| Re: Spolsv.exe / malagent
En primer lugar, muchas gracias por contestar.
He seguido tus instrucciones, pero no me deja pasar el superantispyware, me lo cierra, como otros anti spy que he intentado pasar o si visito páginas relacionadas con spy, virus, malaware.
el fichero que ha salido es este
SDFix: Version 1.173
Run by Osquitar on 21/04/2008 at 22:03
Microsoft Windows XP [Versi¢n 5.1.2600]
Running From: H:\DOCUME~1\Osquitar\ESCRIT~1\SDFix
Checking Services :
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Missing Security Center Service
Restoring Missing SharedAccess Service
Rebooting
Checking Files :
Trojan Files Found:
H:\WINDOWS\SYSTEM32\POY.EXE - Deleted
H:\WINDOWS\system32\2.tmp - Deleted
H:\Archivos de programa\Setup.exe - Deleted
H:\WINDOWS\AutoUpdateWin31.dll - Deleted
H:\WINDOWS\AutoUpdateWin32.exe - Deleted
H:\WINDOWS\AutoUpdateWin33.exe - Deleted
H:\WINDOWS\kiasys.dll - Deleted
H:\WINDOWS\system32\WinSpooler.exe - Deleted
H:\WINDOWS\WindowsUpdates.exe - Deleted
H:\WINDOWS\yeTyezzd.sys - Deleted
Removing Temp Files
ADS Check :
Final Check :
catchme 0.3.1353.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-21 22:08:57
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 7
Remaining Services :
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
Remaining Files :
File Backups: - H:\DOCUME~1\Osquitar\ESCRIT~1\SDFix\backups\backup s.zip
Files with Hidden Attributes :
Mon 19 Nov 2007 72 ..SH. --- H:\WINDOWS\S4A901~1.TMP
Fri 4 Jan 2008 40,960 A..H. --- H:\WINDOWS\SYSTEM32\CTFNOM.EXE
Fri 4 Jan 2008 40,960 A..H. --- H:\WINDOWS\SYSTEM32\KRNMOD.EXE
Fri 4 Jan 2008 40,960 A..H. --- H:\WINDOWS\SYSTEM32\LCHECK.EXE
Fri 4 Jan 2008 40,960 A..H. --- H:\WINDOWS\SYSTEM32\LINEX.EXE
Fri 4 Jan 2008 40,960 A..H. --- H:\WINDOWS\SYSTEM32\SCRSV.EXE
Fri 4 Jan 2008 40,960 A..H. --- H:\WINDOWS\SYSTEM32\STR32.EXE
Fri 4 Jan 2008 40,960 ...H. --- H:\WINDOWS\SYSTEM32\VUAUCLT.EXE
Thu 11 Jan 2007 4,348 A.SH. --- H:\DOCUME~1\ALLUSE~1\DRM\DRMV1.BAK
Tue 20 Mar 2007 0 A.SH. --- H:\DOCUME~1\ALLUSE~1\DRM\CACHE\INDIV02.TMP
Wed 9 Apr 2008 0 A..H. --- H:\WINDOWS\SOFTWA~1\DOWNLOAD\6302CD~1\BIT3.TMP
Sat 27 Aug 2005 15,360 A..H. --- H:\DOCUME~1\OSQUITAR\CONFIG~1\TEMP\RARSFX2\PWDUMP2 \PWDUMP2.EXE
Sat 27 Aug 2005 17,408 A..H. --- H:\DOCUME~1\OSQUITAR\CONFIG~1\TEMP\RARSFX2\PWDUMP2 \SAMDUMP.DLL
Tue 15 Apr 2008 8 A..H. --- H:\DOCUME~1\ALLUSE~1\DATOSD~1\MICROS~1\OC\CHANNELS \CH1\LOCK.TMP
Tue 15 Apr 2008 8 A..H. --- H:\DOCUME~1\ALLUSE~1\DATOSD~1\MICROS~1\OC\CHANNELS \CH2\LOCK.TMP
Tue 15 Apr 2008 8 A..H. --- H:\DOCUME~1\ALLUSE~1\DATOSD~1\MICROS~1\OC\CHANNELS \CH3\LOCK.TMP
Tue 15 Apr 2008 8 A..H. --- H:\DOCUME~1\ALLUSE~1\DATOSD~1\MICROS~1\OC\CHANNELS \CH4\LOCK.TMP
Wed 16 Apr 2008 8 A..H. --- H:\DOCUME~1\ALLUSE~1\DATOSD~1\MICROS~1\OC\CHANNELS \CH5\LOCK.TMP
Finished!  |