start
HKU\S-1-5-21-2415027249-2678240935-1149817058-1000\...\MountPoints2: {6a3ddb5e-8007-11e0-b6cb-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-2415027249-2678240935-1149817058-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
Task: {90D1C5DA-8B4D-4D36-A583-8A67B58BD1E8} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
Task: {FD4DD947-1A91-41D5-9C51-D1E9DF356EDE} - System32\Tasks\4772 => Wscript.exe C:\Users\Isaiah\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
AlternateDataStreams: C:\Users\Isaiah\AppData\Local\Temporary Internet Files:TgBuoQNbxqgK7XsGm7cHVlyn5X
CustomCLSID: HKU\S-1-5-21-2415027249-2678240935-1149817058-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?
Task: {08086561-BBD9-4A14-9EFD-811B454F5B81} - System32\Tasks\{E150B5A6-F58C-48B3-99B6-4C6342C85C24} => D:\install\Windows\setup.exe [1996-02-18] (Stirling Technologies, Inc.)
Task: {C2DABF82-B4CA-4F32-BFE9-8B4638702B55} - System32\Tasks\{B940B5F5-1C75-4D50-AE6E-A9F19B6455AE} => D:\install\Windows\setup.exe [1996-02-18] (Stirling Technologies, Inc.)
Task: {6CE81482-90D0-480F-B146-38A8D9298FA6} - System32\Tasks\{65766CF5-A7DA-41CC-9B29-2B8C780F5570} => D:\CDSetup.exe
Task: {7F1B87BB-B67C-4638-8F8D-DA311C26F63B} - System32\Tasks\{9E57279F-6959-4343-A583-985111E1F9DD} => D:\CDSetup.exe
2014-10-13 19:36 - 2014-10-13 19:36 - 00002924 _____ () C:\Windows\System32\Tasks\{E150B5A6-F58C-48B3-99B6-4C6342C85C24}
2014-10-13 19:36 - 2014-10-13 19:36 - 00002924 _____ () C:\Windows\System32\Tasks\{B940B5F5-1C75-4D50-AE6E-A9F19B6455AE}
2014-10-09 17:14 - 2014-10-09 17:14 - 00000000 _____ () C:\Windows\system32\eesujmg.dll
emptytemp:
CloseProcesses:
end