FUNMOODSSRV.EXE is Adware Funmoods

August 22, 2012 by NightWatcher
Filed under: Adware 
: Solved!

Fix it immediately:

We received the file FUNMOODSSRV.EXE and detected that FUNMOODSSRV.EXE is not good.
FUNMOODSSRV.EXE is Adware. You should remove the file FUNMOODSSRV.EXE.
Kill the process FUNMOODSSRV.EXE and remove FUNMOODSSRV.EXE from Windows.

Malware Analysis of FUNMOODSSRV.EXE
Full path on a computer: %Program Files%\Funmoods\1.5.23.22\funmoodssrv.exe

Detected by UnHackMe:

FUNMOODSSRV.EXE
Default location: %Program Files%\Funmoods\1.5.23.22\funmoodssrv.exe

Removal Results: Success
Number of reboot: 1

FUNMOODSSRV.EXE is known as:

Adware.Funmoods

FUNMOODSSRV.EXE hash:

  • MD5: c076c8e973da52b34f79f646072e5868
How to quickly detect FUNMOODSSRV.EXE presence?

Folders:
  • %AppData%\Mozilla\Firefox\Profiles\eowse1ho.default\extensions
  • %AppData%\Mozilla\Firefox\Profiles\eowse1ho.default\searchplugins
  • %Programs%\Handbrake
  • %Program Files%\Funmoods
  • %Program Files%\Funmoods\1.5.23.22
  • %Program Files%\Funmoods\1.5.23.22\bh
  • %Program Files%\Handbrake
  • %Program Files%\Handbrake\doc
  • %Program Files%\Handbrake\fonts
  • %Program Files%\Handbrake\fonts\conf.avail
  • %Program Files%\Handbrake\fonts\conf.d
Files:
  • %AppData%\Mozilla\Firefox\Profiles\eowse1ho.default\searchplugins\Search.xml
  • %AppData%\Mozilla\Firefox\Profiles\eowse1ho.default\user.js
  • %AppData%\Opera\Opera\search.ini
  • %Desktop%\Handbrake.lnk
  • %Local Appdata%\datos.txt
  • %Local Appdata%\funmoods-speeddial.crx
  • %Local Appdata%\funmoods.crx
  • %Local Appdata%\save_en.bmp
  • %Local Appdata%\save_es.bmp
  • %Personal%\Downloads\handbrake-0-9-6-es-en-br-fr-de-it-win.exe
  • %Programs%\Handbrake\Handbrake.lnk
  • %Programs%\Handbrake\Uninstall.lnk
  • %Program Files%\Funmoods\1.5.23.22\bh\escort.dll
  • %Program Files%\Funmoods\1.5.23.22\escortApp.dll
  • %Program Files%\Funmoods\1.5.23.22\escortEng.dll
  • %Program Files%\Funmoods\1.5.23.22\escorTlbr.dll
  • %Program Files%\Funmoods\1.5.23.22\escortShld.dll
  • %Program Files%\Funmoods\1.5.23.22\FavIcon.ico
  • %Program Files%\Funmoods\1.5.23.22\funmoodssrv.exe
  • %Program Files%\Funmoods\1.5.23.22\uninstall.exe
  • %Program Files%\Handbrake\Castle.Core.dll
  • %Program Files%\Handbrake\Castle.Core.xml
  • %Program Files%\Handbrake\Castle.Windsor.dll
  • %Program Files%\Handbrake\Castle.Windsor.xml
  • %Program Files%\Handbrake\defaultsettings.xml
  • %Program Files%\Handbrake\doc\AUTHORS
  • %Program Files%\Handbrake\doc\COPYING
  • %Program Files%\Handbrake\doc\CREDITS
  • %Program Files%\Handbrake\doc\NEWS
  • %Program Files%\Handbrake\doc\THANKS
  • %Program Files%\Handbrake\doc\TRANSLATIONS
  • %Program Files%\Handbrake\fonts\conf.d\README
  • %Program Files%\Handbrake\fonts\fonts.conf
  • %Program Files%\Handbrake\fonts\fonts.dtd
  • %Program Files%\Handbrake\Growl.Connector.dll
  • %Program Files%\Handbrake\Growl.CoreLibrary.dll
  • %Program Files%\Handbrake\HandBrake.ApplicationServices.dll
  • %Program Files%\Handbrake\Handbrake.exe
  • %Program Files%\Handbrake\Handbrake.exe.config
  • %Program Files%\Handbrake\HandBrakeCLI.exe
  • %Program Files%\Handbrake\HandBrakeInterop.dll
  • %Program Files%\Handbrake\Microsoft.WindowsAPICodePack.dll
  • %Program Files%\Handbrake\Microsoft.WindowsAPICodePack.Shell.dll
  • %Program Files%\Handbrake\Ookii.Dialogs.Wpf.dll
  • %Program Files%\Handbrake\SplitButton.dll
  • %Program Files%\Handbrake\uninst.exe


Recommended: UnHackMe anti-rootkit and anti-malware

Premium software: RegRun Security Suite (Good choice for removal and protection)

Written by

Malware Hunter.

Tags: Adware, Funmoods, FUNMOODSSRV.EXE

Comments

Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

You must be logged in to post a comment.