dpnmngr.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\ff-nativemessagingdispatcher.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\ff-nativemessagingdispatcher.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\hkfxmgr.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\hkfxmgr.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\hkfxmgr64.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\hkfxmgr64.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\hpg.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\hpg.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\hpg64.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\hpg64.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\install.rdf	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\install.rdf	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\logo.bmp	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\logo.bmp	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\t8epmsup.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\t8epmsup.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\t8extex.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\t8extex.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\t8extpex.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\t8extpex.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\t8html.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\t8html.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\t8res.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\t8res.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\t8ticker.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\t8ticker.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\toolbarguard.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\toolbarguard.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\toolbarguard64.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\toolbarguard64.dll	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\tpimanagerconsole.exe	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\tpimanagerconsole.exe	Synchronize,Write Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\verify.dll	Generic Write,Read Attributes
c:\program files (x86)\myfuncards_5m\bar\1.bin\verify.dll	Synchronize,Write Attributes
c:\program files (x86)\onlinemapfinder_9p\bar\1.bin\9pbarsvc.exe	Generic Write,Read Attributes
c:\program files (x86)\onlinemapfinder_9p\bar\1.bin\9pbarsvc.exe	Synchronize,Write Attributes
c:\program files (x86)\onlinemapfinder_9p\bar\1.bin\installenabler.dll	Generic Write,Read Attributes
c:\program files (x86)\onlinemapfinder_9p\bar\1.bin\installenabler.dll	Synchronize,Write Attributes
c:\program files (x86)\onlinemapfinder_9p\bar\1.bin\t8epmsup.dll	Generic Write,Read Attributes
c:\program files (x86)\onlinemapfinder_9p\bar\1.bin\t8epmsup.dll	Synchronize,Write Attributes
c:\program files (x86)\onlinemapfinder_9p\bar\1.bin\t8res.dll	Generic Write,Read Attributes
c:\program files (x86)\onlinemapfinder_9p\bar\1.bin\t8res.dll	Synchronize,Write Attributes
c:\program files (x86)\televisionfanaticei\installr\1.bin\64eiplug.dl_	Generic Write,Read Attributes
c:\program files (x86)\televisionfanaticei\installr\1.bin\64eiplug.dl_	Synchronize,Write Attributes
c:\program files (x86)\televisionfanaticei\installr\1.bin\64eiplug.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files (x86)\televisionfanaticei\installr\1.bin\64eiplug.dll	Generic Write,Read Attributes
c:\program files (x86)\televisionfanaticei\installr\1.bin\64eiplug.dll	Synchronize,Write Attributes
c:\program files (x86)\televisionfanaticei\installr\1.bin\64ezsetp.dl_	Generic Write,Read Attributes
c:\program files (x86)\televisionfanaticei\installr\1.bin\64ezsetp.dl_	Synchronize,Write Attributes
c:\program files (x86)\televisionfanaticei\installr\1.bin\64ezsetp.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files (x86)\televisionfanaticei\installr\1.bin\64ezsetp.dll	Generic Write,Read Attributes
c:\program files (x86)\televisionfanaticei\installr\1.bin\64ezsetp.dll	Synchronize,Write Attributes
c:\program files (x86)\televisionfanaticei\installr\1.bin\np64eisb.dl_	Generic Write,Read Attributes
c:\program files (x86)\televisionfanaticei\installr\1.bin\np64eisb.dl_	Synchronize,Write Attributes
c:\program files (x86)\televisionfanaticei\installr\1.bin\np64eisb.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files (x86)\televisionfanaticei\installr\1.bin\np64eisb.dll	Generic Write,Read Attributes
c:\program files (x86)\televisionfanaticei\installr\1.bin\np64eisb.dll	Synchronize,Write Attributes
c:\users\user\appdata\local\temp\00000640t8setup.ex_	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\00000640t8setup.ex_	Synchronize,Write Attributes
c:\users\user\appdata\local\temp\00000640t8setup.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\00000640t8setup.exe	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\00000640t8setup.exe	Synchronize,Write Attributes
c:\users\user\appdata\local\temp\00001264t8setup.ex_	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\00001264t8setup.ex_	Synchronize,Write Attributes
c:\users\user\appdata\local\temp\00001264t8setup.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\00001264t8setup.exe	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\00001264t8setup.exe	Synchronize,Write Attributes
c:\users\user\appdata\local\temp\000017fct8setup.ex_	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\000017fct8setup.ex_	Synchronize,Write Attributes
c:\users\user\appdata\local\temp\000017fct8setup.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\000017fct8setup.exe	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\000017fct8setup.exe	Synchronize,Write Attributes
c:\users\user\appdata\local\temp\_ir_sf_temp_0\irimg1.png	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_ir_sf_temp_0\irsetup.dat	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_ir_sf_temp_0\irsetup.dat	Synchronize,Write Attributes
c:\users\user\appdata\local\temp\_ir_sf_temp_0\irsetup.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\_ir_sf_temp_0\lua5.1.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\nsdf4a9.tmp\01_1435071640854.bmp	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsdf4a9.tmp\cancel_english_mip_1435268368590.bmp	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsdf4a9.tmp\install_eng_1435268357767.bmp	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsdf4a9.tmp\installerparams	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsdf4a9.tmp\myscrapnooksetup.exe	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsdf4a9.tmp\nsdialogs.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsdf4a9.tmp\reporting	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsdf4a9.tmp\system.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsdf4a9.tmp\t8bprtct.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsdf4a9.tmp\tbc.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsha7b5.tmp\installerparams	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsha7b5.tmp\mip-dst-03_1458240689098.bmp	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsha7b5.tmp\nsdialogs.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsha7b5.tmp\reporting	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsha7b5.tmp\system.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsm658.tmp\01_1435246173326.bmp	Generic Write,Read Attributes

45 additional files are not displayed above.

Registry Modifications

Key::Value	Data	API Name
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect		RegNtPreCreateKey
HKCU\software\microsoft\internet explorer\main::start page	http://hp.myway.com/radiorage/ttab02/index.html?n=78B4207C&p2=^ZX^mni000^TTAB02&ptb=D3E25C10-9DB9-4EA0-9BAC-6D621CA34F24	RegNtPreCreateKey
HKCU\software\radiorage::start page	http://hp.myway.com/radiorage/ttab02/index.html?n=78B4207C&p2=^ZX^mni000^TTAB02&ptb=D3E25C10-9DB9-4EA0-9BAC-6D621CA34F24	RegNtPreCreateKey

HKCU\software\microsoft\internet explorer\tabbedbrowsing::newtabpageshow		RegNtPreCreateKey
HKLM\software\wow6432node\onlinemapfinder_9p\bar::otoidata	001	RegNtPreCreateKey
HKLM\software\wow6432node\onlinemapfinder_9p\bar::partnerpixelnotset		RegNtPreCreateKey
HKLM\software\wow6432node\onlinemapfinder_9p\bar::maximized	1	RegNtPreCreateKey
HKLM\software\wow6432node\onlinemapfinder_9p\bar::visible	1	RegNtPreCreateKey
HKLM\software\wow6432node\onlinemapfinder_9p\bar::pid	^BA5	RegNtPreCreateKey
HKLM\software\wow6432node\onlinemapfinder_9p\bar::un	OnlineMapFinder	RegNtPreCreateKey
HKLM\software\wow6432node\onlinemapfinder_9p\bar::installinguser	S-1-5-21-3119368278-1123331430-659265220-1001	RegNtPreCreateKey
HKLM\software\wow6432node\onlinemapfinder_9p\bar::tiec		RegNtPreCreateKey
HKCU\software\appdatalow\software\onlinemapfinder_9p\bar::tiec		RegNtPreCreateKey
HKLM\software\wow6432node\onlinemapfinder_9p\bar\switches::ok	1	RegNtPreCreateKey
HKLM\software\wow6432node\onlinemapfinder_9p\bar\switches::od	1	RegNtPreCreateKey
HKLM\software\wow6432node\onlinemapfinder_9p\bar\switches::nk	0	RegNtPreCreateKey
HKLM\software\wow6432node\onlinemapfinder_9p\bar\switches::nd	0	RegNtPreCreateKey
HKLM\software\wow6432node\onlinemapfinder_9p\bar::lidate	2025-07-08T22:03:48Z	RegNtPreCreateKey
HKLM\software\wow6432node\onlinemapfinder_9p\bar::hpwl	.mywebsearch.com,.google.com,.yahoo.com,.bing.com,.msn.com	RegNtPreCreateKey
HKLM\software\wow6432node\onlinemapfinder_9p\bar::dir	C:\Program Files (x86)\OnlineMapFinder_9p\bar\	RegNtPreCreateKey
HKLM\software\wow6432node\gamingwonderland\bar::partnerpixelnotset		RegNtPreCreateKey
HKLM\software\wow6432node\gamingwonderland\bar::maximized	1	RegNtPreCreateKey
HKLM\software\wow6432node\gamingwonderland\bar::visible	1	RegNtPreCreateKey
HKLM\software\wow6432node\gamingwonderland\bar::pid	^Z7	RegNtPreCreateKey
HKLM\software\wow6432node\gamingwonderland\bar::un	GamingWonderland	RegNtPreCreateKey
HKLM\software\wow6432node\gamingwonderland\bar::tiec		RegNtPreCreateKey
HKCU\software\appdatalow\software\gamingwonderland\bar::tiec		RegNtPreCreateKey
HKLM\software\wow6432node\gamingwonderland\bar\switches::ok	1	RegNtPreCreateKey
HKLM\software\wow6432node\gamingwonderland\bar\switches::od	1	RegNtPreCreateKey
HKLM\software\wow6432node\gamingwonderland\bar\switches::nk	0	RegNtPreCreateKey
HKLM\software\wow6432node\gamingwonderland\bar\switches::nd	0	RegNtPreCreateKey
HKLM\software\wow6432node\gamingwonderland\bar::lidate	2025-09-15T15:41:58Z	RegNtPreCreateKey
HKLM\software\wow6432node\gamingwonderland\bar::hpwl	.mywebsearch.com,.google.com,.yahoo.com,.bing.com,.msn.com	RegNtPreCreateKey
HKLM\software\wow6432node\gamingwonderland\bar::dir	C:\Program Files (x86)\GamingWonderland\bar\	RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\content::cacheprefix		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\cookies::cacheprefix	Cookie:	RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\history::cacheprefix	Visited:	RegNtPreCreateKey
HKLM\software\wow6432node\myfuncards_5m\bar::otoidata	001	RegNtPreCreateKey
HKLM\software\wow6432node\myfuncards_5m\bar::partnerpixelnotset		RegNtPreCreateKey
HKLM\software\wow6432node\myfuncards_5m\bar::maximized	1	RegNtPreCreateKey
HKLM\software\wow6432node\myfuncards_5m\bar::visible	1	RegNtPreCreateKey
HKLM\software\wow6432node\myfuncards_5m\bar::pid	^ZU	RegNtPreCreateKey
HKLM\software\wow6432node\myfuncards_5m\bar::un	MyFunCards	RegNtPreCreateKey
HKLM\software\wow6432node\myfuncards_5m\bar::installinguser	S-1-5-21-3119368278-1123331430-659265220-1001	RegNtPreCreateKey
HKLM\software\wow6432node\myfuncards_5m\bar::tiec		RegNtPreCreateKey
HKCU\software\appdatalow\software\myfuncards_5m\bar::tiec		RegNtPreCreateKey
HKLM\software\wow6432node\myfuncards_5m\bar\switches::ok	1	RegNtPreCreateKey
HKLM\software\wow6432node\myfuncards_5m\bar\switches::od	1	RegNtPreCreateKey
HKLM\software\wow6432node\myfuncards_5m\bar\switches::nk	0	RegNtPreCreateKey
HKLM\software\wow6432node\myfuncards_5m\bar\switches::nd	0	RegNtPreCreateKey
HKLM\software\wow6432node\myfuncards_5m\bar::lidate	2025-10-31T03:50:47Z	RegNtPreCreateKey
HKLM\software\wow6432node\myfuncards_5m\bar::hpwl	.mywebsearch.com,.google.com,.yahoo.com,.bing.com,.msn.com	RegNtPreCreateKey
HKLM\software\wow6432node\myfuncards_5m\bar::dir	C:\Program Files (x86)\MyFunCards_5m\bar\	RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\run::myfuncards epm support	"C:\PROGRA~2\MYFUNC~1\bar\1.bin\5mmedint.exe" T8EPMSUP.DLL,S	RegNtPreCreateKey
HKCU\software\myfuncards_5m::writeableuserfolder	C:\Users\user\AppData\LocalLow	RegNtPreCreateKey
HKCU\software\myfuncards_5m::readableuserfolder	C:\Users\user\AppData\Local	RegNtPreCreateKey
HKCU\software\myfuncards_5m::writeablehkcu	Software\AppDataLow	RegNtPreCreateKey
HKLM\software\wow6432node\myfuncards_5m\bar::sr		RegNtPreCreateKey
HKLM\software\wow6432node\myfuncards_5m\bar::pl	9	RegNtPreCreateKey
HKCU\software\appdatalow\software\fromdoctopdf_65\bar\downloaded::setupsdir	C:\Users\Opecbvfu\AppData\Local\	RegNtPreCreateKey
HKCU\software\appdatalow\software\fromdoctopdf_65\bar\downloaded::local	1	RegNtPreCreateKey
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations	\??\c:\users\user\downloads\49a49c7d46d3b7e005182c114697ae7586c964b9_0005847512	RegNtPreCreateKey
HKLM\software\wow6432node\mapsgalaxy_39ei\installer::un	MapsGalaxy	RegNtPreCreateKey
HKLM\software\wow6432node\mapsgalaxy_39ei\installer::dir	C:\Program Files (x86)\MapsGalaxy_39EI\Installr\	RegNtPreCreateKey
HKLM\software\wow6432node\mapsgalaxy_39ei\installer::pluginpath	C:\Program Files (x86)\MapsGalaxy_39EI\Installr\1.bin\	RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\ext\preapproved\{8f0b76e1-4e46-427b-b55b-b90593468ac6}::		RegNtPreCreateKey
HKLM\software\wow6432node\mozillaplugins\@ei.mapsgalaxy_39.com/plugin::description	MapsGalaxy Plugin	RegNtPreCreateKey
HKLM\software\wow6432node\mozillaplugins\@ei.mapsgalaxy_39.com/plugin::path	C:\Program Files (x86)\MapsGalaxy_39EI\Installr\1.bin\NP39EISB.dll	RegNtPreCreateKey
HKLM\software\wow6432node\mozillaplugins\@ei.mapsgalaxy_39.com/plugin::vendor	FULLCOMPANYNAME_DDE0BB24-8F8C-44e9-B962-8289B302DEF9	RegNtPreCreateKey
HKLM\software\wow6432node\mozillaplugins\@ei.mapsgalaxy_39.com/plugin::version	1.1.0.0	RegNtPreCreateKey
HKLM\software\wow6432node\mozillaplugins\@ei.mapsgalaxy_39.com/plugin\mimetypes\application/x-mapsgalaxy_39pluginei::description	MapsGalaxy Plugin	RegNtPreCreateKey
HKLM\software\wow6432node\mozillaplugins\@ei.mapsgalaxy_39.com/plugin\mimetypes\application/x-mapsgalaxy_39pluginei::suffixes	39i	RegNtPreCreateKey
HKLM\software\classes\mapsgalaxy_39installer.start.1::		RegNtPreCreateKey
HKLM\software\classes\mapsgalaxy_39installer.start.1\clsid::	{8f0b76e1-4e46-427b-b55b-b90593468ac6}	RegNtPreCreateKey
HKLM\software\classes\mapsgalaxy_39installer.start::		RegNtPreCreateKey
HKLM\software\classes\mapsgalaxy_39installer.start\clsid::	{8f0b76e1-4e46-427b-b55b-b90593468ac6}	RegNtPreCreateKey
HKLM\software\classes\mapsgalaxy_39installer.start\curver::	MapsGalaxy_39Installer.Start.1	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{8f0b76e1-4e46-427b-b55b-b90593468ac6}::		RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{8f0b76e1-4e46-427b-b55b-b90593468ac6}\progid::	MapsGalaxy_39Installer.Start.1	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{8f0b76e1-4e46-427b-b55b-b90593468ac6}\versionindependentprogid::	MapsGalaxy_39Installer.Start	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{8f0b76e1-4e46-427b-b55b-b90593468ac6}\inprocserver32::	C:\Program Files (x86)\MapsGalaxy_39EI\Installr\1.bin\39EZSETP.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{8f0b76e1-4e46-427b-b55b-b90593468ac6}\inprocserver32::threadingmodel	Apartment	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{8f0b76e1-4e46-427b-b55b-b90593468ac6}\miscstatus::	0	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{8f0b76e1-4e46-427b-b55b-b90593468ac6}\miscstatus\1::	s	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{8f0b76e1-4e46-427b-b55b-b90593468ac6}\typelib::	{65b63e36-72e0-492f-ab29-bed6da43125b}	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{8f0b76e1-4e46-427b-b55b-b90593468ac6}\version::	1.0	RegNtPreCreateKey
HKLM\software\classes\typelib\{65b63e36-72e0-492f-ab29-bed6da43125b}\1.0::	Installer 1.0 Type Library	RegNtPreCreateKey
HKLM\software\classes\typelib\{65b63e36-72e0-492f-ab29-bed6da43125b}\1.0\flags::	0	RegNtPreCreateKey
HKLM\software\classes\typelib\{65b63e36-72e0-492f-ab29-bed6da43125b}\1.0\0\win32::	C:\Program Files (x86)\MapsGalaxy_39EI\Installr\1.bin\39EZSETP.dll\1	RegNtPreCreateKey
HKLM\software\classes\typelib\{65b63e36-72e0-492f-ab29-bed6da43125b}\1.0\helpdir::	C:\Program Files (x86)\MapsGalaxy_39EI\Installr\1.bin\39EZSETP.dll\	RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{03480f0d-7897-4fc0-86d8-18b6ff450d2a}::	It8InstallerStart	RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{03480f0d-7897-4fc0-86d8-18b6ff450d2a}\proxystubclsid32::	{00020424-0000-0000-C000-000000000046}	RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{03480f0d-7897-4fc0-86d8-18b6ff450d2a}\typelib::	{65B63E36-72E0-492F-AB29-BED6DA43125B}	RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{03480f0d-7897-4fc0-86d8-18b6ff450d2a}\typelib::version	1.0	RegNtPreCreateKey
HKLM\software\classes\interface\{03480f0d-7897-4fc0-86d8-18b6ff450d2a}::	It8InstallerStart	RegNtPreCreateKey
HKLM\software\classes\interface\{03480f0d-7897-4fc0-86d8-18b6ff450d2a}\proxystubclsid32::	{00020424-0000-0000-C000-000000000046}	RegNtPreCreateKey
HKLM\software\classes\interface\{03480f0d-7897-4fc0-86d8-18b6ff450d2a}\typelib::	{65B63E36-72E0-492F-AB29-BED6DA43125B}	RegNtPreCreateKey
HKLM\software\classes\interface\{03480f0d-7897-4fc0-86d8-18b6ff450d2a}\typelib::version	1.0	RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{09b8c335-1622-42c7-8650-a79d56551343}::	_It8InstallerStartEvents	RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{09b8c335-1622-42c7-8650-a79d56551343}\proxystubclsid32::	{00020420-0000-0000-C000-000000000046}	RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{09b8c335-1622-42c7-8650-a79d56551343}\typelib::	{65B63E36-72E0-492F-AB29-BED6DA43125B}	RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{09b8c335-1622-42c7-8650-a79d56551343}\typelib::version	1.0	RegNtPreCreateKey
HKLM\software\classes\interface\{09b8c335-1622-42c7-8650-a79d56551343}::	_It8InstallerStartEvents	RegNtPreCreateKey
HKLM\software\classes\interface\{09b8c335-1622-42c7-8650-a79d56551343}\proxystubclsid32::	{00020420-0000-0000-C000-000000000046}	RegNtPreCreateKey
HKLM\software\classes\interface\{09b8c335-1622-42c7-8650-a79d56551343}\typelib::	{65B63E36-72E0-492F-AB29-BED6DA43125B}	RegNtPreCreateKey
HKLM\software\classes\interface\{09b8c335-1622-42c7-8650-a79d56551343}\typelib::version	1.0	RegNtPreCreateKey
HKLM\software\wow6432node\mapsgalaxy_39ei\installer::sr		RegNtPreCreateKey
HKLM\software\wow6432node\mapsgalaxy_39ei\installer::pl	9	RegNtPreCreateKey
HKLM\software\wow6432node\televisionfanaticei\installer::un	TelevisionFanatic	RegNtPreCreateKey
HKLM\software\wow6432node\televisionfanaticei\installer::dir	C:\Program Files (x86)\TelevisionFanaticEI\Installr\	RegNtPreCreateKey
HKLM\software\wow6432node\televisionfanaticei\installer::pluginpath	C:\Program Files (x86)\TelevisionFanaticEI\Installr\1.bin\	RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\ext\preapproved\{2ff49ed5-a3ef-410b-918e-97deceb5996d}::		RegNtPreCreateKey
HKLM\software\wow6432node\mozillaplugins\@ei.televisionfanatic.com/plugin::description	TelevisionFanatic Plugin	RegNtPreCreateKey
HKLM\software\wow6432node\mozillaplugins\@ei.televisionfanatic.com/plugin::path	C:\Program Files (x86)\TelevisionFanaticEI\Installr\1.bin\NP64EISB.dll	RegNtPreCreateKey
HKLM\software\wow6432node\mozillaplugins\@ei.televisionfanatic.com/plugin::vendor	FULLCOMPANYNAME_DDE0BB24-8F8C-44e9-B962-8289B302DEF9	RegNtPreCreateKey
HKLM\software\wow6432node\mozillaplugins\@ei.televisionfanatic.com/plugin::version	1.1.0.0	RegNtPreCreateKey
HKLM\software\wow6432node\mozillaplugins\@ei.televisionfanatic.com/plugin\mimetypes\application/x-64-televisionfanaticpluginei::description	TelevisionFanatic Plugin	RegNtPreCreateKey
HKLM\software\wow6432node\mozillaplugins\@ei.televisionfanatic.com/plugin\mimetypes\application/x-64-televisionfanaticpluginei::suffixes	64i	RegNtPreCreateKey
HKLM\software\classes\televisionfanaticinstaller.start.1::		RegNtPreCreateKey
HKLM\software\classes\televisionfanaticinstaller.start.1\clsid::	{2ff49ed5-a3ef-410b-918e-97deceb5996d}	RegNtPreCreateKey
HKLM\software\classes\televisionfanaticinstaller.start::		RegNtPreCreateKey
HKLM\software\classes\televisionfanaticinstaller.start\clsid::	{2ff49ed5-a3ef-410b-918e-97deceb5996d}	RegNtPreCreateKey
HKLM\software\classes\televisionfanaticinstaller.start\curver::	TelevisionFanaticInstaller.Start.1	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{2ff49ed5-a3ef-410b-918e-97deceb5996d}::		RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{2ff49ed5-a3ef-410b-918e-97deceb5996d}\progid::	TelevisionFanaticInstaller.Start.1	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{2ff49ed5-a3ef-410b-918e-97deceb5996d}\versionindependentprogid::	TelevisionFanaticInstaller.Start	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{2ff49ed5-a3ef-410b-918e-97deceb5996d}\inprocserver32::	C:\Program Files (x86)\TelevisionFanaticEI\Installr\1.bin\64EZSETP.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{2ff49ed5-a3ef-410b-918e-97deceb5996d}\inprocserver32::threadingmodel	Apartment	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{2ff49ed5-a3ef-410b-918e-97deceb5996d}\miscstatus::	0	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{2ff49ed5-a3ef-410b-918e-97deceb5996d}\miscstatus\1::	s	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{2ff49ed5-a3ef-410b-918e-97deceb5996d}\typelib::	{4084d718-3644-4504-b828-bb054729e39c}	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{2ff49ed5-a3ef-410b-918e-97deceb5996d}\version::	1.0	RegNtPreCreateKey
HKLM\software\classes\typelib\{4084d718-3644-4504-b828-bb054729e39c}\1.0::	Installer 1.0 Type Library	RegNtPreCreateKey
HKLM\software\classes\typelib\{4084d718-3644-4504-b828-bb054729e39c}\1.0\flags::	0	RegNtPreCreateKey
HKLM\software\classes\typelib\{4084d718-3644-4504-b828-bb054729e39c}\1.0\0\win32::	C:\Program Files (x86)\TelevisionFanaticEI\Installr\1.bin\64EZSETP.dll\1	RegNtPreCreateKey
HKLM\software\classes\typelib\{4084d718-3644-4504-b828-bb054729e39c}\1.0\helpdir::	C:\Program Files (x86)\TelevisionFanaticEI\Installr\1.bin\64EZSETP.dll\	RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{34a117ad-7f43-4859-bf97-adc46488953f}::	It8InstallerStart	RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{34a117ad-7f43-4859-bf97-adc46488953f}\proxystubclsid32::	{00020424-0000-0000-C000-000000000046}	RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{34a117ad-7f43-4859-bf97-adc46488953f}\typelib::	{4084D718-3644-4504-B828-BB054729E39C}	RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{34a117ad-7f43-4859-bf97-adc46488953f}\typelib::version	1.0	RegNtPreCreateKey
HKLM\software\classes\interface\{34a117ad-7f43-4859-bf97-adc46488953f}::	It8InstallerStart	RegNtPreCreateKey
HKLM\software\classes\interface\{34a117ad-7f43-4859-bf97-adc46488953f}\proxystubclsid32::	{00020424-0000-0000-C000-000000000046}	RegNtPreCreateKey
HKLM\software\classes\interface\{34a117ad-7f43-4859-bf97-adc46488953f}\typelib::	{4084D718-3644-4504-B828-BB054729E39C}	RegNtPreCreateKey
HKLM\software\classes\interface\{34a117ad-7f43-4859-bf97-adc46488953f}\typelib::version	1.0	RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{aa8714c4-294d-47fb-bce0-bc12445cfbd4}::	_It8InstallerStartEvents	RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{aa8714c4-294d-47fb-bce0-bc12445cfbd4}\proxystubclsid32::	{00020420-0000-0000-C000-000000000046}	RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{aa8714c4-294d-47fb-bce0-bc12445cfbd4}\typelib::	{4084D718-3644-4504-B828-BB054729E39C}	RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{aa8714c4-294d-47fb-bce0-bc12445cfbd4}\typelib::version	1.0	RegNtPreCreateKey
HKLM\software\classes\interface\{aa8714c4-294d-47fb-bce0-bc12445cfbd4}::	_It8InstallerStartEvents	RegNtPreCreateKey
HKLM\software\classes\interface\{aa8714c4-294d-47fb-bce0-bc12445cfbd4}\proxystubclsid32::	{00020420-0000-0000-C000-000000000046}	RegNtPreCreateKey
HKLM\software\classes\interface\{aa8714c4-294d-47fb-bce0-bc12445cfbd4}\typelib::	{4084D718-3644-4504-B828-BB054729E39C}	RegNtPreCreateKey
HKLM\software\classes\interface\{aa8714c4-294d-47fb-bce0-bc12445cfbd4}\typelib::version	1.0	RegNtPreCreateKey
HKLM\software\wow6432node\televisionfanaticei\installer::sr		RegNtPreCreateKey
HKLM\software\wow6432node\televisionfanaticei\installer::pl	9	RegNtPreCreateKey

Windows API Usage

Category	API
Network Wininet	HttpOpenRequest HttpQueryInfo HttpSendRequest InternetConnect InternetOpen InternetOpenUrl InternetQueryOption InternetReadFile InternetSetOption
Process Manipulation Evasion	NtUnmapViewOfSection
Process Shell Execute	CreateProcess ShellExecuteEx
Encryption Used	BCryptOpenAlgorithmProvider
Service Control	OpenSCManager OpenService
Anti Debug	IsDebuggerPresent NtQuerySystemInformation OutputDebugString
Other Suspicious	AdjustTokenPrivileges SetWindowsHookEx
User Data Access	GetUserObjectInformation
Syscall Use	ntdll.dll!NtAlpcSendWaitReceivePort ntdll.dll!NtClose ntdll.dll!NtCreateFile ntdll.dll!NtCreateSection ntdll.dll!NtFreeVirtualMemory ntdll.dll!NtMapViewOfSection ntdll.dll!NtOpenFile ntdll.dll!NtOpenKey ntdll.dll!NtOpenProcessToken ntdll.dll!NtQueryAttributesFile Show More ntdll.dll!NtQueryDebugFilterState ntdll.dll!NtQueryInformationProcess ntdll.dll!NtQueryInformationToken ntdll.dll!NtQuerySystemInformationEx ntdll.dll!NtQueryValueKey ntdll.dll!NtQueryVirtualMemory ntdll.dll!NtQueryVolumeInformationFile ntdll.dll!NtReadFile ntdll.dll!NtSetEvent ntdll.dll!NtSetInformationFile ntdll.dll!NtSetInformationProcess ntdll.dll!NtSetInformationVirtualMemory ntdll.dll!NtSetInformationWorkerFactory ntdll.dll!NtTestAlert ntdll.dll!NtTraceControl ntdll.dll!NtUnmapViewOfSection ntdll.dll!NtWaitForSingleObject ntdll.dll!NtWriteFile

Shell Command Execution


							"C:\Users\Imiexroz\AppData\Local\Temp\00000640T8SETUP.EXE"  /p=^BA5/n="OnlineMapFinder"


							"C:\PROGRA~2\ONLINE~1\bar\1.bin\9pbarsvc.exe" -remove


							"C:\Users\Prqhoosh\AppData\Local\Temp\00001264T8SETUP.EXE"  /p=^Z7/n="GamingWonderland"


							"C:\PROGRA~2\GAMING~1\bar\1.bin\gtbarsvc.exe" -remove


							"C:\Users\Wqqwepnb\AppData\Local\Temp\000017fcT8SETUP.EXE"  /p=^ZU/n="MyFunCards"


									"C:\PROGRA~2\MYFUNC~1\bar\1.bin\5mbarsvc.exe" -remove


									"C:\PROGRA~2\MYFUNC~1\bar\1.bin\5mbarsvc.exe" -install


									open C:\Users\Mbbzeqdb\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe __IRAOFF:1757154 "__IRAFN:c:\users\user\downloads\4e1ff9993c5d5495db8f727f882cf520a0d8e023_0005686344" "__IRCT:1" "__IRTSS:5672920" "__IRSID:S-1-5-21-3119368278-1123331430-659265220-1001"


									rundll32 C:\PROGRA~2\MAPSGA~1\Installr\1.bin\39EZSETP.dll,Update


									C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\d6da98e79426580339a5f074b45b409754fb30eb_0000031096.,LiQMAxHB


									C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\01b96ee7b142ffce8fd547d19dff5adc1819aeee_0000030648.,LiQMAxHB


									C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\5949bcccc80c81fb62cd13fdf2522a6402c513de_0000034872.,LiQMAxHB


									rundll32 C:\PROGRA~2\TELEVI~1\Installr\1.bin\64EZSETP.dll,Update

16 Comments

Mary Adams 11 years ago Reply

how can I get mindspark off my computer??

Edward Cloud 10 years ago Reply

It seems that I am not the only one with a MINDSPARK INTERACTIVE NETWORK problem.

Robert Abele 10 years ago Reply

I seem to have Mindbar on my computer. I did not as fo it nor did I install it. How may I remove from my computer

harry Hosey 10 years ago Reply

how do I get Mindspark off my computer?

jackemled 10 years ago Reply

I FINALLY KNOW WHAT IS CAUSING AD POPUPS!!!!!!!! YES!!!!!!! FINALLY!!!!!!!!!! *Buys best gun he could find.* *Loads gun.* *Realizes shooting the computer won't solve the problem & just deletes all of the Mindspark files instead.*

judy stickley 10 years ago Reply

How can I remove mindspark from my computer and I hated your maps.

Sanjeev 10 years ago Reply

I seem to have mistakenly installed the Mindspark toolbar on my computer. Please help me remove it.

Ronda 10 years ago Reply

I have finally figured out how to remove mindspark off my pc. this is how you do it.

Tools
Add-Ons
Extensions
REMOVE mindspark. It says something about youtube, yes delete it.

Hope this helps anyone who needs it.

Tom 10 years ago Reply

I need to remove Mindspark from my PC

joe g 10 years ago Reply

Thanks to Ronda, I used her method and it worked. Thanks Ronda!

Ronda:
18 days ago

Bob Dorris 10 years ago Reply

I tried this reply and it does not work.
I would love to get rid of this damn thing on my computer.
It's a pain in the ass.

Ronda:
26 days ago

SHIRLEY 10 years ago Reply

PLEASE REMOVE MINDSPARK FROM MY TOOL BAR PLEASE

Burt Wilson 10 years ago Reply

When I go to tools, etc., there is no &quot;extenstions&quot; thing to click on. How do I get this Mindspark off my computer and where can I find the guy who put it on!!!

g. colombo 10 years ago Reply

Pkease remove Mindspark, My Way etc. from my tool bar and computer. Please acknowledge that you have done this. Thank you

robert brown 9 years ago Reply

please remove mindspark off my computer

c. cONNOLLY 8 years ago Reply

PLEASE REMOVE MINDSPARK AND ANYTHING ASSOCIATED WITH IT FROM MY COMPUTER

Mindspark Toolbars

Threat Scorecard

EnigmaSoft Threat Scorecard

Aliases

SpyHunter Detects & Remove Mindspark Toolbars

File System Details

Registry Details

Directories

Cookies

URLs

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Icons

File Icons

Windows PE Version Information

Windows PE Version Information

Digital Signatures

Digital Signatures

File Traits

Block Information

Block Information

Similar Families

Similar Families

Files Modified

Files Modified

Registry Modifications

Registry Modifications

Windows API Usage

Windows API Usage

Shell Command Execution

Shell Command Execution

16 Comments

Submit Comment

Trending

Most Viewed