DOBLE ACENTO MALDITO

Estado
Cerrado para nuevas respuestas

viriatoloco

Nuevo Miembro
Miembro
#1
Aquí os dejo el log que me da el hijack. No hay quien quite el dichoso doble acento.

GRACIAS

Por cierto le pase el Elistar y el CCleaner pero nada de nada.

Logfile of HijackThis v1.99.1

Scan saved at 15:45:54, on 25/04/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe

C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\SCardSvr.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe

C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe

C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe

C:\Program Files\UPHClean\uphclean.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\alg.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe

C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

C:\Program Files\Microsoft Office Communicator\Communicator.exe

C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

C:\WINDOWS\system32\CTFMON.EXE

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\SAP\FrontEnd\sapgui\saplogon.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\ntvdm.exe

C:\Program Files\NetMeeting\conf.exe

C:\Program Files\Symantec Client Security\Symantec AntiVirus\vpc32.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\Notepad.exe

C:\Documents and Settings\ESGONZALEZJL\Desktop\HIJACK\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rlidEM?cli...33&p1=6&p2=tour

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxy.tetrapak.com

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe,

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.5.0_07\bin\ssv.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe

O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup

O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"

O4 - HKLM\..\Run: [CfgDownload] C:\Program Files\IXOS\IXOS-eCONtext\bin\CfgDownload.exe

O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\RunOnce: [!CleanupNetMeetingDispDriver] "C:\WINDOWS\system32\rundll32.exe" msconf.dll,CleanupNetMeetingDispDriver 0

O4 - HKLM\..\RunOnce: [ReEXEc] \\Esvaldesna\COMPARTIDA\ELISTARA.3052007.EXE

O4 - HKCU\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" /background

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [userinit] C:\WINDOWS\system32\ntos.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Microsoft NetMeeting] "C:\Program Files\NetMeeting\conf.exe" -Background

O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.5.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.5.0_07\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Broken Internet access because of LSP provider 'rsvp32_2.dll' missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = tp1.ad1.tetrapak.com

O17 - HKLM\Software\..\Telephony: DomainName = tp1.ad1.tetrapak.com

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = tp1.ad1.tetrapak.com

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe

O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
 

Caito

Ex- Mod
Miembro
#2
Bajar Avg-antispyware:

http://www.ewido.net/en/download

Baja este programa: Disk Cleaner

Baja este :

LSPFix

1. Ejecuta LSPFix. (no elimines nada que no te haya dicho )

2. Marca la casilla que dice "I know what I'm doing"

3. Marca el archivo "rsvp32_2.dll"que aparece en la columna de la izquierda "Keep" y pulsa sobre la flecha central para moverlo a la columna de la derecha "Remove". Una vez que el archivo "rsvp32_2.dll"esté en la columna "Remove", haz clic sobre "Finish" y cierra LSPFix.

Ahora ejecuta el hijack :

Scan y Fix a estas:

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe,

O4 - HKCU\..\Run: [userinit] C:\WINDOWS\system32\ntos.exe

O10 - Broken Internet access because of LSP provider 'rsvp32_2.dll' missing

Cierra el Hijack.

Busca estos archivos y los eliminas: (pueden no estar )

C:\WINDOWS\system32\ntos.exe

rsvp32_2.dll

Borra con el Disk Cleaner :Archivos Temp. de Internet,Temp. de Sistema,cookies,historial , etc.

Vacía la Papelera

Ejecuta el Avg-antispyware

Reinicia normal, conecta Internet, pon el reporte del AVG Anti-Spyware y pega un nuevo log del Hijack.

Saludos

Caito
 
Estado
Cerrado para nuevas respuestas
Arriba Pie