start
createrestorepoint:
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1684360 2015-05-26] (APN)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
HKU\S-1-5-21-2985085416-437969470-2083931593-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-2985085416-437969470-2083931593-1001\...\RunOnce: [Application Restart #3] => C:\Users\Intaaf\AppData\Local\Pokki\Engine\HostAppService.exe [7853568 2015-05-29] (Pokki)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2985085416-437969470-2083931593-1001 -> DefaultScope {9BA0FB58-AB0F-11E4-82AB-3065EC1FE5DD} URL =
SearchScopes: HKU\S-1-5-21-2985085416-437969470-2083931593-1001 -> {20EC2ED0-4A5F-4C70-9F80-0EC138D4A715} URL =
BHO: SpoaiceOfffErs -> {54028CE4-98F6-4517-801F-F3092737DB77} -> C:\Program Files (x86)\SpoaiceOfffErs\S5SlecoD8NF8kL.x64.dll [2015-06-14] ()
BHO: bestadblocker -> {619e0da7-04de-4947-a578-865438767d38} -> C:\Program Files (x86)\bestadblocker\pK88I7fG7GcwjT.x64.dll No File
BHO: DigiCoupOn -> {D09AEFC4-92A7-4C7B-9824-0796D0994ECD} -> C:\Program Files (x86)\DigiCoupOn\MmwX8lSstHzzkT.x64.dll [2015-06-21] ()
BHO: DiigiCooupon -> {E2C9AB5A-0710-4AEF-B8CC-016324C7DEFD} -> C:\Program Files (x86)\DiigiCooupon\JW5I78wWLeRDF2.x64.dll [2015-06-21] ()
FF Extension: SpoaiceOfffErs - C:\Users\Intaaf\AppData\Roaming\Mozilla\Firefox\Profiles\gmfquphl.default-1432440194719\Extensions\C3SQ@1L3u.org [2015-06-14]
FF Extension: ActiveCoupon - C:\Users\Intaaf\AppData\Roaming\Mozilla\Firefox\Profiles\gmfquphl.default-1432440194719\Extensions\lktciytevwbthpob@fjqhasijukgwnsazim.edu [2015-06-14]
FF Extension: DigiCCoupoon - C:\Users\Intaaf\AppData\Roaming\Mozilla\Firefox\Profiles\gmfquphl.default-1432440194719\Extensions\p@2Fm5J.org [2015-06-22]
CHR Extension: (SpoaiceOfffErs) - C:\Users\Intaaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjocmbnibidjdonphngeljcdfncdange [2015-06-14]
CHR Extension: (Twitch Now) - C:\Users\Intaaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2015-06-21]
CHR Extension: (XKit) - C:\Users\Intaaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2015-03-25]
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [222168 2013-01-29] (Soluto)
C:\Program Files\Soluto
2015-06-21 23:59 - 2015-06-26 16:26 - 00000000 ____D C:\Program Files (x86)\Twitch Now
2015-06-21 23:57 - 2015-06-23 20:39 - 00000000 ____D C:\Program Files (x86)\DigiCoupOn
2015-06-21 23:56 - 2015-06-23 20:39 - 00000000 ____D C:\Program Files (x86)\DiigiCooupon
2015-06-21 23:56 - 2015-06-21 23:56 - 00000000 ____D C:\Program Files (x86)\DigiCCoupoon
2015-06-14 13:00 - 2015-06-23 22:09 - 00000000 ____D C:\Program Files (x86)\SoftwarePlus
2015-06-14 12:58 - 2015-06-23 20:39 - 00000000 ____D C:\Program Files (x86)\SpoaiceOfffErs
2015-06-06 00:32 - 2015-06-14 12:58 - 00000000 ____D C:\Program Files (x86)\ExsttruaSavings
2015-06-06 00:31 - 2015-06-06 00:31 - 00000000 ____D C:\Program Files (x86)\ExsTraSavings
2013-10-23 08:04 - 2013-10-23 08:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-05-23 18:06 - 2015-06-22 22:47 - 0000024 _____ () C:\Users\Intaaf\AppData\Roaming\appdataFr25.bin
C:\Users\Intaaf\AppData\Local\Pokki\
FirewallRules: [{B033445B-2D41-4AE2-9509-244CF1FC5A69}] => (Allow) C:\Program Files\Soluto\SolutoCleanup.exe
FirewallRules: [{3B618E56-EBCB-4C41-BF3C-287602994CC2}] => (Allow) C:\Program Files\Soluto\SolutoConsole.exe
FirewallRules: [{AD489391-34FA-4767-8EB2-94B8DD8457C2}] => (Allow) C:\Program Files\Soluto\SolutoUpdateService.exe
FirewallRules: [{EED50F83-55A8-4F2D-BFB5-3C0A6E0AF4A7}] => (Allow) C:\Program Files\Soluto\SolutoService.exe
FirewallRules: [{B22ACB4B-C331-4657-9EFA-E46D4AA98B62}] => (Allow) C:\Program Files\Soluto\Soluto.exe
emptytemp:
end