Should I block it?

98%
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization

Relationships


PE structurePE file structure

Show functions
Import table
advapi32.dll
RegQueryInfoKeyA, RegEnumKeyExA, RegQueryInfoKeyW, RegSetValueExA, RegDeleteValueA, RegDeleteKeyA, RegOpenKeyExA, RegCloseKey, RegCreateKeyExA
kernel32.dll
InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, lstrlenA, lstrcmpiA, GetModuleFileNameA, GetModuleHandleW, IsDBCSLeadByte, InterlockedIncrement, InterlockedDecrement, FreeLibrary, FindResourceA, LoadLibraryExA, SetThreadLocale, GetThreadLocale, GetLastError, GetCurrentProcess, GetCurrentThreadId, lstrcpyW, SetLastError, GetTickCount, GetEnvironmentVariableA, SetEnvironmentVariableA, SetFilePointer, LoadLibraryW, EnterCriticalSection, FlushInstructionCache, LeaveCriticalSection, GetStringTypeW, GetCurrentProcessId, QueryPerformanceCounter, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetStartupInfoW, GetFileType, SetHandleCount, RaiseException, InitializeCriticalSection, CreateMutexA, ReleaseMutex, lstrlenW, MultiByteToWideChar, WideCharToMultiByte, GetModuleHandleA, GetProcAddress, FindResourceExW, FindResourceW, LoadResource, LockResource, SizeofResource, GetConsoleCP, LCMapStringW, Sleep, WaitForSingleObject, GetConsoleMode, FlushFileBuffers, CloseHandle, CreateFileW, WriteConsoleW, SetStdHandle, HeapCreate, ExitProcess, IsValidCodePage, GetOEMCP, GetACP, GetCPInfo, TlsFree, TlsSetValue, TlsGetValue, TlsAlloc, TerminateProcess, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetModuleFileNameW, GetStdHandle, WriteFile, GetCommandLineA, GetSystemTimeAsFileTime, VirtualQuery, GetSystemInfo, VirtualProtect, HeapDestroy, HeapAlloc, HeapFree, HeapReAlloc, HeapSize, GetProcessHeap, InterlockedCompareExchange, InterlockedPushEntrySList, IsProcessorFeaturePresent, VirtualFree, VirtualAlloc, InterlockedPopEntrySList, LocalFree, DecodePointer, EncodePointer, RtlUnwind
ole32.dll
CreateItemMoniker, CoTaskMemAlloc, CoTaskMemRealloc, CoTaskMemFree, StringFromGUID2, CoCreateInstance, OleRun, StringFromCLSID, CLSIDFromString, GetRunningObjectTable, CLSIDFromProgID
sensapi.dll
IsNetworkAlive
shell32.dll
SHGetFileInfoA
shlwapi.dll
StrStrIW, SHDeleteValueA
user32.dll
KillTimer, GetWindowLongA, RegisterClassExA, CharNextA, CharNextW, GetParent, GetFocus, GetWindowRect, SetWindowLongA, GetClientRect, ShowWindow, GetClassInfoExA, LoadCursorA, MoveWindow, CharLowerBuffA, SetTimer, DefWindowProcA, UnregisterClassA, DispatchMessageA, TranslateMessage, PeekMessageA, MsgWaitForMultipleObjects, SetWindowPos, IsWindow, CallWindowProcA, CreateWindowExA
Export table
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

escort.dll

Funmoods by Volonet Ltd (Signed)

Remove escort.dll
Version:   1.5.23.0
MD5:   ff8b2121aad6f54915c5444ad65e9a91
SHA1:   abb6b390c517049f8e1c78ab3f0a43c4fd0c60df
SHA256:   28db84d7ab96a9c4ecf008b812a78d914bca89850ad75e33fdbf3be43c09129a
Warning 3 antivirus scanners has detected malware.

What is escort.dll?

FunMoods toolbar installs a Mindspark toolbar in your Web browser that collects and stores information about your web browsing habits and sends this information to Mindspark so they can suggest services or provide ads via the toolbar.

About escort.dll (from Volonet Ltd)

Funmoods is a free add-on for social networks Chat that gives you a huge collection of smileys, winks, text effects and more! Get funmoods smileys for social networks and start sending amazing, fun me

DetailsDetails

File name:escort.dll
Publisher:Funmoods BHO
Product name:Funmoods
Typical file path:C:\Program Files\funmoods\1.5.23.22\bh\escort.dll
File version:1.5.23.0
Size:237.95 KB (243,664 bytes)
Certificate
Issued to:Volonet Ltd
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

BehaviorsBehaviors

Internet Explorer Browser Helper Object
Located in the registry at 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects'
  • BHO CLSID: {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}

MalwareMalware detections

Based on 40+ industry antivirus scanners, 3 of them detected the following malware.
Antivirus engineEngine versionDetection
Dr.Web 8.13.4.7 Adware.Funmoods.1
ESET NOD32 7.8197 Win32/Toolbar.Funmoods
Malwarebytes 1.70.0.9 PUP.Funmoods

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Ultimate N 63.64%
Windows 7 Ultimate 27.27%
Microsoft Windows XP 9.09%

Distribution by countryDistribution by country

United States installs about 75.00% of Funmoods.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Lenovo 66.67%
Hewlett-Packard 33.33%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE