FunMoods Toolbar

By CagedTech in Bad Toolbars

Threat Scorecard

Ranking:	2,177
Threat Level:	50 % (Medium)
Infected Computers:	145,821

First Seen:	January 18, 2012
Last Seen:	March 3, 2025
OS(es) Affected:	Windows

Table of Contents

File System Details

FunMoods Toolbar may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	chromestb.exe	82505ac4ae4839d83b76065c6f6f58c6	3,172
Name: chromestb.exe MD5: 82505ac4ae4839d83b76065c6f6f58c6 Size: 94.72 KB (94720 bytes) Detections: 3,172 Type: Executable File Path: C:\Users\<username>\AppData\Local\Google\Chrome\Application\chromestb.exe Group: Malware file Last Updated: October 13, 2022
2.	funmoods.exe	c6feedb53033258797c4769861ba9f3d	21
Name: funmoods.exe MD5: c6feedb53033258797c4769861ba9f3d Size: 1.71 MB (1718352 bytes) Detections: 21 Type: Executable File Path: %SystemDrive%\Users\<username>\AppData\Local Group: Malware file Last Updated: March 23, 2016
3.	Toolbar_Phpnuke.exe	8c5fff3409e4fddf109a0956e117e556	8
Name: Toolbar_Phpnuke.exe MD5: 8c5fff3409e4fddf109a0956e117e556 Size: 1.78 MB (1780224 bytes) Detections: 8 Type: Executable File Path: C:\Users\<username>\AppData\Local\Temp\Toolbar_Phpnuke.exe Group: Malware file Last Updated: May 10, 2021
4.	UpdateTask.exe	0e259e4b82811137a1e88cdfd349f412	7
Name: UpdateTask.exe MD5: 0e259e4b82811137a1e88cdfd349f412 Size: 1.21 MB (1219584 bytes) Detections: 7 Type: Executable File Path: %APPDATA%\FunmoodsChat\UpdateProc Group: Malware file Last Updated: March 22, 2016

More files

Registry Details

FunMoods Toolbar may create the following registry entry or registry entries:

CLSID

{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}

{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}

{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}

{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}

{965B9DBE-B104-44AC-950A-8A5F97AFF439}

{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}

{A9DB719C-7156-415E-B49D-BAD039DE4F13}

{EA28B360-05E0-4F93-8150-02891F1D8D3C}

{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}

File name without path

funmoods-speeddial.crx

Regexp file mask

%LOCALAPPDATA%\funmoods-speeddial_sf.crx

%LOCALAPPDATA%\funmoods.crx

%LOCALAPPDATA%\funmoods.exe

%USERPROFILE%\Local Settings\Application Data\funmoods-speeddial_sf.crx

%USERPROFILE%\Local Settings\Application Data\funmoods.crx

HKEY..\..\..\..{RegistryKeys}

SOFTWARE\Classes\AppID\escort.DLL

SOFTWARE\Classes\AppID\escortApp.DLL

SOFTWARE\Classes\AppID\escortEng.DLL

SOFTWARE\Classes\AppID\escorTlbr.DLL

SOFTWARE\Classes\AppID\esrv.EXE

SOFTWARE\Classes\escort.escortIEPane

SOFTWARE\Classes\escort.escortIEPane.1

SOFTWARE\Classes\esrv.funmoodsESrvc

SOFTWARE\Classes\esrv.funmoodsESrvc.1

SOFTWARE\Classes\funmoods.dskBnd

SOFTWARE\Classes\funmoods.dskBnd.1

SOFTWARE\Classes\funmoods.funmoodsHlpr

SOFTWARE\Classes\funmoods.funmoodsHlpr.1

SOFTWARE\Classes\funmoodsApp.appCore

SOFTWARE\Classes\funmoodsApp.appCore.1

SOFTWARE\Classes\Wow6432Node\AppID\escort.DLL

SOFTWARE\Classes\Wow6432Node\AppID\escortApp.DLL

SOFTWARE\Classes\Wow6432Node\AppID\escortEng.DLL

SOFTWARE\Classes\Wow6432Node\AppID\escorTlbr.DLL

SOFTWARE\Classes\Wow6432Node\AppID\esrv.EXE

Software\funmoods

Software\funmoodsToolbar

Software\Microsoft\Internet Explorer\DOMStorage\searchfunmoods.com

Software\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}

SOFTWARE\Microsoft\Internet Explorer\Toolbar\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Funmoods

Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}

SOFTWARE\Wow6432Node\Classes\AppID\escort.DLL

SOFTWARE\Wow6432Node\Classes\AppID\escortEng.DLL

SOFTWARE\Wow6432Node\Classes\AppID\esrv.EXE

SOFTWARE\Wow6432Node\Funmoods

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}

SOFTWARE\Wow6432Node\Microsoft\Tracing\FunmoodsSetup_RASAPI32

SOFTWARE\Wow6432Node\Microsoft\Tracing\FunmoodsSetup_RASMANCS

SOFTWARE\Wow6432Node\Microsoft\Tracing\FUNMOO~1_RASAPI32

SOFTWARE\Wow6432Node\Microsoft\Tracing\FUNMOO~1_RASMANCS

Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}

HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}

funmoods

Directories

FunMoods Toolbar may create the following directory or directories:

%APPDATA%\Funmoods

%PROGRAMFILES%\Funmoods

%PROGRAMFILES(x86)%\Funmoods

%USERPROFILE%\AppData\LocalLow\Funmoods

URLs

FunMoods Toolbar may call the following URLs:

http://searchfunmoods.com/results.php?q

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

FunMoods Toolbar

Threat Scorecard

EnigmaSoft Threat Scorecard

File System Details

Registry Details

Directories

URLs

Submit Comment

Related Posts

Searchfunmoods.com

FunMoods

Start.funmoods.com

Trending

Enigma Software Group's SpyHunter® Receives...

whoAMI Attack

Xhamsterlive.com

Most Viewed

Discord Is Stuck on Gray Screen

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen