CreateRestorePoint:
URLSearchHook: HKU\S-1-5-21-1422646263-2310165737-2160699533-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (No Name) - {6c3bc03f-d7b9-43ac-8931-c242e3cae971} - No File
URLSearchHook: HKU\S-1-5-21-1422646263-2310165737-2160699533-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (No Name) - {341f4dac-1966-47ff-aacf-0ce175f1498a} - No File
HKU\S-1-5-21-1422646263-2310165737-2160699533-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Del5288808] => cmd.exe /Q /D /c del "C:\Users\Rasuka\AppData\Local\Temp\0.del" <===== ATTENTION
HKU\S-1-5-21-1422646263-2310165737-2160699533-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Del8716821] => cmd.exe /Q /D /c del "C:\Users\Rasuka\AppData\Local\Temp\0.del" <===== ATTENTION
C:\Users\Rasuka\AppData\Local\Temp\0.del
HKU\S-1-5-21-1422646263-2310165737-2160699533-1001\...\Run: [YRPack] => regsvr32.exe C:\Users\Rasuka\AppData\Local\YRPack\ExGLCres54.dll <===== ATTENTION
C:\Users\Rasuka\AppData\Local\YRPack
HKU\S-1-5-21-1422646263-2310165737-2160699533-1001\...\Run: [Ofics] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Rasuka\AppData\Local\IWsoft\Dfrgmon2.dll
C:\Users\Rasuka\AppData\Local\IWsoft
HKU\S-1-5-21-1422646263-2310165737-2160699533-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [YRPack] => regsvr32.exe C:\Users\Rasuka\AppData\Local\YRPack\ExGLCres54.dll <===== ATTENTION
HKU\S-1-5-21-1422646263-2310165737-2160699533-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Ofics] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Rasuka\AppData\Local\IWsoft\Dfrgmon2.dll
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1422646263-2310165737-2160699533-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1422646263-2310165737-2160699533-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1422646263-2310165737-2160699533-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {279560F9-9C70-4028-9C2D-E477D827903C} URL = 
SearchScopes: HKU\S-1-5-21-1422646263-2310165737-2160699533-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1422646263-2310165737-2160699533-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {17AB2B29-6ACE-46AD-8F64-B68BE905FD42} URL = http://ca.search.yah...p={SearchTerms}
SearchScopes: HKU\S-1-5-21-1422646263-2310165737-2160699533-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {2FEA9F96-D83A-4CD2-A535-672FE43303CF} URL = http://websearch.ask...CB-3666E76F966D
SearchScopes: HKU\S-1-5-21-1422646263-2310165737-2160699533-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.co...1I7LENN_enCA498
SearchScopes: HKU\S-1-5-21-1422646263-2310165737-2160699533-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {70BA3E6B-1059-2266-0B2C-40E4A85231B8} URL = http://www.ddlstart....eferrer:source}
SearchScopes: HKU\S-1-5-21-1422646263-2310165737-2160699533-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={FF5D710C-5738-4FFF-9748-51E1CB0928F1}&mid=c7b73156215347d0b0f2d5343d3d5734-fed77a202c9cf31e9f193f7498c12a3171a40e6f&lang=en&ds=gm011&pr=sa&d=2013-03-26 08:02:34&v=15.0.0.2&pid=safeguard&sg=2&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1422646263-2310165737-2160699533-1001 -> {E9FFB269-B854-4761-8C1C-BC5F324335E3} URL = http://ca.search.yah...p={SearchTerms}
SearchScopes: HKU\S-1-5-21-1422646263-2310165737-2160699533-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {E9FFB269-B854-4761-8C1C-BC5F324335E3} URL = http://ca.search.yah...p={SearchTerms}
BHO-x32: No Name -> {452ADB5B-00BE-469D-A65F-3046146B2ED5} ->  No File
Toolbar: HKU\S-1-5-21-1422646263-2310165737-2160699533-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {6C3BC03F-D7B9-43AC-8931-C242E3CAE971} -  No File
Toolbar: HKU\S-1-5-21-1422646263-2310165737-2160699533-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {341F4DAC-1966-47FF-AACF-0CE175F1498A} -  No File
Handler: WSAMVCUchrome - {086BD280-4613-43B5 -  No File
Winsock: Catalog9 12 %SystemRoot%\system32\vsocklib.dll File Not found ()
Winsock: Catalog9 13 %SystemRoot%\system32\vsocklib.dll File Not found ()
Winsock: Catalog9-x64 12 %SystemRoot%\system32\vsocklib.dll File Not found ()
Winsock: Catalog9-x64 13 %SystemRoot%\system32\vsocklib.dll File Not found ()
FF Extension: No Name - C:\Users\Rasuka\AppData\Roaming\Mozilla\Firefox\Profiles\qsbpguso.default\Extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}.oldbackup [2013-04-12]
CHR HKU\S-1-5-21-1422646263-2310165737-2160699533-1001\...\Chrome\Extension: [cdipjefcbnbcjgpgbgmpmcmgbmpjpjae] - No Path
CHR HKU\S-1-5-21-1422646263-2310165737-2160699533-1001\...\Chrome\Extension: [cgpimkfhjdaobobdomcikioipaenlhke] - No Path
CHR HKU\S-1-5-21-1422646263-2310165737-2160699533-1001\...\Chrome\Extension: [effmnknpfaiehkmalhaggnbglpbkhane] - No Path
CHR HKU\S-1-5-21-1422646263-2310165737-2160699533-1001\...\Chrome\Extension: [neebgdeaohaofdhldpobdpfocdonmgki] - No Path
CHR HKU\S-1-5-21-1422646263-2310165737-2160699533-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Chrome\Extension: [cdipjefcbnbcjgpgbgmpmcmgbmpjpjae] - No Path
CHR HKU\S-1-5-21-1422646263-2310165737-2160699533-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Chrome\Extension: [cgpimkfhjdaobobdomcikioipaenlhke] - No Path
CHR HKU\S-1-5-21-1422646263-2310165737-2160699533-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Chrome\Extension: [effmnknpfaiehkmalhaggnbglpbkhane] - No Path
CHR HKU\S-1-5-21-1422646263-2310165737-2160699533-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Chrome\Extension: [neebgdeaohaofdhldpobdpfocdonmgki] - No Path
CHR HKLM-x32\...\Chrome\Extension: [cdipjefcbnbcjgpgbgmpmcmgbmpjpjae] - No Path
CHR HKLM-x32\...\Chrome\Extension: [cgpimkfhjdaobobdomcikioipaenlhke] - No Path
CHR HKLM-x32\...\Chrome\Extension: [effmnknpfaiehkmalhaggnbglpbkhane] - No Path
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path
CHR HKLM-x32\...\Chrome\Extension: [neebgdeaohaofdhldpobdpfocdonmgki] - No Path
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]
2014-12-26 18:54 - 2014-12-26 18:54 - 00000000 ____D () C:\Users\Rasuka\AppData\Roaming\fijryhfa
2014-12-24 19:06 - 2014-12-24 19:06 - 00000000 ____D () C:\Users\Rasuka\AppData\Roaming\gnqunwbz
2014-12-23 21:21 - 2014-12-23 21:48 - 00000000 ____D () C:\Users\Rasuka\AppData\Roaming\qxdbanzr
2014-12-21 17:40 - 2014-12-21 17:40 - 00000000 ____D () C:\Users\Rasuka\AppData\Roaming\qtpcszcz
2014-12-21 15:30 - 2014-12-21 15:30 - 00000000 ____D () C:\Users\Rasuka\AppData\Roaming\sxkykjhe
2014-12-21 14:57 - 2014-12-21 14:57 - 00000000 ____D () C:\Users\Rasuka\AppData\Roaming\ovqzwhds
2014-12-21 14:51 - 2014-12-21 14:51 - 00000000 ____D () C:\Users\Rasuka\AppData\Roaming\vaovhrak
C:\Users\Rasuka\ChromeSetup.exe
C:\Users\Rasuka\Setup.exe
C:\Users\Rasuka\SkypeSetupFull.exe
CustomCLSID: HKU\S-1-5-21-1422646263-2310165737-2160699533-1001_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> C:\Users\Rasuka\AppData\Roaming\ovqzwhds\tivesen.dll () <==== ATTENTION
Task: {6EBE2D24-B182-4F48-A502-0039FF69469B} - System32\Tasks\Microsoft\9a1b17f20e0af55e311550975b4aa24a => C:\Users\Rasuka\AppData\Roaming\DownloadManager\Loader.exe <==== ATTENTION
C:\Users\Rasuka\AppData\Roaming\DownloadManager
Task: {74299258-8DAF-4BEF-9CDA-F9F30E7729E0} - System32\Tasks\Microsoft\a3d90235e1136671ab1195c6078184ff => C:\Users\Rasuka\AppData\Roaming\DownloadManager\Updater.exe <==== ATTENTION
Task: {C4E8C87A-F194-4320-8F46-807C437755C2} - System32\Tasks\4796 => Wscript.exe C:\Users\Rasuka\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {E6627E38-1E4B-47A9-BB9B-716B61F7A950} - System32\Tasks\Security Center Update - 2607807786 => C:\Users\Rasuka\AppData\Roaming\Usmexe\uhzut.exe <==== ATTENTION
C:\Users\Rasuka\AppData\Roaming\Usmexe
Task: {ED767B26-1937-459B-9C14-E6263B654D6B} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: C:\Windows\Tasks\SpeedyPC Pro_sch_DCF3584B-8D31-11E4-833B-9C4E3627E7DC.job => C:\Program Files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:AD022376
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\18545332.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\29763148.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\18545332.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\29763148.sys => ""="Driver"
EmptyTemp: