Virus sacem police nationale !?
Fermé
iriviper
Messages postés
2
Date d'inscription
mercredi 25 avril 2012
Statut
Membre
Dernière intervention
25 avril 2012
-
25 avril 2012 à 22:03
Utilisateur anonyme - 25 avril 2012 à 23:05
Utilisateur anonyme - 25 avril 2012 à 23:05
A voir également:
- Virus sacem police nationale !?
- Police aptos - Accueil - Bureautique
- Police facebook - Guide
- Youtu.be virus - Accueil - Guide virus
- Police d'écriture journal ancien ✓ - Forum Graphisme
- Svchost.exe virus - Guide
4 réponses
Utilisateur anonyme
Modifié par g3n-h@ckm@n le 25/04/2012 à 22:13
Modifié par g3n-h@ckm@n le 25/04/2012 à 22:13
ATTENTION !!! : Script personnalisé pour cette machine uniquement , ne pas reproduire !!
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶Copie la liste qui se trouve en gras ci-dessous,
▶ colle-la dans la zone sous "Personnalisation"(custom scan/fixes) :
:OTL
SRV - [2012/04/24 14:28:53 | 000,050,688 | ---- | M] () [Auto] -- D:\Windows\TEMP\yamqwd\setup.exe -- (AMService)
IE - HKU\Anca_ON_D\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - D:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q="
FF - user.js..keyword.URL: "http://redirecterror.sfr.fr/?q="
[2012/03/28 18:33:53 | 000,000,000 | ---D | M] (Sopcast Ask Toolbar) -- D:\Users\Anca\AppData\Roaming\mozilla\Firefox\Profiles\hba45n7s.default\extensions\toolbar@ask.com
[2012/01/03 15:27:44 | 000,002,333 | ---- | M] () -- D:\Users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\hba45n7s.default\searchplugins\askcom.xml
[2012/01/12 01:09:00 | 000,000,935 | ---- | M] () -- D:\Users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\hba45n7s.default\searchplugins\conduit.xml
[2012/03/19 20:32:05 | 000,002,519 | ---- | M] () -- D:\Users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\hba45n7s.default\searchplugins\Search_Results.xml
[2012/02/22 21:00:01 | 000,002,310 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/03/19 20:32:05 | 000,002,519 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - D:\Users\Anca\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - File not found
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - File not found
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - File not found
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - File not found
O3 - HKLM\..\Toolbar: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Anca_ON_D\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
O4 - HKLM..\Run: [QJa8hs7QNbxt4uL] D:\Users\Anca\AppData\Roaming\ram_reserver64.exe ()
O4 - HKU\.DEFAULT..\Run: [QJa8hs7QNbxt4uL] D:\Windows\System32\config\systemprofile\AppData\Roaming\ram_reserver64.exe ()
O4 - HKU\Anca_ON_D..\Run: [Internet Security] File not found
O4 - HKU\Anca_ON_D..\Run: [QJa8hs7QNbxt4uL] D:\Users\Anca\AppData\Roaming\ram_reserver64.exe ()
O4 - HKU\Anca_ON_D..\Run: [Steam] File not found
O4 - HKU\Anca_ON_D..\Run: [uTorrent] File not found
O4 - HKU\LocalService_ON_D..\Run: [Sidebar] File not found
O4 - HKU\NetworkService_ON_D..\Run: [Sidebar] File not found
F3 - HKU\Anca_ON_D WinNT: Load - (C:\Users\Anca\AppData\Local\Temp\{11124~1.EXE) - File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 16330 = C:\PROGRA~2\LOCALS~1\Temp\msokpmu.bat (Sun Microsystems, Inc.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\Anca_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\Anca_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Anca_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O20 - HKLM Winlogon: Shell - (C:\Users\Anca\AppData\Roaming\ram_reserver64.exe) - D:\Users\Anca\AppData\Roaming\ram_reserver64.exe ()
O20 - HKLM Winlogon: UserInit - (C:\Users\Anca\AppData\Roaming\ram_reserver64.exe) - D:\Users\Anca\AppData\Roaming\ram_reserver64.exe ()
O20 - HKU\.DEFAULT Winlogon: Shell - (C:\Windows\system32\config\systemprofile\AppData\Roaming\ram_reserver64.exe) - D:\Windows\System32\config\systemprofile\AppData\Roaming\ram_reserver64.exe ()
O20 - HKU\.DEFAULT Winlogon: UserInit - (C:\Windows\system32\config\systemprofile\AppData\Roaming\ram_reserver64.exe) - D:\Windows\System32\config\systemprofile\AppData\Roaming\ram_reserver64.exe ()
O20 - HKU\Anca_ON_D Winlogon: Shell - (C:\Users\Anca\AppData\Roaming\ram_reserver64.exe) - D:\Users\Anca\AppData\Roaming\ram_reserver64.exe ()
O20 - HKU\Anca_ON_D Winlogon: UserInit - (C:\Users\Anca\AppData\Roaming\ram_reserver64.exe) - D:\Users\Anca\AppData\Roaming\ram_reserver64.exe ()
O33 - MountPoints2\{b458af5a-2efd-11e1-9c74-180373897475}\Shell\AutoRun\command - "" = F:\Windows\AutoRun.exe
[2012/04/17 13:47:29 | 000,000,000 | ---D | C] -- D:\Users\Anca\AppData\Roaming\gizza
D:\Windows\tasks\At*.job
[2012/04/25 18:55:21 | 000,182,784 | ---- | M] () -- D:\Users\Anca\AppData\Roaming\ram_reserver64.exe
[2012/04/24 14:28:50 | 000,084,480 | ---- | M] () -- D:\ProgramData\1r6tAm38.exe
[2012/04/24 14:18:49 | 000,000,000 | -HS- | C] () -- D:\Windows\System32\dds_trash_log.cmd
[2012/02/22 20:59:57 | 000,000,000 | ---D | M] -- D:\ProgramData\Babylon
[2012/04/17 13:47:14 | 000,000,000 | ---D | M] -- D:\ProgramData\Local Settings
D:\Windows\TEMP\yamqwd
▶ Clique sur "Correction(RunFix)" pour lancer la suppression.
▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan_Concept ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶Copie la liste qui se trouve en gras ci-dessous,
▶ colle-la dans la zone sous "Personnalisation"(custom scan/fixes) :
:OTL
SRV - [2012/04/24 14:28:53 | 000,050,688 | ---- | M] () [Auto] -- D:\Windows\TEMP\yamqwd\setup.exe -- (AMService)
IE - HKU\Anca_ON_D\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - D:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q="
FF - user.js..keyword.URL: "http://redirecterror.sfr.fr/?q="
[2012/03/28 18:33:53 | 000,000,000 | ---D | M] (Sopcast Ask Toolbar) -- D:\Users\Anca\AppData\Roaming\mozilla\Firefox\Profiles\hba45n7s.default\extensions\toolbar@ask.com
[2012/01/03 15:27:44 | 000,002,333 | ---- | M] () -- D:\Users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\hba45n7s.default\searchplugins\askcom.xml
[2012/01/12 01:09:00 | 000,000,935 | ---- | M] () -- D:\Users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\hba45n7s.default\searchplugins\conduit.xml
[2012/03/19 20:32:05 | 000,002,519 | ---- | M] () -- D:\Users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\hba45n7s.default\searchplugins\Search_Results.xml
[2012/02/22 21:00:01 | 000,002,310 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/03/19 20:32:05 | 000,002,519 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - D:\Users\Anca\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - File not found
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - File not found
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - File not found
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - File not found
O3 - HKLM\..\Toolbar: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Anca_ON_D\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
O4 - HKLM..\Run: [QJa8hs7QNbxt4uL] D:\Users\Anca\AppData\Roaming\ram_reserver64.exe ()
O4 - HKU\.DEFAULT..\Run: [QJa8hs7QNbxt4uL] D:\Windows\System32\config\systemprofile\AppData\Roaming\ram_reserver64.exe ()
O4 - HKU\Anca_ON_D..\Run: [Internet Security] File not found
O4 - HKU\Anca_ON_D..\Run: [QJa8hs7QNbxt4uL] D:\Users\Anca\AppData\Roaming\ram_reserver64.exe ()
O4 - HKU\Anca_ON_D..\Run: [Steam] File not found
O4 - HKU\Anca_ON_D..\Run: [uTorrent] File not found
O4 - HKU\LocalService_ON_D..\Run: [Sidebar] File not found
O4 - HKU\NetworkService_ON_D..\Run: [Sidebar] File not found
F3 - HKU\Anca_ON_D WinNT: Load - (C:\Users\Anca\AppData\Local\Temp\{11124~1.EXE) - File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 16330 = C:\PROGRA~2\LOCALS~1\Temp\msokpmu.bat (Sun Microsystems, Inc.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\Anca_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\Anca_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Anca_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O20 - HKLM Winlogon: Shell - (C:\Users\Anca\AppData\Roaming\ram_reserver64.exe) - D:\Users\Anca\AppData\Roaming\ram_reserver64.exe ()
O20 - HKLM Winlogon: UserInit - (C:\Users\Anca\AppData\Roaming\ram_reserver64.exe) - D:\Users\Anca\AppData\Roaming\ram_reserver64.exe ()
O20 - HKU\.DEFAULT Winlogon: Shell - (C:\Windows\system32\config\systemprofile\AppData\Roaming\ram_reserver64.exe) - D:\Windows\System32\config\systemprofile\AppData\Roaming\ram_reserver64.exe ()
O20 - HKU\.DEFAULT Winlogon: UserInit - (C:\Windows\system32\config\systemprofile\AppData\Roaming\ram_reserver64.exe) - D:\Windows\System32\config\systemprofile\AppData\Roaming\ram_reserver64.exe ()
O20 - HKU\Anca_ON_D Winlogon: Shell - (C:\Users\Anca\AppData\Roaming\ram_reserver64.exe) - D:\Users\Anca\AppData\Roaming\ram_reserver64.exe ()
O20 - HKU\Anca_ON_D Winlogon: UserInit - (C:\Users\Anca\AppData\Roaming\ram_reserver64.exe) - D:\Users\Anca\AppData\Roaming\ram_reserver64.exe ()
O33 - MountPoints2\{b458af5a-2efd-11e1-9c74-180373897475}\Shell\AutoRun\command - "" = F:\Windows\AutoRun.exe
[2012/04/17 13:47:29 | 000,000,000 | ---D | C] -- D:\Users\Anca\AppData\Roaming\gizza
D:\Windows\tasks\At*.job
[2012/04/25 18:55:21 | 000,182,784 | ---- | M] () -- D:\Users\Anca\AppData\Roaming\ram_reserver64.exe
[2012/04/24 14:28:50 | 000,084,480 | ---- | M] () -- D:\ProgramData\1r6tAm38.exe
[2012/04/24 14:18:49 | 000,000,000 | -HS- | C] () -- D:\Windows\System32\dds_trash_log.cmd
[2012/02/22 20:59:57 | 000,000,000 | ---D | M] -- D:\ProgramData\Babylon
[2012/04/17 13:47:14 | 000,000,000 | ---D | M] -- D:\ProgramData\Local Settings
D:\Windows\TEMP\yamqwd
▶ Clique sur "Correction(RunFix)" pour lancer la suppression.
▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan_Concept ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
iriviper
Messages postés
2
Date d'inscription
mercredi 25 avril 2012
Statut
Membre
Dernière intervention
25 avril 2012
25 avril 2012 à 22:45
25 avril 2012 à 22:45
le rapport:
========== OTL ==========
Service\Driver key AMService not found.
File D:\Windows\TEMP\yamqwd\setup.exe not found.
Registry key HKEY_USERS\Anca_ON_D\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ not found.
File D:\Program Files\Ask.com\GenericAskToolbar.dll not found.
D:\Users\Anca\AppData\Roaming\mozilla\Firefox\Profiles\hba45n7s.default\extensions\toolbar@ask.com folder moved successfully.
File D:\Users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\hba45n7s.default\searchplugins\askcom.xml not found.
File D:\Users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\hba45n7s.default\searchplugins\conduit.xml not found.
File D:\Users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\hba45n7s.default\searchplugins\Search_Results.xml not found.
File D:\Program Files\mozilla firefox\searchplugins\babylon.xml not found.
File D:\Program Files\mozilla firefox\searchplugins\Search_Results.xml not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ not found.
File D:\Users\Anca\AppData\Roaming\Complitly\Complitly.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File D:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File D:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_USERS\Anca_ON_D\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QJa8hs7QNbxt4uL not found.
File D:\Users\Anca\AppData\Roaming\ram_reserver64.exe not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run not found.
File D:\Windows\System32\config\systemprofile\AppData\Roaming\ram_reserver64.exe not found.
Registry key HKEY_USERS\Anca_ON_D\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\Anca_ON_D\Software\Microsoft\Windows\CurrentVersion\Run not found.
File D:\Users\Anca\AppData\Roaming\ram_reserver64.exe not found.
Registry key HKEY_USERS\Anca_ON_D\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\Anca_ON_D\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\LocalService_ON_D\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\NetworkService_ON_D\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\Anca_ON_D\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\16330 not found.
File C:\PROGRA~2\LOCALS~1\Temp\msokpmu.bat not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System not found.
Registry key HKEY_USERS\Anca_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer not found.
Registry key HKEY_USERS\Anca_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System not found.
Registry key HKEY_USERS\Anca_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\Anca\AppData\Roaming\ram_reserver64.exe deleted successfully.
File D:\Users\Anca\AppData\Roaming\ram_reserver64.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Users\Anca\AppData\Roaming\ram_reserver64.exe deleted successfully.
File D:\Users\Anca\AppData\Roaming\ram_reserver64.exe not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon not found.
File D:\Windows\System32\config\systemprofile\AppData\Roaming\ram_reserver64.exe not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon not found.
File D:\Windows\System32\config\systemprofile\AppData\Roaming\ram_reserver64.exe not found.
Registry key HKEY_USERS\Anca_ON_D\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon not found.
File D:\Users\Anca\AppData\Roaming\ram_reserver64.exe not found.
Registry key HKEY_USERS\Anca_ON_D\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon not found.
File D:\Users\Anca\AppData\Roaming\ram_reserver64.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b458af5a-2efd-11e1-9c74-180373897475}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b458af5a-2efd-11e1-9c74-180373897475}\ not found.
File F:\Windows\AutoRun.exe not found.
Folder D:\Users\Anca\AppData\Roaming\gizza\ not found.
File D:\Users\Anca\AppData\Roaming\ram_reserver64.exe not found.
File D:\ProgramData\1r6tAm38.exe not found.
File D:\Windows\System32\dds_trash_log.cmd not found.
Folder D:\ProgramData\Babylon\ not found.
Folder D:\ProgramData\Local Settings\ not found.
OTLPE by OldTimer - Version 3.1.48.0 log created on 04252012_222433
========== OTL ==========
Service\Driver key AMService not found.
File D:\Windows\TEMP\yamqwd\setup.exe not found.
Registry key HKEY_USERS\Anca_ON_D\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ not found.
File D:\Program Files\Ask.com\GenericAskToolbar.dll not found.
D:\Users\Anca\AppData\Roaming\mozilla\Firefox\Profiles\hba45n7s.default\extensions\toolbar@ask.com folder moved successfully.
File D:\Users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\hba45n7s.default\searchplugins\askcom.xml not found.
File D:\Users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\hba45n7s.default\searchplugins\conduit.xml not found.
File D:\Users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\hba45n7s.default\searchplugins\Search_Results.xml not found.
File D:\Program Files\mozilla firefox\searchplugins\babylon.xml not found.
File D:\Program Files\mozilla firefox\searchplugins\Search_Results.xml not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ not found.
File D:\Users\Anca\AppData\Roaming\Complitly\Complitly.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File D:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File D:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_USERS\Anca_ON_D\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QJa8hs7QNbxt4uL not found.
File D:\Users\Anca\AppData\Roaming\ram_reserver64.exe not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run not found.
File D:\Windows\System32\config\systemprofile\AppData\Roaming\ram_reserver64.exe not found.
Registry key HKEY_USERS\Anca_ON_D\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\Anca_ON_D\Software\Microsoft\Windows\CurrentVersion\Run not found.
File D:\Users\Anca\AppData\Roaming\ram_reserver64.exe not found.
Registry key HKEY_USERS\Anca_ON_D\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\Anca_ON_D\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\LocalService_ON_D\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\NetworkService_ON_D\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\Anca_ON_D\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\16330 not found.
File C:\PROGRA~2\LOCALS~1\Temp\msokpmu.bat not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System not found.
Registry key HKEY_USERS\Anca_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer not found.
Registry key HKEY_USERS\Anca_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System not found.
Registry key HKEY_USERS\Anca_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\Anca\AppData\Roaming\ram_reserver64.exe deleted successfully.
File D:\Users\Anca\AppData\Roaming\ram_reserver64.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Users\Anca\AppData\Roaming\ram_reserver64.exe deleted successfully.
File D:\Users\Anca\AppData\Roaming\ram_reserver64.exe not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon not found.
File D:\Windows\System32\config\systemprofile\AppData\Roaming\ram_reserver64.exe not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon not found.
File D:\Windows\System32\config\systemprofile\AppData\Roaming\ram_reserver64.exe not found.
Registry key HKEY_USERS\Anca_ON_D\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon not found.
File D:\Users\Anca\AppData\Roaming\ram_reserver64.exe not found.
Registry key HKEY_USERS\Anca_ON_D\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon not found.
File D:\Users\Anca\AppData\Roaming\ram_reserver64.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b458af5a-2efd-11e1-9c74-180373897475}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b458af5a-2efd-11e1-9c74-180373897475}\ not found.
File F:\Windows\AutoRun.exe not found.
Folder D:\Users\Anca\AppData\Roaming\gizza\ not found.
File D:\Users\Anca\AppData\Roaming\ram_reserver64.exe not found.
File D:\ProgramData\1r6tAm38.exe not found.
File D:\Windows\System32\dds_trash_log.cmd not found.
Folder D:\ProgramData\Babylon\ not found.
Folder D:\ProgramData\Local Settings\ not found.
OTLPE by OldTimer - Version 3.1.48.0 log created on 04252012_222433
