crextp4z.exe
By Mindspark Interactive Network (Signed)
Version: | 1.0.6.50 |
MD5: | a39fd864f89f77a3da2679f135ab7a67 |
SHA1: | ff9f058b12b6c4d9b6256304fa9078e391c7f32c |
SHA256: | 26d571099e86388d8ca1b102f7c97d989426aaf450641afed203b8c6153c8ba0 |
Warning 4 antivirus scanners has detected malware.
Overview
crextp4z.exe is malware that executes as a process with the local user's privileges. It is installed with a couple of know programs including CouponXplorer Internet Explorer Toolbar published by Mindspark Interactive Network, WeatherBlink Internet Explorer Toolbar from Mindspark Interactive Network and WeatherBlink Internet Explorer Toolbar by Mindspark Interactive Network. The file is digitally signed by Mindspark Interactive Network which was issued by the VeriSign certificate authority (CA). This particular version is usually found on Windows 7 Professional (6.1.7601.65536).
Details
File name: | crextp4z.exe |
Typical file path: | C:\Program Files\videodownloadconverter_4z\bar\1.bin\crextp4z.exe |
Original name: | CrExtProc.exe |
File version: | 1.0.6.50 |
Size: | 1.31 MB (1,370,184 bytes) |
Build date: | 4/16/2013 2:44 AM |
Certificate |
Issued to: | Mindspark Interactive Network |
Authority (CA): | VeriSign |
Effective date: | Tuesday, April 10, 2012 |
Expiration date: | Thursday, May 7, 2015 |
Digital DNA |
File packed: | No |
.NET CLR: | No |
More details
Programs
The following programs will install this file
|
Mindspark Interactive Network |
|
Installs an Ask.com toolbar in Internet Explorer as a Browser Helper Object. According to the EULA (see below) as well as the behavior of the software, this toolbar will install search functionality in IE by modifying the default search, address bar and redirect queries. In addition it will change the user's home page and new tabs page to home.tb.ask.com.
The toolbar uses the Price Finder application from Pronto, LLC. From the Privac...
|
Mindspark Interactive Network |
|
WeatherBlink Internet Explorer Toolbar is a web browser extension that changes the browsers search and home pages as well as delivers. In order to provide search advertising revenue, the software is designed not only to modify the search provider but to protect it so that it remains the default browser search engine. It is typically installed via a bundled offer within a third-party software distribution. As for distribution, the toolb...
|
Mindspark Interactive Network |
|
SafePCRepair Internet Explorer Toolbar is a web browser extension that changes the browsers search and home pages as well as delivers. In order to provide search advertising revenue, the software is designed not only to modify the search provider but to protect it so that it remains the default browser search engine. It is typically installed via a bundled offer within a third-party software distribution. As for distribution, the toolb...
|
Mindspark Interactive Network |
|
Functionality of the toolbar includes:
- Changing the web browser's default home page to MyWebSearch.com.
- Changing the browser's search provider, built-in search box to MyWebSearch.com.
- Ability to modify the 'new tab' functionality to launch the modified search portal page.
- Adds an alternative error page, DNS error and 'page not' found functionality.
- Adds additional functionality that is designed to protect the search and h...
|
Mindspark Interactive Network |
|
Functionality of the toolbar includes:
- Changing the web browser's default home page to MyWebSearch.com.
- Changing the browser's search provider, built-in search box to MyWebSearch.com.
- Ability to modify the 'new tab' functionality to launch the modified search portal page.
- Adds an alternative error page, DNS error and 'page not' found functionality.
- Adds additional functionality that is designed to protect the search and h...
|
Mindspark Interactive Network |
|
FromDocToPDF Firefox Toolbar is a web browser toolbar and extension that modifies the browsers search and home pages as well as delivers contextual based advertising. In order to provide search advertising revenue, the software is designed not only to modify the search provider but to protect it so that it remains the default browser search engine. It is typically installed via a co-bundled offer within a third-party software distribut...
|
Mindspark Interactive Network |
|
FromDocToPDF Internet Explorer Toolbar is a web browser extension that changes the browsers search and home pages as well as delivers. In order to provide search advertising revenue, the software is designed not only to modify the search provider but to protect it so that it remains the default browser search engine. It is typically installed via a bundled offer within a third-party software distribution. As for distribution, the toolb...
|
Mindspark Interactive Network |
|
MapsGalaxy Firefox Toolbar installs is a web browser extension and allows provides users the means to search the Internet with MyWebSearch, a potentially unwanted program that changes and redircts all of your search results as well as DNS errors, and modifies your home page to mywebsearch.com or some other webpage. MyWebSearch automatically becomes your default search service which hijacks all your search requests as well as tracks your...
|
Mindspark Interactive Network |
|
MapsGalaxy Internet Explorer Toolbar installs is a web browser extension and allows provides users the means to search the Internet with MyWebSearch, a potentially unwanted program that changes and redircts all of your search results as well as DNS errors, and modifies your home page to mywebsearch.com or some other webpage. MyWebSearch automatically becomes your default search service which hijacks all your search requests as well as t...
|
Mindspark Interactive Network |
|
Installs a Mindspark toolbar in your Web browser that collects and stores information about your web browsing habits and sends this information to Mindspark so they can suggest services or provide ads via the toolbar.
|
Mindspark Interactive Network |
|
Installs a Mindspark toolbar in your Web browser that collects and stores information about your web browsing habits and sends this information to Mindspark so they can suggest services or provide ads via the toolbar.
|
Mindspark Interactive Network |
|
Installs a Mindspark toolbar in your Web browser that collects and stores information about your web browsing habits and sends this information to Mindspark so they can suggest services or provide ads via the toolbar.
|
Mindspark Interactive Network |
|
FilmFanatic Firefox Toolbar is a web browser extension that changes the browsers search and home pages as well as delivers. In order to provide search advertising revenue, the software is designed not only to modify the search provider but to protect it so that it remains the default browser search engine. It is typically installed via a bundled offer within a third-party software distribution. As for distribution, the toolbar is typic...
|
Mindspark Interactive Network |
|
TelevisionFanatic Internet Explorer Toolbar installs is a web browser extension and allows provides users the means to search the Internet with MyWebSearch, a potentially unwanted program that changes and redircts all of your search results as well as DNS errors, and modifies your home page to mywebsearch.com or some other webpage. MyWebSearch automatically becomes your default search service which hijacks all your search requests as we...
|
Mindspark Interactive Network |
|
ReadingFanatic Internet Explorer Toolbar is a web browser extension that changes the browsers search and home pages as well as delivers. In order to provide search advertising revenue, the software is designed not only to modify the search provider but to protect it so that it remains the default browser search engine. It is typically installed via a bundled offer within a third-party software distribution. As for distribution, the too...
|
Mindspark Interactive Network |
|
ReadingFanatic Firefox Toolbar is a web browser extension that changes the browsers search and home pages as well as delivers. In order to provide search advertising revenue, the software is designed not only to modify the search provider but to protect it so that it remains the default browser search engine. It is typically installed via a bundled offer within a third-party software distribution. As for distribution, the toolbar is ty...
|
Mindspark Interactive Network |
|
This toolbar/web browser extension is ad/search-supported that is typically installed as an optional offer, users generally have this bundled with 3rd party software. During setup, this toolbar will modify the home page and new tab pages to an affiliate search portal using a primary search engine in order to collect shared search revenue. It will also modify the default search provider as well.
|
Mindspark Interactive Network |
|
Functionality of the toolbar includes:
- Changing the web browser's default home page to MyWebSearch.com.
- Changing the browser's search provider, built-in search box to MyWebSearch.com.
- Ability to modify the 'new tab' functionality to launch the modified search portal page.
- Adds an alternative error page, DNS error and 'page not' found functionality.
- Adds additional functionality that is designed to protect the search and h...
|
Mindspark Interactive Network |
|
RadioRage Firefox Toolbar installs is a web browser extension and allows provides users the means to search the Internet with MyWebSearch, a potentially unwanted program that changes and redircts all of your search results as well as DNS errors, and modifies your home page to mywebsearch.com or some other webpage. MyWebSearch automatically becomes your default search service which hijacks all your search requests as well as tracks your ...
|
Mindspark Interactive Network |
|
RadioRage Internet Explorer Toolbar is a web browser extension that changes the browsers search and home pages as well as delivers. In order to provide search advertising revenue, the software is designed not only to modify the search provider but to protect it so that it remains the default browser search engine. It is typically installed via a bundled offer within a third-party software distribution. As for distribution, the toolbar ...
Malware detections
Based on 40+ industry antivirus scanners, 4 of them detected the following malware.
Antivirus engine | Engine version | Detection |
avast! |
8.0.1489.320 |
Win32:Mindspark-A [PUP] |
AVG |
13.0.0.3169 |
Zango |
Kingsoft |
2013.4.9.267 |
Win32.Troj.Undef.(kcloud) |
VIPRE Antivirus |
22166 |
MyWebSearch.J (v) (not malicious) |
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
CPU |
Total CPU: | 0.00366027% | |
Kernel CPU: | 0.00194803% | |
User CPU: | 0.00171224% | |
Kernel CPU time: | 484 ms/min | |
CPU cycles: | 273,247/sec | |
Memory |
Private memory: | 7.6 MB | |
Private (maximum): | 5.18 MB | |
Private (minimum): | 736 KB | |
Non-paged memory: | 7.6 MB | |
Virtual memory: | 138.37 MB | |
Virtual memory (peak): | 143.87 MB | |
Working set: | 884 KB | |
Working set (peak): | 19.65 MB | |
Page faults: | 8,831/min | |
I/O |
I/O read transfer: | 146 Bytes/sec | |
I/O read operations: | 1/sec | |
I/O write transfer: | 0 Bytes/sec | |
I/O write operations: | 1/sec | |
I/O other transfer: | 3 Bytes/sec | |
I/O other operations: | 1/sec | |
Resource allocations |
Threads: | 14 | |
Handles: | 240 | |
GUI GDI count: | 12 | |
GUI GDI peak: | 13 | |
GUI USER count: | 24 | |
GUI USER peak: | 30 | |
Process properties
Integrety level: | Low |
Platform: | 64-bit |
Command lines: |
- "C:\Program Files\videodownloadconverter_4z\bar\1.bin\crextp4z.exe" /context="e8e51cf8e9a74a5775f9215cdd6feb6bdd7c6d3c¿videodownloadconverter_4z¿00000028400001000" /extensionversionstr="1.0.4" /browserversion="10.0.9200.16660" /browserversionstr="10.0.9200.16660"
- "C:\Program Files\videodownloadconverter_4z\bar\1.bin\crextp4z.exe" /context="8cead9d407922acada7f934a8ad7f3542b12c351¿videodownloadconverter_4z¿00000028400001000" /extensionversionstr="1.0.4" /browserversion="10.0.9200.16660" /browserversionstr="10.0.9200.16660"
- "C:\Program Files\videodownloadconverter_4z\bar\1.bin\crextp4z.exe" /context="eff2a3cad544aefc4391d367b416f7af18b29c6b¿videodownloadconverter_4z¿00000028400001000" /extensionversionstr="1.0.4" /browserversion="10.0.9200.16660" /browserversionstr="10.0.9200.16660"
|
Owner: | User |
Threads
Averages
CrExtP4z.exe (main module) |
Total CPU: | 0.00268789% | |
Kernel CPU: | 0.00140765% | |
User CPU: | 0.00128024% | |
CPU cycles: | 364,584/sec | |
Memory: | 1.32 MB | |
ntdll.dll |
Total CPU: | 0.00006414% | |
Kernel CPU: | 0.00006414% | |
User CPU: | 0.00000000% | |
CPU cycles: | 121/sec | |
Memory: | 1.66 MB | |
Common loaded modules
These are modules that are typiclaly loaded within the context of this process.
Distribution by Windows OS
OS version | distribution |
Windows 7 Professional |
100.00% |
|
Distribution by PC manufacturer
PC Manufacturer | distribution |
Hewlett-Packard |
100.00% |
|