Remove FunMoods
Removal instructions

Severity scale:  
  (80/100)
FunMoods is also known as fun moods, pup.funmoods, start.funmoods.com | Type: Browser Hijackers | Tags: Google redirect

Funmoods worth to be added into several categories on 2-spyware.com Security portal. They think they don't do anything bad, that would be the browser plugins category, but spyware community around the world thinks differently. Funmoods hijacks your browser, search results and uses aggressive marketing strategy to turn visitors into customers. That activity fits to 2-spyware.com Browser hijackers category. Funmood display various advertisements to the users that makes them Adware. But regular people are tired with the activity of funmoods, their redirection to start.funmoods.com and they call this parasite - a virus.

How did I get infected with funmoods?

There are several ways how you can get infected with funmoods. You can install yourself, if you wanted to get some moods to your chats, and you did not know the consequences. Funmoods can be installed without explicit user consent. It hijacks your search page and redirect all search queries to spammy results with advertising links. Lots of ads are related to Russian women. Such as Meet Real Russian Women! Chat with Sexy Russian Women and women from some other countries.

How to get rid of funmoods?

Funmoods is difficult to remove as there is no uninstall process provided for every component of funmoods at once. We advice to use automated tools. The problem is that most tools do not detect funmoods as there are several opinions regarding clasification of Funmoods. Lately, some vendors tried to add new detection techniques, so we would recommend using automatic removal tools to get rid of funmoods.

Automatic FunMoods Removal Guide

You can remove FunMoods automatically with a help of one of these programs: SpyHunter, STOPzilla, Malwarebytes Anti Malware. We recommend these applications because they can easily delete potentially unwanted programs and viruses with all their files and registry entries that are related to them.

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software to remove FunMoods you agree with our Privacy Policy and Agreement of Use.
Do it now!
Download
remover for FunMoods Happiness
Guarantee
Compatible with Microsoft
SpyHunter is recommended remover to uninstall FunMoods. You should confirm using free trial that it detects current version of parasite.
more than 40.000.000 downloads!
What to do if you failed to remove the infection?
If you failed to remove FunMoods using SpyHunter, read here how to submit a support ticket or submit a question to our support team and provide as much details as possible.

Alternate Software

STOPzilla
We are testing STOPzilla's efficiency at removing FunMoods (2012-06-01 11:47:28)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency at removing FunMoods (2012-06-01 11:47:28)
XoftSpySE Anti Spyware
We are testing XoftSpySE Anti Spyware's efficiency at removing FunMoods (2012-06-01 11:47:28)
Defender Pro Ultimate
We are testing Defender Pro Ultimate's efficiency at removing FunMoods (2012-06-01 11:47:28)
Virus Removal Phone Support
1-877-657-9614
Help Line to remove FunMoods

FunMoods screenshot

FunMoods snapshot

FunMoods manual removal

Kill processes:
funmoodssrv.exe
Delete registry values:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\escort.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\escortApp.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\escortEng.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\escorTlbr.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\esrv.EXE
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}\Instl
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}\Instl\Data
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}\ProxyStubClsid32
Unregister DLLs:
%ProgramFiles%\Funmoods\1.5.23.22\bh\escort.dll
%ProgramFiles%\Funmoods\1.5.23.22\escortApp.dll
%ProgramFiles%\Funmoods\1.5.23.22\escortEng.dll
%ProgramFiles%\Funmoods\1.5.23.22\escorTlbr.dll
%ProgramFiles%\Funmoods\1.5.23.22\escortShld.dll

Delete files:
%AppData%\funmoods.crx
%AppData%\Google\Chrome\
%ProgramFiles%\Funmoods\1.5.23.22\funmoodssrv.exe
%ProgramFiles%\Funmoods\1.5.23.22\uninstall.exe
%ProgramFiles%\Funmoods\1.5.23.22\bh\escort.dll
%ProgramFiles%\Funmoods\1.5.23.22\escortApp.dll
%ProgramFiles%\Funmoods\1.5.23.22\escortEng.dll
%ProgramFiles%\Funmoods\1.5.23.22\escorTlbr.dll
%ProgramFiles%\Funmoods\1.5.23.22\escortShld.dll

Manual FunMoods Removal Guide

Step 1: Uninstall FunMoods and related programs

  • Click Start Control Panel Programs and Features (if you are Windows XP user, click on Add/Remove Programs).
  • Here, look for FunMoods or any other recently installed suspicious programs.
  • Uninstall them and click OK to save these changes.

If you are Windows 8 user, then right-click in the lower left corner of the screen. Once Quick Access Menu shows up, select Control Panel and Uninstall a Program.

If you are using OS X, click Go button at the top left of the screen and select Applications.

Wait until you see Applications folder and look for FunMoods or any other suspicious programs on it. Now right click on every of such entries and select Move to Trash.

Step 2: Remove FunMoods from Windows shortcuts

  • Right click on the shortcut of Mozilla Firefox and select Properties.
  • Go to Shortcut tab and look at the Target field. Delete malicious URL that is related to your virus.

Repeat steps that are given above with all browsers' shortcuts, including Internet Explorer and Google Chrome. Make sure you check all locations of these shortcuts, including Desktop, Start Menu and taskbar.

Step 3: Remove FunMoods from each of your web browsers

Internet Explorer Mozilla Firefox Google Chrome Safari
Remove dangerous add-ons
  • Open Internet Explorer, click on the Gear icon (IE menu) on the top right corner of the browser and choose Manage Add-ons
  • You will see a Manage Add-ons window. Here, look for FunMoods and other suspicious plugins. Disable these entries by clicking Disable:
Change your homepage if it was altered by virus:
  • Click on the gear icon (menu) on the top right corner of the browser and select Internet Options. Stay in General tab.
  • Here, remove malicious URL and enter preferable domain name. Click Apply to save changes.
Reset Internet Explorer
  • Click on the gear icon (menu) again and select Internet options. Go to Advanced tab.
  • Here, select Reset.
  • When in the new window, check Delete personal settings and select Reset again to complete FunMoods removal.
Internet Explorer Mozilla Firefox Google Chrome Safari
Remove dangerous extensions
  • Open Mozilla Firefox, click on the menu icon (top right corner) and select Add-ons Extensions.
  • Here, select FunMoods and other questionable plugins. Click Remove to delete these entries.
Change your homepage if it was altered by virus:
  • Click on the menu (top right corner), choose Options General.
  • Here, delete malicious URL and enter preferable website or click Restore to default.
  • Click OK to save these changes.
Reset Mozilla Firefox
  • Click on the Firefox menu on the top left and click on the question mark. Here, choose Troubleshooting Information.
  • Now you will see Reset Firefox to its default state message with Reset Firefox button. Click this button for several times and complete FunMoods removal.
Internet Explorer Mozilla Firefox Google Chrome Safari
Delete malicious plugins
  • Open Google Chrome, click on the menu icon (top right corner) and select Tools Extensions.
  • Here, select FunMoods and other malicious plugins and select trash icon to delete these entries.
Change your homepage and default search engine if it was altered by your virus
  • Click on menu icon and choose Settings.
  • Here, look for the Open a specific page or set of pages under On startup option and click on Set pages.
  • Now you should see another window. Here, delete malicious search sites and enter the one that you want to use as your homepage.
  • Click on menu icon again and choose Settings Manage Search engines under the Search section.
  • When in Search Engines..., remove malicious search sites. You should leave only Google or your preferred domain name.
Reset Google Chrome
  • Click on menu icon on the top right of your Google Chrome and select Settings.
  • Scroll down to the end of the page and click on Reset browser settings.
  • Click Reset to confirm this action and complete FunMoods removal.
Internet Explorer Mozilla Firefox Google Chrome Safari
Remove dangerous plugins
  • Open Safari web browser and click on Safari in menu at the top left of the screen. Once you do this, select Preferences.
  • Here, select Extentions and look for FunMoods or other suspicious entries. Click on the Uninstall button to get rid each of them.
Change your homepage if it was altered by virus:
  • Open your Safari web browser and click on Safari in menu section. Here, select Preferences as it was displayed previously and select General.
  • Here, look at the Homepage field. If it was altered by FunMoods, remove unwanted link and enter the one that you want to use for your searches. Remember to include the "http://" before typing in the address of the page.
Reset Safari
  • Open Safari browser and click on Safari in menu section at the top left of the screen. Here, select Reset Safari....
  • Now you will see a detailed dialog window filled with reset options. All of those options are usually checked, but you can specify which of them you want to reset. Click the Reset button to complete FunMoods removal process.

What is browser hijacker?

Browser hijacker is a malicious program, usually a web browser plug-in or add-ons, which modifies web browser settings in order to change default search page, home page, new tab or error page. After that, it starts unwanted redirects to undesirable Internet sites. A browser hijacker also can record all web pages the user visits and send gathered information out through a background Internet connection.

Practically all browser hijackers are created for commercial, advertising or marketing purposes. However, there are lots of malicious versions of these programs that similarly to spyware or adware threats can be installed on the system without user's consent and often hide deep inside the system for avoiding their removal.

Symptoms showing that your computer was infected by FunMoods:

•  Changes in homepage and/or default search engine
•  Redirects to websites that are unknown and suspicious
•  Appearance of new tabs
•  Unknown sites in Bookmarks and Favorites list
•  Decreased speed of every Internet browser

Geolocation of FunMoods

This map reveals the prevalence of FunMoods. Countries and regions that have been affected the most are: Brazil, Colombia, Argentina, India and Portugal.

QR code for FunMoods removal instructions

FunMoods qrcode QR is short for Quick Response. They can be read quickly by the mobile phones. QR codes can store more data than standard barcodes, including url links, geo coordinates, and text.
The reason we add QR code to the website is that parasites like FunMoods are really hard to remove on infected computer. you can quicly scan the QR code with your mobile device and have manual removal instructions to uninstall FunMoods right in your pocket.
Simply use the QR scanner and read removal instructions from mobile device.

Removal guides in other languages

Information added: 2014-09-11 04:10
Information updated: 2014-09-11 04:10

Ask us discussions

Modern viruses are really hard to remove. They have random file names, random registry entries, they can immitale legal products and files. Removal instructions sometimes can't Help to remove infection manually. Please take a look at our discussion where users like you share they experience in fighting the parasite:

Additional resources

Attention: If you know know a reputable website reated to security threats, please add a link here: add url

Users comments about FunMoods:

0
0
Someone
I tried malwarebytes, it also made my system restore unfunctional, and after a number of other attempts to fix this issue I was told to try combofix. It ran through reboot and it was completely resolved. No browser redirects, system restore was then available. If all else fails give it a try.
0
0
Xon
Thanks!
0
0
Cleo
I got it trying to download the game Facade............grrrr its soo annoying
0
0
Irfan
the last post is the bomb,
wow...i click on the first page and boom it i run it and after rebooting my pc it gives me result of many many files remove,files that i do not even know about including the funmoods shit.
Thanks,9jeria.
0
0
Princess
Thank you! Funmoods almost drove me insane - this method is much simpler and faster, and EFFECTIVE! Finally I can enjoy browsing again!
0
0
Omaps
I contacted Funmoods and received this response. The instructions seem to have worked.

NOV 27, 2012 | 12:18PM EET
Alex replied:
Hello

Thanks for contacting us. Please follow the instructions below.

In Firefox:

To removetoolbar/New Tab
Open Firefox, go to Add-ons Manager (Ctrl+Shift+A) > Select “Funmoods” and click on Remove

To remove from Home page:
Open FireFox, go to Tools > Options > on “startup” section click on “Restore to Default” button Then click on “OK”

To remove from search engine:
Search button--- Manage Search Engines---- select “Funmoods”---- Remove
For a step by step uninstall guide, please watch our tutorial: http://www.youtube.com/watch?v=dT5PWzLDptc

---------------------------------

To remove from Internet Explorer Win7/Vista from toolbar:
Go to Start > Control Panel > Uninstall a program OR Programs and Features > Select “Funmoods” and click on Uninstall

To remove from Home page:
go to Tools > Internet Options > on “Home page” section click on “Use Default” Then click on “OK”

To remove from search engine:
go to Tools > Internet Options > on “Search” section click on “Settings” > select “Live Search” or “Google” or “Bing” and click on “Set Default” > select “Search” and click on “Remove” > OK > OK
New tab (Internet Explorer 8-9)
go to Tools > Internet Options > on “Tabs” section click on “Settings” > on “When a new tab is opened, open:” select “The new tab page” > OK > OK

----------------------------------

In Chrome, to remove toolbar:
Open Chrome, go to Options menu > Tools > Extensions > Click on the “bin” to remove

To remove as homepage:
Open Chrome, go to Options menu > Settings > on the “Appearance” section, check the “Show Home button” > Change > select “Use the New Tab page”

To remove as search engine:
Go to your browser----Click on the tools icon---- options------Change search defaults ----- settings ----- click the name of your preferred search engine---- set as default---- (to remove Funmoods search)----select Funmoods ----remove---- okay
-Or-
Open Chrome, go to Options menu > Settings > on the “Search” section choose Google on the drop down menu
For a step by step uninstall and reset homepage guide, please watch our tutorial: http://www.youtube.com/watch?v=dT5PWzLDptc


Kindly

Alex
Support Agent
0
0
EmperorNorton47
I seem to have picked it up in connection with a download on Cnet. Lot of work to be rid of it. Norton caught it starting to insert itself, but it still appeared. There should be laws against this kind of thing.
0
0
Omaps
Malware Bytes detected 11 items from Funmoods. I deleted them and opened Firefox - its still there if you open a new tab!
0
0
Ally
I installed a youtube downloader program, that I downloaded from cnet.com, I thought it was a safe website that tried out programs before suggesting them, I was soooo wrong, even though I declined all the free crap it offered to install when installing the youtube downloader, it installed the fun moods search engine that took over my home page and other crap as well, Im giving malware bytes a try, hope it helps, ad-aware didnt help, neither did hijack this which used to work before.

i had installed ad-aware last night, and this morning the funmoods search home page came up again but after a couple of minutes seemed to go away on its own......(could it be the ad-aware program working on the background?) Im still not convinced with a sensation of (the killer seems to be dead but hes not really dead) so I installed and currently running malware bytes.
0
0
Cévéo
A user of FIREFOX, I ran the latest version of version of MBAM which detected 6 and deleted 6 entries. This I did yesterday. Funwoods however continued to substitute itself to Google. Whereupon, as mad as hell, I sent a message to their support center to tell them in harsh and angry terms to get their stowaway add-on from my computer.

This very morning, having repeated yesterday’s run of MBAM, the program again detected 2 presences, which I had removed. I then started up FIREFOX and discovered that Funwoods seemed to have disappeared from the navigator or Google search engine. Haven’t the faintest idea of what happened and if Funwoods is going to stay totally away from my PC.

Combined effect of both MBAM and my angry mail, or only one or the other?
Whatever the case, this raises the following point : could it be that Funwoods is in a position or has the means and tools to have access to the innards of my Windows XP ? And do whatever it wants: such as removing the unwanted malware when called for or requested? A rather very disturbing and disquieting thougt for all of us.
0
0
ira
I had install new Malwarebites Anti-Malware - it did not even recognized funmoods. bad advise.
1
0
Lyn
I DID IT! On Google Chrome though, I went through settings and extensions and saw that blue chat demon and I clicked the trash bin next to it. and to be sure I used Malware, Spybot, CCleaner, and Spyhunter. I dont really know what made the demon leave but SUCCESS
0
0
Geoff
I downloaded Spybot, but that didnt work and Spybots own websit suggests downloading and scanning with Malwarebytes, which did find funmoods and deleted it. I just had to go into browser settings and delete funmoods manually from Search Providers (under Manage add-ons in Vista) and change my home page back to what I wanted, and hey presto, sorted.
0
0
GONE!!!
Howdy yall,
I went ahead and ran the free version of malwarebytes, then went into firefox and removed the addons (it had installed dealcabby, funmoods, a couple others) and its gone. malwarebytes wiped funmoods out of the registry (there were about 30 hits). A quick scan does the trick
0
1
behrang
answer me!?!?!?!
0
1
behrang
i have got an ipad 2 from this website
is this true that this website give some people gifts!!!!!!?!?!?!?!
0
0
Kathleen
Update your anti-spyware program. If you do not cuernrtly have a spyware removal program, there are many free, highly regarded software downloads.Disconnect your computer from the Internet. Even if you have Internet Explorer closed, as long as there is a connection available, the spyware may be connecting and causing damage. Unplug your computer from its modem or the modem from the wall.Check your Add/Remove Programs list from the control panel. If you see a spyware program listed, uninstall it. If you see a program you are not familiar with but are unsure whether it is spyware, check it out before removing it.Run your antispyware program. If you run it and are still receiving pop-ups, especially if you are still disconnected from the Internet, turn your computer off. Start it again and press the F8 key repeatedly until you see the Safe Mode option. Run the antispyware program while your computer is in safe mode. Revert your system to a date in time prior to the spyware infiltration. Go to the Start menu and point to All Programs. Point to Accessories and then point to System Tools. Click System Restore and follow the instructions on the System Restore Wizard.
0
0
overload
to remove funmoods and all related search agents and files just goto/start /search/ type - funmoods / then delete all entrys related to this program job done
3
0
tqs
To anyone using google chrome and got affected by funmoods, I tried going to Setting - Extension. Theres the funmoods and New Tab 5.1 (i think) but below it theres "funmoods" so it shouldnt be so hard to find. Just remove both of them by clicking the "Trash" icon beside it. :) I managed to get rid of it! So, good luck to you.
0
0
Rory
Seems to have done the trick.. shot Kat! Also managed to get rid of it on my Firefox using a similar technique.. again... thanks Kat :)
0
0
Rory
My bad.. meant tqs... YOU ROCK!.. who ever you are
0
0
Rory
Oh sh*t... spoke too soon :(
0
0
or
Thanks... works great for me :)
0
0
Melanie
Cant get rid of it! I have used malewarebytes, CC Cleaner, spybot, and removed several items from registry. I didnt want to purchase spyhunter, but used the free version after each scan & reboot to see if the problems would disappear. They finally did, but they are BACK again! Not sure what to do now! Just sent Funmoods a message for removal assistance - fat chance-Im sure! Good luck everyone!
More comments...

Post Comment

Attention: Use this form only if you have additional information about FunMoods parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name



«

(All fields are required)
Like us on Facebook
News
Subscribe
Ask us
Parasites
Tags
Files
What's your antispyware?
Compare
I failed to remove FunMoods using SpyHunter.

Email


Close
add text box
rss feed
help other
Spreading the knowledge: It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!