FunFeedr is a program that usually installs without your knowledge via free software downloads. Identified on 2015/09/26

Features:

– It belongs to a family of PUP (Potentially Unwanted Program).
– Vendor : PUP.Optional

Main actions :

-It installs a plugin of the browser Mozilla Firefox (P2)
– It creates to many registry keys ‘Software’
– It creates additional folders (O43),

ZHPDiag report:

P2 – EXT FILE: (…) — C:\Users\Coolman\AppData\Roaming\Mozilla\Firefox\Profiles\0u4ythKG.default\extensions\funfeedr.sgn@funfeedr.com.xpi
HKCU\SOFTWARE\FFUPD
HKCU\SOFTWARE\FunFeedr
HKCU\SOFTWARE\AppDataLow\Sams.Browser
O43 – CFD: 2015/09/26 14:23:38 –

[] D — C:\Users\Coolman\AppData\Roaming\FunFeedr
O43 – CFD: 2015/09/26 14:24:29 – [] D — C:\Users\Coolman\AppData\Local\ext_funfeedr

ZHPCleaner report:

DELETED: [0u4ythKG.default] – user_pref(“f2.pingUrl”, “http://api.funfeedr.com/ping.php?ch=ffim”);
DELETED: [0u4ythKG.default] – user_pref(“ff.pingUrl”, “http://api.funfeedr.com/ping.php?ch=ffim”);
MOVED FILE: C:\Users\Coolman\AppData\Roaming\Mozilla\Firefox\Profiles\0u4ythKG.default\funfeedr_storage\ads.dat
MOVED FILE: C:\Users\Coolman\AppData\Roaming\Mozilla\Firefox\Profiles\0u4ythKG.default\funfeedr_storage\config.dat
MOVED FILE: C:\Users\Coolman\AppData\Roaming\Mozilla\Firefox\Profiles\0u4ythKG.default\funfeedr_storage\tracking.dat
MOVED FILE: C:\Users\Coolman\AppData\Local\ext_funfeedr\ext_funfeedr.dll [(c) All Rights Reserved – FunFeedr] MOVED FOLDER: C:\Users\Coolman\AppData\Roaming\FunFeedr
MOVED FOLDER: C:\Users\Coolman\AppData\Local\ext_funfeedr
DELETED Key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11B16A3D-F03E-4565-A532-E66B219C9B03} [FunFeedr] DELETED Key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11B16A3D-F03E-4565-A532-E66B219C9B03} [] DELETED Key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11B16A3D-F03E-4565-A532-E66B219C9B03} [] DELETED Key*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{11B16A3D-F03E-4565-A532-E66B219C9B03} [FunFeedr] DELETED Key*: HKEY_USERS\S-1-5-21-715436886-3382851350-3351799079-1001\Software\FFUPD [] DELETED Key*: HKEY_USERS\S-1-5-21-715436886-3382851350-3351799079-1001\Software\FunFeedr [] DELETED Key: HKCU\Software\FFUPD [] DELETED Key: HKCU\Software\FunFeedr [] DELETED Key: HKCU\SOFTWARE\AppDataLow\Sams.Browser
DELETED Key*: [X64] HKLM\SOFTWARE\Classes\SamsFunFeedr.Browser [Sams Browser FunFeedr] DELETED Key*: [X64] HKLM\SOFTWARE\Classes\SamsFunFeedr.Browser.1 [Sams Browser FunFeedr] DELETED Key*: [X64] HKLM\SOFTWARE\Classes\SamsPluginFunFeedr.BHO [FunFeedr] DELETED Key*: [X64] HKLM\SOFTWARE\Classes\SamsPluginFunFeedr.BHO.1 [FunFeedr]

Remove:

– Remove software via Windows Configuration Panel,
Remove with ZHPcleaner
ZHPCleaner_EN
Diagnose with ZHPDiag
ZHPDiag_2-300x220

2016-12-30T07:34:24+00:00 Categories: Polluteware, PUP|Comments Off on PUP.Optional.Funfeedr