facemoodssrv.exe
facemoods by Volonet Ltd (Signed)
Warning 4 antivirus scanners has detected malware in various versions of facemoodssrv.exe.
Overview
There are 3 versions of facemoodssrv.exe in the wild, the latest version being 1.4.17.0. During installation, a run registry key for all users is added that will cause the program to run each time any user logs on to Windows. The average file size is about 330.47 KB. The file is a digitally signed and issued to Volonet Ltd by The USERTRUST Network. Some variations of the file have been seen to be installed with the program Facemoods Toolbar from Facemoods.
 Details
|
| File name: | facemoodssrv.exe |
| Publisher: | facemoods.com |
| Product name: | facemoods |
| Typical file path: | C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe |
| Certificate |
| Issued to: | Volonet Ltd |
| Authority (CA): | The USERTRUST Network |
Programs installed in
(Note, the programs listed below are for all versions of facemoods.)
Installs a Mindspark toolbar in your Web browser that collects and stores information about your web browsing habits and sends this information to Mindspark so they can suggest services or provide ads...
Behaviors
(Note, the behaviors below are for all versions of facemoodssrv.exe, select a unique version for details.)
Startup files (all users) run
Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'facemoods' → "C:\Program Files\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe" /md I
Malware detections
Based on 40+ industry antivirus scanners, 4 of them detected the following malware.
| Antivirus engine | Engine version | Detection | File version |
| Dr.Web |
8.13.4.19 |
Adware.Funmoods.3 |
1.4.17.0 |
| Dr.Web |
8.13.5.1 |
Adware.Funmoods.3 |
1.4.17.0 |
| eSafe |
7.0.17.0 |
Win32.Trojan |
1.4.17.0 |
| Vba32 AntiVirus |
3.12.20.2 |
Signed-Adware.InstallCore |
1.4.17.0 |
All file variations of facemoodssrv.exe
