start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml.dll,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf> (the data entry has 243 more characters). <==== Poweliks!
HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-3595834773-1647143225-1819946379-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
C:\ProgramData\hash.dat
C:\Users\David\jagex_cl_runescape_LIVE.dat
C:\Users\David\random.dat
CustomCLSID: HKU\S-1-5-21-3595834773-1647143225-1819946379-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3595834773-1647143225-1819946379-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3595834773-1647143225-1819946379-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3595834773-1647143225-1819946379-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml.dll,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf> (the data entry has 251 more characters). <==== Poweliks?
CustomCLSID: HKU\S-1-5-21-3595834773-1647143225-1819946379-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-21-3595834773-1647143225-1819946379-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION!
emptytemp:
Reboot:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
CMD: ipconfig /flushdns
end