Should I block it?
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization
Relationships
 PE file structure
|
Show functions |
Import table
kernel32.dll
Sleep, CloseHandle, FreeLibrary, GetProcAddress, LoadLibraryA, lstrcpyA, lstrlenA, GetModuleFileNameA, SetThreadPriority, GetCurrentThread, GetLastError, CreateEventA, LockResource, LoadResource, FindResourceA, LoadLibraryExA, GetStartupInfoA, ExitProcess, GetCommandLineA, GetModuleHandleA, InitializeCriticalSection, DeleteCriticalSection, HeapAlloc, GetProcessHeap, HeapReAlloc, HeapFree, LeaveCriticalSection, EnterCriticalSection, LocalFree, GetVersionExA
user32.dll
PeekMessageA, UnhookWindowsHookEx, DispatchMessageA, TranslateMessage, PostQuitMessage, CreateWindowExA, RegisterClassExA, SetWindowsHookExA, CharNextA, GetMessageA, DefWindowProcA
4wbrmon.exe
VER_PRODUCT_NAME by Mindspark Interactive Network (Signed)
| Version: | 1,0,2,0 |
| MD5: | 0bbf9b5e16508f6e4451c90f53ffa8d0 |
| SHA1: | 4ea9923fdac403fd41e0cdad86e3d54e3846d674 |
| SHA256: | c9a9aeee317c96af1f30d8679df96b17ae9211601ea44f3b15bb8b3c15c908a7 |
Warning 3 antivirus scanners has detected malware.
What is 4wbrmon.exe?
My Web Search by the Mindspark Interactive Network is a browser toolbar, part of the Fun Web Products suite of potentially unwanted applications such as Smiley Central, Cursor Mania, Popular Screensavers and others. The toolbar provides access to search engine results and a 404 Error Redirector among other things to your browser. The My Web Search toolbar could slow down your PC and uses cookies to track your web surfing usage and habits.
About 4wbrmon.exe (from Mindspark Interactive Network)
“MyWebSearch brings together the most comprehensive collection of search tools available to provide you with the information you need when you need it. MyWebSearch allows you to search the web directly”
Details
| File name: | 4wbrmon.exe |
| Publisher: | VER_COMPANY_NAME |
| Product name: | VER_PRODUCT_NAME |
| Description: | VER_DESCRIPTION |
| Typical file path: | C:\Program Files\Retrogamer_4w\bar\1.bin\4wbrmon.exe |
| Original name: | VER_EXE_FILENAME.exe |
| File version: | 1,0,2,0 |
| Product version: | 2,3,0,0 |
| Size: | 29.39 KB (30,096 bytes) |
| Certificate |
| Issued to: | Mindspark Interactive Network |
| Digital DNA |
| File packed: | No |
| .NET CLR: | No |
More details
Behaviors
Startup files (all users) run
Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'MyWebFace_5a Browser Plugin Loader' → C:\Program Files1\MYWEBF~2\bar\1.bin\5abrmon.exe
- 'iWon_5k Browser Plugin Loader' → C:\Program Files1\iWon_5k\bar\1.bin\5kbrmon.exe
- 'Retrogamer_4w Browser Plugin Loader' → C:\Program Files2\RETROG~2\bar\1.bin\4wbrmon.exe
Malware detections
Based on 40+ industry antivirus scanners, 3 of them detected the following malware.
| Antivirus engine | Engine version | Detection |
| avast! |
6.0.1289.0 |
Win32:FunWeb-K [PUP] |
| AVG |
2014.0.3629 |
AdInstaller.FunWeb |
| VIPRE Antivirus |
16574 |
MyWebSearch.J (v) (not malicious) |
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
| CPU |
| Total CPU: | 0.00347967% | |
| Kernel CPU: | 0.00347967% | |
| Kernel CPU time: | 34 ms/min | |
| CPU cycles: | 2,699/sec | |
| Memory |
| Private memory: | 1.46 MB | |
| Private (maximum): | 993 KB | |
| Private (minimum): | 900 KB | |
| Non-paged memory: | 1.46 MB | |
| Virtual memory: | 59.42 MB | |
| Virtual memory (peak): | 62.89 MB | |
| Working set: | 758 KB | |
| Working set (peak): | 4.8 MB | |
| Page faults: | 4,103/min | |
| I/O |
| I/O other transfer: | 2 Bytes/sec | |
| I/O other operations: | 1/sec | |
| Resource allocations |
| Threads: | 2 | |
| Handles: | 96 | |
| GUI GDI count: | 9 | |
| GUI GDI peak: | 10 | |
| GUI USER count: | 4 | |
| GUI USER peak: | 4 | |
Process properties
| Integrety level: | High |
| Platform: | 32-bit |
| Command lines: |
- "C:\progra~1\iwon_5k\bar\1.bin\5kbrmon.exe"
- "C:\progra~1\mywebf~2\bar\1.bin\5abrmon.exe"
- "C:\progra~2\retrog~2\bar\1.bin\4wbrmon.exe"
|
| Owner: | User |
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Ultimate N |
80.00% |
|
| Windows 7 Ultimate |
10.00% |
|
| Windows 7 Enterprise |
10.00% |
|
Distribution by country
United States installs about 100.00% of VER_PRODUCT_NAME.
