CloseProcesses:
CustomCLSID: HKU\S-1-5-21-1218409403-638510066-2772475861-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1218409403-638510066-2772475861-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
C:\Users\Main Account\13-9_win7_win8_64_dd_ccc_whql.exe
EmptyTemp:
Start
CustomCLSID: HKU\S-1-5-21-1218409403-638510066-2772475861-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?
HKU\S-1-5-21-1218409403-638510066-2772475861-1000\...\MountPoints2: F - F:\Autoplay.exe -auto
HKU\S-1-5-21-1218409403-638510066-2772475861-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
EptyTemp:
End