 |
| |||||||
| Foro de Virus y Spywares Ayuda con: Malwares - Virus - Spywares - Troyanos - Adwares - Worms - Hijackers - Dialers - Rootkits - Keylogger - etc.) Plantéanos tu problema en este sector. No ponga su log de HijackThis aquí !! |
 |
| | Herramientas |
 | 
24/07/08, 15:03:21
|  |
| |||
| Ayuda Virus entro a la PC X USB "ckvo0.dll" Saludos amigos , io aki nuevamente molestando  vieran ke necesito de su ayuda  hace dos dias meti mi USB aki en la PC y traia un virus ke "bloqueo" supuestamente el NOD 32 perohice el escaneo y me detecto y elimino una supuesta infeccion ke tenia , pero no me kede contenton con eso, entonces pase el Spyware Terminator y me dio el siguiente resultado.....Código: Logfile of Spyware Terminator v2.2.1.433 (db:2.007.022.000)
Scan Time: 22/07/2008 18:19:13 length: 904 s
Platform: WXP (5.1.0.2600)
User: Admin
Boot Mode: Normal
Scan type: %Custom_Scan%
Scanned Objects: 86664 (Critical:4)
Filter: No System items, No Safe items, No Invalid items
Running Processes
mDNSResponder.exe [Apple Inc.] : C:\Archivos de programa\Bonjour\mDNSResponder.exe
ekrn.exe [ESET] : C:\Archivos de programa\ESET\ESET NOD32 Antivirus\ekrn.exe
RaMaint.exe [LogMeIn, Inc.] : C:\Archivos de programa\LogMeIn\x86\RaMaint.exe
LogMeIn.exe [LogMeIn, Inc.] : C:\Archivos de programa\LogMeIn\x86\LogMeIn.exe
LMIGuardian.exe [LogMeIn, Inc.] : C:\Archivos de programa\LogMeIn\x86\LMIGuardian.exe
LogMeInSystray.exe [LogMeIn, Inc.] : C:\Archivos de programa\LogMeIn\x86\LogMeInSystray.exe
StarWindServiceAE.exe [Rocket Division Software] : C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
LMIGuardian.exe [LogMeIn, Inc.] : C:\Archivos de programa\LogMeIn\x86\LMIGuardian.exe
igfxpers.exe [Intel Corporation] : C:\WINDOWS\system32\igfxpers.exe
LaunchApplication.exe [Nokia] : C:\Archivos de programa\Nokia\Nokia PC Suite 6\LaunchApplication.exe
egui.exe [ESET] : C:\Archivos de programa\ESET\ESET NOD32 Antivirus\egui.exe
VisualTaskTips.exe [VisualTaskTips.com] : C:\Archivos de programa\VisualTaskTips\VisualTaskTips.exe
rapimgr.exe [Microsoft Corporation] : C:\Archivos de programa\Microsoft ActiveSync\rapimgr.exe
NMIndexingService.exe [Nero AG] : C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMIndexingService.exe
MPAPI3s.exe [Nokia Corporation] : C:\Archivos de programa\Archivos comunes\Nokia\MPAPI\MPAPI3s.exe
RocketDock.exe : C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
YzToolBar.exe [Y'z@Home] : C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
ServiceLayer.exe [Nokia.] : C:\Archivos de programa\Archivos comunes\PCSuite\Services\ServiceLayer.exe
NMIndexStoreSvr.exe [Nero AG] : C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMIndexStoreSvr.exe
Internet Settings
R - HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar = http://www.google.com/ie
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://www.google.com/ie
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
R - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings, ProxyOverride = *.local
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - [www.flashget.com] : C:\Archivos de programa\FlashGet\getflash.dll
StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, VisualTaskTips : [VisualTaskTips.com] : C:\Archivos de programa\VisualTaskTips\VisualTaskTips.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AlcoholAutomount : [Alcohol Soft Development Team] : C:\Archivos de programa\ALCOHOL SOFT\ALCOHOL 120\AXCMD.EXE
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, amva : : C:\WINDOWS\system32\amvo.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kamsoft : : C:\WINDOWS\system32\ckvo.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Persistence : [Intel Corporation] : C:\WINDOWS\system32\igfxpers.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SkyTel : [Realtek Semiconductor Corp.] : C:\WINDOWS\SkyTel.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, LogMeIn GUI : [LogMeIn, Inc.] : C:\Archivos de programa\LogMeIn\x86\LogMeInSystray.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Adobe Reader Speed Launcher : [Adobe Systems Incorporated] : C:\Archivos de programa\ADOBE\READER 8.0\READER\READER_SL.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Actualizador de Archivos : : C:\WINDOWS\IVPV2\TOOLS\ACTUALIZADOR DE ARCHIVOS.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, PCSuiteTrayApplication : [Nokia] : C:\Archivos de programa\Nokia\Nokia PC Suite 6\LaunchApplication.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, egui : [ESET] : C:\Archivos de programa\ESET\ESET NOD32 Antivirus\egui.exe
04 - Startup: : C:\Documents and Settings\USUARIO\Menú Inicio\Programas\Inicio\desktop.ini
04 - Startup: : C:\Documents and Settings\USUARIO\Menú Inicio\Programas\Inicio\RocketDock.lnk
04 - Startup: %STARTUP%\RocketDock.lnk : C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
04 - Startup: : C:\Documents and Settings\USUARIO\Menú Inicio\Programas\Inicio\Y'z Toolbar.lnk
04 - Startup: %STARTUP%\Y'z Toolbar.lnk [Y'z@Home] : C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
04 - Startup: : C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\desktop.ini
Shell Extensions
Microsoft Office Outlook - {00020D75-0000-0000-C000-000000000046} - [Microsoft Corporation] : C:\Archivos de programa\Microsoft Office\OFFICE11\MLSHEXT.DLL
Mis carpetas para compartir - {FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} - [Microsoft Corporation] : C:\Archivos de programa\Windows Live\Messenger\fsshext.8.5.1302.1018.dll
NeroCoverEdLiveIcons Class - {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} - [Nero AG] : C:\Archivos de programa\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll
NeroDigitalIconHandler Class - {B327765E-D724-4347-8B16-78AE18552FC3} - [Nero AG] : C:\Archivos de programa\Archivos comunes\Ahead\Lib\NeroDigitalExt.dll
NeroDigitalPropSheetHandler Class - {7F1CF152-04F8-453A-B34C-E609530A9DC8} - [Nero AG] : C:\Archivos de programa\Archivos comunes\Ahead\Lib\NeroDigitalExt.dll
WinZip - {E0D79304-84BE-11CE-9641-444553540000} - [WinZip Computing, S.L.] : C:\Archivos de programa\WinZip\wzshlstb.dll
WinZip - {E0D79305-84BE-11CE-9641-444553540000} - [WinZip Computing, S.L.] : C:\Archivos de programa\WinZip\wzshlstb.dll
WinZip - {E0D79306-84BE-11CE-9641-444553540000} - [WinZip Computing, S.L.] : C:\Archivos de programa\WinZip\wzshlstb.dll
WinZip - {E0D79307-84BE-11CE-9641-444553540000} - [WinZip Computing, S.L.] : C:\Archivos de programa\WinZip\wzshlstb.dll
Nokia Phone Browser - {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} - [Nokia] : C:\Archivos de programa\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
Eset Smart Security - Context Menu Shell Extension - {B089FE88-FB52-11D3-BDF1-0050DA34150D} - [ESET] : C:\Archivos de programa\ESET\ESET NOD32 Antivirus\shellExt.dll
Mobile Device - {49BF5420-FA7F-11cf-8011-00A0C90A8F78} - [Microsoft Corporation] : C:\Archivos de programa\Microsoft ActiveSync\Wcesview.dll
Bonjour - {9999A076-A9E2-4C99-8A2B-632FC9429223} - [Apple Inc.] : C:\Archivos de programa\Bonjour\ExplorerPlugin.dll
ZipZag Shell Extension - {A965C8E0-54A7-11D6-BF08-00079500BB23} - : C:\Archivos de programa\ZipZag\zipzagcm.dll
CMenuExtender - {ABC70703-32AF-11d4-90C4-D483A70F4825} - [Revenger inc.] : C:\WINDOWS\BricoPacks\Crystal Clear\iColorFolder\CMExt.dll
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : C:\Archivos de programa\WinRAR\rarext.dll
Shell Extecute Hooks
SABShellExecuteHook Class - {{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}} - [SuperAdBlocker.com] : C:\Archivos de programa\SUPERAntiSpyware\SASSEH.DLL
Protocol Handler
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Archivos de programa\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Archivos de programa\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
Quest RevNet Protocol - {9DE24BAC-FC3C-42c4-9FC4-76B3FAFDBD90} - : C:\Archivos de programa\Quest Software\Toad for Oracle Trial\RNetPin.dll
Services
23 - [Apple Inc.] : C:\Archivos de programa\Bonjour\mDNSResponder.exe
23 - [Eset] : C:\WINDOWS\system32\DRIVERS\eamon.sys
23 - [ESET] : C:\WINDOWS\system32\DRIVERS\easdrv.sys
23 - [ESET] : C:\Archivos de programa\ESET\ESET NOD32 Antivirus\ekrn.exe
23 - : C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
23 - [Intel Corporation] : C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
23 - [Realtek Semiconductor Corp.] : C:\WINDOWS\system32\drivers\RtkHDAud.sys
23 - [LogMeIn, Inc.] : C:\Archivos de programa\LogMeIn\x86\RaInfo.sys
23 - [LogMeIn, Inc.] : C:\Archivos de programa\LogMeIn\x86\RaMaint.exe
23 - [LogMeIn, Inc.] : C:\WINDOWS\system32\DRIVERS\lmimirr.sys
23 - [LogMeIn, Inc.] : C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
23 - [LogMeIn, Inc.] : C:\Archivos de programa\LogMeIn\x86\LogMeIn.exe
23 - [Nero AG] : C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMIndexingService.exe
23 - [Realtek Semiconductor Corporation] : C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
23 - [SUPERAdBlocker.com and SUPERAntiSpyware.com] : C:\Archivos de programa\SUPERAntiSpyware\SASDIFSV.SYS
23 - [SUPERAdBlocker.com and SUPERAntiSpyware.com] : C:\Archivos de programa\SUPERAntiSpyware\SASKUTIL.sys
23 - [Nokia.] : C:\Archivos de programa\Archivos comunes\PCSuite\Services\ServiceLayer.exe
23 - : C:\WINDOWS\system32\Drivers\sptd.sys
23 - [Rocket Division Software] : C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Winlogon Notify
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon, DLLName : [SUPERAntiSpyware.com] : C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.dll
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui, DLLName : [Intel Corporation] : C:\WINDOWS\system32\igfxdev.dll
Threat Files
<Worm.AutoRun.ekv> : C:\WINDOWS\system32\ckvo0.dll
<Worm.AutoRun.BC.1> : C:\WINDOWS\system32\ckvo.exe
<Trojan.Agent.463360.B> : C:\Documents and Settings\USUARIO\Mis documentos\Mis archivos recibidos\Downloads Firefox\WinRAR.v3.71.patch.by.FOFF\foff_patch.exe
Advanced Files Report
%PROGRAMFILES%\SUPERAntiSpyware\SASWINLO.dll [SUPERAntiSpyware.com] [SUPERAntiSpyware WinLogon Processor] MD5=3B2F85D8C913CE452ADE4A0D24299FEA SIZE=294912
%SYSDIR%\LMIinit.dll [LogMeIn, Inc.] [LogMeIn] MD5=ECDD416112F4BA4FB0D40233C5B5C149 SIZE=87352
%SYSDIR%\LMIRfsClientNP.dll [LogMeIn, Inc.] [LogMeIn] MD5=A6BD27E398BA8F68FF39196C4057D692 SIZE=83288
%SystemDiskRoot%\Logistika\Client9i\bin\oci.dll [Oracle Corporation] MD5=C1A1F5C610506C7B4BC9B3E7647A283F SIZE=114688
%SYSDIR%\E_SL2604.DLL [SEIKO EPSON CORPORATION] [EPSON Bi-directional Printer] MD5=E292F014D08D987D463BE19D973FC39F SIZE=73869
%SYSDIR%\LMIport.dll [LogMeIn, Inc.] [RemotelyAnywhere] MD5=3CFD875B977E90A90962D8599F055734 SIZE=24608
%SYSDIR%\spool\PRTPROCS\W32X86\LMIproc.dll [LogMeIn, Inc.] [RemotelyAnywhere] MD5=8018CCCDA1817F3F497F0D533F381BE8 SIZE=47416
%PROGRAMFILES%\Bonjour\mDNSResponder.exe [Apple Inc.] [Bonjour] MD5=CFD4C3352E29A8B729536648466E8DF5 SIZE=229376
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\ekrn.exe [ESET] [Eset Smart Security] MD5=6B60F3F73C3012968146EBF74652052D SIZE=455936
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\ekrnScan.dll [ESET] [Eset Smart Security] MD5=51C29902753E1A6FD2B6DED53111336E SIZE=156928
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\ekrnAmon.dll [ESET] [Eset Smart Security] MD5=CF43BB03901C63758953B923E768F352 SIZE=120064
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\ekrnEmon.dll [ESET] [Eset Smart Security] MD5=F43C95DC7C8389A0238087E87AEC3612 SIZE=99584
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\ekrnEpfw.dll [ESET] [Eset Smart Security] MD5=F53D2B83BC5BD46F0B07325170E5D94A SIZE=677120
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\ekrnUpdate.dll [ESET] [Eset Smart Security] MD5=FDEA4ACB854EE840CFFB439E1D1D8272 SIZE=132352
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\updater.dll [ESET] [Eset Smart Security] MD5=34F2F9F27F7F4D79B66251CB441F6708 SIZE=169216
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\ekrnMailPlugins.dll [ESET] [Eset Smart Security] MD5=82A82BBF37BCDC917BD3FB51BF16CE74 SIZE=91392
%PROGRAMFILES%\LogMeIn\x86\RaMaint.exe [LogMeIn, Inc.] [LogMeIn] MD5=512744753E085518B19AF81295E96E84 SIZE=116032
%PROGRAMFILES%\LogMeIn\x86\LogMeIn.exe [LogMeIn, Inc.] [LogMeIn] MD5=9015122D04C195BDAB88FEBCBAE229DB SIZE=63040
%PROGRAMFILES%\LogMeIn\x86\LogMeIn.dll [LogMeIn, Inc.] [LogMeIn] MD5=B2E920FF5C6F57932948EBD6BB6F11E4 SIZE=3970360
%PROGRAMFILES%\LogMeIn\x86\LMIGuardian.exe [LogMeIn, Inc.] [LMIGuardian] MD5=90E61AE78EBBB1C69D22569B17A8AFF4 SIZE=87360
%PROGRAMFILES%\LogMeIn\x86\LMIGuardianDll.dll [LogMeIn, Inc.] [LMIGuardianHttp] MD5=E108136277273F631D91080D401B566A SIZE=374072
%PROGRAMFILES%\VisualTaskTips\VttHooks.dll MD5=17AD810F822425A75C2A732FF0D2E4E8 SIZE=7680
%WINDIR%\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.dll [Y'z ToolBar DLL] MD5=BF2097E965B5AF983D6DE8FD19B80C7D SIZE=57344
%WINDIR%\BricoPacks\Crystal Clear\RocketDock\MouseHook2.dll MD5=39966E32921371C5F1C18884515F48C4 SIZE=3584
%PROGRAMFILES%\CursorXP\CurXP0.dll [Stardock CursorXP] MD5=87763A4528F2A656502559A0F34CDC6C SIZE=8192
%SYSDIR%\amvo1.dll MD5=D31675B9134B0B09EAD4121A3D85A131 SIZE=77312
%COMMONFILES%\Ahead\Lib\NeroDigitalExt.dll [Nero AG] [Nero Digital Tools] MD5=7D7FCD33061D13B40CB54CE250005121 SIZE=1807920
%COMMONFILES%\Adobe\Acrobat\ActiveX\PDFShell.ESP [Adobe Systems, Inc.] [Adobe PDF Shell Extension] MD5=BC24CFB8F1F16EC9FE70DA796A160F1F SIZE=311296
%SYSDIR%\igfxpph.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=AA6B2409B7CAFBDBD578790D66C46172 SIZE=200704
%SYSDIR%\hccutils.DLL [Intel Corporation] [Intel(R) Common User Interface] MD5=D0127023AF6070D5B479B1AE65B107A2 SIZE=102400
%SYSDIR%\igfxres.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=04E0C8E94E4B66AE466F8FE6FD7491C1 SIZE=188416
%SYSDIR%\igfxress.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=ED867BB9DF4953D8A9184FC9B6658B3E SIZE=3293184
%SYSDIR%\igfxsrvc.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=09A350F25D94D18190A8988E25671844 SIZE=46080
%PROGRAMFILES%\LogMeIn\x86\LogMeInSystray.dll [LogMeIn, Inc.] [LogMeIn] MD5=E307E200DBA1BFCB1AB27C16E9A83C0B SIZE=480576
%PROGRAMFILES%\LogMeIn\x86\rntfywnd.dll [LogMeIn, Inc.] [LogMeIn] MD5=DD5A5911C503E50064A194EE6BB3570C SIZE=111928
%PROGRAMFILES%\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [Rocket Division Software] [StarWind Alcohol Edition] MD5=B1691AF4A072CB674D600DB16DD7308E SIZE=275968
%SYSDIR%\ConnAPI.DLL [Nokia.] [Nokia Connectivity API] MD5=F8AA404663A74AA988E7A8715D96CDEC SIZE=243712
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\PCSCM.dll [Nokia] [PCSCM] MD5=D9DD929D4285409504DAF21CF08F09EB SIZE=552960
%COMMONFILES%\PCSuite\ConfServer\ConfServer.dll [Nokia] [Nokia Connectivity Library] MD5=D492D0C003B8BE42E3923AF0E4585041 SIZE=78848
%SYSDIR%\NclTools.dll [Nokia.] [Nokia Connectivity Library] MD5=D0204F7CD4E27FD77C97E060942A8DC5 SIZE=60416
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\Lang\LaunchApplication_spa-co.NLR [Nokia] MD5=8B9FAAF0A2EFE9962D8AC61DEF6510F9 SIZE=9728
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\eguiScan.dll [ESET] [Eset Smart Security] MD5=75DB92AEFD47B2B4D315FB3021149F82 SIZE=259328
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\eguiAmon.dll [ESET] [Eset Smart Security] MD5=75AF1A5DA8256956DF3A554AB78EDE0F SIZE=99584
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\eguiEmon.dll [ESET] [Eset Smart Security] MD5=278FD9F5787FD1310B8108C5356D738B SIZE=103680
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\eguiEpfw.dll [ESET] [Eset Smart Security] MD5=9EA47A21755F5E41D0F3080306A7DAF3 SIZE=759040
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\eguiUpdate.dll [ESET] [Eset Smart Security] MD5=6C76CE99E1D1BD995166621B0F7A3FBE SIZE=222464
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll [ESET] [Eset Smart Security] MD5=FA8FEDA800DD0EAD8443725AC39E5B5C SIZE=87296
%COMMONFILES%\Ahead\Lib\AdvrCntr2.dll [Nero AG] [AdvrCntr Module] MD5=955F8AEDF2B5335A8D98A53E3CCD2ACE SIZE=3069488
%COMMONFILES%\Ahead\Lib\NMIndexingServicePS.dll [Nero AG] [Nero Home] MD5=7A733B19EDBB72C8A853BD9E71595D9D SIZE=59440
%COMMONFILES%\Ahead\Lib\NMIndexStoreSvrPS.dll [Nero AG] [Nero Home] MD5=7166EDCCBAAF359DFED42B46F4587044 SIZE=21040
%COMMONFILES%\Ahead\Lib\NMDataServices.dll [Nero AG] [Nero Home] MD5=95273094268B65087D2EBB3D509B1B4C SIZE=2750000
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\PCSL.dll [Nokia] [Nokia PCSL] MD5=E186C8DE7CB604F1DC41B19C4CBE26A6 SIZE=4096
%PROGRAMFILES%\NOKIA\NOKIA PC SUITE 6\Lang\PcSync2_spa-co.nlr [Time Information Services Ltd.] [PcSync 2.0] MD5=E0419D6318D46675330586BDB8994215 SIZE=84480
%PROGRAMFILES%\NOKIA\NOKIA PC SUITE 6\Resource\PcSync2_Nokia.ngr [Time Information Services Ltd.] [PcSync 2.0] MD5=988A2698C9FFD79A9D57725B92465671 SIZE=1338368
%COMMONFILES%\Nokia\Adapters\NclSet.dll [Nokia] [Nokia Connectivity Library] MD5=5A6CC95CBEC007EF957BB873255554CE SIZE=269824
%COMMONFILES%\Nokia\Adapters\Nclaeo.dsc [Nokia Mobile Phones Ltd.] [Nokia Connectivity Library] MD5=12B95F15B418E60E8B2FC649836D631D SIZE=20480
%COMMONFILES%\Nokia\MPAPI\MPAPIps.dll [Nokia Corporation] [Nokia Connectivity Library] MD5=B8D644B39EF5232444F51B63015ED084 SIZE=48128
%SYSDIR%\amvo0.dll MD5=D31675B9134B0B09EAD4121A3D85A131 SIZE=77312
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\CommonSelectDevice.dll [Nokia] [Common Select Device module] MD5=323C5576D4404D3E3A620CE105FF7C74 SIZE=106496
%PROGRAMFILES%\Microsoft ActiveSync\rapimgr.exe [Microsoft Corporation] [Microsoft ActiveSync] MD5=7D4A768DEA3DC643CBB65222D5B1377B SIZE=199464
%COMMONFILES%\Ahead\Lib\NMIndexingService.exe [Nero AG] [Nero Home] MD5=E32686B4E27D11F83E3F2844E104C66C SIZE=271920
%COMMONFILES%\Ahead\Lib\NMLogCxx.dll [Nero AG] [Nero Home] MD5=4F266F317AD48F9127BEEF08D43EC05F SIZE=71216
%COMMONFILES%\Ahead\Lib\log4cxx.dll [Nero AG] [Nero Home] MD5=77DA24CC291B2BB3C001AC9196BC83AE SIZE=742960
%COMMONFILES%\Nokia\MPAPI\MPAPI3s.exe [Nokia Corporation] [Nokia Connectivity Library] MD5=8B63FAF88F529A14092A01BFA53D4E2F SIZE=471040
%WINDIR%\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe MD5=E6D9D561DC70442E1371C6A90F0CABCD SIZE=344064
%WINDIR%\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe [Y'z@Home] [Y'z ToolBar] MD5=B63A4CFCEF280F4CACF0A17E6C484D56 SIZE=90112
%WINDIR%\BricoPacks\Crystal Clear\YzToolbar\Languages\English.lang MD5=449EB7ED0056B5D2DE7EFE1151C4E7AA SIZE=53248
%COMMONFILES%\PCSuite\Services\ServiceLayer.exe [Nokia.] [PC Connectivity Solution] MD5=BF1ADC427620E14F45BC00447524A1DC SIZE=176640
%COMMONFILES%\PCSuite\Transports\NCLIrDAMM.dll [Nokia Corp.] [PC Connectivity Solution] MD5=3F865399518A6CFC2046365B7CEBE30D SIZE=51712
%COMMONFILES%\PCSuite\Transports\NCLRSMM.dll [Nokia] [PC Connectivity Solution] MD5=E78D2D8A3BC1724CDF5ADA414BA8264E SIZE=77824
%COMMONFILES%\PCSuite\Transports\NCLUSBMM.dll [Nokia] [PC Connectivity Solution] MD5=C822C42FAF0B053578B101EE6F2937A9 SIZE=88576
%COMMONFILES%\PCSuite\Transports\NclMSBTMM.dll [Nokia.] [PC Connectivity Solution] MD5=AD91B711B8320EC53A68F1485C9AD5B7 SIZE=75776
%COMMONFILES%\PCSuite\Services\NclDS.dll [Nokia] [Nokia Connectivity Library] MD5=31987C64AC4E11B706023CF32FE73519 SIZE=39424
%COMMONFILES%\Ahead\Lib\NMIndexStoreSvr.exe [Nero AG] [Nero Home] MD5=6DC177F1626545F087892E73E7609DD0 SIZE=1209904
%COMMONFILES%\Ahead\Lib\NMSQLDB.dll [Nero AG] [Nero Home] MD5=577489E0B1178CA0CCD726C2527EB33F SIZE=321072
%COMMONFILES%\Ahead\Lib\NMCoFoundation.dll [Nero AG] [Nero Home] MD5=D053B92AE72B533F602184F2D5211C10 SIZE=542256
%COMMONFILES%\Ahead\Lib\NMPluginBase.dll [Nero AG] [Nero Home] MD5=7F4C9599EE135EA3170697423D0AFFA6 SIZE=108080
%COMMONFILES%\Ahead\Lib\NMFullTextExtraction.dll [Nero AG] [Nero Home] MD5=B64657C1607CAA2F1B76ABE1C34A5F4E SIZE=181808
%COMMONFILES%\Ahead\Lib\NMSearchPluginSimilarImages.dll [Nero AG] [Nero Home] MD5=EC887F39C825DD70DF8CDEAF106EB369 SIZE=181808
%COMMONFILES%\Ahead\Lib\NeroIPP.dll [Nero AG] [Nero Suite] MD5=7403DA4C3D15D837EC3AF694A4C501B6 SIZE=3376688
%SystemDiskRoot%\DOCUME~1\USUARIO\CONFIG~1\Temp\help.exe
%STARTUP%\desktop.ini MD5=D6A6856702E3F0953E7246A9B4A9FE35 SIZE=84
%STARTUP%\RocketDock.lnk MD5=098B873E121A1BEFA24F88F82ED5FD42 SIZE=827
%STARTUP%\Y'z Toolbar.lnk MD5=F861E1661C4AE4A912C4F13738FED695 SIZE=817
%STARTUPALL%\desktop.ini MD5=D6A6856702E3F0953E7246A9B4A9FE35 SIZE=84
deskpan.dll
%PROGRAMFILES%\Microsoft Office\OFFICE11\MLSHEXT.DLL [Microsoft Corporation] [Microsoft Office Outlook] MD5=2D3732AF4570C7BB0E60596359C34FE0 SIZE=29272
%PROGRAMFILES%\Windows Live\Messenger\fsshext.8.5.1302.1018.dll [Microsoft Corporation] [Messenger] MD5=8BDE1F61DFBAAE7A2916170E8B75FE0F SIZE=329240
%PROGRAMFILES%\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [Nero AG] [Cover Designer] MD5=33077AC03F3236EBA4090AB0F121E81E SIZE=1963568
%PROGRAMFILES%\WinZip\wzshlstb.dll [WinZip Computing, S.L.] [WinZip] MD5=DB0BD3D32FEC52EBEA1CEF5E09B06262 SIZE=11104
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\PhoneBrowser.dll [Nokia] [Phone Browser] MD5=EDB20AF1046D3ED518ECEE0C0F4B493B SIZE=532480
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\shellExt.dll [ESET] [Eset Smart Security] MD5=68D840E5F21C1CFA614B04C473344873 SIZE=156928
%PROGRAMFILES%\Microsoft ActiveSync\Wcesview.dll [Microsoft Corporation] [Microsoft ActiveSync] MD5=0C75627AE09BE62006AA72EB95C547EC SIZE=256808
%PROGRAMFILES%\Bonjour\ExplorerPlugin.dll [Apple Inc.] [Bonjour] MD5=ABBCE3E4D7978BE0374508F8A898DD79 SIZE=516096
%PROGRAMFILES%\ZipZag\zipzagcm.dll MD5=E66A9777F091ED11A1EE1DBDC805C901 SIZE=141312
%WINDIR%\BricoPacks\Crystal Clear\iColorFolder\CMExt.dll [Revenger inc.] MD5=66CD17BEC14AD29C957FC77B797723E8 SIZE=46592
%PROGRAMFILES%\WinRAR\rarext.dll MD5=023707D932BA31314210E6844D33D500 SIZE=129024
%PROGRAMFILES%\SUPERAntiSpyware\SASSEH.DLL [SuperAdBlocker.com] [SuperAntiSpyware] MD5=ECD5517A6633826057D4F050927DDF56 SIZE=77824
%SYSDIR%\igfxdev.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=58C8809D7486DB2D9C6A24A8630A5478 SIZE=204800
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\svchost -k DcomLaunch
%SYSDIR%\svchost.exe -k NetworkService
%SYSDIR%\DRIVERS\eamon.sys [Eset] [NOD32 Antivirus System] MD5=0FB0EFEDFEB3DB2DD2C3E43D4B9217DD SIZE=33800
%SYSDIR%\DRIVERS\easdrv.sys [ESET] [Eset Smart Security] MD5=6DFF86CC950E761BC09CD22C0F53A140 SIZE=27656
%SYSDIR%\DRIVERS\epfwtdir.sys MD5=C8C4C1D0299A2253450B50B6813196CF SIZE=30728
%SYSDIR%\DRIVERS\igxpmp32.sys [Intel Corporation] [Intel Graphics Accelerator Drivers for Windows NT(R)] MD5=2AAE7BE67911F4AEC9AD28E9CFB9096F SIZE=5672032
%SYSDIR%\drivers\RtkHDAud.sys [Realtek Semiconductor Corp.] [Realtek(r) High Definition Audio Function Driver (HRTF data Copyright 1994 by MIT Media Lab)] MD5=A5D5B8C427F4B67580FB2B511291A89D SIZE=4381184
%SYSDIR%\svchost.exe -k LocalService
%PROGRAMFILES%\LogMeIn\x86\RaInfo.sys [LogMeIn, Inc.] [RemotelyAnywhere] MD5=4F69FAAABB7DB0D43E327C0B6AAB40FC SIZE=12856
%SYSDIR%\DRIVERS\lmimirr.sys [LogMeIn, Inc.] [LogMeIn] MD5=4477689E2D8AE6B78BA34C9AF4CC1ED1 SIZE=10144
%SYSDIR%\drivers\LMIRfsDriver.sys [LogMeIn, Inc.] [LogMeIn] MD5=622704763DA924C1565344E8C7D6CA4D SIZE=45848
%SYSDIR%\svchost -k rpcss
%SYSDIR%\DRIVERS\Rtenicxp.sys [Realtek Semiconductor Corporation] [Realtek 10/100/1000 NIC Family all in one NDIS Driver] MD5=E6E5AF7D6920824B066832D3E1665506 SIZE=94592
%PROGRAMFILES%\SUPERAntiSpyware\SASDIFSV.SYS [SUPERAdBlocker.com and SUPERAntiSpyware.com] [SUPERAntiSpyware] MD5=C030C9A39E85B6F04A8DD25D1A50258A SIZE=8944
%PROGRAMFILES%\SUPERAntiSpyware\SASKUTIL.sys [SUPERAdBlocker.com and SUPERAntiSpyware.com] [SUPERAntiSpyware] MD5=64C100DBF57C6CB6E7D5D24153F5E444 SIZE=55024
%SYSDIR%\Drivers\sptd.sys SIZE=716272
%SYSDIR%\svchost.exe -k imgsvc
%PROGRAMFILES%\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll [Microsoft Corporation] [Messenger] MD5=56319E6B4D190A2DEB4463A9CE4D4F74 SIZE=66072
%PROGRAMFILES%\Quest Software\Toad for Oracle Trial\RNetPin.dll [RNet IE Plugin Dynamic Link Library] MD5=28D6439887437DE10D0D1337B46690A0 SIZE=266240
End of Report
Última edición por penagos10 fecha: 07/08/08 a las 11:36:43.      |
|
24/07/08, 15:04:56
| |
| |||
| Re: Virus entro X USB ckvo0.dll Y esto es lo ke me ha detectado ultimamente tambien Código: Logfile of Spyware Terminator v2.2.1.433 (db:2.007.022.000)
Scan Time: 23/07/2008 11:00:32 length: 144 s
Platform: WXP (5.1.0.2600)
User: Admin
Boot Mode: Normal
Scan type: Fast_Spyware_Scan
Scanned Objects: 32795 (Critical:0)
Filter: No System items, No Safe items, No Invalid items
Running Processes
mDNSResponder.exe [Apple Inc.] : C:\Archivos de programa\Bonjour\mDNSResponder.exe
ekrn.exe [ESET] : C:\Archivos de programa\ESET\ESET NOD32 Antivirus\ekrn.exe
RaMaint.exe [LogMeIn, Inc.] : C:\Archivos de programa\LogMeIn\x86\RaMaint.exe
LogMeIn.exe [LogMeIn, Inc.] : C:\Archivos de programa\LogMeIn\x86\LogMeIn.exe
LMIGuardian.exe [LogMeIn, Inc.] : C:\Archivos de programa\LogMeIn\x86\LMIGuardian.exe
StarWindServiceAE.exe [Rocket Division Software] : C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
igfxpers.exe [Intel Corporation] : C:\WINDOWS\system32\igfxpers.exe
LogMeInSystray.exe [LogMeIn, Inc.] : C:\Archivos de programa\LogMeIn\x86\LogMeInSystray.exe
LMIGuardian.exe [LogMeIn, Inc.] : C:\Archivos de programa\LogMeIn\x86\LMIGuardian.exe
LaunchApplication.exe [Nokia] : C:\Archivos de programa\Nokia\Nokia PC Suite 6\LaunchApplication.exe
egui.exe [ESET] : C:\Archivos de programa\ESET\ESET NOD32 Antivirus\egui.exe
VisualTaskTips.exe [VisualTaskTips.com] : C:\Archivos de programa\VisualTaskTips\VisualTaskTips.exe
ServiceLayer.exe [Nokia.] : C:\Archivos de programa\Archivos comunes\PCSuite\Services\ServiceLayer.exe
rapimgr.exe [Microsoft Corporation] : C:\Archivos de programa\Microsoft ActiveSync\rapimgr.exe
NMIndexingService.exe [Nero AG] : C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMIndexingService.exe
RocketDock.exe : C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
MPAPI3s.exe [Nokia Corporation] : C:\Archivos de programa\Archivos comunes\Nokia\MPAPI\MPAPI3s.exe
NMIndexStoreSvr.exe [Nero AG] : C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMIndexStoreSvr.exe
cAIMP.exe [Artem Izmaylov] : C:\Archivos de programa\AIMP Classic\cAIMP.exe
WLLoginProxy.exe [Microsoft Corporation] : C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLLoginProxy.exe
Logistika Retail.exe [ ] : C:\Logistika\BackOffice Retail\Logistika Retail.exe
msnmsgr.exe [Microsoft Corporation] : C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe
usnsvc.exe [Microsoft Corporation] : C:\Archivos de programa\Windows Live\Messenger\usnsvc.exe
EXCEL.EXE [Microsoft Corporation] : C:\Archivos de programa\Microsoft Office\OFFICE11\EXCEL.EXE
Internet Settings
R - HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar = http://www.google.com/ie
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://www.google.com/ie
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
R - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings, ProxyOverride = *.local
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - [www.flashget.com] : C:\Archivos de programa\FlashGet\getflash.dll
StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, VisualTaskTips : [VisualTaskTips.com] : C:\Archivos de programa\VisualTaskTips\VisualTaskTips.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AlcoholAutomount : [Alcohol Soft Development Team] : C:\Archivos de programa\ALCOHOL SOFT\ALCOHOL 120\AXCMD.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Persistence : [Intel Corporation] : C:\WINDOWS\system32\igfxpers.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SkyTel : [Realtek Semiconductor Corp.] : C:\WINDOWS\SkyTel.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, LogMeIn GUI : [LogMeIn, Inc.] : C:\Archivos de programa\LogMeIn\x86\LogMeInSystray.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Adobe Reader Speed Launcher : [Adobe Systems Incorporated] : C:\Archivos de programa\ADOBE\READER 8.0\READER\READER_SL.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Actualizador de Archivos : : C:\WINDOWS\IVPV2\TOOLS\ACTUALIZADOR DE ARCHIVOS.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, PCSuiteTrayApplication : [Nokia] : C:\Archivos de programa\Nokia\Nokia PC Suite 6\LaunchApplication.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, egui : [ESET] : C:\Archivos de programa\ESET\ESET NOD32 Antivirus\egui.exe
04 - Startup: %STARTUP%\RocketDock.lnk : C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
04 - Startup: %STARTUP%\Y'z Toolbar.lnk [Y'z@Home] : C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
Shell Extensions
Microsoft Office Outlook - {00020D75-0000-0000-C000-000000000046} - [Microsoft Corporation] : C:\Archivos de programa\Microsoft Office\OFFICE11\MLSHEXT.DLL
Mis carpetas para compartir - {FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} - [Microsoft Corporation] : C:\Archivos de programa\Windows Live\Messenger\fsshext.8.5.1302.1018.dll
NeroCoverEdLiveIcons Class - {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} - [Nero AG] : C:\Archivos de programa\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll
NeroDigitalIconHandler Class - {B327765E-D724-4347-8B16-78AE18552FC3} - [Nero AG] : C:\Archivos de programa\Archivos comunes\Ahead\Lib\NeroDigitalExt.dll
NeroDigitalPropSheetHandler Class - {7F1CF152-04F8-453A-B34C-E609530A9DC8} - [Nero AG] : C:\Archivos de programa\Archivos comunes\Ahead\Lib\NeroDigitalExt.dll
WinZip - {E0D79304-84BE-11CE-9641-444553540000} - [WinZip Computing, S.L.] : C:\Archivos de programa\WinZip\wzshlstb.dll
WinZip - {E0D79305-84BE-11CE-9641-444553540000} - [WinZip Computing, S.L.] : C:\Archivos de programa\WinZip\wzshlstb.dll
WinZip - {E0D79306-84BE-11CE-9641-444553540000} - [WinZip Computing, S.L.] : C:\Archivos de programa\WinZip\wzshlstb.dll
WinZip - {E0D79307-84BE-11CE-9641-444553540000} - [WinZip Computing, S.L.] : C:\Archivos de programa\WinZip\wzshlstb.dll
Nokia Phone Browser - {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} - [Nokia] : C:\Archivos de programa\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
Eset Smart Security - Context Menu Shell Extension - {B089FE88-FB52-11D3-BDF1-0050DA34150D} - [ESET] : C:\Archivos de programa\ESET\ESET NOD32 Antivirus\shellExt.dll
Mobile Device - {49BF5420-FA7F-11cf-8011-00A0C90A8F78} - [Microsoft Corporation] : C:\Archivos de programa\Microsoft ActiveSync\Wcesview.dll
Bonjour - {9999A076-A9E2-4C99-8A2B-632FC9429223} - [Apple Inc.] : C:\Archivos de programa\Bonjour\ExplorerPlugin.dll
ZipZag Shell Extension - {A965C8E0-54A7-11D6-BF08-00079500BB23} - : C:\Archivos de programa\ZipZag\zipzagcm.dll
CMenuExtender - {ABC70703-32AF-11d4-90C4-D483A70F4825} - [Revenger inc.] : C:\WINDOWS\BricoPacks\Crystal Clear\iColorFolder\CMExt.dll
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : C:\Archivos de programa\WinRAR\rarext.dll
Shell Extecute Hooks
SABShellExecuteHook Class - {{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}} - [SuperAdBlocker.com] : C:\Archivos de programa\SUPERAntiSpyware\SASSEH.DLL
Protocol Handler
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Archivos de programa\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Archivos de programa\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
Quest RevNet Protocol - {9DE24BAC-FC3C-42c4-9FC4-76B3FAFDBD90} - : C:\Archivos de programa\Quest Software\Toad for Oracle Trial\RNetPin.dll
Services
23 - [Apple Inc.] : C:\Archivos de programa\Bonjour\mDNSResponder.exe
23 - [Eset] : C:\WINDOWS\system32\DRIVERS\eamon.sys
23 - [ESET] : C:\WINDOWS\system32\DRIVERS\easdrv.sys
23 - [ESET] : C:\Archivos de programa\ESET\ESET NOD32 Antivirus\ekrn.exe
23 - : C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
23 - [Intel Corporation] : C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
23 - [Realtek Semiconductor Corp.] : C:\WINDOWS\system32\drivers\RtkHDAud.sys
23 - [LogMeIn, Inc.] : C:\Archivos de programa\LogMeIn\x86\RaInfo.sys
23 - [LogMeIn, Inc.] : C:\Archivos de programa\LogMeIn\x86\RaMaint.exe
23 - [LogMeIn, Inc.] : C:\WINDOWS\system32\DRIVERS\lmimirr.sys
23 - [LogMeIn, Inc.] : C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
23 - [LogMeIn, Inc.] : C:\Archivos de programa\LogMeIn\x86\LogMeIn.exe
23 - [Nero AG] : C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMIndexingService.exe
23 - [Realtek Semiconductor Corporation] : C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
23 - [SUPERAdBlocker.com and SUPERAntiSpyware.com] : C:\Archivos de programa\SUPERAntiSpyware\SASDIFSV.SYS
23 - [SUPERAdBlocker.com and SUPERAntiSpyware.com] : C:\Archivos de programa\SUPERAntiSpyware\SASKUTIL.sys
23 - [Nokia.] : C:\Archivos de programa\Archivos comunes\PCSuite\Services\ServiceLayer.exe
23 - : C:\WINDOWS\system32\Drivers\sptd.sys
23 - [Rocket Division Software] : C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
23 - [Microsoft Corporation] : C:\Archivos de programa\Windows Live\Messenger\usnsvc.exe
Winlogon Notify
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon, DLLName : [SUPERAntiSpyware.com] : C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.dll
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui, DLLName : [Intel Corporation] : C:\WINDOWS\system32\igfxdev.dll
Advanced Files Report
%PROGRAMFILES%\SUPERAntiSpyware\SASWINLO.dll [SUPERAntiSpyware.com] [SUPERAntiSpyware WinLogon Processor] MD5=3B2F85D8C913CE452ADE4A0D24299FEA SIZE=294912
%SYSDIR%\LMIinit.dll [LogMeIn, Inc.] [LogMeIn] MD5=ECDD416112F4BA4FB0D40233C5B5C149 SIZE=87352
%SYSDIR%\LMIRfsClientNP.dll [LogMeIn, Inc.] [LogMeIn] MD5=A6BD27E398BA8F68FF39196C4057D692 SIZE=83288
%SystemDiskRoot%\Logistika\Client9i\bin\oci.dll [Oracle Corporation] MD5=C1A1F5C610506C7B4BC9B3E7647A283F SIZE=114688
%SYSDIR%\E_SL2604.DLL [SEIKO EPSON CORPORATION] [EPSON Bi-directional Printer] MD5=E292F014D08D987D463BE19D973FC39F SIZE=73869
%SYSDIR%\LMIport.dll [LogMeIn, Inc.] [RemotelyAnywhere] MD5=3CFD875B977E90A90962D8599F055734 SIZE=24608
%SYSDIR%\spool\PRTPROCS\W32X86\LMIproc.dll [LogMeIn, Inc.] [RemotelyAnywhere] MD5=8018CCCDA1817F3F497F0D533F381BE8 SIZE=47416
%SYSDIR%\spool\DRIVERS\W32X86\3\CNLB0MUI_DDF09.DLL [CANON INC.] [Canon UFR II Printer Driver User Interface for Microsoft(R) Windows(R) 2000/XP/Server 2003] MD5=E915BFD06497C42BB82C592B11680465 SIZE=1736704
%PROGRAMFILES%\Bonjour\mDNSResponder.exe [Apple Inc.] [Bonjour] MD5=CFD4C3352E29A8B729536648466E8DF5 SIZE=229376
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\ekrn.exe [ESET] [Eset Smart Security] MD5=6B60F3F73C3012968146EBF74652052D SIZE=455936
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\ekrnScan.dll [ESET] [Eset Smart Security] MD5=51C29902753E1A6FD2B6DED53111336E SIZE=156928
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\ekrnAmon.dll [ESET] [Eset Smart Security] MD5=CF43BB03901C63758953B923E768F352 SIZE=120064
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\ekrnEmon.dll [ESET] [Eset Smart Security] MD5=F43C95DC7C8389A0238087E87AEC3612 SIZE=99584
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\ekrnEpfw.dll [ESET] [Eset Smart Security] MD5=F53D2B83BC5BD46F0B07325170E5D94A SIZE=677120
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\ekrnUpdate.dll [ESET] [Eset Smart Security] MD5=FDEA4ACB854EE840CFFB439E1D1D8272 SIZE=132352
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\updater.dll [ESET] [Eset Smart Security] MD5=34F2F9F27F7F4D79B66251CB441F6708 SIZE=169216
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\ekrnMailPlugins.dll [ESET] [Eset Smart Security] MD5=82A82BBF37BCDC917BD3FB51BF16CE74 SIZE=91392
%PROGRAMFILES%\LogMeIn\x86\RaMaint.exe [LogMeIn, Inc.] [LogMeIn] MD5=512744753E085518B19AF81295E96E84 SIZE=116032
%PROGRAMFILES%\LogMeIn\x86\LogMeIn.exe [LogMeIn, Inc.] [LogMeIn] MD5=9015122D04C195BDAB88FEBCBAE229DB SIZE=63040
%PROGRAMFILES%\LogMeIn\x86\LogMeIn.dll [LogMeIn, Inc.] [LogMeIn] MD5=B2E920FF5C6F57932948EBD6BB6F11E4 SIZE=3970360
%PROGRAMFILES%\LogMeIn\x86\LMIGuardian.exe [LogMeIn, Inc.] [LMIGuardian] MD5=90E61AE78EBBB1C69D22569B17A8AFF4 SIZE=87360
%PROGRAMFILES%\LogMeIn\x86\LMIGuardianDll.dll [LogMeIn, Inc.] [LMIGuardianHttp] MD5=E108136277273F631D91080D401B566A SIZE=374072
%PROGRAMFILES%\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [Rocket Division Software] [StarWind Alcohol Edition] MD5=B1691AF4A072CB674D600DB16DD7308E SIZE=275968
%PROGRAMFILES%\VisualTaskTips\VttHooks.dll MD5=17AD810F822425A75C2A732FF0D2E4E8 SIZE=7680
%SYSDIR%\hccutils.DLL [Intel Corporation] [Intel(R) Common User Interface] MD5=D0127023AF6070D5B479B1AE65B107A2 SIZE=102400
%SYSDIR%\igfxsrvc.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=09A350F25D94D18190A8988E25671844 SIZE=46080
%SYSDIR%\igfxres.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=04E0C8E94E4B66AE466F8FE6FD7491C1 SIZE=188416
%SYSDIR%\igfxress.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=ED867BB9DF4953D8A9184FC9B6658B3E SIZE=3293184
%PROGRAMFILES%\LogMeIn\x86\LogMeInSystray.dll [LogMeIn, Inc.] [LogMeIn] MD5=E307E200DBA1BFCB1AB27C16E9A83C0B SIZE=480576
%PROGRAMFILES%\LogMeIn\x86\rntfywnd.dll [LogMeIn, Inc.] [LogMeIn] MD5=DD5A5911C503E50064A194EE6BB3570C SIZE=111928
%SYSDIR%\ConnAPI.DLL [Nokia.] [Nokia Connectivity API] MD5=F8AA404663A74AA988E7A8715D96CDEC SIZE=243712
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\PCSCM.dll [Nokia] [PCSCM] MD5=D9DD929D4285409504DAF21CF08F09EB SIZE=552960
%COMMONFILES%\PCSuite\ConfServer\ConfServer.dll [Nokia] [Nokia Connectivity Library] MD5=D492D0C003B8BE42E3923AF0E4585041 SIZE=78848
%SYSDIR%\NclTools.dll [Nokia.] [Nokia Connectivity Library] MD5=D0204F7CD4E27FD77C97E060942A8DC5 SIZE=60416
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\Lang\LaunchApplication_spa-co.NLR [Nokia] MD5=8B9FAAF0A2EFE9962D8AC61DEF6510F9 SIZE=9728
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\eguiScan.dll [ESET] [Eset Smart Security] MD5=75DB92AEFD47B2B4D315FB3021149F82 SIZE=259328
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\eguiAmon.dll [ESET] [Eset Smart Security] MD5=75AF1A5DA8256956DF3A554AB78EDE0F SIZE=99584
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\eguiEmon.dll [ESET] [Eset Smart Security] MD5=278FD9F5787FD1310B8108C5356D738B SIZE=103680
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\eguiEpfw.dll [ESET] [Eset Smart Security] MD5=9EA47A21755F5E41D0F3080306A7DAF3 SIZE=759040
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\eguiUpdate.dll [ESET] [Eset Smart Security] MD5=6C76CE99E1D1BD995166621B0F7A3FBE SIZE=222464
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll [ESET] [Eset Smart Security] MD5=FA8FEDA800DD0EAD8443725AC39E5B5C SIZE=87296
%WINDIR%\BricoPacks\Crystal Clear\RocketDock\MouseHook2.dll MD5=39966E32921371C5F1C18884515F48C4 SIZE=3584
%PROGRAMFILES%\CursorXP\CurXP0.dll [Stardock CursorXP] MD5=87763A4528F2A656502559A0F34CDC6C SIZE=8192
%COMMONFILES%\Ahead\Lib\AdvrCntr2.dll [Nero AG] [AdvrCntr Module] MD5=955F8AEDF2B5335A8D98A53E3CCD2ACE SIZE=3069488
%COMMONFILES%\Ahead\Lib\NMIndexingServicePS.dll [Nero AG] [Nero Home] MD5=7A733B19EDBB72C8A853BD9E71595D9D SIZE=59440
%COMMONFILES%\Ahead\Lib\NMIndexStoreSvrPS.dll [Nero AG] [Nero Home] MD5=7166EDCCBAAF359DFED42B46F4587044 SIZE=21040
%COMMONFILES%\Ahead\Lib\NMDataServices.dll [Nero AG] [Nero Home] MD5=95273094268B65087D2EBB3D509B1B4C SIZE=2750000
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\PCSL.dll [Nokia] [Nokia PCSL] MD5=E186C8DE7CB604F1DC41B19C4CBE26A6 SIZE=4096
%PROGRAMFILES%\NOKIA\NOKIA PC SUITE 6\Lang\PcSync2_spa-co.nlr [Time Information Services Ltd.] [PcSync 2.0] MD5=E0419D6318D46675330586BDB8994215 SIZE=84480
%PROGRAMFILES%\NOKIA\NOKIA PC SUITE 6\Resource\PcSync2_Nokia.ngr [Time Information Services Ltd.] [PcSync 2.0] MD5=988A2698C9FFD79A9D57725B92465671 SIZE=1338368
%COMMONFILES%\Nokia\Adapters\NclSet.dll [Nokia] [Nokia Connectivity Library] MD5=5A6CC95CBEC007EF957BB873255554CE SIZE=269824
%COMMONFILES%\Nokia\Adapters\Nclaeo.dsc [Nokia Mobile Phones Ltd.] [Nokia Connectivity Library] MD5=12B95F15B418E60E8B2FC649836D631D SIZE=20480
%COMMONFILES%\Nokia\MPAPI\MPAPIps.dll [Nokia Corporation] [Nokia Connectivity Library] MD5=B8D644B39EF5232444F51B63015ED084 SIZE=48128
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\CommonSelectDevice.dll [Nokia] [Common Select Device module] MD5=323C5576D4404D3E3A620CE105FF7C74 SIZE=106496
%COMMONFILES%\PCSuite\Services\ServiceLayer.exe [Nokia.] [PC Connectivity Solution] MD5=BF1ADC427620E14F45BC00447524A1DC SIZE=176640
%COMMONFILES%\PCSuite\Transports\NCLIrDAMM.dll [Nokia Corp.] [PC Connectivity Solution] MD5=3F865399518A6CFC2046365B7CEBE30D SIZE=51712
%COMMONFILES%\PCSuite\Transports\NCLRSMM.dll [Nokia] [PC Connectivity Solution] MD5=E78D2D8A3BC1724CDF5ADA414BA8264E SIZE=77824
%COMMONFILES%\PCSuite\Services\NclDS.dll [Nokia] [Nokia Connectivity Library] MD5=31987C64AC4E11B706023CF32FE73519 SIZE=39424
%COMMONFILES%\PCSuite\Transports\NCLUSBMM.dll [Nokia] [PC Connectivity Solution] MD5=C822C42FAF0B053578B101EE6F2937A9 SIZE=88576
%COMMONFILES%\PCSuite\Transports\NclMSBTMM.dll [Nokia.] [PC Connectivity Solution] MD5=AD91B711B8320EC53A68F1485C9AD5B7 SIZE=75776
%PROGRAMFILES%\Microsoft ActiveSync\rapimgr.exe [Microsoft Corporation] [Microsoft ActiveSync] MD5=7D4A768DEA3DC643CBB65222D5B1377B SIZE=199464
%COMMONFILES%\Ahead\Lib\NMIndexingService.exe [Nero AG] [Nero Home] MD5=E32686B4E27D11F83E3F2844E104C66C SIZE=271920
%COMMONFILES%\Ahead\Lib\NMLogCxx.dll [Nero AG] [Nero Home] MD5=4F266F317AD48F9127BEEF08D43EC05F SIZE=71216
%COMMONFILES%\Ahead\Lib\log4cxx.dll [Nero AG] [Nero Home] MD5=77DA24CC291B2BB3C001AC9196BC83AE SIZE=742960
%WINDIR%\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe MD5=E6D9D561DC70442E1371C6A90F0CABCD SIZE=344064
%COMMONFILES%\Nokia\MPAPI\MPAPI3s.exe [Nokia Corporation] [Nokia Connectivity Library] MD5=8B63FAF88F529A14092A01BFA53D4E2F SIZE=471040
%COMMONFILES%\Ahead\Lib\NMIndexStoreSvr.exe [Nero AG] [Nero Home] MD5=6DC177F1626545F087892E73E7609DD0 SIZE=1209904
%COMMONFILES%\Ahead\Lib\NMSQLDB.dll [Nero AG] [Nero Home] MD5=577489E0B1178CA0CCD726C2527EB33F SIZE=321072
%COMMONFILES%\Ahead\Lib\NMCoFoundation.dll [Nero AG] [Nero Home] MD5=D053B92AE72B533F602184F2D5211C10 SIZE=542256
%COMMONFILES%\Ahead\Lib\NMFullTextExtraction.dll [Nero AG] [Nero Home] MD5=B64657C1607CAA2F1B76ABE1C34A5F4E SIZE=181808
%COMMONFILES%\Ahead\Lib\NMSearchPluginSimilarImages.dll [Nero AG] [Nero Home] MD5=EC887F39C825DD70DF8CDEAF106EB369 SIZE=181808
%COMMONFILES%\Ahead\Lib\NeroIPP.dll [Nero AG] [Nero Suite] MD5=7403DA4C3D15D837EC3AF694A4C501B6 SIZE=3376688
%WINDIR%\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.dll [Y'z ToolBar DLL] MD5=BF2097E965B5AF983D6DE8FD19B80C7D SIZE=57344
%PROGRAMFILES%\SUPERAntiSpyware\SASSEH.DLL [SuperAdBlocker.com] [SuperAntiSpyware] MD5=ECD5517A6633826057D4F050927DDF56 SIZE=77824
%COMMONFILES%\Ahead\Lib\NeroDigitalExt.dll [Nero AG] [Nero Digital Tools] MD5=7D7FCD33061D13B40CB54CE250005121 SIZE=1807920
%COMMONFILES%\Adobe\Acrobat\ActiveX\PDFShell.ESP [Adobe Systems, Inc.] [Adobe PDF Shell Extension] MD5=BC24CFB8F1F16EC9FE70DA796A160F1F SIZE=311296
%PROGRAMFILES%\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes] [Malwarebytes Context Menu] MD5=945DC027F44A8BE51CB0AE320DA5FDF2 SIZE=36472
%PROGRAMFILES%\Nero\Nero 7\Nero BackItUp\NBShell.dll [Nero AG] [Nero BackItUp] MD5=A2E8E04B537E6A30F096BC7389BB2C02 SIZE=99888
%PROGRAMFILES%\SUPERAntiSpyware\SASCTXMN.DLL [SUPERAntiSpyware.com] [SUPERAntiSpyware Context Menu Extension] MD5=D617404D119B1DB10366692447D8A648 SIZE=61440
%PROGRAMFILES%\ZipZag\zipzagcm.dll MD5=E66A9777F091ED11A1EE1DBDC805C901 SIZE=141312
%PROGRAMFILES%\WinZip\wzshlstb.dll [WinZip Computing, S.L.] [WinZip] MD5=DB0BD3D32FEC52EBEA1CEF5E09B06262 SIZE=11104
%PROGRAMFILES%\WinRAR\rarext.dll MD5=023707D932BA31314210E6844D33D500 SIZE=129024
%PROGRAMFILES%\ESET\ESET NOD32 Antivirus\shellExt.dll [ESET] [Eset Smart Security] MD5=68D840E5F21C1CFA614B04C473344873 SIZE=156928
%PROGRAMFILES%\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [Nero AG] [Cover Designer] MD5=33077AC03F3236EBA4090AB0F121E81E SIZE=1963568
%PROGRAMFILES%\AIMP Classic\System\menu.dll [Artem Izmaylov] [AIMP Classic] MD5=F439D64532CF62CDF921F4A1244254E4 SIZE=56832
%SYSDIR%\spool\DRIVERS\W32X86\3\CNLB0M_DDF09.DLL [CANON INC.] [CANON UFR II Printer Driver for Microsoft Windows 2000/XP/Server 2003] MD5=E4B100125BC0576E2AB4112EBD30B9BC SIZE=1091072
%SYSDIR%\igfxpph.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=AA6B2409B7CAFBDBD578790D66C46172 SIZE=200704
%PROGRAMFILES%\K-Lite Codec Pack\ffdshow\ffdshow.ax [ffdshow] MD5=4DF0ABEF80DBE143A00CEC70B8319873 SIZE=2281472
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\PhoneBrowser.dll [Nokia] [Phone Browser] MD5=EDB20AF1046D3ED518ECEE0C0F4B493B SIZE=532480
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_spa-co.nlr [Nokia] [Nokia Phone Browser] MD5=1BF500BB3FCE606C26060D17DB0D2829 SIZE=25088
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr [Nokia] [Nokia Phone Browser] MD5=13E2720AF130C6BAD56AEA7B46141386 SIZE=585728
%PROGRAMFILES%\AIMP Classic\cAIMP.exe [Artem Izmaylov] [AIMP Classic] MD5=6F6AEAD06526E870A03BD13D2BB9DE7E SIZE=456704
%PROGRAMFILES%\AIMP Classic\system\aimp_res.dll [Artem Izmaylov] [AIMP Classic] MD5=262A6D4D76C8B6C08284DC9DD7E1EAD6 SIZE=161792
%PROGRAMFILES%\AIMP Classic\system\bass.dll [Un4seen Developments] MD5=048E4659465B2F39511CF2E81A7E5A3B SIZE=92728
%PROGRAMFILES%\AIMP Classic\system\bass_cda.dll [Un4seen Developments] MD5=B554D48BDA02294C415F50AE53A47704 SIZE=16952
%PROGRAMFILES%\AIMP Classic\system\bass_wadsp.dll [TEN53] [BASS_WADSP] MD5=48F1E5093A0A270C740BCECC4094BDE0 SIZE=11776
%PROGRAMFILES%\AIMP Classic\system\bass_wma.dll [Un4seen Developments] MD5=A2E7E0872BC485D7293F58566EF6B3D7 SIZE=14904
%PROGRAMFILES%\AIMP Classic\Plugins\aimp_dsa.dll [Artem Izmaylov] [AIMP Classic] MD5=9D8AEA3EAA8E3220BDD2AA36C39ED976 SIZE=13824
%PROGRAMFILES%\AIMP Classic\Plugins\aimp_mac.dll [Artem Izmaylov] [AIMP MMC PRO] MD5=DC6074F32B48A8B7B89B77CFFFA13720 SIZE=136192
%PROGRAMFILES%\AIMP Classic\Plugins\aimp_wv.dll [Artem Izmaylov] MD5=4D4959F95A7545C1D9EB9F89A1EAEEE6 SIZE=53760
%PROGRAMFILES%\AIMP Classic\Plugins\bassflac.dll [Un4seen Developments] MD5=B129251791231AFD12D6227BAE33F51B SIZE=23616
%PROGRAMFILES%\AIMP Classic\Plugins\bass_ape.dll [MaresWEB] [BASS_APE] MD5=033281BEEEA948B5E6B20A83B7EE80EC SIZE=33240
%PROGRAMFILES%\AIMP Classic\Plugins\bass_mpc.dll [MaresWEB] [BASS_MPC] MD5=3BAD800B4C7C369BEAEA5B1C570ABB94 SIZE=18888
%PROGRAMFILES%\AIMP Classic\Plugins\bass_spx.dll [MaresWEB] [BASS_SPX] MD5=EFF272754B71F717A99BA959BF9AD8AA SIZE=35264
%PROGRAMFILES%\AIMP Classic\Plugins\bass_wv.dll [MaresWEB] [BASS_WV] MD5=3E73CF8D80E00E4EB832052BEEF78B2A SIZE=28088
%PROGRAMFILES%\AIMP Classic\Plugins\xoo.svp MD5=0BDEC0052D4D725D84189098BBD983C0 SIZE=5632
%SYSDIR%\Macromed\Flash\Flash9f.ocx [Adobe Systems, Inc.] [Shockwave Flash] MD5=48FDF435B8595604E54125B321924510 SIZE=2991488
%COMMONFILES%\Microsoft Shared\Windows Live\WLLoginProxy.exe [Microsoft Corporation] [Microsoft® Windows Live Login Helper] MD5=7FA0AA2F3DABA5BEB2C4AC1EEC054EFA SIZE=118336
%SystemDiskRoot%\Logistika\BackOffice Retail\Logistika Retail.exe MD5=BADE93C7E9D0F32879B96749E2057960 SIZE=6807552
%WINDIR%\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_08cefb02\mscorlib.dll MD5=CF6B606631299B58FD4E6CDECC647F79 SIZE=3391488
%SystemDiskRoot%\logistika\backoffice retail\guibases.dll MD5=4629955AA632B5D9B2D11B46BEC76E1A SIZE=2019328
%WINDIR%\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_6e1c0ddd\system.dll MD5=80BA56C6F0D22D6A9626BD22D44C9814 SIZE=1966080
%WINDIR%\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_b9f212ff\system.windows.forms.dll MD5=DC57B3A6CE8819378B1008BE573095AE SIZE=3018752
%SystemDiskRoot%\logistika\backoffice retail\proxy.dll MD5=C36FA3044928883891D090344BFAB9EA SIZE=49152
%SystemDiskRoot%\logistika\backoffice retail\model.dll MD5=B7E4AB808D1CCBB6EEA6BE598BF6C92A SIZE=5111808
%SystemDiskRoot%\logistika\backoffice retail\utils.dll MD5=1114721ECCFA6A6120286FCF94553977 SIZE=28672
%SystemDiskRoot%\logistika\backoffice retail\bllretail.dll MD5=AF735220A92795B12EC5C098C112C9FE SIZE=16384
%SystemDiskRoot%\logistika\backoffice retail\bll.dll MD5=A9A7B9B9EAB584DDBC340235BC5240E7 SIZE=65536
%SystemDiskRoot%\logistika\backoffice retail\logistika gui controls.dll MD5=FF51DA311A15A9F2B749297A83FC1E39 SIZE=188416
%WINDIR%\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_b5dc9739\system.xml.dll MD5=4DC11EF7E42A313B9BB2ADC17EADAA1C SIZE=2088960
%WINDIR%\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_e8822bcf\system.drawing.dll MD5=00F1AD293F768DD21DE302C04337883D SIZE=835584
%SystemDiskRoot%\logistika\backoffice retail\devexpress.utils3.dll [Developer Express Inc.] [DevExpress.Utils] MD5=2635E6B0A28EF1241765E32D20920B29 SIZE=1753088
%SystemDiskRoot%\logistika\backoffice retail\devexpress.xtraeditors3.dll [Developer Express Inc.] [DevExpress.XtraEditors] MD5=5BAEF041C436CECC79D3157468867E39 SIZE=1138688
%SystemDiskRoot%\logistika\backoffice retail\devexpress.xtrabars3.dll [Developer Express Inc.] [DevExpress.XtraBars.Design] MD5=C7B0DD044CB6070695E3EA7072DD10AB SIZE=1032192
%SystemDiskRoot%\logistika\backoffice retail\devexpress.data3.dll [Developer Express Inc.] [DevExpress.Data] MD5=4A5A7555968C4E13747551F7CD9D4422 SIZE=397312
%SystemDiskRoot%\logistika\backoffice retail\dalbase.dll MD5=C91CE3113C6761AD4BB286C70A251147 SIZE=36864
%SystemDiskRoot%\logistika\backoffice retail\dal.dll MD5=B1749E370B30A993D4F8A8468C9AA006 SIZE=2478080
%SystemDiskRoot%\logistika\backoffice retail\dalretail.dll MD5=F705E01BD6498AC99CCFE9DEC266A9AB SIZE=548864
%SystemDiskRoot%\Logistika\Client9i\bin\OraClient9.Dll [Oracle Corporation] MD5=F38D0F45DF38042822D4D02046609D31 SIZE=1536272
%SystemDiskRoot%\Logistika\Client9i\bin\oracore9.dll [Oracle Corporation] MD5=976FCFE3E3E3080092D00AF146501279 SIZE=647440
%SystemDiskRoot%\Logistika\Client9i\bin\oranls9.dll [Oracle Corporation] MD5=1641BB4FD99BBAC75E50CBD9324E033F SIZE=491792
%SystemDiskRoot%\Logistika\Client9i\bin\oraunls9.dll [Oracle Corporation] MD5=B48B4B6F2C3D288A5B54A7FFC5633A42 SIZE=69904
%SystemDiskRoot%\Logistika\Client9i\bin\oravsn9.dll [Oracle Corporation] MD5=3F063E0B17D39EE140683CEDDF1B37D5 SIZE=24848
%SystemDiskRoot%\Logistika\Client9i\bin\oracommon9.dll [Oracle Corporation] MD5=6482B5A2229FA908BA4F6B4D06D09128 SIZE=590096
%SystemDiskRoot%\Logistika\Client9i\bin\orageneric9.dll [Oracle Corporation] MD5=7C0ADC23193FAF08266F35C1A579939E SIZE=2445584
%SystemDiskRoot%\Logistika\Client9i\bin\oraxml9.dll [Oracle Corporation] MD5=CBBD93EC9817835403D2DBACA2D866C9 SIZE=512272
%SystemDiskRoot%\Logistika\Client9i\bin\oraxsd9.dll [Oracle Corporation] MD5=E65BA62468BF9E6E0C365A257EF503E8 SIZE=127248
%SystemDiskRoot%\Logistika\Client9i\bin\orannzsbb9.dll [Oracle Corporation] MD5=1954B161329BA659D81300611BBB34D2 SIZE=561424
%SystemDiskRoot%\Logistika\Client9i\bin\oran9.dll [Oracle Corporation] MD5=5F6FCB5CF8BDD668101E3F14D28DCB99 SIZE=733456
%SystemDiskRoot%\Logistika\Client9i\bin\oranl9.dll [Oracle Corporation] MD5=56017E041193E8EBE67B2CC569F4A9B5 SIZE=180496
%SystemDiskRoot%\Logistika\Client9i\bin\oranldap9.dll [Oracle Corporation] MD5=E9F5B61239B2A7C2BF70A59609E80AE9 SIZE=69904
%SystemDiskRoot%\Logistika\Client9i\bin\oraldapclnt9.dll [Oracle Corporation] MD5=BBD32FAF4C0F054B3CED77ADE7B7FD89 SIZE=147728
%SystemDiskRoot%\Logistika\Client9i\bin\orancrypt9.dll [Oracle Corporation] MD5=ACF99B103A2E8323EAF48CDA04163CA9 SIZE=94480
%SystemDiskRoot%\Logistika\Client9i\bin\ORATRACE9.dll MD5=F4BA912B735F51FC359339CE3E8F473E SIZE=246032
%SystemDiskRoot%\Logistika\Client9i\bin\oranro9.dll [Oracle Corporation] MD5=8F38F2C6B504B0B7AB6148D81DE6339A SIZE=221456
%SystemDiskRoot%\Logistika\Client9i\bin\oranhost9.dll [Oracle Corporation] MD5=2ADC3B2D4C9194C4FB61145F0142F513 SIZE=24848
%SystemDiskRoot%\Logistika\Client9i\bin\oranoname9.dll [Oracle Corporation] MD5=43A8F8D3FD07DF1C33972808E96538E6 SIZE=24848
%SystemDiskRoot%\Logistika\Client9i\bin\orancds9.dll [Oracle Corporation] MD5=97ADC4ADD3955B7BF73C457FCE772C4D SIZE=24848
%SystemDiskRoot%\Logistika\Client9i\bin\orantns9.dll [Oracle Corporation] MD5=05C486EB67F54C54DE74E8FFCAD881E1 SIZE=28944
%SystemDiskRoot%\Logistika\Client9i\bin\oranms.dll [Oracle Corporation] MD5=32E28BEED4F8E4026137E57F88E1ACD2 SIZE=28944
%SystemDiskRoot%\Logistika\Client9i\bin\oranmsp.dll [Oracle Corporation] MD5=EFDB78745C7648CB1D5DC6CFD800138F SIZE=65808
%SystemDiskRoot%\Logistika\Client9i\bin\orapls9.dll [Oracle Corporation] MD5=8A3F5058E4080D5E7DB0A0862DA2495F SIZE=3223824
%SystemDiskRoot%\Logistika\Client9i\bin\oraslax9.dll [Oracle Corporation] MD5=BD7136605DD50F5E93D51B919F2571C3 SIZE=28944
%SystemDiskRoot%\Logistika\Client9i\bin\orasnls9.dll [Oracle Corporation] MD5=E6E151813DF2CCF34672F557C9367789 SIZE=65808
%SystemDiskRoot%\Logistika\Client9i\bin\orawtc9.dll [Oracle Corporation] MD5=647A018796B0C83524FB050AD40C7B34 SIZE=24848
%SystemDiskRoot%\Logistika\Client9i\bin\orasql9.dll [Oracle Corporation] MD5=B573B82A89AA7758A91FE6E58207DFA3 SIZE=475408
%SystemDiskRoot%\Logistika\Client9i\bin\orantcp9.dll [Oracle Corporation] MD5=4633F72847E7169C167682DF8D9DF1D8 SIZE=49424
%SystemDiskRoot%\logistika\backoffice retail\devexpress.xtragrid3.dll [Developer Express Inc.] [DevExpress.XtraGrid] MD5=D4FC0658DDFD4A45081484A5E84EC20C SIZE=1331200
%SystemDiskRoot%\logistika\backoffice retail\devexpress.xtraverticalgrid3.dll [Developer Express Inc.] [DevExpress.XtraVerticalGrid] MD5=5BC38A56B9C04920785428DE147752CA SIZE=385024
%SystemDiskRoot%\logistika\backoffice retail\devexpress.xtratreelist3.dll [Developer Express Inc.] [DevExpress.XtraTreeList] MD5=9CA3E175D03CD19A172B5E5679232586 SIZE=618496
%SystemDiskRoot%\logistika\backoffice retail\devexpress.xtranavbar3.dll [Developer Express Inc.] [DevExpress.XtraNavBar] MD5=C08A3A9EE38D3923973C18E1D9547622 SIZE=315392
%WINDIR%\assembly\nativeimages1_v1.1.4322\system.design\1.0.5000.0__b03f5f7f11d50a3a_d8b9f092\system.design.dll MD5=18D03139270D310A289250D8B07A4937 SIZE=1470464
%SystemDiskRoot%\logistika\backoffice retail\devexpress.xtraprinting3.dll [Developer Express Inc.] [DevExpress.XtraPrinting] MD5=B131546815C41A22B05BF7897DB49CEA SIZE=991232
%SystemDiskRoot%\logistika\backoffice retail\modelretail.dll MD5=F84036DD61F68502B434A66928D83C87 SIZE=745472
%SystemDiskRoot%\logistika\backoffice retail\reports.dll MD5=8C322FB5A95D7ADDE182A3BD2273D392 SIZE=1601536
%SystemDiskRoot%\logistika\backoffice retail\devexpress.xtrareports3.dll [DEVELOPER EXPRESS INC] [XtraReports(tm) SUITE SOFTWARE COMPONENT PRODUCT] MD5=5CC58F5B561A69B1C9309414E75801D8 SIZE=2469888
%SystemDiskRoot%\logistika\backoffice retail\llnet.wizarddialoglib.dll MD5=60EE6B8C2D66568FC552051923F4CFCC SIZE=57344
%PROGRAMFILES%\Windows Live\Messenger\msnmsgr.exe [Microsoft Corporation] [Messenger] MD5=FDEC512CB8752174649D3A513893938A SIZE=5724184
%PROGRAMFILES%\Windows Live\Messenger\usnsvc.exe [Microsoft Corporation] [Messenger] MD5=9D19B042A4FD5C02195071EA2FE0C821 SIZE=98328
%PROGRAMFILES%\Mozilla Firefox\xul.dll [Mozilla Foundation] [Firefox] MD5=4F3D7B16B09CF113E0FA5BEE29678C96 SIZE=9704960
%PROGRAMFILES%\Mozilla Firefox\sqlite3.dll [sqlite.org] [SQLite Database Library] MD5=9F14161DFABD767A434546FD04C89266 SIZE=395776
%PROGRAMFILES%\Mozilla Firefox\MOZCRT19.dll [Mozilla Foundation] [Mozilla Custom C Runtime] MD5=0C8EAD42625A5366810108F36D7FF05A SIZE=710144
%PROGRAMFILES%\Mozilla Firefox\nssutil3.dll [Mozilla Foundation] [Network Security Services] MD5=5ECE7A78CE82CD36F2ED503409C5FB46 SIZE=87552
%PROGRAMFILES%\Mozilla Firefox\components\browserdirprovider.dll [Mozilla Foundation] [Firefox] MD5=F5285C4F9F4983FF66525E0F395C1853 SIZE=23040
%PROGRAMFILES%\Crawler\firefox\components\xshared.dll [Crawler.com] [Crawler Toolbar] MD5=304384A8927AA3C4B07E1B09D31D151D SIZE=349696
%PROGRAMFILES%\Mozilla Firefox\nssdbm3.dll [Mozilla Foundation] [Network Security Services] MD5=2068440D40C39785CAEA0D5AFC219042 SIZE=103936
%PROGRAMFILES%\Mozilla Firefox\components\brwsrcmp.dll [Mozilla Foundation] [Firefox] MD5=4DD8D60F7053FFEAA4BCE0846E359937 SIZE=134144
%PROGRAMFILES%\Crawler\firefox\components\xsupport.dll [Crawler.com] [Crawler Toolbar] MD5=DE95CE6ECC825AD1EA477A914FEFA434 SIZE=53248
%PROGRAMFILES%\Crawler\firefox\components\xcomm.dll [Crawler.com] [Crawler Toolbar] MD5=D3D250FCF2E062A4941821F302FA5E25 SIZE=211968
%PROGRAMFILES%\Crawler\firefox\components\xwsg.dll [Crawler.com] [Crawler Toolbar] MD5=1458CE5EF534067EBE75DB64EA954A8E SIZE=2182656
%PROGRAMFILES%\Mozilla Firefox\plugins\NPSWF32.dll [Adobe Systems, Inc.] [Shockwave Flash] MD5=40D0B608BBF9A19F681CCF976D4CA5B9 SIZE=2884992
%PROGRAMFILES%\Microsoft Office\OFFICE11\EXCEL.EXE [Microsoft Corporation] [Microsoft Office 2003] MD5=BBCC5D4E09D7FD9454910261E6DC0725 SIZE=10073144
%SystemDiskRoot%\Logistika\Client9i\bin\OraOLEDB.DLL [Oracle Corporation] [Oracle Provider for OLE DB] MD5=48F767430BA5FD868855A646F5BFD5D7 SIZE=438272
%SystemDiskRoot%\Logistika\Client9i\bin\OraOLEDBgmr.dll [Oracle Corporation] [Oracle Provider for OLE DB] MD5=BA97F150AB6F97739D10287F1CDF842F SIZE=126976
%SystemDiskRoot%\Logistika\Client9i\bin\OraOLEDBrst.dll [Oracle Corporation] [Oracle Provider for OLE DB] MD5=1317879E1A706BAB5EDB772F23F61CCB SIZE=135168
%SystemDiskRoot%\Logistika\Client9i\bin\OraOLEDButl.dll [Oracle Corporation] [Oracle Provider for OLE DB] MD5=775193364D6EF6D39EF89822F5E7A717 SIZE=24576
%SystemDiskRoot%\Logistika\Client9i\bin\OraOLEDBus.dll [Oracle Corporation] [Oracle Provider for OLE DB] MD5=B3E675308C82B18C30509413F85ECBA2 SIZE=24576
%SystemDiskRoot%\Logistika\Client9i\bin\OraOLEDBpus.dll [Oracle Corporation] [Oracle Provider for OLE DB] MD5=03DB99D20FE6E8E373E30DEF2A6CE089 SIZE=32768
%WINDIR%\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe [Y'z@Home] [Y'z ToolBar] MD5=B63A4CFCEF280F4CACF0A17E6C484D56 SIZE=90112
deskpan.dll
%PROGRAMFILES%\Microsoft Office\OFFICE11\MLSHEXT.DLL [Microsoft Corporation] [Microsoft Office Outlook] MD5=2D3732AF4570C7BB0E60596359C34FE0 SIZE=29272
%PROGRAMFILES%\Windows Live\Messenger\fsshext.8.5.1302.1018.dll [Microsoft Corporation] [Messenger] MD5=8BDE1F61DFBAAE7A2916170E8B75FE0F SIZE=329240
%PROGRAMFILES%\Microsoft ActiveSync\Wcesview.dll [Microsoft Corporation] [Microsoft ActiveSync] MD5=0C75627AE09BE62006AA72EB95C547EC SIZE=256808
%PROGRAMFILES%\Bonjour\ExplorerPlugin.dll [Apple Inc.] [Bonjour] MD5=ABBCE3E4D7978BE0374508F8A898DD79 SIZE=516096
%WINDIR%\BricoPacks\Crystal Clear\iColorFolder\CMExt.dll [Revenger inc.] MD5=66CD17BEC14AD29C957FC77B797723E8 SIZE=46592
%SYSDIR%\igfxdev.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=58C8809D7486DB2D9C6A24A8630A5478 SIZE=204800
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\svchost -k DcomLaunch
%SYSDIR%\svchost.exe -k NetworkService
%SYSDIR%\DRIVERS\eamon.sys [Eset] [NOD32 Antivirus System] MD5=0FB0EFEDFEB3DB2DD2C3E43D4B9217DD SIZE=33800
%SYSDIR%\DRIVERS\easdrv.sys [ESET] [Eset Smart Security] MD5=6DFF86CC950E761BC09CD22C0F53A140 SIZE=27656
%SYSDIR%\DRIVERS\epfwtdir.sys MD5=C8C4C1D0299A2253450B50B6813196CF SIZE=30728
%SYSDIR%\DRIVERS\igxpmp32.sys [Intel Corporation] [Intel Graphics Accelerator Drivers for Windows NT(R)] MD5=2AAE7BE67911F4AEC9AD28E9CFB9096F SIZE=5672032
%SYSDIR%\drivers\RtkHDAud.sys [Realtek Semiconductor Corp.] [Realtek(r) High Definition Audio Function Driver (HRTF data Copyright 1994 by MIT Media Lab)] MD5=A5D5B8C427F4B67580FB2B511291A89D SIZE=4381184
%SYSDIR%\svchost.exe -k LocalService
%PROGRAMFILES%\LogMeIn\x86\RaInfo.sys [LogMeIn, Inc.] [RemotelyAnywhere] MD5=4F69FAAABB7DB0D43E327C0B6AAB40FC SIZE=12856
%SYSDIR%\DRIVERS\lmimirr.sys [LogMeIn, Inc.] [LogMeIn] MD5=4477689E2D8AE6B78BA34C9AF4CC1ED1 SIZE=10144
%SYSDIR%\drivers\LMIRfsDriver.sys [LogMeIn, Inc.] [LogMeIn] MD5=622704763DA924C1565344E8C7D6CA4D SIZE=45848
%SYSDIR%\svchost -k rpcss
%SYSDIR%\DRIVERS\Rtenicxp.sys [Realtek Semiconductor Corporation] [Realtek 10/100/1000 NIC Family all in one NDIS Driver] MD5=E6E5AF7D6920824B066832D3E1665506 SIZE=94592
%PROGRAMFILES%\SUPERAntiSpyware\SASDIFSV.SYS [SUPERAdBlocker.com and SUPERAntiSpyware.com] [SUPERAntiSpyware] MD5=C030C9A39E85B6F04A8DD25D1A50258A SIZE=8944
%PROGRAMFILES%\SUPERAntiSpyware\SASKUTIL.sys [SUPERAdBlocker.com and SUPERAntiSpyware.com] [SUPERAntiSpyware] MD5=64C100DBF57C6CB6E7D5D24153F5E444 SIZE=55024
%SYSDIR%\Drivers\sptd.sys SIZE=716272
%SYSDIR%\svchost.exe -k imgsvc
%PROGRAMFILES%\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll [Microsoft Corporation] [Messenger] MD5=56319E6B4D190A2DEB4463A9CE4D4F74 SIZE=66072
%PROGRAMFILES%\Quest Software\Toad for Oracle Trial\RNetPin.dll [RNet IE Plugin Dynamic Link Library] MD5=28D6439887437DE10D0D1337B46690A0 SIZE=266240
End of Report
Código: ;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-07-24 10:33:53
PROTECTIONS: 1
MALWARE: 7
SUSPECTS: 1
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
ESET NOD32 Antivirus 3.0 3.0 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\USUARIO\Cookies\usuario@atdmt[2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\USUARIO\Cookies\usuario@ad.yieldmanager[2].txt
02111287 Generic Trojan Virus/Trojan No 0 No No C:\Documents and Settings\USUARIO\Mis documentos\Mis archivos recibidos\Re_UpL0aD\apscs3 2Up\AdobooshoS3ation_1_.part1.rar[Keygen.exe]
03007978 Trj/Downloader.MDW Virus/Trojan No 1 No No C:\Downloads\software\Bux.to_Autoclicker.rar[Bux.to Autoclicker\Bux.to Autoclicker.exe]
03274323 Generic Trojan Virus/Trojan No 0 Yes No C:\Documents and Settings\USUARIO\Mis documentos\Mis archivos recibidos\Downloads Firefox\WinRAR.v3.71.patch.by.FOFF\NFO Viewer.exe
03339120 W32/Lineage.JEP.worm Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{86CE41D1-C5D2-4164-B390-689B01DA8E78}\RP42\A0007857.inf
03339120 W32/Lineage.JEP.worm Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{86CE41D1-C5D2-4164-B390-689B01DA8E78}\RP43\A0007900.inf
03363290 W32/Lineage.JDT.worm Virus/Worm No 0 Yes No C:\Documents and Settings\USUARIO\Configuración local\Temp\s.dll
;===================================================================================================================================================================================
SUSPECTS
Sent Location M
;===================================================================================================================================================================================
No C:\Downloads\software\Crack_Down.rar[Crack Down\CrackDown Store\[audio dvd creator] Cracks\Audio DVD Creator v1.9.0.0 crack by diGERATi.zip][Crack.rar][patch.exe]
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description M
;===================================================================================================================================================================================
;===================================================================================================================================================================================
Y si me ayudan diciendome omo sacar ese maldi....... virus de mi USB mucho mejor porque si no va a andar ahi contagiando otras pc´s..... |
|
08/08/08, 22:41:39
| |
| ||||
| Re: Virus entro X USB ckvo0.dll Hola penagos10. Realiza esto:
- Recuerda regresar y contarnos los resultados. Saludos Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !! * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |
|
09/08/08, 15:56:17
| |
| |||
| Re: Virus entro X USB ckvo0.dll Saludos........ Los archivos ya fueron eliminados , lo hice con el Fileassasin. Tambien realize lo del Pendrive, gracias me funciono.... Gracias compañero por responder a mi llamado de auxilio aki esta el reporte del Kaspersky on line ke realize Código: -------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER INFORME
sábado, 09 de agosto de 2008 12:54:53
Sistema operativo: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner versión: 5.0.84.1
Ultima actualización: 9/08/2008
Registros en la base antivirus: 955860
-------------------------------------------------------------------------------
Configuración del análisis:
Analizar usando las siguientes bases: standard
Analizar archivos: verdadero
Analizar bases de correo: verdadero
Objetivo a analizar - Mi PC:
A:\
C:\
D:\
E:\
F:\
G:\
Z:\
Estadísticas:
Número de objeros analizados: 80132
Virus encontrados: 4
Objetos infectados: 4 / 0
Objetos sospechosos: 1
Duración del análisis: 02:22:19
Bombre del objeto infectado / Nombre del virus / Última acción
C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20080809-081623.log Object is locked saltado
C:\autorun.inf\lpt3.This folder was created by Flash_Disinfector Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\ESET\ESET NOD32 Antivirus\Charon\CACHE.NDB Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\ESET\ESET NOD32 Antivirus\Logs\virlog.dat Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\ESET\ESET NOD32 Antivirus\Logs\warnlog.dat Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr0.dat Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr1.dat Object is locked saltado
C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\LocalService\Configuración local\Historial\History.IE5\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked saltado
C:\Documents and Settings\NetworkService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked saltado
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\NetworkService\Configuración local\Historial\History.IE5\index.dat Object is locked saltado
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked saltado
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Ahead\Nero Home\bl.db Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Ahead\Nero Home\is2.db Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\ApplicationHistory\Logistika Retail.exe.cdff8c32.ini.inuse Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Identities\{CF35E589-8AB6-49E9-BC62-B568686ECC82}\Microsoft\Outlook Express\Folders.dbx Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Identities\{CF35E589-8AB6-49E9-BC62-B568686ECC82}\Microsoft\Outlook Express\Offline.dbx Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Microsoft\Feeds Cache\index.dat Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Microsoft\Messenger\eddie_penagos10@hotmail.com\SharingMetadata\Logs\Dfsr00005.log Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Microsoft\Messenger\eddie_penagos10@hotmail.com\SharingMetadata\pending.dat Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Microsoft\Messenger\eddie_penagos10@hotmail.com\SharingMetadata\Working\database_A6D4_EAC3_D4EA_9539\dfsr.db Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Microsoft\Messenger\eddie_penagos10@hotmail.com\SharingMetadata\Working\database_A6D4_EAC3_D4EA_9539\fsr.log Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Microsoft\Messenger\eddie_penagos10@hotmail.com\SharingMetadata\Working\database_A6D4_EAC3_D4EA_9539\fsrtmp.log Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Microsoft\Messenger\eddie_penagos10@hotmail.com\SharingMetadata\Working\database_A6D4_EAC3_D4EA_9539\tmp.edb Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Microsoft\Windows Live Contacts\eddie_penagos10@hotmail.com\real\members.stg Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Microsoft\Windows Live Contacts\eddie_penagos10@hotmail.com\shadow\members.stg Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\Cache\_CACHE_001_ Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\Cache\_CACHE_002_ Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\Cache\_CACHE_003_ Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\Cache\_CACHE_MAP_ Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\urlclassifier3.sqlite Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Historial\History.IE5\index.dat Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Historial\History.IE5\MSHist012008080920080810\index.dat Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Temp\e.dll Infectados: Trojan-GameThief.Win32.OnLineGames.sjlv saltado
C:\Documents and Settings\USUARIO\Configuración local\Temp\etilqs_Ds3ue0ZvdgEdGMevcbTS Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Temp\tru5.tmp Infectados: Trojan.Win32.Vaklik.cef saltado
C:\Documents and Settings\USUARIO\Configuración local\Temp\tru62F.tmp Infectados: Trojan.Win32.Vaklik.cef saltado
C:\Documents and Settings\USUARIO\Configuración local\Temp\tru74.tmp Infectados: Trojan.Win32.Vaklik.cfu saltado
C:\Documents and Settings\USUARIO\Configuración local\Temp\WCESLog.log Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Temp\~DF3AE7.tmp Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Temp\~DF5B03.tmp Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Temp\~DF5B4F.tmp Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Temp\~DF786B.tmp Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Temp\~DF788C.tmp Object is locked saltado
C:\Documents and Settings\USUARIO\Cookies\index.dat Object is locked saltado
C:\Documents and Settings\USUARIO\Datos de programa\$_hpcst$.hpc Object is locked saltado
C:\Documents and Settings\USUARIO\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\cert8.db Object is locked saltado
C:\Documents and Settings\USUARIO\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\content-prefs.sqlite Object is locked saltado
C:\Documents and Settings\USUARIO\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\cookies.sqlite Object is locked saltado
C:\Documents and Settings\USUARIO\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\downloads.sqlite Object is locked saltado
C:\Documents and Settings\USUARIO\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\flashgot.log Object is locked saltado
C:\Documents and Settings\USUARIO\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\formhistory.sqlite Object is locked saltado
C:\Documents and Settings\USUARIO\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\key3.db Object is locked saltado
C:\Documents and Settings\USUARIO\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\parent.lock Object is locked saltado
C:\Documents and Settings\USUARIO\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\permissions.sqlite Object is locked saltado
C:\Documents and Settings\USUARIO\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\places.sqlite Object is locked saltado
C:\Documents and Settings\USUARIO\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\places.sqlite-journal Object is locked saltado
C:\Documents and Settings\USUARIO\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\search.sqlite Object is locked saltado
C:\Documents and Settings\USUARIO\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\USUARIO\ntuser.dat.LOG Object is locked saltado
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked saltado
C:\System Volume Information\_restore{86CE41D1-C5D2-4164-B390-689B01DA8E78}\RP6\change.log Object is locked saltado
C:\WINDOWS\Debug\PASSWD.LOG Object is locked saltado
C:\WINDOWS\SchedLgU.Txt Object is locked saltado
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked saltado
C:\WINDOWS\Sti_Trace.log Object is locked saltado
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked saltado
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked saltado
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked saltado
C:\WINDOWS\system32\config\default Object is locked saltado
C:\WINDOWS\system32\config\default.LOG Object is locked saltado
C:\WINDOWS\system32\config\Internet.evt Object is locked saltado
C:\WINDOWS\system32\config\SAM Object is locked saltado
C:\WINDOWS\system32\config\SAM.LOG Object is locked saltado
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked saltado
C:\WINDOWS\system32\config\SECURITY Object is locked saltado
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked saltado
C:\WINDOWS\system32\config\software Object is locked saltado
C:\WINDOWS\system32\config\software.LOG Object is locked saltado
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked saltado
C:\WINDOWS\system32\config\system Object is locked saltado
C:\WINDOWS\system32\config\system.LOG Object is locked saltado
C:\WINDOWS\system32\drivers\sptd.sys Object is locked saltado
C:\WINDOWS\system32\h323log.txt Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked saltado
C:\WINDOWS\system32\ws2_32.dll Sospechosos: Type_Win32 saltado
C:\WINDOWS\Temp\HTT3132.tmp Object is locked saltado
C:\WINDOWS\wiadebug.log Object is locked saltado
C:\WINDOWS\wiaservc.log Object is locked saltado
C:\WINDOWS\WindowsUpdate.log Object is locked saltado
Análisis completado.
 |
|
09/08/08, 16:02:26
| |
| |||
| Re: Virus entro X USB ckvo0.dll Saludos........ Los archivos ya fueron eliminados , lo hice con el Fileassasin. Tambien realize lo del Pendrive, gracias me funciono.... Gracias compañero por responder a mi llamado de auxilio aki esta el reporte del Kaspersky on line ke realize Código: -------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER INFORME
sábado, 09 de agosto de 2008 12:54:53
Sistema operativo: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner versión: 5.0.84.1
Ultima actualización: 9/08/2008
Registros en la base antivirus: 955860
-------------------------------------------------------------------------------
Configuración del análisis:
Analizar usando las siguientes bases: standard
Analizar archivos: verdadero
Analizar bases de correo: verdadero
Objetivo a analizar - Mi PC:
A:\
C:\
D:\
E:\
F:\
G:\
Z:\
Estadísticas:
Número de objeros analizados: 80132
Virus encontrados: 4
Objetos infectados: 4 / 0
Objetos sospechosos: 1
Duración del análisis: 02:22:19
Bombre del objeto infectado / Nombre del virus / Última acción
C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20080809-081623.log Object is locked saltado
C:\autorun.inf\lpt3.This folder was created by Flash_Disinfector Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\ESET\ESET NOD32 Antivirus\Charon\CACHE.NDB Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\ESET\ESET NOD32 Antivirus\Logs\virlog.dat Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\ESET\ESET NOD32 Antivirus\Logs\warnlog.dat Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr0.dat Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr1.dat Object is locked saltado
C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\LocalService\Configuración local\Historial\History.IE5\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked saltado
C:\Documents and Settings\NetworkService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked saltado
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\NetworkService\Configuración local\Historial\History.IE5\index.dat Object is locked saltado
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked saltado
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Ahead\Nero Home\bl.db Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Ahead\Nero Home\is2.db Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\ApplicationHistory\Logistika Retail.exe.cdff8c32.ini.inuse Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Identities\{CF35E589-8AB6-49E9-BC62-B568686ECC82}\Microsoft\Outlook Express\Folders.dbx Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Identities\{CF35E589-8AB6-49E9-BC62-B568686ECC82}\Microsoft\Outlook Express\Offline.dbx Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Microsoft\Feeds Cache\index.dat Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Microsoft\Messenger\eddie_penagos10@hotmail.com\SharingMetadata\Logs\Dfsr00005.log Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Microsoft\Messenger\eddie_penagos10@hotmail.com\SharingMetadata\pending.dat Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Microsoft\Messenger\eddie_penagos10@hotmail.com\SharingMetadata\Working\database_A6D4_EAC3_D4EA_9539\dfsr.db Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Microsoft\Messenger\eddie_penagos10@hotmail.com\SharingMetadata\Working\database_A6D4_EAC3_D4EA_9539\fsr.log Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Microsoft\Messenger\eddie_penagos10@hotmail.com\SharingMetadata\Working\database_A6D4_EAC3_D4EA_9539\fsrtmp.log Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Microsoft\Messenger\eddie_penagos10@hotmail.com\SharingMetadata\Working\database_A6D4_EAC3_D4EA_9539\tmp.edb Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Microsoft\Windows Live Contacts\eddie_penagos10@hotmail.com\real\members.stg Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Microsoft\Windows Live Contacts\eddie_penagos10@hotmail.com\shadow\members.stg Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\Cache\_CACHE_001_ Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\Cache\_CACHE_002_ Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\Cache\_CACHE_003_ Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\Cache\_CACHE_MAP_ Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\urlclassifier3.sqlite Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Historial\History.IE5\index.dat Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Historial\History.IE5\MSHist012008080920080810\index.dat Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Temp\e.dll Infectados: Trojan-GameThief.Win32.OnLineGames.sjlv saltado
C:\Documents and Settings\USUARIO\Configuración local\Temp\etilqs_Ds3ue0ZvdgEdGMevcbTS Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Temp\tru5.tmp Infectados: Trojan.Win32.Vaklik.cef saltado
C:\Documents and Settings\USUARIO\Configuración local\Temp\tru62F.tmp Infectados: Trojan.Win32.Vaklik.cef saltado
C:\Documents and Settings\USUARIO\Configuración local\Temp\tru74.tmp Infectados: Trojan.Win32.Vaklik.cfu saltado
C:\Documents and Settings\USUARIO\Configuración local\Temp\WCESLog.log Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Temp\~DF3AE7.tmp Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Temp\~DF5B03.tmp Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Temp\~DF5B4F.tmp Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Temp\~DF786B.tmp Object is locked saltado
C:\Documents and Settings\USUARIO\Configuración local\Temp\~DF788C.tmp Object is locked saltado
C:\Documents and Settings\USUARIO\Cookies\index.dat Object is locked saltado
C:\Documents and Settings\USUARIO\Datos de programa\$_hpcst$.hpc Object is locked saltado
C:\Documents and Settings\USUARIO\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\cert8.db Object is locked saltado
C:\Documents and Settings\USUARIO\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\content-prefs.sqlite Object is locked saltado
C:\Documents and Settings\USUARIO\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\cookies.sqlite Object is locked saltado
C:\Documents and Settings\USUARIO\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\downloads.sqlite Object is locked saltado
C:\Documents and Settings\USUARIO\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\flashgot.log Object is locked saltado
C:\Documents and Settings\USUARIO\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\formhistory.sqlite Object is locked saltado
C:\Documents and Settings\USUARIO\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\key3.db Object is locked saltado
C:\Documents and Settings\USUARIO\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\parent.lock Object is locked saltado
C:\Documents and Settings\USUARIO\Datos de programa\Mozilla\Firefox\Profiles\dvqbilt2.default\permissio |