FunMoods. How to remove? (Uninstall guide)

FunMoods is also known as pup.funmoods, start.funmoods.com | Type: Browser Hijackers | Tags: Google redirect
Severity scale:  
  (10/100)

What is Funmoods?

Funmoods has been added to 2-spyware.com for several reasons. If you have been using this program for a while, beware that it may cause several issues on each of your web browsers, including redirects to unknown websites, annoying pop-up ads and slow downs on each of your web browsers. The developers of this program think they are not doing anything bad, but you need only to set this search engine your start page or the default search engine and you will see how many troubles it may cause. First of all, we should mention that Funmoods may show up on your computer without any sign. That's because it has been actively spread with the help of bundling. In addition, as soon as it enters the system, it may try to alter its settings. As soon as it finishes these changes, the victim starts suffering from redirects to Funmoods and other websites. Please, do NOT think that such activity is harmless! If you don't want to be tricked into visiting very suspicious websites, you should stay away from this browser hijacker. Besides, as 2-spyware team notifies, this program may start tracking your browsing activity and may collect your search terms, mostly visited websites and data that you add when visiting them. Beware, that there is no information about third parties that are capable of reaching this data. If Funmoods has already hijacked your web browser, you should stay away from its search results that may be corrupted. If you want to avoid such questionable and sometimes even aggressive marketing technique that seeks to turn visitors into customers, you should remove Funmoods hijacker. The easiest way to remove it and prevent infiltration of other suspicious programs in the future is by running a full system scan with SpyHunter. Make sure its updated and has a full database if you want to find all components that are related to this potentially unwanted program.

FunMoods

How could funmoods hijack my computer?

There are several ways how you can get infected with funmoods. You can install it yourself because it is presented as a funny tool that allows filling your chats with moods. However, its developers have never been warning PC users that the installation of this program may lead them to various issues, like unwanted ads and redirects. In addition, Funmoods can be installed without your consent because it has also been spread in a bundle with freeware and shareware. If you want to avoid it, you need to monitor installation of the freeware by selecting Custom or Advanced installation option. If this program hijacks your search page and your start page, it may redirect all of your search queries to spammy websites. The most of its ads is related to Russia, such as 'Meet Real Russian Women!', 'Chat with Sexy Russian Women' and so on. 

How to remove funmoods?

Funmoods is not difficult PUP, so you shouldn't find problems when trying to remove it from the system. If you want to get rid of it, you should follow a special uninstall guide, which is provided down below. However, we advice you to use automated tools. The problem is thnot a at most tools do not detect funmoods as there are several opinions regarding clasification of Funmoods. Lately, some vendors tried to add new detection techniques, so we would recommend using automatic removal tools to get rid of funmoods.

Automatic FunMoods Removal Guide

You can remove FunMoods automatically with a help of one of these programs: SpyHunter, STOPzilla, Malwarebytes Anti Malware. We recommend these applications because they can easily delete potentially unwanted programs and viruses with all their files and registry entries that are related to them.

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software to remove FunMoods you agree with our Privacy Policy and Agreement of Use.
Download
remover for FunMoods
Compatible with OS X
Webroot SecureAnywhere AntiVirus is recommended remover to uninstall FunMoods. You should confirm using free trial that it detects current version of parasite.
Not using OS X? Download a remover for Windows.
Do it now!
Download
remover for FunMoods Happiness
Guarantee
Compatible with Microsoft
SpyHunter is recommended remover to uninstall FunMoods. You should confirm using free trial that it detects current version of parasite.
more than 40.000.000 downloads!
What to do if you failed to remove the infection?
If you failed to remove FunMoods using Webroot SecureAnywhere AntiVirus SpyHunter, read here how to submit a support ticket or submit a question to our support team and provide as much details as possible.
Alternate Software
STOPzilla
We are testing STOPzilla's efficiency at removing FunMoods (2012-06-01 11:47:28)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency at removing FunMoods (2012-06-01 11:47:28)
XoftSpySE Anti Spyware
We are testing XoftSpySE Anti Spyware's efficiency at removing FunMoods (2012-06-01 11:47:28)
Zemana Antimalware
Virus Removal Phone Support
1-877-657-9614
Help Line to remove FunMoods
FunMoods screenshot
FunMoods snapshot

FunMoods manual removal

Kill processes:
funmoodssrv.exe
Delete registry values:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\escort.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\escortApp.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\escortEng.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\escorTlbr.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\esrv.EXE
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}\Instl
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}\Instl\Data
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}\ProxyStubClsid32
Unregister DLLs:
%ProgramFiles%\Funmoods\1.5.23.22\bh\escort.dll
%ProgramFiles%\Funmoods\1.5.23.22\escortApp.dll
%ProgramFiles%\Funmoods\1.5.23.22\escortEng.dll
%ProgramFiles%\Funmoods\1.5.23.22\escorTlbr.dll
%ProgramFiles%\Funmoods\1.5.23.22\escortShld.dll

Delete files:
%AppData%\funmoods.crx
%AppData%\Google\Chrome\
%ProgramFiles%\Funmoods\1.5.23.22\funmoodssrv.exe
%ProgramFiles%\Funmoods\1.5.23.22\uninstall.exe
%ProgramFiles%\Funmoods\1.5.23.22\bh\escort.dll
%ProgramFiles%\Funmoods\1.5.23.22\escortApp.dll
%ProgramFiles%\Funmoods\1.5.23.22\escortEng.dll
%ProgramFiles%\Funmoods\1.5.23.22\escorTlbr.dll
%ProgramFiles%\Funmoods\1.5.23.22\escortShld.dll

Manual FunMoods Removal Guide

Quick menu:

Step 1: Uninstall FunMoods and related programs

Windows Mac OS X Step 2
Windows 7 / Vista / XP
  • Click Start Control Panel Programs and Features (if you are Windows XP user, click on Add/Remove Programs).
Windows 10 / Windows 8
  • If you are Windows 10 / Windows 8 user, then right-click in the lower left corner of the screen. Once Quick Access Menu shows up, select Control Panel and Uninstall a Program.
Uninstall FunMoods and related programs
  • Here, look for FunMoods or any other recently installed suspicious programs.
  • Uninstall them and click OK to save these changes.
Right click on each of suspicious entries and select 'Uninstall'
Windows Mac OS X Step 2

If you are using OS X, click Go button at the top left of the screen and select Applications.

Cick 'Go' and select 'Applications'

Wait until you see Applications folder and look for FunMoods or any other suspicious programs on it. Now right click on every of such entries and select Move to Trash.

Click on every malicious entry and select 'Move to Trash'

Step 2: Remove FunMoods from Windows shortcuts

Step 3
  • Right click on the shortcut of Mozilla Firefox and select Properties.
Right click on browsers' icon and select 'Properties'
  • Go to Shortcut tab and look at the Target field. Delete malicious URL that is related to your virus.
Select 'Shortcut' tab and delete 'http://isearch.babylon.com...' or other suspicious URL

Repeat steps that are given above with all browsers' shortcuts, including Internet Explorer and Google Chrome. Make sure you check all locations of these shortcuts, including Desktop, Start Menu and taskbar.

Step 3: Remove FunMoods from each of your web browsers

Internet Explorer Mozilla Firefox Google Chrome Safari Step 4
Remove dangerous add-ons
  • Open Internet Explorer, click on the Gear icon (IE menu) on the top right corner of the browser and choose Manage Add-ons.
Click on menu icon and select 'Manage add-ons'
  • You will see a Manage Add-ons window. Here, look for FunMoods and other suspicious plugins. Disable these entries by clicking Disable:
Right click on each of malicious entries and select 'Disable' Change your homepage if it was altered by virus:
  • Click on the gear icon (menu) on the top right corner of the browser and select Internet Options. Stay in General tab.
  • Here, remove malicious URL and enter preferable domain name. Click Apply to save changes.
Delete malicious URL, enter your desired domain name and click 'Apply' to save changes Reset Internet Explorer
  • Click on the gear icon (menu) again and select Internet options. Go to Advanced tab.
  • Here, select Reset.
  • When in the new window, check Delete personal settings and select Reset again to complete FunMoods removal.
Go to 'Advanced' tab and click on 'Reset' button. Now select 'Delete personal settings' and click on 'Reset' button again
Internet Explorer Mozilla Firefox Google Chrome Safari Step 4
Remove dangerous extensions
  • Open Mozilla Firefox, click on the menu icon (top right corner) and select Add-ons Extensions.
Click on menu icon and select 'Add-ons'
  • Here, select FunMoods and other questionable plugins. Click Remove to delete these entries.
Select 'Extensions' and look for malicious entries. Click 'Remove' to get rid of each of them Change your homepage if it was altered by virus:
  • Click on the menu (top right corner), choose Options General.
  • Here, delete malicious URL and enter preferable website or click Restore to default.
  • Click OK to save these changes.
When in 'General' tab, delete malicious URL from 'Home Page' section or click on 'Restore to Default' button. Click 'OK' to save changes Reset Mozilla Firefox
  • Click on the Firefox menu on the top left and click on the question mark. Here, choose Troubleshooting Information.
Click on menu icon and then on '?'. Select 'Troubleshooting Information'
  • Now you will see Reset Firefox to its default state message with Reset Firefox button. Click this button for several times and complete FunMoods removal.
Click on 'Reset Firefox' button for a couple of times
Internet Explorer Mozilla Firefox Google Chrome Safari Step 4
Delete malicious plugins
  • Open Google Chrome, click on the menu icon (top right corner) and select Tools Extensions.
Click on menu icon. Select 'Tools' and 'Extensions'
  • Here, select FunMoods and other malicious plugins and select trash icon to delete these entries.
Look for malicious entries and delete each of them by clicking on the Trash bin icon Change your homepage and default search engine if it was altered by your virus
  • Click on menu icon and choose Settings.
  • Here, look for the Open a specific page or set of pages under On startup option and click on Set pages.
After clicking on menu and 'Settings', select 'Set pages'
  • Now you should see another window. Here, delete malicious search sites and enter the one that you want to use as your homepage.
Click 'X' to remove malicious URLs
  • Click on menu icon again and choose Settings Manage Search engines under the Search section.
When in 'Settings', select 'Manage search engines...'
  • When in Search Engines..., remove malicious search sites. You should leave only Google or your preferred domain name.
Click 'X' to remove malicious URLs Reset Google Chrome
  • Click on menu icon on the top right of your Google Chrome and select Settings.
  • Scroll down to the end of the page and click on Reset browser settings.
When in 'Settings', scroll down to 'Reset browser settings' button and click on it
  • Click Reset to confirm this action and complete FunMoods removal.
Click on 'Reset' button to complete your removal
Internet Explorer Mozilla Firefox Google Chrome Safari Step 4
Remove dangerous extensions
  • Open Safari web browser and click on Safari in menu at the top left of the screen. Once you do this, select Preferences.
Click on 'Safari' and select 'Preferences'
  • Here, select Extentions and look for FunMoods or other suspicious entries. Click on the Uninstall button to get rid each of them.
Go to 'Extensions' and uninstall malicious add-ons Change your homepage if it was altered by virus:
  • Open your Safari web browser and click on Safari in menu section. Here, select Preferences as it was displayed previously and select General.
  • Here, look at the Homepage field. If it was altered by FunMoods, remove unwanted link and enter the one that you want to use for your searches. Remember to include the "http://" before typing in the address of the page.
When in 'General', delete malicious URL and enter your desired domain name Reset Safari
  • Open Safari browser and click on Safari in menu section at the top left of the screen. Here, select Reset Safari....
Click on 'Safari' and select 'Reset Safari...'
  • Now you will see a detailed dialog window filled with reset options. All of those options are usually checked, but you can specify which of them you want to reset. Click the Reset button to complete FunMoods removal process.
Select all options and click on 'Reset' button

Step 4: Complete FunMoods removal

After uninstalling this potentially unwanted program (PUP) and fixing each of your web browsers, we recommend you to scan your PC system with a reputable anti-spyware. This will help you to get rid of FunMoods registry traces and will also identify related parasites or possible malware infections on your computer. For that you can use our top-rated malware remover: SpyHunter, STOPzilla or Malwarebytes Anti Malware.

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Geolocation of FunMoods

Map reveals the prevalence of FunMoods. Countries and regions that have been affected the most are: Brazil, Colombia, Argentina, India and Portugal.

Removal guides in other languages


Information added: 08/07/15 01:18; information updated: 08/07/15 01:18

Additional resources

Attention: If you know know a reputable website reated to security threats, please add a link here: add url

Comments on FunMoods

0
0
Someone
I tried malwarebytes, it also made my system restore unfunctional, and after a number of other attempts to fix this issue I was told to try combofix. It ran through reboot and it was completely resolved. No browser redirects, system restore was then available. If all else fails give it a try.
0
0
Xon
Thanks!
0
0
Cleo
I got it trying to download the game Facade............grrrr its soo annoying
0
0
Irfan
the last post is the bomb,
wow...i click on the first page and boom it i run it and after rebooting my pc it gives me result of many many files remove,files that i do not even know about including the funmoods shit.
Thanks,9jeria.
0
0
Princess
Thank you! Funmoods almost drove me insane - this method is much simpler and faster, and EFFECTIVE! Finally I can enjoy browsing again!
0
0
Omaps
I contacted Funmoods and received this response. The instructions seem to have worked.

NOV 27, 2012 | 12:18PM EET
Alex replied:
Hello

Thanks for contacting us. Please follow the instructions below.

In Firefox:

To removetoolbar/New Tab
Open Firefox, go to Add-ons Manager (Ctrl+Shift+A) > Select “Funmoods” and click on Remove

To remove from Home page:
Open FireFox, go to Tools > Options > on “startup” section click on “Restore to Default” button Then click on “OK”

To remove from search engine:
Search button--- Manage Search Engines---- select “Funmoods”---- Remove
For a step by step uninstall guide, please watch our tutorial: http://www.youtube.com/watch?v=dT5PWzLDptc

---------------------------------

To remove from Internet Explorer Win7/Vista from toolbar:
Go to Start > Control Panel > Uninstall a program OR Programs and Features > Select “Funmoods” and click on Uninstall

To remove from Home page:
go to Tools > Internet Options > on “Home page” section click on “Use Default” Then click on “OK”

To remove from search engine:
go to Tools > Internet Options > on “Search” section click on “Settings” > select “Live Search” or “Google” or “Bing” and click on “Set Default” > select “Search” and click on “Remove” > OK > OK
New tab (Internet Explorer 8-9)
go to Tools > Internet Options > on “Tabs” section click on “Settings” > on “When a new tab is opened, open:” select “The new tab page” > OK > OK

----------------------------------

In Chrome, to remove toolbar:
Open Chrome, go to Options menu > Tools > Extensions > Click on the “bin” to remove

To remove as homepage:
Open Chrome, go to Options menu > Settings > on the “Appearance” section, check the “Show Home button” > Change > select “Use the New Tab page”

To remove as search engine:
Go to your browser----Click on the tools icon---- options------Change search defaults ----- settings ----- click the name of your preferred search engine---- set as default---- (to remove Funmoods search)----select Funmoods ----remove---- okay
-Or-
Open Chrome, go to Options menu > Settings > on the “Search” section choose Google on the drop down menu
For a step by step uninstall and reset homepage guide, please watch our tutorial: http://www.youtube.com/watch?v=dT5PWzLDptc


Kindly

Alex
Support Agent
0
0
EmperorNorton47
I seem to have picked it up in connection with a download on Cnet. Lot of work to be rid of it. Norton caught it starting to insert itself, but it still appeared. There should be laws against this kind of thing.
0
0
Omaps
Malware Bytes detected 11 items from Funmoods. I deleted them and opened Firefox - its still there if you open a new tab!
0
0
Ally
I installed a youtube downloader program, that I downloaded from cnet.com, I thought it was a safe website that tried out programs before suggesting them, I was soooo wrong, even though I declined all the free crap it offered to install when installing the youtube downloader, it installed the fun moods search engine that took over my home page and other crap as well, Im giving malware bytes a try, hope it helps, ad-aware didnt help, neither did hijack this which used to work before.

i had installed ad-aware last night, and this morning the funmoods search home page came up again but after a couple of minutes seemed to go away on its own......(could it be the ad-aware program working on the background?) Im still not convinced with a sensation of (the killer seems to be dead but hes not really dead) so I installed and currently running malware bytes.
0
0
Cévéo
A user of FIREFOX, I ran the latest version of version of MBAM which detected 6 and deleted 6 entries. This I did yesterday. Funwoods however continued to substitute itself to Google. Whereupon, as mad as hell, I sent a message to their support center to tell them in harsh and angry terms to get their stowaway add-on from my computer.

This very morning, having repeated yesterday’s run of MBAM, the program again detected 2 presences, which I had removed. I then started up FIREFOX and discovered that Funwoods seemed to have disappeared from the navigator or Google search engine. Haven’t the faintest idea of what happened and if Funwoods is going to stay totally away from my PC.

Combined effect of both MBAM and my angry mail, or only one or the other?
Whatever the case, this raises the following point : could it be that Funwoods is in a position or has the means and tools to have access to the innards of my Windows XP ? And do whatever it wants: such as removing the unwanted malware when called for or requested? A rather very disturbing and disquieting thougt for all of us.
More comments »

Post a comment

Attention: Use this form only if you have additional information about FunMoods parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name



«

(All fields are required)
Like us on Facebook
News
Recent Malware
Read on mobile
Ask us
Press Mentions
I failed to remove FunMoods using SpyHunter.

Email


Close
add text box
rss feed
help other
Spreading the knowledge: It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!