facemoodssrv.exe
facemoods by Volonet Ltd (Signed)
Warning 4 antivirus scanners has detected malware in various versions of facemoodssrv.exe.
Overview
facemoodssrv.exe has 3 known versions, the most recent one is 1.4.17.0. During installation, a run registry key for all users is added that will cause the program to run each time any user logs on to Windows. The average file size is about 330.47 KB. It is an authenticode code-signed executable issued to Volonet Ltd by the certification authority The USERTRUST Network. Some variations of the file have been seen to be installed with the program Facemoods Toolbar from Facemoods.
 Details
|
| File name: | facemoodssrv.exe |
| Publisher: | facemoods.com |
| Product name: | facemoods |
| Typical file path: | C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe |
| Certificate |
| Issued to: | Volonet Ltd |
| Authority (CA): | The USERTRUST Network |
Programs installed in
(Note, the programs listed below are for all versions of facemoods.)
Installs a Mindspark toolbar in your Web browser that collects and stores information about your web browsing habits and sends this information to Mindspark so they can suggest services or provide ads...
Behaviors
(Note, the behaviors below are for all versions of facemoodssrv.exe, select a unique version for details.)
Startup files (all users) run
Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'facemoods' → "C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
Malware detections
Based on 40+ industry antivirus scanners, 4 of them detected the following malware.
| Antivirus engine | Engine version | Detection | File version |
| Dr.Web |
8.13.4.19 |
Adware.Funmoods.3 |
1.4.17.0 |
| Dr.Web |
8.13.5.1 |
Adware.Funmoods.3 |
1.4.17.0 |
| eSafe |
7.0.17.0 |
Win32.Trojan |
1.4.17.0 |
| Vba32 AntiVirus |
3.12.20.2 |
Signed-Adware.InstallCore |
1.4.17.0 |
All file variations of facemoodssrv.exe
