FunMoods
FunMoods Description
FunMoods may be classified as either adware or as a PUP (Potentially Unwanted Program) due to its predilection for inserting advertisements into online searches and its disingenuous installation/removal methods. While FunMoods is marketed in the form of an add-on that helps Chrome display various emoticons and smiley faces, FunMoods also includes other features that are less desirable than a smile, such as changing your browser settings to display a different homepage, altering your search results and requiring additional effort to be deleted from your PC. While SpywareRemove.com malware researchers can’t classify FunMoods as anything worse than a low-level PC threat, if you do need to get rid of FunMoods, anti-malware scans should be considered the most efficient means of doing so.FunMoods and the Smile That Darkens Your Day
Like other would-be emoticon plugins like SweetIM or Facemoods, FunMoods is a browser extension that offers a legitimate feature alongside various functions that FunMoods keeps quiet about – until after you download FunMoods and find out what FunMoods does for yourself.
While FunMoods does offer the smiley package that FunMoods claims to have, malware researchers have also seen other features in FunMoods of questionable merit, as listed here:
- FunMoods may change Chrome’s homepage (to start.funmoods.com, home.funmoods.com or another self-promoting site) and reset this change if you attempt to undo it.
- FunMoods may place irrelevant advertising links in your online search results.
- FunMoods may change your default search engine to one of its own preference.
- Even removing FunMoods is made unnecessarily difficult, and SpywareRemove.com malware research team especially emphasizes that using Control Panel to uninstall FunMoods still will leave many of FunMoods’s changes on your PC.
Detecting FunMoods once FunMoods is aboard shouldn’t prove to be any kind of problem since FunMoods visibly alters Chrome’s interface to include an additional toolbar for itself.
Kicking the FunMoods PUP to the Curb
FunMoods is often installed in freeware packages (such as Video Grabber or PDF Creator), although, in most cases, FunMoods-free versions of said software are available at reputable websites.
Strong browser protection, anti-malware software and a willingness to avoid suspicious applets, surveys and advertisements can all serve you well in keeping FunMoods’s smiling face away from your PC. Deleting FunMoods, as in most cases with various types of adware and PUPs, should be handled by any available anti-malware program that’s at your disposal.
FunMoods Automatic Detection Tool (Recommended)
Is your PC infected with FunMoods? To safely & quickly detect FunMoods, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect FunMoods
What happens if FunMoods does not let you open SpyHunter or blocks the Internet?
Visual & GUI Characteristics
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read
the tutorials on how to find malware,
kill unwanted processes,
remove malicious DLLs and
delete other harmful files. Always be
sure to back up your PC before making any changes.
- The following files were created in the system:
# File Name Detection Count 1 %USERPROFILE%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh 672 2 %USERPROFILE%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj 665 3 %LOCALAPPDATA%\funmoods-speeddial_sf.crx 379 4 %LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh 337 5 %APPDATA%\Funmoods 330 6 %PROGRAMFILES(x86)%\Funmoods 183 7 %USERPROFILE%\AppData\LocalLow\Funmoods 37 8 %PROGRAMFILES%\Funmoods 28 9 C:\ Users\ otros\ AppData\ Roaming\ Funmoods\ UpdateProc\ UpdateTask.exe 16 10 %USERPROFILE%\Local Settings\Application Data\funmoods.crx 14 11 %ProgramFiles%\Funmoods\1.5.23.22\escortShld.dll N/A 12 %ProgramFiles%\Funmoods\1.5.23.22\escorTlbr.dll N/A 13 %ProgramFiles%\Funmoods\1.5.23.22\funmoodssrv.exe N/A 14 %ProgramFiles%\Funmoods\1.5.23.22\escortApp.dll N/A 15 %ProgramFiles%\Funmoods\1.5.23.22\uninstall.exe N/A 16 %AppData%\funmoods.crx N/A
Registry Modifications
Tutorial: To edit and delete registry entries manually, read the tutorial on
how to remove malicious registry entries.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
- The following newly produced Registry Values are:
HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}funmoodsHKEY..\..\..\..{RegistryKeys}Software\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\escort.DLLHKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\escortApp.DLLHKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\escortEng.DLLHKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\escorTlbr.DLLHKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\esrv.EXEHKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\esrv.EXE - The following CLSID's were detected:
HKEY..\..\{CLSID Path} {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}\InstlHKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}\Instl\DataHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}\LocalServer32HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}\ProgIDHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}\ProgrammableHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}\TypeLibHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}\VersionIndependentProgIDHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\InprocServer32HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ProgIDHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ProgrammableHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\TypeLibHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\VersionIndependentProgIDHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\InprocServer32HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\ProgIDHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\ProgrammableHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\TypeLibHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\VersionIndependentProgIDHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\InprocServer32HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\ProgIDHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\ProgrammableHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\TypeLibHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\VersionIndependentProgIDHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\InprocServer32HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\ProgIDHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\ProgrammableHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\TypeLibHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\VersionIndependentProgIDHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\InprocServer32HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\ProgIDHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\ProgrammableHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\TypeLibHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\VersionIndependentProgIDHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}\ProxyStubClsidHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}\ProxyStubClsid32HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}\TypeLibHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}\ProxyStubClsidHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}\ProxyStubClsid32HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}\TypeLibHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}\ProxyStubClsidHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}\ProxyStubClsid32HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}\TypeLibHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}\ProxyStubClsidHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}\ProxyStubClsid32HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}\TypeLibHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}\ProxyStubClsidHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}\ProxyStubClsid32HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}\TypeLibHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}\ProxyStubClsidHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}\ProxyStubClsid32HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}\TypeLibHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}\ProxyStubClsidHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}\ProxyStubClsid32HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}\TypeLibHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}\ProxyStubClsidHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}\ProxyStubClsid32HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}\TypeLibHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}\ProxyStubClsidHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}\ProxyStubClsid32HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}\TypeLibHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}\ProxyStubClsidHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}\ProxyStubClsid32HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}\TypeLibHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}\ProxyStubClsidHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}\ProxyStubClsid32HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}\TypeLibHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}\ProxyStubClsidHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}\ProxyStubClsid32HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}\TypeLibHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}\ProxyStubClsidHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}\ProxyStubClsid32
Posted: January 18, 2012 | By SpywareRemove
MoreThreat Level: 5/10
(1 votes, average: 5.00 out of 5)
Loading ...Rate this article:
Detection Count: 50,048
Please remove funmoods and replace MSN.com canada in french. Thank you
funmoods is blocking my explorer homepage. how can i restore it.
Need Funmoods removed
newsflash, computer can do math too…heh…but yeah, I am human. seems like a simple question/answer would deal with THAT issue. I am really upset about this funmoods thing. I thought I had gotten rid of it some time back, but yesterday I opened my browser after having shut down for a few hours, and guess WHAT? You GOT IT! I hadn’t downloaded anything, but this sh*t appeared out of the blue just the same, and no matter what, it keeps reinserting itself where google should be. This is on IE, I seem to have it quelled on Chrome for the time being. But on IE, it will NOT allow any search to be available other than itself. I am so FED UP with crap like this. I want to beat the SNOT out of whomever is responsible for this spawn from hell!
Please remove funmoods and restore google chrome. Thank you so much
i need to uninstall funmoods search
coulod you please remove funmoods and restore google
please remove funmoods and put it back to google. thank you
New virus alert: Sex_TV_Ευ .exe Sun Jan 16, 2011 17:32 pm This backdoor is sent by e-mail or by a inntast messaging program. If you click on a link like hxxp://sat2.110mb.com/w/data/Sex_TV_%26%23917%3B%26%23965%3B%26%23961%3B%26%239 you will be asked to download a archive. Its detection is 16 /41 (39.0%) on VirusTotal. If you run it, the virus will create %ProgramFiles%Outlook Expres .exe file and these registry entries: HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{A3DCBA6B-C972-F007-9714-B49CC35869CE} HKEY_LOCAL_MACHINESOFTWAREBifrost HKEY_LOCAL_MACHINESYSTEMControlSet001ControlMediaResourcesmsvideo
FunMoods "piggybacked" on to my PC with an Adobe download how the hell does one get rid of it?
Remove Funmoods and replace MSN.com
I just want it gone.
remove funmoods restore google