FunMoods. How to remove? (Uninstall guide)

removal by Jake Doevan - - | Type: Browser hijacker
12

What is Funmoods?

Funmoods has been added to 2-spyware.com for several reasons. If you have been using this program for a while, beware that it may cause several issues on each of your web browsers, including redirects to unknown websites, annoying pop-up ads and slow downs on each of your web browsers. The developers of this program think they are not doing anything bad, but you need only to set this search engine your start page or the default search engine, and you will see how many troubles it may cause.

First of all, we should mention that Funmoods may show up on your computer without any sign. That’s because it has been actively spread with the help of bundling. Also, as soon as it enters the system, it may try to alter its settings. As soon as it finishes these changes, the victim starts suffering from redirects to Funmoods and other websites. Please, do NOT think that such activity is harmless! If you don’t want to be tricked into visiting very suspicious websites, you should stay away from this browser hijacker. Besides, as 2-spyware team notifies, this program may start tracking your browsing activity and may collect your search terms, mostly visited websites and data that you add when visiting them. Beware that there is no information about third parties that are capable of reaching this data.

If Funmoods has already hijacked your web browser, you should stay away from its search results that may be corrupted. If you want to avoid such questionable and sometimes even aggressive marketing technique that seeks to turn visitors into customers, you should remove Funmoods hijacker. The easiest way to remove it and prevent infiltration of other suspicious programs in the future is by running a full system scan with Reimage. Make sure its updated and has a full database if you want to find all components that are related to this potentially unwanted program.

the main page of FunMoods

How could funmoods hijack my computer?

There are several ways how you can get infected with funmoods. You can install it yourself because it is presented as a funny tool that allows filling your chats with moods. However, its developers have never been warning PC users that the installation of this program may lead them to various issues, like unwanted ads and redirects. In addition, Funmoods can be installed without your consent because it has also been spread in a bundle with freeware and shareware. If you want to avoid it, you need to monitor installation of the freeware by selecting Custom or Advanced installation option. If this program hijacks your search page and your start page, it may redirect all of your search queries to spammy websites. The most of its ads is related to Russia, such as ‘Meet Real Russian Women!’, ‘Chat with Sexy Russian Women’ and so on.

How to remove Funmoods?

Funmoods is not difficult PUP, so you shouldn’t find problems when trying to remove it from the system. If you want to get rid of it, you should follow a special uninstall guide, which is provided down below. However, we advise you to use automated tools. The problem is that the most of anti-spyware tools do not detect funmoods as there are several opinions regarding classification of this program. Lately, some vendors tried to add new detection techniques, so we would recommend using automatic removal tools to get rid of funmoods.

You can remove FunMoods automatically with a help of one of these programs: Reimage, Plumbytes Anti-MalwareWebroot SecureAnywhere AntiVirus, Malwarebytes Anti Malware. We recommend these applications because they can easily delete potentially unwanted programs and viruses with all their files and registry entries that are related to them.

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software to remove FunMoods you agree to our privacy policy and agreement of use.
do it now!
Download
Reimage (remover) Happiness
Guarantee
Download
Reimage (remover) Happiness
Guarantee
Compatible with Microsoft Windows Compatible with OS X
What to do if failed?
If you failed to remove infection using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall FunMoods. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

Note: Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manual removal instructions below.

More information about this program can be found in Reimage review.

More information about this program can be found in Reimage review.
FunMoods snapshot
FunMoods

FunMoods manual removal:

Kill processes:
funmoodssrv.exe

Delete registry values:
HKEY_LOCAL_MACHINESOFTWAREClassesAppIDescort.DLL

HKEY_LOCAL_MACHINESOFTWAREClassesAppIDescortApp.DLL

HKEY_LOCAL_MACHINESOFTWAREClassesAppIDescortEng.DLL

HKEY_LOCAL_MACHINESOFTWAREClassesAppIDescorTlbr.DLL

HKEY_LOCAL_MACHINESOFTWAREClassesAppIDesrv.EXE

HKEY_LOCAL_MACHINESOFTWAREClassesAppID{09C554C3-109B-483C-A06B-F14172F1A947}

HKEY_LOCAL_MACHINESOFTWAREClassesAppID{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

HKEY_LOCAL_MACHINESOFTWAREClassesAppID{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}

HKEY_LOCAL_MACHINESOFTWAREClassesAppID{B12E99ED-69BD-437C-86BE-C862B9E5444D}

HKEY_LOCAL_MACHINESOFTWAREClassesAppID{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

HKEY_LOCAL_MACHINESOFTWAREClassesAppID{EA28B360-05E0-4F93-8150-02891F1D8D3C}

HKEY_LOCAL_MACHINESOFTWAREClassesAppID{EA28B360-05E0-4F93-8150-02891F1D8D3C}Instl

HKEY_LOCAL_MACHINESOFTWAREClassesAppID{EA28B360-05E0-4F93-8150-02891F1D8D3C}InstlData

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}LocalServer32

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}ProgID

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}Programmable

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}TypeLib

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}VersionIndependentProgID

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}InprocServer32

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}ProgID

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}Programmable

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}TypeLib

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}VersionIndependentProgID

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{965B9DBE-B104-44AC-950A-8A5F97AFF439}

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{965B9DBE-B104-44AC-950A-8A5F97AFF439}InprocServer32

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{965B9DBE-B104-44AC-950A-8A5F97AFF439}ProgID

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{965B9DBE-B104-44AC-950A-8A5F97AFF439}Programmable

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{965B9DBE-B104-44AC-950A-8A5F97AFF439}TypeLib

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{965B9DBE-B104-44AC-950A-8A5F97AFF439}VersionIndependentProgID

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}InprocServer32

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}ProgID

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}Programmable

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}TypeLib

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}VersionIndependentProgID

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A9DB719C-7156-415E-B49D-BAD039DE4F13}

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A9DB719C-7156-415E-B49D-BAD039DE4F13}InprocServer32

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A9DB719C-7156-415E-B49D-BAD039DE4F13}ProgID

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A9DB719C-7156-415E-B49D-BAD039DE4F13}Programmable

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A9DB719C-7156-415E-B49D-BAD039DE4F13}TypeLib

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A9DB719C-7156-415E-B49D-BAD039DE4F13}VersionIndependentProgID

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}InprocServer32

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}ProgID

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}Programmable

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}TypeLib

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}VersionIndependentProgID

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{0D80F1C5-D17B-4177-AC68-955F3EF9F191}

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{0D80F1C5-D17B-4177-AC68-955F3EF9F191}ProxyStubClsid

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{0D80F1C5-D17B-4177-AC68-955F3EF9F191}ProxyStubClsid32

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{0D80F1C5-D17B-4177-AC68-955F3EF9F191}TypeLib

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{23C70BCA-6E23-4A65-AD2E-1389062074F1}

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{23C70BCA-6E23-4A65-AD2E-1389062074F1}ProxyStubClsid

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{23C70BCA-6E23-4A65-AD2E-1389062074F1}ProxyStubClsid32

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{23C70BCA-6E23-4A65-AD2E-1389062074F1}TypeLib

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}ProxyStubClsid

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}ProxyStubClsid32

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}TypeLib

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{295CACB4-51F5-46FD-914E-C72BAAE1B672}

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{295CACB4-51F5-46FD-914E-C72BAAE1B672}ProxyStubClsid

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{295CACB4-51F5-46FD-914E-C72BAAE1B672}ProxyStubClsid32

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{295CACB4-51F5-46FD-914E-C72BAAE1B672}TypeLib

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}ProxyStubClsid

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}ProxyStubClsid32

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}TypeLib

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{34C1FDF7-02C1-4F23-B393-F48B16E071D1}

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{34C1FDF7-02C1-4F23-B393-F48B16E071D1}ProxyStubClsid

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{34C1FDF7-02C1-4F23-B393-F48B16E071D1}ProxyStubClsid32

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{34C1FDF7-02C1-4F23-B393-F48B16E071D1}TypeLib

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{54291324-7A3D-4F11-B707-3FB6A2C97BD9}

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{54291324-7A3D-4F11-B707-3FB6A2C97BD9}ProxyStubClsid

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{54291324-7A3D-4F11-B707-3FB6A2C97BD9}ProxyStubClsid32

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{54291324-7A3D-4F11-B707-3FB6A2C97BD9}TypeLib

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}ProxyStubClsid

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}ProxyStubClsid32

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}TypeLib

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}ProxyStubClsid

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}ProxyStubClsid32

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}TypeLib

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}ProxyStubClsid

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}ProxyStubClsid32

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}TypeLib

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{C0585B2F-74D7-4734-88DE-6C150C5D4036}

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{C0585B2F-74D7-4734-88DE-6C150C5D4036}ProxyStubClsid

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{C0585B2F-74D7-4734-88DE-6C150C5D4036}ProxyStubClsid32

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{C0585B2F-74D7-4734-88DE-6C150C5D4036}TypeLib

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}ProxyStubClsid

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}ProxyStubClsid32

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}TypeLib

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}ProxyStubClsid

HKEY_LOCAL_MACHINESOFTWAREClassesInterface{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}ProxyStubClsid32

Unregister DLLs:
%ProgramFiles%Funmoods1.5.23.22bhescort.dll

%ProgramFiles%Funmoods1.5.23.22escortApp.dll

%ProgramFiles%Funmoods1.5.23.22escortEng.dll

%ProgramFiles%Funmoods1.5.23.22escorTlbr.dll

%ProgramFiles%Funmoods1.5.23.22escortShld.dll

Delete files:
%AppData%funmoods.crx

%AppData%GoogleChrome

%ProgramFiles%Funmoods1.5.23.22funmoodssrv.exe

%ProgramFiles%Funmoods1.5.23.22uninstall.exe

%ProgramFiles%Funmoods1.5.23.22bhescort.dll

%ProgramFiles%Funmoods1.5.23.22escortApp.dll

%ProgramFiles%Funmoods1.5.23.22escortEng.dll

%ProgramFiles%Funmoods1.5.23.22escorTlbr.dll

%ProgramFiles%Funmoods1.5.23.22escortShld.dll

Manual FunMoods Removal Guide:

WindowsMac OS XInternet ExplorerMicrosoft EdgeFirefoxGoogle ChromeSafari

Remove FunMoods from Windows systems

Reimage is a tool to detect malware.
You need to purchase Full version to remove infections.
More information about Reimage.

  1. Click Start Control Panel Programs and Features (if you are Windows XP user, click on Add/Remove Programs).Click 'Start -> Control Panel -> Programs and Features' (if you are 'Windows XP' user, click on 'Add/Remove Programs').
  2. If you are Windows 10 / Windows 8 user, then right-click in the lower left corner of the screen. Once Quick Access Menu shows up, select Control Panel and Uninstall a Program. If you are 'Windows 10 / Windows 8' user, then right-click in the lower left corner of the screen. Once 'Quick Access Menu' shows up, select 'Control Panel' and 'Uninstall a Program'.
  3. Uninstall FunMoods and related programs
    Here, look for FunMoods or any other recently installed suspicious programs.
  4. Uninstall them and click OK to save these changes. Right click on each of suspicious entries and select 'Uninstall'
  5. Remove FunMoods from Windows shortcuts
    Right click on the shortcut of Mozilla Firefox and select Properties. Right click on browsers' icon and select 'Properties'
  6. Go to Shortcut tab and look at the Target field. Delete malicious URL that is related to your virus. Select 'Shortcut' tab and delete 'http://isearch.babylon.com...' or other suspicious URL

Repeat steps that are given above with all browsers' shortcuts, including Internet Explorer and Google Chrome. Make sure you check all locations of these shortcuts, including Desktop, Start Menu and taskbar.

WindowsMac OS XInternet ExplorerMicrosoft EdgeFirefoxGoogle ChromeSafari

Remove FunMoods from Mac OS X system

Reimage is a tool to detect malware.
You need to purchase Full version to remove infections.
More information about Reimage.

  1. If you are using OS X, click Go button at the top left of the screen and select Applications. Cick 'Go' and select 'Applications'
  2. Wait until you see Applications folder and look for FunMoods or any other suspicious programs on it. Now right click on every of such entries and select Move to Trash.Click on every malicious entry and select 'Move to Trash'
WindowsMac OS XInternet ExplorerMicrosoft EdgeFirefoxGoogle ChromeSafari

Remove FunMoods from Internet Explorer (IE)

Reimage is a tool to detect malware.
You need to purchase Full version to remove infections.
More information about Reimage.

  1. Remove dangerous add-ons
    Open Internet Explorer, click on the Gear icon (IE menu) on the top right corner of the browser and choose Manage Add-ons. Click on menu icon and select 'Manage add-ons'
  2. You will see a Manage Add-ons window. Here, look for FunMoods and other suspicious plugins. Disable these entries by clicking Disable: Right click on each of malicious entries and select 'Disable'
  3. Change your homepage if it was altered by virus:
    Click on the gear icon (menu) on the top right corner of the browser and select Internet Options. Stay in General tab.
  4. Here, remove malicious URL and enter preferable domain name. Click Apply to save changes. Delete malicious URL, enter your desired domain name and click 'Apply' to save changes
  5. Reset Internet Explorer
    Click on the gear icon (menu) again and select Internet options. Go to Advanced tab.
  6. Here, select Reset.
  7. When in the new window, check Delete personal settings and select Reset again to complete FunMoods removal. Go to 'Advanced' tab and click on 'Reset' button. Now select 'Delete personal settings' and click on 'Reset' button again
WindowsMac OS XInternet ExplorerMicrosoft EdgeFirefoxGoogle ChromeSafari

Remove FunMoods from Microsoft Edge

Reimage is a tool to detect malware.
You need to purchase Full version to remove infections.
More information about Reimage.

Reset Microsoft Edge settings (Method 1):

  1. Launch Microsoft Edge app and click More (three dots at the top right corner of the screen).
  2. Click Settings to open more options.
  3. Once Settings window shows up, click Choose what to clear button under Clear browsing data option. Go to Settings and select 'Choose what to clear'
  4. Here, select all what you want to remove and click Clear. Select 'Clear' button
  5. Now you should right-click on the Start button (Windows logo). Here, select Task Manager. Open the start menu and select 'Task Manager'
  6. When in Processes tab, search for Microsoft Edge.
  7. Right-click on it and choose Go to details option. If can’t see Go to details option, click More details and repeat previous steps. Right-click 'Microsoft Edge' and select 'Go to details' Select 'More details' if 'Go to details' option fails to show up
  8. When Details tab shows up, find every entry with Microsoft Edge name in it. Right click on each of them and select End Task to end these entries. Find Microsoft Edge entries and select 'End Task'

Resetting Microsoft Edge browser (Method 2):

If Method 1 failed to help you, you need to use an advanced Edge reset method.

  1. Note: you need to backup your data before using this method.
  2. Find this folder on your computer: C:\Users\%username%\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe.
  3. Select every entry which is saved on it and right click with your mouse. Then Delete option. Go to Microsoft Edge folder on your computer, right-click every entry and click 'Delete'
  4. Click the Start button (Windows logo) and type in window power in Search my stuff line.
  5. Right-click the Windows PowerShell entry and choose Run as administrator. Find Windows PowerShell, right-click it and select 'Run as administrator'
  6. Once Administrator: Windows PowerShell window shows up, paste this command line after PS C:\WINDOWS\system32> and press Enter:
    Get-AppXPackage -AllUsers -Name Microsoft.MicrosoftEdge | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register $($_.InstallLocation)\AppXManifest.xml -Verbose}
    Copy and paste a required command and press 'Enter'

Once these steps are finished, FunMoods should be removed from your Microsoft Edge browser.

WindowsMac OS XInternet ExplorerMicrosoft EdgeFirefoxGoogle ChromeSafari

Remove FunMoods from Mozilla Firefox (FF)

Reimage is a tool to detect malware.
You need to purchase Full version to remove infections.
More information about Reimage.

  1. Remove dangerous extensions
    Open Mozilla Firefox, click on the menu icon (top right corner) and select Add-ons Extensions. Click on menu icon and select 'Add-ons'
  2. Here, select FunMoods and other questionable plugins. Click Remove to delete these entries. Select 'Extensions' and look for malicious entries. Click 'Remove' to get rid of each of them
  3. Change your homepage if it was altered by virus:
    Click on the menu (top right corner), choose Options General.
  4. Here, delete malicious URL and enter preferable website or click Restore to default.
  5. Click OK to save these changes. When in 'General' tab, delete malicious URL from 'Home Page' section or click on 'Restore to Default' button. Click 'OK' to save changes
  6. Reset Mozilla Firefox
    Click on the Firefox menu on the top left and click on the question mark. Here, choose Troubleshooting Information. Click on menu icon and then on '?'. Select 'Troubleshooting Information'
  7. Now you will see Reset Firefox to its default state message with Reset Firefox button. Click this button for several times and complete FunMoods removal. Click on 'Reset Firefox' button for a couple of times
WindowsMac OS XInternet ExplorerMicrosoft EdgeFirefoxGoogle ChromeSafari

Remove FunMoods from Google Chrome

Reimage is a tool to detect malware.
You need to purchase Full version to remove infections.
More information about Reimage.

  1. Delete malicious plugins
    Open Google Chrome, click on the menu icon (top right corner) and select Tools Extensions. Click on menu icon. Select 'Tools' and 'Extensions'
  2. Here, select FunMoods and other malicious plugins and select trash icon to delete these entries. Look for malicious entries and delete each of them by clicking on the Trash bin icon
  3. Change your homepage and default search engine if it was altered by your virus
    Click on menu icon and choose Settings.
  4. Here, look for the Open a specific page or set of pages under On startup option and click on Set pages. After clicking on menu and 'Settings', select 'Set pages'
  5. Now you should see another window. Here, delete malicious search sites and enter the one that you want to use as your homepage. Click 'X' to remove malicious URLs
  6. Click on menu icon again and choose Settings Manage Search engines under the Search section. When in 'Settings', select 'Manage search engines...'
  7. When in Search Engines..., remove malicious search sites. You should leave only Google or your preferred domain name. Click 'X' to remove malicious URLs
  8. Reset Google Chrome
    Click on menu icon on the top right of your Google Chrome and select Settings.
  9. Scroll down to the end of the page and click on Reset browser settings. When in 'Settings', scroll down to 'Reset browser settings' button and click on it
  10. Click Reset to confirm this action and complete FunMoods removal. Click on 'Reset' button to complete your removal
WindowsMac OS XInternet ExplorerMicrosoft EdgeFirefoxGoogle ChromeSafari

Remove FunMoods from Safari

Reimage is a tool to detect malware.
You need to purchase Full version to remove infections.
More information about Reimage.

  1. Remove dangerous extensions
    Open Safari web browser and click on Safari in menu at the top left of the screen. Once you do this, select Preferences. Click on 'Safari' and select 'Preferences'
  2. Here, select Extensions and look for FunMoods or other suspicious entries. Click on the Uninstall button to get rid each of them. Go to 'Extensions' and uninstall malicious add-ons
  3. Change your homepage if it was altered by virus:
    Open your Safari web browser and click on Safari in menu section. Here, select Preferences as it was displayed previously and select General.
  4. Here, look at the Homepage field. If it was altered by FunMoods, remove unwanted link and enter the one that you want to use for your searches. Remember to include the "http://" before typing in the address of the page. When in 'General', delete malicious URL and enter your desired domain name
  5. Reset Safari
    Open Safari browser and click on Safari in menu section at the top left of the screen. Here, select Reset Safari.... Click on 'Safari' and select 'Reset Safari...'
  6. Now you will see a detailed dialog window filled with reset options. All of those options are usually checked, but you can specify which of them you want to reset. Click the Reset button to complete FunMoods removal process. Select all options and click on 'Reset' button
After uninstalling this potentially unwanted program (PUP) and fixing each of your web browsers, we recommend you to scan your PC system with a reputable anti-spyware. This will help you to get rid of FunMoods registry traces and will also identify related parasites or possible malware infections on your computer. For that you can use our top-rated malware remover: Reimage, Plumbytes Anti-MalwareWebroot SecureAnywhere AntiVirus or Malwarebytes Anti Malware.

About the author

Jake Doevan
Jake Doevan - Computer technology expert

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

More information about the author

Removal guides in other languages


  • Bee

    ok, I downloaded and installed Spyhunter to remove start.funmoods.com…so, now what do I do?

  • james

    i ran rkill process killer followed by malwarebytes with the most current update as of 7/11/12. no luck getting rid of funMoods. trying spyhunter now

  • Howard

    Funmoods showed-up on Firefox, unrequested. What a mess. Deleted entry in Firefox Extensions list and the parasite was still there. Tried everything I could think of and then gave up. I simply used Windows Restore to restore my computer to an earlier time. It worked perfectly and without all the frustration.

    • Keith

      I think that you were extremely fortunate as I have bought Spyhumter AND just recovered to a previous pre Funmoods date and both have failed. I still have the damned thing and may the creators of this malaise remain in purgatory for ever-and-a-day.

      • Will

        Purgatoy? NO, I want them in HELL!!!

  • JD Straw

    I cant, at this time afford to pay for spyhunter, so I tried every other option suggested including other methods that I have used in the past, including system restore, but so far nothing has worked. Just FYI, I got this while downloading a program called Freecorder (video downloader/converter program); and in spite of declining to install all offers that were included in the download/install process, this mess called funmoods was still installed, along with several other programs associated with funmoods. I was able to remove most of the other funmood programs with the revouninstall freeware program, but the evil toolbar still remained. I even used my systems regedit program, was able to delete a lot, BUT NOT ALL, of funmoods mess, but my computer now is very much infected and it seems there is nothing I can do about it until I have money to go to a professional to have my computer cleaned up. I havent worked in three years so I have no idea when Ill have money for something like removing viruses from my old computer. This kind of stuff makes me want to choke the living daylights out of the evil perpetrators and developers of this demonic program with its bold intrusion and mass unwanted installation.

    Everybody: PLEASE BEWARE OF DOWNLOADING THE FREECORDER VIDEO DOWNLOADER/CONVERTER PROGRAM BECAUSE IT WILL INSTALL THIS MESS EVEN THOUGH I took the time to make sure all the BOXES ARE UNCHECKED during the installation process, and ALL THE OFFERS of installing all their extra mess ARE DECLINED DURING THE INSTALLATION PROCESS. PLEASE BE CAREFUL!

    • Rory

      I got it the same way.. bummed hey.. why do they call it Funmoods anyway? They should call it KakMood.. corny.. but on a more serious note, to the creators of Funmoods YOU SUCK!!!

  • BabaBoohey

    This “Funmoods” garbage is responsible for spreading the Virus “Generic29GJG”.
    Dont go near this crap!!!!!

  • ChrisBMW840

    How do I get this thing removed from my D drive?! Ive run spyhunter several times, clicked fix, and it will say the fix was successful. Yet. every time I open a new tab, theres that darnedable “start.funmoods…etc.”, not “about:blank.” This happens in Firefox. Grrrrrr!

    • ChrisBMW840

      And, JD, youre exactly right. My son downloaded VLC, so we could watch video from my Canon camera.

      • Rob

        I downloaded VLC as well, declined all offers and ended up in this flipping mess. Its people that do crap like this that should be strung up from their feet and beaten with a stick…for days on end! Beyond annoying as you all know.

  • Lisa

    Me too HELP! VLC did it to me 8-19-12 I removed alot of crap, cant get online at all now

  • Lisa

    I just found out this virus/trojan/redirector from hell is part of a hidden program called Yontoo I found thees in the temp folder along with 7za, OptChrome, and sqlite3 to see this, use the Run function located in the start tray on the bottom of your screen

    • Rob

      I read that the Yontoo is used for Facebook. So tell us what happened when you deleted these? Did the bug go away? Not a helpful post really.

    • Normani

      Yontoo was hijacking my websites. I found it listed in tools/tracking protection/toolbars and Extensions. I found and deleted Yontoo by using my computer uninstall program. Then I went into search, typed Yontoo and found a “silent installer” which I also deleted. These actions seemingly has removed Yontoo, at least I cannot find it any traces left. But, Funmoods registry errors (25 of them) are still present and I have not been able to remove them yet. Google Chrome is somehow attached to Funmoods, but after deleting Google Chrome, Funmood registry issues remain. Still trying.

  • lisa

    love yoiur softwear. workd greate thanks so much.removed the bad streak in my OS like tide of ocean

  • lisa

    lisa i too suffer from malware due to buttock abuse. praised from God for Spyware.com and the wornderful anus care they gave.
    thanks.
    VLC is going to be hearing from my proctologist/

  • Allen S Wolen

    sounds hurt time on the old shattube.Spyware Maylware runnin up my Netware. Botchek, Rushia.

  • joz8888

    A simple reset of firefox seems to have worked for now, I know its not gone but I dont have to look at it every time I open a new tab. On the firefox toolbar click Help>Troubleshooting Information>Reset. You will have to set your homepage after.

  • Jeffery

    I used Malwarebytes, the free version on Windows 7. It worked grate!

    • malwarebytes

      Use malwarebytes!!!! It is the only thing that works, unless you edit your registry.
      malwarebytes free program is always available at cnetdownloads.com

      THAT IS ALL YOU NEED

  • Will

    I had exactly the same problem and would be glad to have read this comment before. Anyway, Im happy youve got rid of this total crap and will try the same method.
    THANKS

  • Betty

    Yes CC Cleaner newest download worked on the funmoods crap, i used all the tools there and did not save/backup anything that was removed.

  • concerned

    this is an absolutely shame…downloading bad programs to get rid of other bad programs that try to control you and your computer…hahaha

  • will

    what if the funmoods virus has gotten so bad that i cant download anything and its logged me onto a temporary account?

  • ANISANA

    PLEASE LET MY PC FREE FROM U…

  • Greg

    Im currently trying to get it off a work computer and unfortunately, Malwarebytes does not fix it. Also, after you get it uninstalled, you have check your Network Card Settings as it will add a bunch of other DNS servers in there.

  • Gerie

    I thought I had managed to get rid of Funmoods by deleting the add on and restarting my computer could not find it anywhere when I checked. Until I went onto Youtube and saw 5 ads for Russian girls looking for men and realised it was still there. All I want is to get rid of those offensive ads. Help!!. It also freezes videos that I play and cant scroll up or down. It is driving me mad.

  • Melanie

    Cant get rid of it! I have used malewarebytes, CC Cleaner, spybot, and removed several items from registry. I didnt want to purchase spyhunter, but used the free version after each scan & reboot to see if the problems would disappear. They finally did, but they are BACK again! Not sure what to do now! Just sent Funmoods a message for removal assistance – fat chance-Im sure! Good luck everyone!

  • tqs

    To anyone using google chrome and got affected by funmoods, I tried going to Setting – Extension. Theres the funmoods and New Tab 5.1 (i think) but below it theres “funmoods” so it shouldnt be so hard to find. Just remove both of them by clicking the “Trash” icon beside it. 🙂 I managed to get rid of it! So, good luck to you.

    • Rory

      Seems to have done the trick.. shot Kat! Also managed to get rid of it on my Firefox using a similar technique.. again… thanks Kat 🙂

      • Rory

        My bad.. meant tqs… YOU ROCK!.. who ever you are

        • Rory

          Oh sh*t… spoke too soon 🙁

    • or

      Thanks… works great for me 🙂

  • overload

    to remove funmoods and all related search agents and files just goto/start /search/ type – funmoods / then delete all entrys related to this program job done

  • Kathleen

    Update your anti-spyware program. If you do not cuernrtly have a spyware removal program, there are many free, highly regarded software downloads.Disconnect your computer from the Internet. Even if you have Internet Explorer closed, as long as there is a connection available, the spyware may be connecting and causing damage. Unplug your computer from its modem or the modem from the wall.Check your Add/Remove Programs list from the control panel. If you see a spyware program listed, uninstall it. If you see a program you are not familiar with but are unsure whether it is spyware, check it out before removing it.Run your antispyware program. If you run it and are still receiving pop-ups, especially if you are still disconnected from the Internet, turn your computer off. Start it again and press the F8 key repeatedly until you see the Safe Mode option. Run the antispyware program while your computer is in safe mode. Revert your system to a date in time prior to the spyware infiltration. Go to the Start menu and point to All Programs. Point to Accessories and then point to System Tools. Click System Restore and follow the instructions on the System Restore Wizard.

  • behrang

    i have got an ipad 2 from this website
    is this true that this website give some people gifts!!!!!!?!?!?!?!

  • behrang

    answer me!?!?!?!

  • GONE!!!

    Howdy yall,
    I went ahead and ran the free version of malwarebytes, then went into firefox and removed the addons (it had installed dealcabby, funmoods, a couple others) and its gone. malwarebytes wiped funmoods out of the registry (there were about 30 hits). A quick scan does the trick

  • Geoff

    I downloaded Spybot, but that didnt work and Spybots own websit suggests downloading and scanning with Malwarebytes, which did find funmoods and deleted it. I just had to go into browser settings and delete funmoods manually from Search Providers (under Manage add-ons in Vista) and change my home page back to what I wanted, and hey presto, sorted.

  • Lyn

    I DID IT! On Google Chrome though, I went through settings and extensions and saw that blue chat demon and I clicked the trash bin next to it. and to be sure I used Malware, Spybot, CCleaner, and Spyhunter. I dont really know what made the demon leave but SUCCESS

  • ira

    I had install new Malwarebites Anti-Malware – it did not even recognized funmoods. bad advise.

  • Cévéo

    A user of FIREFOX, I ran the latest version of version of MBAM which detected 6 and deleted 6 entries. This I did yesterday. Funwoods however continued to substitute itself to Google. Whereupon, as mad as hell, I sent a message to their support center to tell them in harsh and angry terms to get their stowaway add-on from my computer.

    This very morning, having repeated yesterday’s run of MBAM, the program again detected 2 presences, which I had removed. I then started up FIREFOX and discovered that Funwoods seemed to have disappeared from the navigator or Google search engine. Haven’t the faintest idea of what happened and if Funwoods is going to stay totally away from my PC.

    Combined effect of both MBAM and my angry mail, or only one or the other?
    Whatever the case, this raises the following point : could it be that Funwoods is in a position or has the means and tools to have access to the innards of my Windows XP ? And do whatever it wants: such as removing the unwanted malware when called for or requested? A rather very disturbing and disquieting thougt for all of us.

  • Ally

    I installed a youtube downloader program, that I downloaded from cnet.com, I thought it was a safe website that tried out programs before suggesting them, I was soooo wrong, even though I declined all the free crap it offered to install when installing the youtube downloader, it installed the fun moods search engine that took over my home page and other crap as well, Im giving malware bytes a try, hope it helps, ad-aware didnt help, neither did hijack this which used to work before.

    i had installed ad-aware last night, and this morning the funmoods search home page came up again but after a couple of minutes seemed to go away on its own……(could it be the ad-aware program working on the background?) Im still not convinced with a sensation of (the killer seems to be dead but hes not really dead) so I installed and currently running malware bytes.

  • Omaps

    Malware Bytes detected 11 items from Funmoods. I deleted them and opened Firefox – its still there if you open a new tab!

  • EmperorNorton47

    I seem to have picked it up in connection with a download on Cnet. Lot of work to be rid of it. Norton caught it starting to insert itself, but it still appeared. There should be laws against this kind of thing.

  • Omaps

    I contacted Funmoods and received this response. The instructions seem to have worked.

    NOV 27, 2012 | 12:18PM EET
    Alex replied:
    Hello

    Thanks for contacting us. Please follow the instructions below.

    In Firefox:

    To removetoolbar/New Tab
    Open Firefox, go to Add-ons Manager (Ctrl+Shift+A) > Select “Funmoods” and click on Remove

    To remove from Home page:
    Open FireFox, go to Tools > Options > on “startup” section click on “Restore to Default” button Then click on “OK”

    To remove from search engine:
    Search button— Manage Search Engines—- select “Funmoods”—- Remove
    For a step by step uninstall guide, please watch our tutorial: http://www.youtube.com/watch?v=dT5PWzLDptc

    ———————————

    To remove from Internet Explorer Win7/Vista from toolbar:
    Go to Start > Control Panel > Uninstall a program OR Programs and Features > Select “Funmoods” and click on Uninstall

    To remove from Home page:
    go to Tools > Internet Options > on “Home page” section click on “Use Default” Then click on “OK”

    To remove from search engine:
    go to Tools > Internet Options > on “Search” section click on “Settings” > select “Live Search” or “Google” or “Bing” and click on “Set Default” > select “Search” and click on “Remove” > OK > OK
    New tab (Internet Explorer 8-9)
    go to Tools > Internet Options > on “Tabs” section click on “Settings” > on “When a new tab is opened, open:” select “The new tab page” > OK > OK

    ———————————-

    In Chrome, to remove toolbar:
    Open Chrome, go to Options menu > Tools > Extensions > Click on the “bin” to remove

    To remove as homepage:
    Open Chrome, go to Options menu > Settings > on the “Appearance” section, check the “Show Home button” > Change > select “Use the New Tab page”

    To remove as search engine:
    Go to your browser—-Click on the tools icon—- options——Change search defaults —– settings —– click the name of your preferred search engine—- set as default—- (to remove Funmoods search)—-select Funmoods —-remove—- okay
    -Or-
    Open Chrome, go to Options menu > Settings > on the “Search” section choose Google on the drop down menu
    For a step by step uninstall and reset homepage guide, please watch our tutorial: http://www.youtube.com/watch?v=dT5PWzLDptc

    Kindly

    Alex
    Support Agent

  • Princess

    Thank you! Funmoods almost drove me insane – this method is much simpler and faster, and EFFECTIVE! Finally I can enjoy browsing again!

  • Irfan

    the last post is the bomb,
    wow…i click on the first page and boom it i run it and after rebooting my pc it gives me result of many many files remove,files that i do not even know about including the funmoods shit.
    Thanks,9jeria.

  • Cleo

    I got it trying to download the game Facade…………grrrr its soo annoying

  • Someone

    I tried malwarebytes, it also made my system restore unfunctional, and after a number of other attempts to fix this issue I was told to try combofix. It ran through reboot and it was completely resolved. No browser redirects, system restore was then available. If all else fails give it a try.