Hola amigos soy nuevo en este foro, y lo que me trae es esta alimaña de virusburst, el tema es que lo elimine de la máquina pero me sigue saliendo el icono en la barra de tareas y cuando lo clickeo va a la pagina en la cual me quieren vender ese programa inutil. Necesito quitarlo para ello les dejo el log del autorun para ver si detectan cual debo borrar asi no se carga al inicio de windows.
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AppSetup
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup
HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Runonce
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\RunonceEx
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ Corel Reminder NAVBrowser (Not verified) Naviant, Inc. d:\archivos de programa\corel\graphics10\register\navbrowser.exe
+ KAVPersonal50 Kaspersky Anti-Virus GUI Part (Not verified) Kaspersky Lab d:\archivos de programa\kaspersky lab\kaspersky anti-virus personal\kav.exe
+ SpySweeper Spy Sweeper Client Executable (Not verified) Webroot Software, Inc. d:\archivos de programa\webroot\spy sweeper\spysweeperui.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
+ Register Homesite+.exe HomeSite (Not verified) Macromedia, Inc. d:\archivos de programa\macromedia\homesite+\homesite+.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
D:\Documents and Settings\All Users.WINDOWS\Menú Inicio\Programas\Inicio
D:\Documents and Settings\daniel\Menú Inicio\Programas\Inicio
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
+ ares Ares (Not verified) Ares Development Group c:\archivos de programa\ares\ares.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Runonce
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\RunonceEx
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\SOFTWARE\Classes\Protocols\Filter
+ application/octet-stream Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation d:\windows\system32\mscoree.dll
+ application/x-complus Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation d:\windows\system32\mscoree.dll
+ application/x-msdownload Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation d:\windows\system32\mscoree.dll
HKLM\SOFTWARE\Classes\Protocols\Handler
+ cdo Microsoft SharePoint Portal Server Object Model (Not verified) Microsoft Corporation d:\archivos de programa\archivos comunes\microsoft shared\web folders\pkmcdo.dll
HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components
+ 0 File not found: About:Home
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
+ n/a Microsoft .NET IE SECURITY REGISTRATION (Not verified) Microsoft Corporation d:\windows\system32\mscories.dll
HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
+ ferrateen d:\windows\system32\rrtcany.dll
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
+ ferrateen d:\windows\system32\rrtcany.dll
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ CorelDRAW Shell Extension Component Shell Extension DLL (Not verified) Corel Corporation d:\archivos de programa\corel\graphics10\draw\cdrviewer\crlshell100.dll
+ CuteFTP Shell Extension (Not verified) GlobalSCAPE, Inc. d:\archivos de programa\globalscape\cuteftpes\cuteshell.dll
+ Extensión de paneo de pantalla del Panel de control File not found: deskpan.dll
+ Macromedia FTP & RDS CfShellFtpRds Module (Not verified) Macromedia, Inc. d:\windows\system32\cfshellftprds.dll
+ NeroDigitalIconHandler Nero Digital Shell Extension (Not verified) Nero AG d:\archivos de programa\archivos comunes\ahead\lib\nerodigitalext.dll
+ NeroDigitalPropSheetHandler Nero Digital Shell Extension (Not verified) Nero AG d:\archivos de programa\archivos comunes\ahead\lib\nerodigitalext.dll
+ Shell Icon Handler for Application References Application Deployment Support Library (Not verified) Microsoft Corporation d:\windows\system32\dfshim.dll
+ ShellLink for Application References Application Deployment Support Library (Not verified) Microsoft Corporation d:\windows\system32\dfshim.dll
+ Web Folders Microsoft Web Folders (Not verified) Microsoft Corporation d:\archivos de programa\archivos comunes\microsoft shared\web folders\msonsext.dll
+ Webroot Spy Sweeper Context Menu Integration Spy Sweeper Client Executable (Not verified) Webroot Software, Inc. d:\archivos de programa\webroot\spy sweeper\ssctxmnu.dll
+ WinRAR shell extension d:\archivos de programa\winrar\rarext.dll
+ Yahoo! Mail YMMAPI Module (Verified) Yahoo! Inc. d:\archivos de programa\yahoo!\common\ymmapi.dll
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ Carpetas Web Microsoft Web Folders (Not verified) Microsoft Corporation d:\archivos de programa\archivos comunes\microsoft shared\web folders\msonsext.dll
HKLM\Software\Classes\Folder\Shellex\ColumnHandlers
+ NeroDigitalColumnHandler Class Nero Digital Shell Extension (Not verified) Nero AG d:\archivos de programa\archivos comunes\ahead\lib\nerodigitalext.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
+ Google Toolbar Helper Barra Google para los clientes de Internet Explorer (Verified) Google Inc d:\archivos de programa\google\googletoolbar1.dll
+ SSVHelper Class Java(TM) 2 Platform Standard Edition binary (Not verified) Sun Microsystems, Inc. d:\archivos de programa\java\jre1.5.0_06\bin\ssv.dll
+ Yahoo! IE Services Button Yahoo! IE Services (Not verified) Yahoo! Inc. d:\archivos de programa\yahoo!\common\yiesrvcar.dll
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
HKLM\Software\Microsoft\Internet Explorer\Toolbar
+ googletoolbar1.dll Barra Google para los clientes de Internet Explorer (Verified) Google Inc d:\archivos de programa\google\googletoolbar1.dll
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars
HKCU\Software\Microsoft\Internet Explorer\Extensions
HKLM\Software\Microsoft\Internet Explorer\Extensions
+ Yahoo! Messenger Yahoo! Messenger (Verified) Yahoo! Inc. d:\archivos de programa\yahoo!\messenger\yahoomessenger.exe
Task Scheduler
HKLM\System\CurrentControlSet\Services
+ kavsvc Kaspersky Anti-Virus Service (Not verified) Kaspersky Lab d:\archivos de programa\kaspersky lab\kaspersky anti-virus personal\kavsvc.exe
+ WebrootSpySweeperService Es el que hace posible las funciones esenciales de Spy Sweeper de Webroot. Este servicio debe activarse e iniciarse para que Spy Sweeper funcione. (Not verified) Webroot Software, Inc. d:\archivos de programa\webroot\spy sweeper\spysweeper.exe
HKLM\System\CurrentControlSet\Services
+ AMDMSRIO File not found: D:\DOCUME~1\daniel\CONFIG~1\Temp\Safe To Delete 3_0_4_8\AMDMSRIO.sys
+ InCDPass File not found: system32\drivers\InCDPass.sys
+ InCDRm File not found: system32\drivers\InCDRm.sys
+ Kl1 Kaspersky Anti-Hacker Only Driver (Not verified) Kaspersky Lab d:\windows\system32\drivers\kl1.sys
+ Klif spuper-ptor (Not verified) Kaspersky Labs d:\windows\system32\drivers\klif.sys
+ Klmc Kaspersky Anti-Virus Mail Checker Proxy (Not verified) Kaspersky Lab d:\windows\system32\drivers\klmc.sys
+ PxHelp20 Px Engine Device Driver for Windows 2000/XP (Not verified) Sonic Solutions d:\windows\system32\drivers\pxhelp20.sys
+ SSFS0509 Spy Sweeper FileSystem Filter Driver (Not verified) Webroot Software Inc (
www.webroot.com) d:\windows\system32\drivers\ssfs0509.sys
+ SSHRMD Spy Sweeper Mini Driver (Not verified) Webroot Software Inc (
www.webroot.com) d:\windows\system32\drivers\sshrmd.sys
+ SSIDRV Spy Sweeper Interdiction Driver (Not verified) Webroot Software Inc (
www.webroot.com) d:\windows\system32\drivers\ssidrv.sys
+ SSKBFD Spy Sweeper Keyboard Filter Driver (Not verified) Webroot Software Inc (
www.webroot.com) d:\windows\system32\drivers\sskbfd.sys
+ TSP spuper-ptor (Not verified) Kaspersky Labs d:\windows\system32\drivers\klif.sys
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
HKLM\Software\Microsoft\Command Processor\Autorun
HKCU\Software\Microsoft\Command Processor\Autorun
HKLM\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
+ ole32 Microsoft OLE para Windows (Not verified) Microsoft Corporation d:\windows\system32\ole32.dll
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System
+ cshix.exe File not found: cshix.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
+ cryptnet Crypto Network Related API (Not verified) Microsoft Corporation d:\windows\system32\cryptnet.dll
+ WRNotifier Spy Sweeper Engine (Not verified) Webroot Software, Inc. d:\windows\system32\wrlogonntf.dll
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GinaDLL
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKCU\Control Panel\Desktop\Scrnsave.exe
HKLM\System\CurrentControlSet\Control\BootVerificationProgram\ImageName
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages