HKU\.DEFAULT\...0c966feabec1\InprocServer32: [Default-shell32] C:\Windows\system32\config\systemprofile\AppData\Local\{faf5218a-a1d6-8c98-7400-f64c2191f96b}\n. ATTENTION! ====> ZeroAccess/Alureon?
C:\Windows\system32\config\systemprofile\AppData\Local\{faf5218a-a1d6-8c98-7400-f64c2191f96b}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://start.iplay.com/?o=shp
SearchScopes: HKLM - {739BD4B5-CD29-4D80-81AC-B65CD917235A} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKLM-x32 - {739BD4B5-CD29-4D80-81AC-B65CD917235A} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKCU - DefaultScope {ABD93EAF-D775-BC54-E63B-2804F22FD156} URL = http://search.startn...eferrer:source}
SearchScopes: HKCU - {0633EE93-1111-472f-A0FF-E1416B8B2E3B} URL = http://www.gooofulls...q={searchTerms}
SearchScopes: HKCU - {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.iplay.c...q={searchTerms}
SearchScopes: HKCU - {739BD4B5-CD29-4D80-81AC-B65CD917235A} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKCU - {9DC71DDF-6D47-4870-ADED-ED537B875071} URL = http://websearch.ask...29-3D8D7B19CBEE
SearchScopes: HKCU - {ABD93EAF-D775-BC54-E63B-2804F22FD156} URL = http://search.startn...eferrer:source}
SearchScopes: HKCU - {E163AE6E-254C-5FF4-BE33-4CBD31D63F5C} URL = http://www.bing.com/...eferrer:source}
BHO-x32: StartNow Toolbar Helper - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll No File
C:\Program Files (x86)\StartNow Toolbar
Toolbar: HKLM-x32 - GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files (x86)\GamesBar\2.0.1.82\oberontb.dll No File
Toolbar: HKLM-x32 - StartNow Toolbar - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll No File
Toolbar: HKLM-x32 - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
C:\Program Files (x86)\GamesBar
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 02 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 02 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
cmd: netsh winsock reset
reboot:
FF DefaultSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: StartNow
FF Keyword.URL: hxxp://search.startnow.com/s/?src=addrbar&provider=&provider_name=startnow&provider_code=&partner_id=999&product_id=10&affiliate_id=&channel=&toolbar_id=&toolbar_version=&install_country=&install_date=&user_guid=1278D169D8D5474F812EEA14BCD336E0&machine_id=8d089b94925f5ababd02e279192e6bb1&browser=FF&os=win&os_version=6.1-x64-SP0&q=
FF SearchPlugin: C:\Users\Vincia M. Blaise\AppData\Roaming\Mozilla\Firefox\Profiles\idulbske.default\searchplugins\startnow.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\WebSearchober616003862.xml
FF Extension: Oberon GamesBar - C:\Users\Vincia M. Blaise\AppData\Roaming\Mozilla\Firefox\Profiles\idulbske.default\Extensions\gamesbar@oberon-media.com [2011-08-27]
FF Extension: Free software Gooofull toolbar - C:\Users\Vincia M. Blaise\AppData\Roaming\Mozilla\Firefox\Profiles\idulbske.default\Extensions\{181F4BBC-2453-40D2-B42C-3135E3B07C7B} [2011-11-26]
FF Extension: StartNow Toolbar - C:\Users\Vincia M. Blaise\AppData\Roaming\Mozilla\Firefox\Profiles\idulbske.default\Extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F} [2011-08-28]
FF Plugin-x32: @oberon-media.com/ONCAdapter - C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
CHR HomePage: hxxp://search.startnow.com/s/?src=startpage&provider=&provider_name=startnow&provider_code=&partner_id=999&product_id=10&affiliate_id=&channel=&toolbar_id=&toolbar_version=&install_country=&install_date=&user_guid=1278D169D8D5474F812EEA14BCD336E0&machine_id=8d089b94925f5ababd02e279192e6bb1&browser=IE&os=win&os_version=6.1-x64-SP0&iesrc={referrer:source}
CHR DefaultSearchKeyword: startnow.com
CHR DefaultSearchProvider: StartNow
CHR DefaultSearchURL: http://search.startn...ion=6.1-x64-SP0
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
CHR Plugin: (Oberon com adapter) - C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
R1 kl1; C:\Windows\System32\DRIVERS\kl1.sys [157712 2009-09-01] (Kaspersky Lab)
C:\Windows\System32\DRIVERS\kl1.sys
:\Users\Vincia M. Blaise\AppData\Local\StartNow
Task: {82AAF373-3ED9-4851-9998-E66940F7F709} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION
c:\Program Files (x86)\Ask.com