start
Folder: C:\Users\Joe\Downloads
HKLM-x32\...\Run: [] => [X]
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2455} URL = http://start.funmood...B&cr=2052334314
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2455}
SearchScopes: HKLM-x32 - {3BC3F432-D4A2-4476-B853-3AF0E39879A5} URL = http://search.fantas...q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2455} URL = http://start.funmood...B&cr=2052334314
BHO-x32: No Name -> {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} -> No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /F
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder" /F
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2455} URL =
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
EmptyTemp:
end