NEWS
PARASITES
SOFTWARE
ASK US
DIRECTORY

 
 
 
 
 
 
  
Title: FunMoods
Type: Browser Hijackers
Also known as: fun moods, pup.funmoods, start.funmoods.com

Remove FunMoods
Google redirect
Removal instructions

by
 
Severity scale:FunMoods severity is 80  (80 / 100)
 

Funmoods worth to be added into several categories on 2-spyware.com Security portal. They think they don't do anything bad, that would be the browser plugins category, but spyware community around the world thinks differently. Funmoods hijacks your browser, search results and uses aggressive marketing strategy to turn visitors into customers. That activity fits to 2-spyware.com Browser hijackers category. Funmood display various advertisements to the users that makes them Adware. But regular people are tired with the activity of funmoods, their redirection to start.funmoods.com and they call this parasite - a virus.

How did I get infected with funmoods?

There are several ways how you can get infected with funmoods. You can install yourself, if you wanted to get some moods to your chats, and you did not know the consequences. Funmoods can be installed without explicit user consent. It hijacks your search page and redirect all search queries to spammy results with advertising links. Lots of ads are related to Russian women. Such as Meet Real Russian Women! Chat with Sexy Russian Women and women from some other countries.

How to get rid of funmoods?

Funmoods is difficult to remove as there is no uninstall process provided for every component of funmoods at once. We advice to use automated tools. The problem is that most tools do not detect funmoods as there are several opinions regarding clasification of Funmoods. Lately, some vendors tried to add new detection techniques, so we would recommend using Spyhunter to get rid of funmoods.. Another good product to remove funmoods is MalwareBytes anti-malware.

Funmoods provides some video removal guides to remove it from different web browsers. 

If you have found Funmoods or Facemoods toolbar and you haven't installed it, remove it by going: Start menu -> Control Panel -> Add/Remove Programs or Uninstall a Program. Choose 'Uninstall' button if you see the FunMoods/FaceMoods in the list.

Change your homepage by following these steps:

Internet Explorer:

Open IE -> Tools -> Internet Options -> General tab. Enter Google or other address to make it the default start page.

Mozilla Firefox:

Open Mozilla Firefox, go to Tools -> Options -> General -> Startup. Now select 'Show a blank page' when Firefox Starts or set a certain website, like Google or similar.

Google Chrome:

Open Google Chrome, click on wench icon, go to settings and choose 'Manage search engines'. Change search engine to google or other and delete Certified toolbar from the list. Then Go to section “On start” and make sure you get blank page while creating new tab.



Automatic FunMoods removal:

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use.
By Downloading any provided Anti-spyware software to remove FunMoods you agree to our privacy policy and agreement of use.
remover for FunMoods
SpyHunter is recommended remover to uninstall FunMoods. You should confirm using free trial that it detects current version of parasite.

Note: Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manual removal instructions below.

If you failed to remove FunMoods using SpyHunter, submit question to our support team and provide as much details as possible.
dot
Malwarebytes Anti Malware
Download | review
download
manual required
We are testing Malwarebytes Anti Malware's efficiency at removing FunMoods (2012-06-01 11:47:28)
dot
Defender Pro Ultimate Security Suite
Download | review
download
manual required
We are testing Defender Pro Ultimate Security Suite's efficiency at removing FunMoods (2012-06-01 11:47:28)
dot
STOPzilla
Download | review
download
manual required
We are testing STOPzilla's efficiency at removing FunMoods (2012-06-01 11:47:28)
dot
XoftSpySE Anti Spyware
Download | review

what to do if you failed to remove the infection?
Phone Support to remove FunMoods
Phone Support to remove FunMoods
FunMoods snapshot:
FunMoods snapshot

FunMoods manual removal:

Kill processes:
funmoodssrv.exe
help HELP:
how to kill malicious processes

Delete registry values:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\escort.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\escortApp.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\escortEng.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\escorTlbr.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\esrv.EXE
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}\Instl
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}\Instl\Data
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}\ProxyStubClsid32
help HELP:
how to remove registry entries

Unregister DLLs:
%ProgramFiles%\Funmoods\1.5.23.22\bh\escort.dll
%ProgramFiles%\Funmoods\1.5.23.22\escortApp.dll
%ProgramFiles%\Funmoods\1.5.23.22\escortEng.dll
%ProgramFiles%\Funmoods\1.5.23.22\escorTlbr.dll
%ProgramFiles%\Funmoods\1.5.23.22\escortShld.dll
help HELP:
how to unregister malicious DLLs

Delete files:
%AppData%\funmoods.crx
%AppData%\Google\Chrome\
%ProgramFiles%\Funmoods\1.5.23.22\funmoodssrv.exe
%ProgramFiles%\Funmoods\1.5.23.22\uninstall.exe
%ProgramFiles%\Funmoods\1.5.23.22\bh\escort.dll
%ProgramFiles%\Funmoods\1.5.23.22\escortApp.dll
%ProgramFiles%\Funmoods\1.5.23.22\escortEng.dll
%ProgramFiles%\Funmoods\1.5.23.22\escorTlbr.dll
%ProgramFiles%\Funmoods\1.5.23.22\escortShld.dll
help HELP:
how to remove harmful files

QR code for FunMoods removal instructions:

FunMoods qrcode
QR is short for Quick Response. They can be read quickly by the mobile phones. QR codes can store more data than standard barcodes, including url links, geo coordinates, and text.

The reason we add QR code to the website is that parasites like FunMoods are really hard to remove on infected computer. you can quicly scan the QR code with your mobile device and have manual removal instructions to uninstall FunMoods right in your pocket.

Simply use the QR scanner and read removal instructions from mobile device.

Removal guides in other languages

Information added: 2013-01-08 03:47:57
Information updated: 2013-01-08 03:47:57

Ask us discussions:

Modern viruses are really hard to remove. They have random file names, random registry entries, they can immitale legal products and files. Removal instructions sometimes can't Help to remove infection manually. Please take a look at our discussion where users like you share they experience in fighting the parasite:
submit your question
3

How do I delete the funmoods?

-
funmoods
submit your question
2

How to get rid of Funmoods???

-
funmoods

Additional resources:

Attention: If you know know a reputable website reated to security threats, please add a link here: add url
1
0
Bee
ok, I downloaded and installed Spyhunter to remove start.funmoods.com...so, now what do I do?
2012 06 26
0
0
james
i ran rkill process killer followed by malwarebytes with the most current update as of 7/11/12. no luck getting rid of funMoods. trying spyhunter now
2012 07 11
0
0
Howard
Funmoods showed-up on Firefox, unrequested. What a mess. Deleted entry in Firefox Extensions list and the parasite was still there. Tried everything I could think of and then gave up. I simply used Windows Restore to restore my computer to an earlier time. It worked perfectly and without all the frustration.
2012 07 12
3
0
Keith
I think that you were extremely fortunate as I have bought Spyhumter AND just recovered to a previous pre Funmoods date and both have failed. I still have the damned thing and may the creators of this malaise remain in purgatory for ever-and-a-day.
2012 08 16
2
0
Will
Purgatoy? NO, I want them in HELL!!!
2012 09 06
3
0
JD Straw
I cant, at this time afford to pay for spyhunter, so I tried every other option suggested including other methods that I have used in the past, including system restore, but so far nothing has worked. Just FYI, I got this while downloading a program called Freecorder (video downloader/converter program); and in spite of declining to install all offers that were included in the download/install process, this mess called funmoods was still installed, along with several other programs associated with funmoods. I was able to remove most of the other funmood programs with the revouninstall freeware program, but the evil toolbar still remained. I even used my systems regedit program, was able to delete a lot, BUT NOT ALL, of funmoods mess, but my computer now is very much infected and it seems there is nothing I can do about it until I have money to go to a professional to have my computer cleaned up. I havent worked in three years so I have no idea when Ill have money for something like removing viruses from my old computer. This kind of stuff makes me want to choke the living daylights out of the evil perpetrators and developers of this demonic program with its bold intrusion and mass unwanted installation.

Everybody: PLEASE BEWARE OF DOWNLOADING THE FREECORDER VIDEO DOWNLOADER/CONVERTER PROGRAM BECAUSE IT WILL INSTALL THIS MESS EVEN THOUGH I took the time to make sure all the BOXES ARE UNCHECKED during the installation process, and ALL THE OFFERS of installing all their extra mess ARE DECLINED DURING THE INSTALLATION PROCESS. PLEASE BE CAREFUL!
2012 08 06
0
0
Rory
I got it the same way.. bummed hey.. why do they call it Funmoods anyway? They should call it KakMood.. corny.. but on a more serious note, to the creators of Funmoods YOU SUCK!!!
2012 11 06
8
1
JD Straw
Im back and pleased to report that I have gotten rid of that pest called funmoods. I used CCleaner (Crap Cleaner is the original name of the software). After using Revo Uninstaller to remove as much of it as possible, I then used the computers regedit and removed as much as possible of the residue. The Freecorder program which installed all the various Funmood stuff was very easily removed but much of the mess didnt even show up in the Add/Remove list or Revo Uninstaller, which is why it was so difficult to get at in order to try to remove it. I also found that Funmoods had replaced my search engine and had taken over my home page. It was one BIG MESS! After using all of the above methods as well as the Restore function found in System Tools, I was still having problems, so I then went to my CCleaner program to clean as much as possible, after which I used the CCleaners registry clean function, then the Restore Registry function, rebooted my computer and THIS time when the computer logged on, I no longer saw that devilish mess, the omnipresent toolbar was gone and my home page was reset. All of this took SEVERAL HOURS, and a lot of frustration, but Im very thankful to have rescued my computer from this evil demon. I wish everyone else great success in getting rid of it, and PLEASE, if anyone is thinking of downloading a video download with converter features, do NOT download Freecorder. I sent them a very hot email letting them know how displeased I was with their deceit in bundling the devils demons into their Freecorder software and making it seem as though the options to not download the other unwanted programs was working.

I also want to thank the owners of this site for posting information as well as their solutions, along with making it possible for us victims as well, to help each other to find and share solutions for getting rid of the FunMoods demonic programs.
2012 08 07
1
1
Will
I had exactly the same problem and would be glad to have read this comment before. Anyway, Im happy youve got rid of this total crap and will try the same method.
THANKS
2012 09 06
1
0
BabaBoohey
This "Funmoods" garbage is responsible for spreading the Virus "Generic29GJG".
Dont go near this crap!!!!!
2012 08 09
0
0
ChrisBMW840
How do I get this thing removed from my D drive?! Ive run spyhunter several times, clicked fix, and it will say the fix was successful. Yet. every time I open a new tab, theres that darnedable "start.funmoods...etc.", not "about:blank." This happens in Firefox. Grrrrrr!
2012 08 14
0
0
ChrisBMW840
And, JD, youre exactly right. My son downloaded VLC, so we could watch video from my Canon camera.
2012 08 14
2
0
Rob
I downloaded VLC as well, declined all offers and ended up in this flipping mess. Its people that do crap like this that should be strung up from their feet and beaten with a stick...for days on end! Beyond annoying as you all know.
2012 09 06
0
0
Lisa
Me too HELP! VLC did it to me 8-19-12 I removed alot of crap, cant get online at all now
2012 08 20
0
0
Lisa
I just found out this virus/trojan/redirector from hell is part of a hidden program called Yontoo I found thees in the temp folder along with 7za, OptChrome, and sqlite3 to see this, use the Run function located in the start tray on the bottom of your screen
2012 08 20
0
0
Rob
I read that the Yontoo is used for Facebook. So tell us what happened when you deleted these? Did the bug go away? Not a helpful post really.
2012 09 06
0
0
Normani
Yontoo was hijacking my websites. I found it listed in tools/tracking protection/toolbars and Extensions. I found and deleted Yontoo by using my computer uninstall program. Then I went into search, typed Yontoo and found a "silent installer" which I also deleted. These actions seemingly has removed Yontoo, at least I cannot find it any traces left. But, Funmoods registry errors (25 of them) are still present and I have not been able to remove them yet. Google Chrome is somehow attached to Funmoods, but after deleting Google Chrome, Funmood registry issues remain. Still trying.
2013 01 11
0
0
lisa
love yoiur softwear. workd greate thanks so much.removed the bad streak in my OS like tide of ocean
2012 08 29
0
0
Will
Ill try this
2012 08 31
0
0
joz8888
A simple reset of firefox seems to have worked for now, I know its not gone but I dont have to look at it every time I open a new tab. On the firefox toolbar click Help>Troubleshooting Information>Reset. You will have to set your homepage after.
2012 09 02
0
0
Jeffery
I used Malwarebytes, the free version on Windows 7. It worked grate!
2012 09 03
1
0
malwarebytes
Use malwarebytes!!!! It is the only thing that works, unless you edit your registry.
malwarebytes free program is always available at cnetdownloads.com

THAT IS ALL YOU NEED
2012 09 14
0
0
Betty
Yes CC Cleaner newest download worked on the funmoods crap, i used all the tools there and did not save/backup anything that was removed.
2012 09 07
1
0
concerned
this is an absolutely shame...downloading bad programs to get rid of other bad programs that try to control you and your computer...hahaha
2012 09 10
3
0
will
what if the funmoods virus has gotten so bad that i cant download anything and its logged me onto a temporary account?
2012 09 21
0
0
ANISANA
PLEASE LET MY PC FREE FROM U...
2012 09 22
0
0
Greg
Im currently trying to get it off a work computer and unfortunately, Malwarebytes does not fix it. Also, after you get it uninstalled, you have check your Network Card Settings as it will add a bunch of other DNS servers in there.
2012 10 05
0
0
Gerie
I thought I had managed to get rid of Funmoods by deleting the add on and restarting my computer could not find it anywhere when I checked. Until I went onto Youtube and saw 5 ads for Russian girls looking for men and realised it was still there. All I want is to get rid of those offensive ads. Help!!. It also freezes videos that I play and cant scroll up or down. It is driving me mad.
2012 10 13
0
0
Melanie
Cant get rid of it! I have used malewarebytes, CC Cleaner, spybot, and removed several items from registry. I didnt want to purchase spyhunter, but used the free version after each scan & reboot to see if the problems would disappear. They finally did, but they are BACK again! Not sure what to do now! Just sent Funmoods a message for removal assistance - fat chance-Im sure! Good luck everyone!
2012 10 14
3
0
tqs
To anyone using google chrome and got affected by funmoods, I tried going to Setting - Extension. Theres the funmoods and New Tab 5.1 (i think) but below it theres "funmoods" so it shouldnt be so hard to find. Just remove both of them by clicking the "Trash" icon beside it. :) I managed to get rid of it! So, good luck to you.
2012 10 16
0
0
Rory
Seems to have done the trick.. shot Kat! Also managed to get rid of it on my Firefox using a similar technique.. again... thanks Kat :)
2012 11 06
0
0
Rory
My bad.. meant tqs... YOU ROCK!.. who ever you are
2012 11 06
0
0
Rory
Oh sh*t... spoke too soon :(
2012 11 06
0
0
or
Thanks... works great for me :)
2012 12 08
0
0
overload
to remove funmoods and all related search agents and files just goto/start /search/ type - funmoods / then delete all entrys related to this program job done
2012 10 17
0
0
Kathleen
Update your anti-spyware program. If you do not cuernrtly have a spyware removal program, there are many free, highly regarded software downloads.Disconnect your computer from the Internet. Even if you have Internet Explorer closed, as long as there is a connection available, the spyware may be connecting and causing damage. Unplug your computer from its modem or the modem from the wall.Check your Add/Remove Programs list from the control panel. If you see a spyware program listed, uninstall it. If you see a program you are not familiar with but are unsure whether it is spyware, check it out before removing it.Run your antispyware program. If you run it and are still receiving pop-ups, especially if you are still disconnected from the Internet, turn your computer off. Start it again and press the F8 key repeatedly until you see the Safe Mode option. Run the antispyware program while your computer is in safe mode. Revert your system to a date in time prior to the spyware infiltration. Go to the Start menu and point to All Programs. Point to Accessories and then point to System Tools. Click System Restore and follow the instructions on the System Restore Wizard.
2012 10 21
0
0
behrang
i have got an ipad 2 from this website
is this true that this website give some people gifts!!!!!!?!?!?!?!
2012 10 25
0
0
behrang
answer me!?!?!?!
2012 10 25
0
0
GONE!!!
Howdy yall,
I went ahead and ran the free version of malwarebytes, then went into firefox and removed the addons (it had installed dealcabby, funmoods, a couple others) and its gone. malwarebytes wiped funmoods out of the registry (there were about 30 hits). A quick scan does the trick
2012 10 25
0
0
Geoff
I downloaded Spybot, but that didnt work and Spybots own websit suggests downloading and scanning with Malwarebytes, which did find funmoods and deleted it. I just had to go into browser settings and delete funmoods manually from Search Providers (under Manage add-ons in Vista) and change my home page back to what I wanted, and hey presto, sorted.
2012 10 26
0
0
Lyn
I DID IT! On Google Chrome though, I went through settings and extensions and saw that blue chat demon and I clicked the trash bin next to it. and to be sure I used Malware, Spybot, CCleaner, and Spyhunter. I dont really know what made the demon leave but SUCCESS
2012 10 30
0
0
ira
I had install new Malwarebites Anti-Malware - it did not even recognized funmoods. bad advise.
2012 11 05
0
0
Cévéo
A user of FIREFOX, I ran the latest version of version of MBAM which detected 6 and deleted 6 entries. This I did yesterday. Funwoods however continued to substitute itself to Google. Whereupon, as mad as hell, I sent a message to their support center to tell them in harsh and angry terms to get their stowaway add-on from my computer.

This very morning, having repeated yesterday’s run of MBAM, the program again detected 2 presences, which I had removed. I then started up FIREFOX and discovered that Funwoods seemed to have disappeared from the navigator or Google search engine. Haven’t the faintest idea of what happened and if Funwoods is going to stay totally away from my PC.

Combined effect of both MBAM and my angry mail, or only one or the other?
Whatever the case, this raises the following point : could it be that Funwoods is in a position or has the means and tools to have access to the innards of my Windows XP ? And do whatever it wants: such as removing the unwanted malware when called for or requested? A rather very disturbing and disquieting thougt for all of us.
2012 11 10
0
0
Ally
I installed a youtube downloader program, that I downloaded from cnet.com, I thought it was a safe website that tried out programs before suggesting them, I was soooo wrong, even though I declined all the free crap it offered to install when installing the youtube downloader, it installed the fun moods search engine that took over my home page and other crap as well, Im giving malware bytes a try, hope it helps, ad-aware didnt help, neither did hijack this which used to work before.

i had installed ad-aware last night, and this morning the funmoods search home page came up again but after a couple of minutes seemed to go away on its own......(could it be the ad-aware program working on the background?) Im still not convinced with a sensation of (the killer seems to be dead but hes not really dead) so I installed and currently running malware bytes.
2012 11 21
0
0
Omaps
Malware Bytes detected 11 items from Funmoods. I deleted them and opened Firefox - its still there if you open a new tab!
2012 11 24
0
0
EmperorNorton47
I seem to have picked it up in connection with a download on Cnet. Lot of work to be rid of it. Norton caught it starting to insert itself, but it still appeared. There should be laws against this kind of thing.
2012 11 25
0
0
Omaps
I contacted Funmoods and received this response. The instructions seem to have worked.

NOV 27, 2012 | 12:18PM EET
Alex replied:
Hello

Thanks for contacting us. Please follow the instructions below.

In Firefox:

To removetoolbar/New Tab
Open Firefox, go to Add-ons Manager (Ctrl+Shift+A) > Select “Funmoods” and click on Remove

To remove from Home page:
Open FireFox, go to Tools > Options > on “startup” section click on “Restore to Default” button Then click on “OK”

To remove from search engine:
Search button--- Manage Search Engines---- select “Funmoods”---- Remove
For a step by step uninstall guide, please watch our tutorial: http://www.youtube.com/watch?v=dT5PWzLDptc

---------------------------------

To remove from Internet Explorer Win7/Vista from toolbar:
Go to Start > Control Panel > Uninstall a program OR Programs and Features > Select “Funmoods” and click on Uninstall

To remove from Home page:
go to Tools > Internet Options > on “Home page” section click on “Use Default” Then click on “OK”

To remove from search engine:
go to Tools > Internet Options > on “Search” section click on “Settings” > select “Live Search” or “Google” or “Bing” and click on “Set Default” > select “Search” and click on “Remove” > OK > OK
New tab (Internet Explorer 8-9)
go to Tools > Internet Options > on “Tabs” section click on “Settings” > on “When a new tab is opened, open:” select “The new tab page” > OK > OK

----------------------------------

In Chrome, to remove toolbar:
Open Chrome, go to Options menu > Tools > Extensions > Click on the “bin” to remove

To remove as homepage:
Open Chrome, go to Options menu > Settings > on the “Appearance” section, check the “Show Home button” > Change > select “Use the New Tab page”

To remove as search engine:
Go to your browser----Click on the tools icon---- options------Change search defaults ----- settings ----- click the name of your preferred search engine---- set as default---- (to remove Funmoods search)----select Funmoods ----remove---- okay
-Or-
Open Chrome, go to Options menu > Settings > on the “Search” section choose Google on the drop down menu
For a step by step uninstall and reset homepage guide, please watch our tutorial: http://www.youtube.com/watch?v=dT5PWzLDptc


Kindly

Alex
Support Agent
2012 11 28
0
0
Princess
Thank you! Funmoods almost drove me insane - this method is much simpler and faster, and EFFECTIVE! Finally I can enjoy browsing again!
2012 11 30
0
0
Irfan
the last post is the bomb,
wow...i click on the first page and boom it i run it and after rebooting my pc it gives me result of many many files remove,files that i do not even know about including the funmoods shit.
Thanks,9jeria.
2012 11 30
0
0
Cleo
I got it trying to download the game Facade............grrrr its soo annoying
2013 01 13
0
0
Xon
Thanks!
2013 01 25

Post Comment:

Attention: Use this form only if you have additional information about FunMoods parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.
Home page Name



«


* All field required
Submit a Question
Like us on Facebook
Latest spyware news:
Subscribe to spyware news
Please enter your e-mail address:
If you do not want to receive our spyware
newsletter please unsubscribe here
48030 Subscribers
Ask us
Encyclopedia of parasites:
Library of files:
Archive of files
Tags:
Your main spyware remover is:
Windows Defender
Spy Sweeper
AVG Anti-Spyware
SUPERAntiSpyware
Spybot - S&D
SpyHunter
Other program
I have two or more programs
I don't need no anti-spyware



Compare spyware removers
Compare free products
I failed to remove FunMoods using SpyHunter.

Email


Close

Spreading the knowledge:

It is very hard to fight Computer parasites alone in internet space. If you have a website we would be more than happy if you would help us to spread the knowledge about latest threats. You can help your visitors to manage their Computer system manually without aditional expences. Knowledge is the power, we just need to spread it.
add text box
rss feed
help other
Agreement of Use | Privacy policy | Webmasters | Contact us | RSS Feeds rss feeds | Follow us Follow us | Like us Like us
© 2001-2013  2-spyware.com  All Rights Reserved. Reproduction in part or whole without written permission is prohibited. Powered by: eSolutions.