Should I block it?

98%
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization

VersionsAdditional versions

2, 5, 12, 0 32.39%
2, 5, 11, 3 67.61%

Relationships


PE structurePE file structure

Show functions
Import table
advapi32.dll
SetTokenInformation, OpenServiceA, QueryServiceStatus, CloseServiceHandle, RegFlushKey, RegQueryValueExA, RegDeleteKeyA, RegCreateKeyExA, RegDeleteValueA, RegCloseKey, RegSetValueExA, RegQueryInfoKeyA, RegEnumValueA, RegOpenKeyExA, RegEnumKeyExA, CreateProcessAsUserA, OpenSCManagerA, GetLengthSid, DuplicateTokenEx, OpenProcessToken, RegEnumKeyA
crypt32.dll
CertNameToStrA, CertCloseStore, CertFindCertificateInStore, CryptDecodeObject, CryptMsgClose, CryptMsgGetParam, CryptVerifyMessageSignature, CertFreeCertificateContext, CryptMsgUpdate, CryptMsgOpenToDecode
gdi32.dll
SetTextColor, GetTextColor, GetTextMetricsA, GetObjectType, UpdateColors, DeleteDC, RealizePalette, SelectPalette, CreateSolidBrush, CreateCompatibleBitmap, CreatePalette, CreateRectRgn, BitBlt, GetDIBits, CreateDIBSection, GetObjectA, GetBitmapBits, SetBkMode, RectInRegion, OffsetRgn, LineTo, MoveToEx, SelectClipRgn, SetPixel, GetBkColor, SelectClipPath, EndPath, CloseFigure, BeginPath, TextOutA, GetTextExtentExPointA, SelectObject, SetMapMode, DPtoLP, GetMapMode, CreateBitmap, GetPixel, CreateFontIndirectA, GetDeviceCaps, GetTextExtentPoint32A, GetTextExtentPoint32W, CreatePen, CreateRoundRectRgn, CreateRectRgnIndirect, GetRgnBox, OffsetWindowOrgEx, SetWindowOrgEx, SetBkColor, ExtTextOutA, DeleteObject, CreateCompatibleDC, RoundRect, GetStockObject
kernel32.dll
LocalFree, HeapAlloc, GetSystemInfo, GetVersionExA, HeapCreate, DisableThreadLibraryCalls, GetShortPathNameA, RemoveDirectoryA, HeapDestroy, CopyFileA, SetFileAttributesA, FindClose, GetSystemDirectoryA, FindFirstFileA, CreateThread, ResetEvent, GetFileAttributesA, GetLocalTime, MoveFileA, lstrcpynW, DebugBreak, HeapReAlloc, HeapFree, SetCurrentDirectoryA, SetFilePointer, FileTimeToSystemTime, SetEndOfFile, UnmapViewOfFile, MapViewOfFile, CreateFileMappingA, FlushFileBuffers, OpenMutexA, SetThreadPriority, ResumeThread, CallNamedPipeA, CompareFileTime, SystemTimeToFileTime, MulDiv, Sleep, GetUserDefaultLangID, GetSystemTimeAsFileTime, WritePrivateProfileSectionA, GetPrivateProfileIntA, GetPrivateProfileStringA, GetWindowsDirectoryA, GetCommandLineA, GetDriveTypeA, GetCurrentDirectoryA, lstrcmpiW, lstrcpyW, GetModuleFileNameW, lstrcatW, SetLastError, GlobalAlloc, GlobalFree, DeleteFileA, CreateProcessA, CreateFileA, GetFileSize, ReadFile, WriteFile, GetExitCodeProcess, LoadLibraryA, FreeLibrary, WaitForMultipleObjects, WritePrivateProfileStringA, CreateDirectoryA, OpenFileMappingA, GetModuleHandleA, GetProcAddress, lstrcmpA, GetTickCount, GetCurrentProcessId, ReleaseMutex, lstrcatA, CreateMutexA, GlobalLock, GlobalUnlock, WideCharToMultiByte, IsDBCSLeadByte, lstrcpynA, lstrcmpiA, GetLastError, SizeofResource, lstrlenA, MultiByteToWideChar, GetModuleFileNameA, lstrcpyA, LoadLibraryExA, FindResourceA, LoadResource, LockResource, InterlockedDecrement, lstrlenW, InterlockedIncrement, GetCurrentProcess, FlushInstructionCache, GetCurrentThreadId, VirtualQuery, VirtualProtect, CreateEventA, WaitForSingleObject, CloseHandle, EnterCriticalSection, LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSection, SetEvent, FindNextFileA
ole32.dll
OleSetClipboard, OleFlushClipboard, CreateOleAdviseHolder, OleRegGetMiscStatus, OleRegGetUserType, CoCreateGuid, CoCreateInstance, StringFromGUID2, CreateStreamOnHGlobal, CoFreeUnusedLibraries, GetHGlobalFromStream, CoTaskMemRealloc, CoTaskMemAlloc, CoTaskMemFree, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, CLSIDFromString, CoGetInterfaceAndReleaseStream, CoMarshalInterThreadInterfaceInStream, OleRegEnumVerbs, CLSIDFromProgID
oleacc.dll
AccessibleObjectFromEvent, AccessibleChildren, WindowFromAccessibleObject, AccessibleObjectFromWindow
rpcrt4.dll
UuidFromStringW, UuidFromStringA
shell32.dll
SHGetMalloc, ShellExecuteA, SHGetPathFromIDListA, SHGetSpecialFolderLocation
user32.dll
EmptyClipboard, SetClipboardData, IsWindowUnicode, GetWindow, GetClientRect, IntersectRect, EqualRect, SendMessageTimeoutA, GetActiveWindow, OffsetRect, SetWindowRgn, SetFocus, GetFocus, IsChild, UnionRect, PtInRect, LoadStringA, MessageBoxW, MessageBoxA, ScreenToClient, ValidateRect, ReleaseCapture, GetForegroundWindow, SetCapture, IsWindowVisible, SetForegroundWindow, GetKeyState, DestroyIcon, SetWindowPos, wsprintfW, GetSysColor, GetSystemMetrics, GetWindowRect, GetWindowTextW, SetWindowTextW, IsRectEmpty, MapWindowPoints, SendMessageA, EnumWindows, GetParent, GetClassNameA, GetWindowThreadProcessId, BeginPaint, EndPaint, UpdateWindow, MoveWindow, InvalidateRect, RemovePropA, SetPropA, ShowWindow, OpenClipboard, RegisterClipboardFormatA, CloseClipboard, CopyImage, SetTimer, PostQuitMessage, KillTimer, CharNextA, GetClassInfoExA, LoadCursorA, wsprintfA, RegisterClassExA, GetWindowLongW, GetWindowLongA, SetWindowLongW, DefWindowProcA, CreateWindowExA, SetWindowLongA, CallWindowProcA, CallWindowProcW, PostThreadMessageA, PeekMessageA, SetWinEventHook, GetMessageA, TranslateMessage, DispatchMessageA, UnhookWinEvent, IsWindow, DestroyWindow, PostMessageA, UnregisterClassA, WindowFromPoint, GetCursorPos, SubtractRect, FindWindowA, AdjustWindowRectEx, CreateIcon, GetIconInfo, GetAsyncKeyState, DrawIconEx, TrackPopupMenuEx, DestroyCaret, SetCaretPos, ShowCaret, CreateCaret, GetGUIThreadInfo, GetCaretPos, DrawEdge, CreateIconIndirect, DefWindowProcW, GetCapture, ClientToScreen, WindowFromDC, GetUpdateRgn, SetRect, DrawTextW, DrawTextA, CreateWindowExW, GetWindowTextA, SetWindowTextA, AppendMenuW, AppendMenuA, GetKeyboardType, ReleaseDC, GetDC, SystemParametersInfoA, SetRectEmpty, FillRect, GetWindowDC, LoadImageA, GetWindowTextLengthA, HideCaret, EnableMenuItem, GetMenuItemInfoA, CheckMenuItem, GetDesktopWindow, SetMenuItemInfoA, InflateRect, CreatePopupMenu, ReplyMessage, GetPropA, EnumChildWindows, UnhookWindowsHookEx, SetWindowsHookExA, CallNextHookEx, GetMessageTime, GetMessagePos, DestroyMenu, IsMenu, CopyRect
version.dll
GetFileVersionInfoSizeA, VerQueryValueA, GetFileVersionInfoA
wintrust.dll
WinVerifyTrust
Export table
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
E
H
O
S
Update

4zuninstall videodownloadconverter.dll

MindSpark Toolbar Platform for Internet Explorer and Firefox by Mindspark Interactive Network (Signed)

Remove 4zuninstall videodownloadconverter.dll
Version:   2, 5, 12, 0
MD5:   8c0d3be90d304b71870a35f59ba580f1
SHA1:   cc9173458da2b4828925a11ac304a4b7c567e26e
SHA256:   9e1bb27184a934e23a187d24f3b9473a546283fd77e9e7408d481bf45070293e
Warning 7 antivirus scanners has detected malware.

Overview

4zuninstall videodownloadconverter.dll is malware that is loaded as dynamic link library that runs in the context of Internet Explorer. It is set to be start when the PC boots and any user logs into Windows (added to the Run registry key for the all users under the local machine). It is installed in Internet Explorer as a Browser Helper Object (BHO) which has full acess to the web browser's behaviors and content. The file is digitally signed by Mindspark Interactive Network which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:4zuninstall videodownloadconverter.dll
Publisher:MindSpark
Product name:MindSpark Toolbar Platform for Internet Explorer and Firefox
Description:MindSpark Toolbar Platform
Typical file path:C:\Program Files\4zuninstall videodownloadconverter.dll
Original name:t8Bar.dll
File version:2, 5, 12, 0
Size:691.57 KB (708,168 bytes)
Certificate
Issued to:Mindspark Interactive Network
Authority (CA):VeriSign
Effective date:Tuesday, April 10, 2012
Expiration date:Thursday, May 7, 2015
Digital DNA
File packed:No
.NET CLR:No
More details

BehaviorsBehaviors

Startup files (all users) run once
Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce'
  • 'TelevisionFanaticbar Uninstall' → rundll32 C:\Program Files2\64UNIN~1.DLL,O -3
  • 'ReadingFanatic_6xbar Uninstall' → rundll32 C:\Program Files1\6XUNIN~1.DLL,O -3
  • 'MyFunCards_5mbar Uninstall' → rundll32 C:\Program Files1\5MUNIN~1.DLL,O -3
  • 'Webfetti_52bar Uninstall' → rundll32 C:\Program Files2\52UNIN~1.DLL,O -3
  • 'DailyBibleGuidebar Uninstall' → rundll32 C:\Program Files2\2VUNIN~1.DLL,O -3
  • 'RadioRage_4jbar Uninstall' → rundll32 C:\Program Files1\4JUNIN~1.DLL,O -3
  • 'VideoDownloadConverter_4zbar Uninstall' → rundll32 C:\Program Files1\4ZUNIN~1.DLL,O -3
Startup files (all users) run
Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'VideoDownloadConverter' → rundll32 C:\Program Files1\VIDEOD~2\bar\1.bin\4zbar.dll,S
  • 'TelevisionFanatic' → rundll32 C:\Program Files1\TELEVI~2\bar\1.bin\64bar.dll,S
  • 'FromDocToPDF' → rundll32 C:\Program Files1\FROMDO~2\bar\1.bin\65bar.dll,S
  • 'HeroicPlay' → rundll32 C:\Program Files1\HEROIC~2\bar\1.bin\6obar.dll,S
  • 'Zwinky' → rundll32 C:\Program Files1\ZWINKY~2\bar\1.bin\5qbar.dll,S
  • 'MapsGalaxy' → rundll32 C:\Program Files1\MAPSGA~2\bar\1.bin\39bar.dll,S
Internet Explorer Browser Helper Object
Located in the registry at 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects'
  • BHO CLSID: {1e91a655-bb4b-4693-a05e-2edebc4c9d89}
  • BHO CLSID: {9D717F81-9148-4f12-8568-69135F087DB0}
  • BHO CLSID: {d5a1d22b-9e17-454f-8ecd-83c578fb3983}
  • BHO CLSID: {beea7fa9-d1f4-49a2-9b1f-6fb7a2d9bc2a}
  • BHO CLSID: {27488090-768a-4d20-a938-f223f71c344c}
  • BHO CLSID: {074d3229-0a22-491b-b9dd-ff3171d75f25}
  • BHO CLSID: {58f7b5ca-1162-42e8-8bbc-d543b4edd780}
  • BHO CLSID: {a235e1e3-6296-4710-af39-104a7faa6c7c}
  • BHO CLSID: {312f84fb-8970-4fd3-bddb-7012eac4afc9}
  • BHO CLSID: {7c8f8fe5-9785-4f74-bcf8-895ef9752d97}
  • BHO CLSID: {631acb68-57c3-48af-9cc5-fcec0837ffd3}
  • BHO CLSID: {cb41fc95-f1b3-4797-8bb6-1012ff62abba}
Internet Explorer toolbars
Located in the registry at 'SOFTWARE\Microsoft\Internet Explorer\Toolbar'
  • CLSID: {364ea597-e728-4ce4-bb4a-ed846ef47970}
  • CLSID: {3775afd7-5921-4571-968f-85a631203d1c}
  • CLSID: {2a942ab7-2073-49bc-a7e1-77e93835889a}
  • CLSID: {3033124f-06bf-4829-873a-310a125b4d4c}
  • CLSID: {07189b84-b33b-4a1e-9b32-ad203c983c20}
  • CLSID: {cf67755f-9265-449c-87cf-b945519e073b}
  • CLSID: {48586425-6bb7-4f51-8dc6-38c88e3ebb58}
  • CLSID: {c66a678d-5e6c-4af9-8f57-c6192f42cf74}
  • CLSID: {a899079d-206f-43a6-be6a-07e0fa648ea0}
  • CLSID: {0b84b4b4-8af8-4f1f-91fe-074a666f6425}
  • CLSID: {c98d5b61-b0ea-4d48-9839-1079d352d880}
Internet Explorer web browsers
Located in the registry at 'SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser'
  • CLSID: {364EA597-E728-4CE4-BB4A-ED846EF47970}
  • CLSID: {48586425-6BB7-4F51-8DC6-38C88E3EBB58}
  • CLSID: {3775AFD7-5921-4571-968F-85A631203D1C}
  • CLSID: {2A942AB7-2073-49BC-A7E1-77E93835889A}
  • CLSID: {C66A678D-5E6C-4AF9-8F57-C6192F42CF74}
  • CLSID: {3033124F-06BF-4829-873A-310A125B4D4C}
  • CLSID: {07189B84-B33B-4A1E-9B32-AD203C983C20}
  • CLSID: {A899079D-206F-43A6-BE6A-07E0FA648EA0}
  • CLSID: {0B84B4B4-8AF8-4F1F-91FE-074A666F6425}
  • CLSID: {C98D5B61-B0EA-4D48-9839-1079D352D880}

MalwareMalware detections

Based on 40+ industry antivirus scanners, 7 of them detected the following malware.
Antivirus engineEngine versionDetection
Antiy Labs AVL 2.0.3.7 WebToolbar/Win32.MyWebSearch
avast! 8.0.1489.320 Win32:Mindspark-A [PUP]
AVG 13.0.0.3169 Zango
ESET NOD32 7.8836 Win32/Toolbar.MyWebSearch.W
Kaspersky 9.0.0.837 not-a-virus:WebToolbar.Win32.MyWebSearch.tzk
Rising Antivirus 24.81.00.04 Trojan.Win32.Generic.14B5719C
VIPRE Antivirus 21774 MyWebSearch.J (v) (not malicious)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Microsoft Windows XP 32.39%
Windows 7 Home Premium 26.76%
Windows 7 Ultimate 15.49%
Windows 8 8.45%
Windows 8 Pro 5.63%
Windows 7 Professional 4.23%
Windows 7 Home Basic 4.23%
Windows Vista Home Premium 2.82%

Distribution by countryDistribution by country

United States installs about 26.76% of MindSpark Toolbar Platform for Internet Explorer and Firefox.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Lenovo 17.65%
Acer 17.65%
GIGABYTE 14.71%
Toshiba 11.76%
Dell 11.76%
Intel 8.82%
Samsung 8.82%
Sony 5.88%
Hewlett-Packard 2.94%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE