CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-1422646263-2310165737-2160699533-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Del5288808] => cmd.exe /Q /D /c del "C:\Users\Rasuka\AppData\Local\Temp\0.del" <===== ATTENTION
HKU\S-1-5-21-1422646263-2310165737-2160699533-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Del8716821] => cmd.exe /Q /D /c del "C:\Users\Rasuka\AppData\Local\Temp\0.del" <===== ATTENTION
URLSearchHook: HKU\S-1-5-21-1422646263-2310165737-2160699533-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (No Name) - {341f4dac-1966-47ff-aacf-0ce175f1498a} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1422646263-2310165737-2160699533-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {279560F9-9C70-4028-9C2D-E477D827903C} URL = 
Toolbar: HKU\S-1-5-21-1422646263-2310165737-2160699533-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-1422646263-2310165737-2160699533-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {341F4DAC-1966-47FF-AACF-0CE175F1498A} -  No File
2014-12-28 08:20 - 2014-12-28 08:20 - 00000000 _____ () C:\Users\Rasuka\AppData\Local\{D7C78B3C-29B7-4F9D-9D6D-05D8D4771822}
C:\Users\Rasuka\AdobeCreativeCloudCleanerTool.exe
C:\Program Files (x86)\Disney Interactive Studios\Disney Epic Mickey 2
C:\Users\All Users\Microsoft\Secure
C:\Users\All Users\xTtqYNb
C:\Users\Rasuka\AppData\Roaming\Mozilla\Firefox\Profiles\qsbpguso.default\extensions\{5E4F9775-29AA-B3DE-1B89-ACFEC3B3DBC7}
C:\Users\Rasuka\New folder (2)\Mabinogi\Pleione.dll
C:\Users\Rasuka\New folder (3)\Tangled\Jaybob's_Movies_Toolbar_Internet Explorer.exe
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Icon Handler x64 (Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /F
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
EmptyTemp: