CreateRestorePoint:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2912795306-1733492519-829098707-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.genieo...08,19841,UN,0,6
URLSearchHook: HKU\S-1-5-21-2912795306-1733492519-829098707-1000 - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://vosteran.com/...=1182803608&ir=
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\.DEFAULT -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/w...q={SEARCHTERMS}
SearchScopes: HKU\S-1-5-19 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/w...q={SEARCHTERMS}
SearchScopes: HKU\S-1-5-20 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/w...q={SEARCHTERMS}
SearchScopes: HKU\S-1-5-21-2912795306-1733492519-829098707-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://vosteran.com/...=1182803608&ir=
SearchScopes: HKU\S-1-5-21-2912795306-1733492519-829098707-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://vosteran.com/...=1182803608&ir=
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
FF user.js: detected! => C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\user.js [2015-02-16]
FF SearchPlugin: C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\searchplugins\dsrlte1.xml [2015-03-27]
FF SearchPlugin: C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\searchplugins\my-homepage.xml [2015-05-07]
FF SearchPlugin: C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\searchplugins\search-simple.xml [2015-03-27]
FF SearchPlugin: C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\searchplugins\Vosteran.xml [2015-01-17]
FF Extension: Yahoo! Toolbar - C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2015-02-16]
FF Extension: Solution Real 1.0.1 - C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\Extensions\{6e9af5d3-a8f9-4461-ad38-1433888f55dc}.xpi [2015-01-17]
CHR HomePage: Default -> hxxp://vosteran.com/?f=1&a=vst_coinis_15_03_ff&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtCzz0AzyyB0E0E0CtBtDtN0D0Tzu0StCtCtCtBtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2StC0Czz0Dzz0FyC0DtG0EzzyEyBtGyCtD0EyBtG0AyCzztDtGtCyCyB0F0C0E0AtA0DtDyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0E0D0Bzz0CyCtGtBtD0FtBtGyEtD0AtAtG0BzzyEyEtGtA0EyEtDzy0BtBtAyCtB0E0D2Q&cr=1182803608&ir=
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Extension: (Solution Real) - C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nongkkjjhbjloiienhkhphhjjlnlnbfe [2015-02-04]
CHR HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cbjibcbpmbcabnfnohhgjjmkgkimajko] - C:\Users\Tonis\AppData\Local\CRE\cbjibcbpmbcabnfnohhgjjmkgkimajko.crx [Not Found]
CHR HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kldbiondcoemmofebkcgcnbigliglcnl] - C:\Users\Tonis\AppData\Local\CRE\kldbiondcoemmofebkcgcnbigliglcnl.crx [Not Found]
CHR HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Tonis\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [cbjibcbpmbcabnfnohhgjjmkgkimajko] - C:\Users\Tonis\AppData\Local\CRE\cbjibcbpmbcabnfnohhgjjmkgkimajko.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [hphehadppenpmajgnkjdcopcfijjegaf] - C:\Program Files (x86)\Jump Flip\hphehadppenpmajgnkjdcopcfijjegaf.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [kldbiondcoemmofebkcgcnbigliglcnl] - C:\Users\Tonis\AppData\Local\CRE\kldbiondcoemmofebkcgcnbigliglcnl.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Tonis\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [Not Found]
S2 Update Solution Real; "C:\Program Files (x86)\Solution Real\updateSolutionReal.exe" [X]
S2 Util Jump Flip; "C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe" [X]
R1 {31c21995-b861-4864-ab50-4a53fbca73d4}Gw64; C:\Windows\System32\drivers\{31c21995-b861-4864-ab50-4a53fbca73d4}Gw64.sys [48784 2015-02-04] (StdLib)
C:\Windows\System32\drivers\{31c21995-b861-4864-ab50-4a53fbca73d4}Gw64.sys
R1 {6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gw64; C:\Windows\System32\drivers\{6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gw64.sys [48792 2015-01-17] (StdLib)
C:\Windows\System32\drivers\{6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gw64.sys
CustomCLSID: HKU\S-1-5-21-2912795306-1733492519-829098707-1000_Classes\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}\InprocServer32 -> C:\PROGRA~2\APPGRA~1\APPGRA~2.DLL No File
CustomCLSID: HKU\S-1-5-21-2912795306-1733492519-829098707-1000_Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}\InprocServer32 -> C:\PROGRA~2\APPGRA~1\APPGRA~2.DLL No File
Task: {04C86D5C-49C8-45A6-87D7-2CC1EDF4A4F7} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {28B48B4C-1B04-4C5F-8145-1CE5FC5B2DFD} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
Task: {2B86C4B8-CDEF-4DF9-AECA-B5297CBE9CB2} - \RegClean Pro_UPDATES No Task File <==== ATTENTION
Task: {3AADF65B-B758-4E2F-86B3-5869E40BF3DA} - System32\Tasks\4706 => Wscript.exe C:\Users\Tonis\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {548F1B22-E53A-48B2-9AA2-D895D557E72E} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {57B656DC-3884-4DF8-840C-D6C981B396F2} - \Advanced System Protector No Task File <==== ATTENTION
Task: {769CF88F-EA43-4C8A-88A3-F74F26C4D882} - \RegClean Pro_DEFAULT No Task File <==== ATTENTION
Task: {856FE23F-EE28-4E11-AAA1-0C1029D54186} - \RegClean Pro No Task File <==== ATTENTION
Task: {E4490934-409D-44DE-A832-4D7E4C050292} - \MySearchDial No Task File <==== ATTENTION
Task: {E44EE73B-395E-440F-803E-A956CE27D5F4} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
IE trusted site: HKU\S-1-5-21-2912795306-1733492519-829098707-1000\...\genieo.com -> hxxp://search.genieo.com
Cmd: wevtutil cl application
Cmd: wevtutil cl system
Cmd: wevtutil cl security
EmptyTemp: