CustomCLSID: HKU\S-1-5-21-872580572-3677183479-2035353063-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?
HKU\S-1-5-21-872580572-3677183479-2035353063-1000\...\MountPoints2: K - K:\LaunchU3.exe -a
 HKU\S-1-5-21-872580572-3677183479-2035353063-1000\...\MountPoints2: {476004d4-edba-11e1-a566-446d5756518c} - K:\LaunchU3.exe -a
 HKU\S-1-5-21-872580572-3677183479-2035353063-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
 SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
 SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
 2014-11-13 17:36 - 2014-11-13 17:36 - 00000000 ____D () C:\Users\Owner\AppData\Local\{29C05ACA-F6E5-4E99-B65C-2C0D40341B20}
 2014-11-12 18:20 - 2014-11-12 18:20 - 00000000 ____D () C:\Users\Kim\AppData\Local\{E8C4344E-DFBE-4479-9543-AD35EA4FC1C3}
 2014-11-12 17:59 - 2014-11-12 17:59 - 00000000 ____D () C:\Users\Owner\AppData\Local\{06E9571C-5B64-4DBF-9A94-D7ED710403BC}
 EmptyTemp: