Tengo un virus llamado resycled boot.com

Estado
Cerrado para nuevas respuestas
V

vegetasonyer

Guest
resulta que fui a abrir la unidad de C fui a abrirla y me ponia la aplicacion win32 no es valida resycled\boot,com,y not e dejaba abrir la unidad la misma con los disocos extraibles usbs etc,pues bien en el foro de spyware me trai la solucion a esto y segui todos los pasos el caso es que lo ultimo era analizar con kapersky online y me detecto el worm del virus ,pero no lo puedo eliminar desde ahi y dijeron que pegare el reporte,que es el siguiente:
Insertar CODE, HTML o PHP:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]

"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.Windows.Forms.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]

"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.Windows.Forms.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]

"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\mscorlib.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]

"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\mscoree.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]

"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.Drawing.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]

"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.EnterpriseServices.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]

"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.JScript.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]

"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.Vsa.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]

"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.Drawing.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]

"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\mscoree.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]

"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]

"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.EnterpriseServices.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]

"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\Microsoft.JScript.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]

"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\Microsoft.Vsa.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]

"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\Microsoft.Vsa.Vb.CodeDOMProcessor.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]

"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\mscorlib.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]

"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]

"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.Vsa.Vb.CodeDOMProcessor.tlb"=dword:00001000

[HKEY_CLASSES_ROOT\SysmonLogManager.Snapin]

[HKEY_CLASSES_ROOT\WMPCD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.part]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.part\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfk]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfk\OpenWithList]

[HKEY_CLASSES_ROOT\ADCS]

@="Contenedor de la clase del directorio"

[HKEY_CLASSES_ROOT\ADCS\CLSID]

@="{89E30300-764D-11d0-B282-00A0C90F56FC}"

[HKEY_CLASSES_ROOT\Connection Manager Profile\DefaultIcon]

@="C:\\WINDOWS\\system32\\CMMGR32.EXE,1"

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\open]

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\open\command]

@="C:\\WINDOWS\\system32\\CMMGR32.EXE \"%1\""

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\Settings...]

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\Settings...\command]

@="C:\\WINDOWS\\system32\\CMMGR32.EXE /settings \"%1\""

[HKEY_CLASSES_ROOT\DirectAnimation.PathControl]

@="Microsoft DirectAnimation Path"

[HKEY_CLASSES_ROOT\DirectAnimation.PathControl\CLSID]

@="{D7A7D7C3-D47F-11D0-89D3-00A0C90833E6}"

[HKEY_CLASSES_ROOT\DirectAnimation.Sequence]

@="Microsoft DirectAnimation Sequence"

[HKEY_CLASSES_ROOT\DirectAnimation.Sequence\CLSID]

@="{4F241DB1-EE9F-11D0-9824-006097C99E51}"

[HKEY_CLASSES_ROOT\DirectAnimation.SequencerControl]

@="Microsoft DirectAnimation Sequencer"

[HKEY_CLASSES_ROOT\DirectAnimation.SequencerControl\CLSID]

@="{B0A6BAE2-AAF0-11D0-A152-00A0C908DB96}"

[HKEY_CLASSES_ROOT\DirectAnimation.SpriteControl]

@="Microsoft DirectAnimation Sprite"

[HKEY_CLASSES_ROOT\DirectAnimation.SpriteControl\CLSID]

@="{FD179533-D86E-11D0-89D6-00A0C90833E6}"

[HKEY_CLASSES_ROOT\DirectAnimation.StructuredGraphicsControl]

@="Microsoft DirectAnimation Structured Graphics"

[HKEY_CLASSES_ROOT\DirectAnimation.StructuredGraphicsControl\CLSID]

@="{369303C2-D7AC-11D0-89D5-00A0C90833E6}"

[HKEY_CLASSES_ROOT\ppifile\DefaultIcon]

@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\

  00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,6d,00,73,00,\

  70,00,70,00,63,00,6e,00,66,00,67,00,2e,00,65,00,78,00,65,00,2c,00,31,00,00,00

[HKEY_CLASSES_ROOT\ppifile\shell\open]

[HKEY_CLASSES_ROOT\ppifile\shell\open\command]

@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\

  00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,6d,00,73,00,\

  70,00,70,00,63,00,6e,00,66,00,67,00,2e,00,65,00,78,00,65,00,20,00,2f,00,43,\

  00,6f,00,6e,00,66,00,69,00,67,00,20,00,25,00,31,00,00,00

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}]

@="ActiveXPlugin Object"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Control]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Implemented Categories]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\InprocServer32]

@="C:\\WINDOWS\\system32\\plugin.ocx"

"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\MiscStatus]

@="0"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\MiscStatus\1]

@="131473"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\ProgID]

@="Microsoft.ActiveXPlugin.1"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\ToolboxBitmap32]

@="C:\\WINDOWS\\system32\\plugin.ocx, 1"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\TypeLib]

@="{06DD38D0-D187-11CF-A80D-00C04FD74AD8}"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Version]

@="1.0"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\VersionIndependentProgID]

@="Microsoft.ActiveXPlugin"

[HKEY_CLASSES_ROOT\CLSID\{1FF84C3B-1140-4eb6-BE38-4BE618D2E7D6}]

@="ThirdPartyEapDispatcherAuthenticatorConfig"

"AppID"="{1FF84C3B-1140-4EB6-BE38-4BE618D2E7D6}"

[HKEY_CLASSES_ROOT\CLSID\{1FF84C3B-1140-4eb6-BE38-4BE618D2E7D6}\InprocServer32]

@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\

  00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,65,00,61,00,\

  70,00,61,00,33,00,68,00,73,00,74,00,2e,00,64,00,6c,00,6c,00,00,00

"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{5A8371A3-0C6D-487b-B3C8-46D785C4C940}]

@="PSFactoryBuffer"

[HKEY_CLASSES_ROOT\CLSID\{5A8371A3-0C6D-487b-B3C8-46D785C4C940}\InProcServer32]

@="C:\\WINDOWS\\system32\\eapahost.dll"

"ThreadingModel"="Both"

[HKEY_CLASSES_ROOT\CLSID\{9DAA7B9D-CE5B-42CE-B942-32BBC284AC44}]

@="PSFactoryBuffer"

[HKEY_CLASSES_ROOT\CLSID\{9DAA7B9D-CE5B-42CE-B942-32BBC284AC44}\InProcServer32]

@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\

  00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,65,00,61,00,\

  70,00,61,00,33,00,68,00,73,00,74,00,2e,00,64,00,6c,00,6c,00,00,00

"ThreadingModel"="Both"

[HKEY_CLASSES_ROOT\CLSID\{B0E28D63-52F6-4e30-992B-78ECF97268E9}]

@="ThirdPartyEapDispatcherAuthenticatorRuntime"

"AppID"="{B0E28D63-52F6-4E30-992B-78ECF97268E9}"

[HKEY_CLASSES_ROOT\CLSID\{B0E28D63-52F6-4e30-992B-78ECF97268E9}\InprocServer32]

@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\

  00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,65,00,61,00,\

  70,00,61,00,33,00,68,00,73,00,74,00,2e,00,64,00,6c,00,6c,00,00,00

"ThreadingModel"="Free"

[HKEY_CLASSES_ROOT\Applications\moviemk.exe]

[HKEY_CLASSES_ROOT\Applications\moviemk.exe\shell]

"FriendlyCache"="Movie Maker"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe]

@="C:\\WINDOWS\\system32\\cmmgr32.exe"

"Path"="C:\\WINDOWS\\system32"

"CmstpExtensionDll"="C:\\WINDOWS\\system32\\cmcfg32.dll"

"CMInternalVersion"="1.2"

"CmNative"=dword:00000001

"ProfilesUpgraded"=dword:00000002

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\yourapp.Exe]

"Path"="C:\\Archivos de programa\\HP\\"

@="C:\\Archivos de programa\\HP\\yourapp.Exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB898461]

"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\

  00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00

"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Microsoft .NET Framework 2.0]

"SlowInfoCache"=hex:28,02,00,00,01,00,00,00,00,90,86,05,00,00,00,00,22,35,98,\

  73,25,2a,c9,01,02,00,00,00,43,00,3a,00,5c,00,57,00,49,00,4e,00,44,00,4f,00,\

  57,00,53,00,5c,00,4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,00,2e,\

  00,4e,00,45,00,54,00,5c,00,46,00,72,00,61,00,6d,00,65,00,77,00,6f,00,72,00,\

  6b,00,5c,00,76,00,32,00,2e,00,30,00,2e,00,35,00,30,00,37,00,32,00,37,00,5c,\

  00,76,00,62,00,63,00,2e,00,65,00,78,00,65,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00

"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Microsoft .NET Framework 3.0]

"SlowInfoCache"=hex:28,02,00,00,01,00,00,00,00,90,9d,03,00,00,00,00,62,80,e4,\

  73,25,2a,c9,01,02,00,00,00,63,00,3a,00,5c,00,57,00,49,00,4e,00,44,00,4f,00,\

  57,00,53,00,5c,00,4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,00,2e,\

  00,4e,00,45,00,54,00,5c,00,46,00,72,00,61,00,6d,00,65,00,77,00,6f,00,72,00,\

  6b,00,5c,00,76,00,33,00,2e,00,30,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,\

  00,73,00,20,00,43,00,6f,00,6d,00,6d,00,75,00,6e,00,69,00,63,00,61,00,74,00,\

  69,00,6f,00,6e,00,20,00,46,00,6f,00,75,00,6e,00,64,00,61,00,74,00,69,00,6f,\

  00,6e,00,5c,00,57,00,73,00,61,00,74,00,43,00,6f,00,6e,00,66,00,69,00,67,00,\

  2e,00,65,00,78,00,65,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

  00,00,00,00,00,00,00,00

"Changed"=dword:00000000

[HKEY_CURRENT_USER\Software\HaaliMkx]

[HKEY_LOCAL_MACHINE\Software\Malwarebytes' Anti-Malware]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]

"C:\\DOCUME~1\\Vegeta\\CONFIG~1\\Temp\\nircmd.exe"="NirCmd"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]

"C:\\DOCUME~1\\Vegeta\\CONFIG~1\\Temp\\is-3QH0U.tmp\\mbam-setup.tmp"="Setup/Uninstall"
alguien sabe como puedo eliminarlo?
 

Kbite

Aprender y compartir
Administrador
Hola vegetasonyer.

Te muevo al Foro de Seguridad donde te darán indicaciones más precisas.

Saludos. :D
 
Estado
Cerrado para nuevas respuestas
Arriba Pie