» funmoodseng.dll
Overview
Analysis
File Details
Programs (1)

funmoodseng.dll

Volonet Ltd

The module funmoodseng.dll by Volonet has been detected as adware by 8 anti-malware scanners. This file is typically installed with the program Funmoods on IE and Chrome by Volonet Ltd which is a potentially unwanted software program.

File name:

funmoodseng.dll

Publisher:

Funmoods (signed by Volonet Ltd)

Product:

Funmoods

Version:

1.5.11.0

MD5:

d5e0f923b3ee640efd6a58ec0c70cbdc

SHA-1:

74f62a9acdb9f9dd0580d69450c062ba8870deea

SHA-256:

3d1b55bbb46e5788ca3e8ce68e515f52bdf63c0f53ceaad7236964eedf97f281

Scanner detections:

8 / 68

Status:

Adware

Analysis date:

4/19/2024 10:45:05 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Trash.Gen

7.11.30.172

Dr.Web

Adware.Funmoods.1

9.0.1.043

ESET NOD32

Win32/Toolbar.Montiera

8.9318

Malwarebytes

PUP.FunMoods

v2014.02.12.07

Reason Heuristics

PUP.Volonet.L

14.8.7.21

Sophos

Funmoods Toolbar

4.96

SUPERAntiSpyware

Trojan.Agent/Gen-Nullo[Short]

10301

XVirus List

Win32.Detected

2.8.7

File size:

536 KB (548,816 bytes)

Product version:

1.5.11.0

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\funmoods\funmoods\1.5.11.16\funmoodseng.dll

Digital Signature

Signed by:

Volonet Ltd

Authority:

COMODO CA Limited

Valid from:

1/11/2012 1:00:00 AM

Valid to:

11/26/2013 12:59:59 AM

Subject:

CN=Volonet Ltd, O=Volonet Ltd, STREET=hazfira 19, L=Tel Aviv, S=Israel, PostalCode=67778, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00D9EB879A7F4ADB713BB56F5D9EA449DA

Registration

CLSID:

{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}

COM registered:

Yes

File PE Metadata

Compilation timestamp:

1/23/2012 5:38:04 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:gWv8EvxW/nkCIAhK6x8MmxKxfiYXjzDJajwzvOhgNU8d13GXTaqnq4p:PvcmGpKwzvOQHuqW

Entry address:

0x4192A

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 81, 9C, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, E8, D1, 58, 00, 00, FF, 75, 10, 83, C0, 20, 50, FF, 75, 0C, FF, 75, 08, E8, ED, 9C, 00, 00, 83, C4, 10, 5D, C3, 8B, FF, 55, 8B, EC, 6A, 00, FF, 75, 0C, FF, 75, 08, E8, CD, FF, FF, FF, 83, C4, 0C, 5D, C3, 8B, FF, 55, 8B, EC, 83, EC, 10, 83, 65, FC, 00, 56, 8B, 75, 08, 85, F6, 75, 16, E8, 76, 3B, 00, 00, 6A, 16, 5E, 89, 30, E8, 1A, 3B, 00, 00, 8B, C6... 
[+]

Code size:

363.5 KB (372,224 bytes)

The file funmoodseng.dll has been discovered within the following program.

Funmoods on IE and Chrome by Volonet Ltd

FunMoods toolbar gives no or little satisfaction to its users, but a profound desire to get rid of FunMoods browser extension is in place.

www.funmoods.com

65% remove it

Remove funmoodseng.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.