Should I block it?

98%
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization

VersionsAdditional versions

1.5.23.0 75.00%
1.5.19.0 25.00%

Relationships

Parent process
Related files

PE structurePE file structure

Show functions
Import table
advapi32.dll
RegQueryInfoKeyW, RegEnumValueA, RegQueryValueExA, RegQueryInfoKeyA, RegDeleteValueA, RegEnumKeyExA, RegSetValueExA, RegCloseKey, RegDeleteKeyA, RegCreateKeyExA, RegOpenKeyExA
gdi32.dll
BitBlt, GetStockObject, GetObjectA, CreateSolidBrush, GetDeviceCaps, DeleteObject, CreateCompatibleDC, CreateCompatibleBitmap, DeleteDC, SelectObject
kernel32.dll
InterlockedIncrement, lstrlenA, GetModuleFileNameA, GetModuleHandleExA, GetTickCount, RaiseException, EnterCriticalSection, LeaveCriticalSection, lstrcmpiA, IsDBCSLeadByte, Sleep, CreateThread, CreateEventA, GetModuleHandleW, GetCurrentThreadId, SetEvent, ExitProcess, FreeLibrary, FindResourceA, LoadLibraryExA, GetCommandLineA, FlushInstructionCache, GetCurrentProcess, SetLastError, LoadLibraryA, SetFilePointer, CreateDirectoryA, GetTempPathA, MoveFileExA, GetTempFileNameA, InitializeCriticalSection, GlobalUnlock, GlobalLock, GlobalAlloc, lstrcmpA, MulDiv, ReleaseMutex, ResetEvent, CreateMutexA, GetVersionExA, GetEnvironmentVariableA, SetEnvironmentVariableA, CreateFileA, HeapReAlloc, HeapSize, CompareStringW, CreateFileW, InitializeCriticalSectionAndSpinCount, WriteConsoleW, FlushFileBuffers, SetStdHandle, LoadLibraryW, LCMapStringW, GetConsoleMode, GetConsoleCP, GetStringTypeW, GetCurrentProcessId, QueryPerformanceCounter, GetFileType, SetHandleCount, GetEnvironmentStringsW, FreeEnvironmentStringsW, IsValidCodePage, GetOEMCP, GetACP, GetCPInfo, TlsFree, TlsSetValue, TlsGetValue, TlsAlloc, GetModuleFileNameW, GetStdHandle, GetTimeZoneInformation, TerminateProcess, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, HeapCreate, GetSystemTimeAsFileTime, GetStartupInfoW, HeapSetInformation, VirtualQuery, GetSystemInfo, VirtualProtect, GetDateFormatA, GetTimeFormatA, RtlUnwind, EncodePointer, DecodePointer, LocalFree, InterlockedPopEntrySList, VirtualAlloc, VirtualFree, IsProcessorFeaturePresent, WaitForSingleObject, GetFileTime, InterlockedDecrement, lstrlenW, MultiByteToWideChar, FileTimeToLocalFileTime, FileTimeToSystemTime, WriteFile, WideCharToMultiByte, CloseHandle, GetModuleHandleA, FindResourceExW, FindResourceW, LoadResource, LockResource, SizeofResource, DeleteCriticalSection, GetLastError, GetProcessHeap, GetProcAddress, HeapFree, HeapAlloc, HeapDestroy, InterlockedPushEntrySList, InterlockedCompareExchange
ole32.dll
CoCreateGuid, OleUninitialize, OleInitialize, OleRun, CoCreateInstance, CLSIDFromProgID, CLSIDFromString, CoTaskMemFree, StringFromCLSID, CoTaskMemAlloc, CoTaskMemRealloc, CoInitialize, CoUninitialize, CoRevokeClassObject, CoRegisterClassObject, StringFromGUID2, CoAddRefServerProcess, CoReleaseServerProcess, CoInitializeEx, CreateStreamOnHGlobal, OleLockRunning, CoGetClassObject
sensapi.dll
IsNetworkAlive
shell32.dll
ShellExecuteExA, Shell_NotifyIconA, SHGetSpecialFolderPathW, SHGetSpecialFolderPathA, SHGetFileInfoA
shlwapi.dll
SHGetValueA, PathAppendA, PathRenameExtensionA, PathFindFileNameA, PathFindExtensionA, StrStrW, StrToIntW, PathIsURLW, PathAddBackslashA, PathRemoveFileSpecA
user32.dll
CharUpperA, GetMessageA, DispatchMessageA, TranslateMessage, LoadIconA, CharNextA, PostThreadMessageA, UnregisterClassA, SetWindowPos, ShowWindow, DestroyWindow, SetTimer, KillTimer, SendMessageA, IsWindow, SetWindowLongA, CharNextW, FillRect, MsgWaitForMultipleObjects, PeekMessageA, GetWindowTextLengthA, GetWindowTextA, CreateAcceleratorTableA, DestroyAcceleratorTable, GetDesktopWindow, SetFocus, GetFocus, GetWindow, BeginPaint, EndPaint, GetClassInfoExA, ReleaseCapture, GetClassNameA, GetDlgItem, GetParent, IsChild, SetCapture, RedrawWindow, InvalidateRgn, InvalidateRect, ReleaseDC, GetDC, ScreenToClient, ClientToScreen, GetClientRect, MoveWindow, GetSysColor, RegisterWindowMessageA, PostQuitMessage, CreateWindowExA, RegisterClassExA, CallWindowProcA, GetWindowLongA, DefWindowProcA, LoadCursorA, SetWindowTextA

funmoodssrv.exe

Funmoods by Volonet Ltd (Signed)

Remove funmoodssrv.exe
Version:   1.5.23.0
MD5:   c076c8e973da52b34f79f646072e5868
SHA1:   2e611d2b6a650e670c1ff69a0cf996324f22fc5b
SHA256:   783c77cf63113685a76dba8163b19d6ff1394e79ac007ff5795ccbd485680939
Warning 3 antivirus scanners has detected malware.

What is funmoodssrv.exe?

FunMoods toolbar installs a Mindspark toolbar in your Web browser that collects and stores information about your web browsing habits and sends this information to Mindspark so they can suggest services or provide ads via the toolbar.

About funmoodssrv.exe (from Volonet Ltd)

Funmoods is a free add-on for social networks Chat that gives you a huge collection of smileys, winks, text effects and more! Get funmoods smileys for social networks and start sending amazing, fun me

DetailsDetails

File name:funmoodssrv.exe
Publisher:Funmoods
Product name:Funmoods
Typical file path:C:\Program Files\Funmoods\1.5.23.22\funmoodssrv.exe
File version:1.5.23.0
Size:400.45 KB (410,064 bytes)
Certificate
Issued to:Volonet Ltd
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following programs will install this file
Conduit Ltd.
  65% remove
Gossiper Toolbar is a Conduit Community toolbar for various web browsers. The toolbar collects information about a user's web browsing habits and sends this information to Conduit so they can suggest services or provide advertising. During installation it may change the web browser's home page and search page and if uninstalled will need to be manually changed back. It may also automatically download and install updates without notifyin...
Mindspark Interactive Network
  72% remove
Installs a Mindspark toolbar in your Web browser that collects and stores information about your web browsing habits and sends this information to Mindspark so they can suggest services or provide ads via the toolbar. FunMoods toolbar gives no or little satisfaction to its users, but a profound desire to get rid of FunMoods browser extension is in place. The toolbar is but a part of the problem as occasional but inevitable redirects in ...
Volonet Ltd
  53% remove
Funmoods is a potentially unwanted application that runs in the web browser as a toolbar and web extension. The web extension is primarily designed to take control of the user's browser in order to modify the search provider and redirect web searches to what ever search engine partner the publisher has a revenue relationship with. In doing so, the toolbar performs a number of behaviors in order to maximize the potential of a user to cl...

MalwareMalware detections

Based on 40+ industry antivirus scanners, 3 of them detected the following malware.
Antivirus engineEngine versionDetection
Dr.Web 8.13.4.7 Adware.Funmoods.1
ESET NOD32 7.8197 Win32/Toolbar.Funmoods
Malwarebytes 1.70.0.9 PUP.FunMoods

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.05012286%
0.028634%
Kernel CPU:0.04418501%
0.013761%
User CPU:0.00593785%
0.014873%
Kernel CPU time:155 ms/min
100,923,805ms/min
Memory
Private memory:1.32 MB
21.59 MB
Private (maximum):3.11 MB
Private (minimum):996 KB
Non-paged memory:1.32 MB
21.59 MB
Virtual memory:54.59 MB
140.96 MB
Virtual memory (peak):57.78 MB
169.69 MB
Working set:1.24 MB
18.61 MB
Working set (peak):5.05 MB
37.95 MB
Resource allocations
Threads:4
12
Handles:78
600
GUI GDI count:9
103
GUI GDI peak:10
142
GUI USER count:4
49
GUI USER peak:6
71

BehaviorsProcess properties

Integrety level:Medium
Platform:32-bit
Command line:"C:\progra~1\funmoods\1.5.23.22\funmoodssrv.exe" -embedding
Owner:User
Parent process:svchost.exe (Host Process for Windows Services by Microsoft Corporation)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Ultimate N 75.00%
Microsoft Windows XP 25.00%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE