HKU\S-1-5-21-1873665500-3012039058-2538343305-1001\...\Policies\Explorer: []
HKLM-x32\...\Run: [] => [X]
ProxyServer: http=127.0.0.1:8777;https=127.0.0.1:8777
SearchScopes: HKCU - URL http://search.condui...archTerms}=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.searc...ix={searchTerms}
BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll No File
FF DefaultSearchEngine: Conduit Search
FF SelectedSearchEngine: Conduit Search
FF Homepage: hxxp://search.conduit.com/?ctid=CT3325283&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SPAB87566A-3FA2-41E7-9EC2-7B0FDE2FF739&SSPV=
FF SearchPlugin: C:\Users\Brad Barker\AppData\Roaming\Mozilla\Firefox\Profiles\loucrkss.default\searchplugins\conduit-search.xml
C:\Users\Brad Barker\AppData\Roaming\Mozilla\Firefox\Profiles\loucrkss.default\searchplugins\conduit-search.xml
FF Extension: PacFunction - C:\Users\Brad Barker\AppData\Roaming\Mozilla\Firefox\Profiles\loucrkss.default\Extensions\{19854aff-7c07-4859-9831-cd028ac55dd0}.xpi [2014-03-20]
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Users\Brad Barker\AppData\Local\Google\Chrome\Application\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
C:\Users\Brad Barker\AppData\Local\Google\Chrome\Application\plugins\npMozCouponPrinter.dll
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S4 yewimmxqbs64; C:\Program Files\002\yewimmxqbs64.exe [706560 2014-05-18] () [File not signed]
C:\Program Files\002
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
C:\Users\Brad Barker\jagex_cl_runescape_LIVE.dat
C:\Users\Brad Barker\random.dat
C:\Users\Brad Barker\AppData\Local\Temp\032939rr.exe
C:\Users\Brad Barker\AppData\Local\Temp\6_Offer_13.exe
C:\Users\Brad Barker\AppData\Local\Temp\f.exe
C:\Users\Brad Barker\AppData\Local\Temp\ins.exe
C:\Users\Brad Barker\AppData\Local\Temp\nsb63CA.exe
C:\Users\Brad Barker\AppData\Local\Temp\nsb8553.exe
C:\Users\Brad Barker\AppData\Local\Temp\nsc1588.tmp.exe
C:\Users\Brad Barker\AppData\Local\Temp\nsl8988.exe
C:\Users\Brad Barker\AppData\Local\Temp\nsq67D0.exe
C:\Users\Brad Barker\AppData\Local\Temp\nss8CC0.exe
C:\Users\Brad Barker\AppData\Local\Temp\nsv5FB3.exe
C:\Users\Brad Barker\AppData\Local\Temp\nsw8DBE.exe
C:\Users\Brad Barker\AppData\Local\Temp\SearchProtectINT.exe
Task: {5A5AE01D-F484-4503-AD38-0CA8FB451C47} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION