Mi conexion a internet se volvio lenta

MasterChris · Mensaje por **MasterChris** » 14 Jun 2007, 04:12

Mi problema es que hace unos dias se le metio un troyano a mi laptop y lo elimine, pero ahora la conexion es lenta.

Antes entraba a una pagina rapidamente y ahora me sale conque no se puede cargar la pagina y le tengo que actualizar hasta que entra, veia videos corridos en Youtube, pero ahora a cada rato se paran por el buffer y otra cosa que note es que descargaba a una velocidad promedio de 50 KB/s pero ahora es de 15 KB/s.

Aqui dejo mi log:

Logfile of HijackThis v1.99.1

Scan saved at 08:06:28 p.m., on 13/06/2007

Platform: Unknown Windows (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16386)

Running processes:

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\OPTENET\bin\optproxy.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Spyware Doctor\svcntaux.exe

C:\Program Files\Spyware Doctor\swdsvc.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Java\jre1.6.0\bin\jusched.exe

C:\Program Files\OPTENET\bin\OptGui.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\hkcmd.exe

C:\WINDOWS\System32\igfxpers.exe

C:\Program Files\Spyware Doctor\SDTrayApp.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE

C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Internet Explorer\ieuser.exe

C:\Program Files\Internet Explorer\iexplore.exe

\?\C:\Windows\system32\wbem\WMIADAP.EXE

C:\Program Files\WinRAR\WinRAR.exe

C:\Users\MASTER~1\AppData\Local\Temp\Rar$EX00.903\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll

O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"

O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"

O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\OPTENET\bin\OPTGui.exe

O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - Global Startup: Inicio rápido de Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: Download &Flash Movies - C:\Program Files\Flash2X\Flash Hunter\save.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll

O9 - Extra button: Flash2X Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save.htm (HKCU)

O9 - Extra 'Tools' menuitem: &Launch Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save.htm (HKCU)

O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll

O11 - Options group: [INTERNATIONAL] International*

O13 - Gopher Prefix:

O20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxdev.dll

O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Validación de contraseña de Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)

O23 - Service: OPTENET Content Filter (OPTENET_FILTER) - Optenet - C:\Program Files\OPTENET\bin\optproxy.exe

O23 - Service: Programador de LiveUpdate automático - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe

O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

Gracias de antemano.

Mensaje por **msc hotline sat** » 14 Jun 2007, 06:04

Mire si conoce estas aplicaciones, y sino, envienos los ficheros para analizar:

C:\Program Files\OPTENET\bin\OptGui.exe

C:\windows\SMINST\launcher.exe

Aparte, tiene instalado el SPyware Doctor que nos consta que ralentiza mucho al ordenador, pruebe desinstalarlo, a ver si es por esto.

saludos

ms, 14-06-2007

MasterChris · Mensaje por **MasterChris** » 14 Jun 2007, 19:36

El Spyware Doctor lo instale para checar la laptop desde que comenzo ha ir lenta la conexion, de todos modos lo desistalare y ya mande los archivos.

Mensaje por **msc hotline sat** » 14 Jun 2007, 19:52

Pues mañana los analizaremos, que ahora SATINFO ya está cerrado

Y mientras, pruebe el ELISTARA, igual encontramos algo mas:

[quote]ELISTARA:

http://www.zonavirus.com/descargas/elistara.asp

Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el resultado del proceso[/quote]

saludos

ms, 14-06-2007

MasterChris · Mensaje por **MasterChris** » 15 Jun 2007, 04:44

¿Quisiera saber si el ELISTARA tarda de por si tanto? Ya que lo inicio en Modo Seguro y no termina la aplicacion y me dice que no responde.

Aqui posteo el de ELITRIIP:

Wed Jun 13 18:18:50 2007

EliTriIP v3.65 (c)2007 S.G.H. / Satinfo S.L.

---------------------------------------------

Lista de Acciones (por Acción Directa):

Wed Jun 13 18:19:07 2007

EliTriIP v3.65 (c)2007 S.G.H. / Satinfo S.L.

---------------------------------------------

Lista de Acciones (por Exploración):

Explorando Unidad C:\

C:\Program Files\Symantec\LiveUpdate\LUInit.exe --> Eliminado, BackDoor.CMQ

C:\SwSetup\Inetsec\16\Support\LUpdate\LUInit.exe --> Eliminado, BackDoor.CMQ

C:\SwSetup\QPW\Autorun.inf --> Eliminado, BackDoor.CMQ (inf)

C:\SwSetup\RoxioCB9\EMC_90\Autorun.inf --> Eliminado, BackDoor.CMQ (inf)

Wed Jun 13 18:24:40 2007

EliTriIP v3.65 (c)2007 S.G.H. / Satinfo S.L.

---------------------------------------------

Lista de Acciones (por Exploración):

Explorando Unidad C:\

Thu Jun 14 20:36:09 2007

EliTriIP v3.65 (c)2007 S.G.H. / Satinfo S.L.

---------------------------------------------

Lista de Acciones (por Acción Directa):

Thu Jun 14 20:36:12 2007

EliTriIP v3.65 (c)2007 S.G.H. / Satinfo S.L.

---------------------------------------------

Lista de Acciones (por Exploración):

Explorando Unidad C:\

Y no me habia dado cuenta, pero hay otro archivo titulado "error", aqui lo posteo:

Wed Jun 13 15:50:38 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 15:59:34 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 16:01:06 2007 [DBG] Starting service...

Wed Jun 13 16:01:29 2007 [DBG] Service started

Wed Jun 13 16:05:29 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 16:13:32 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 16:27:35 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 16:38:21 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 16:42:14 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 16:59:11 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 17:13:00 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 17:27:24 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 17:40:26 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 17:43:55 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 17:50:09 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 18:40:43 2007 [DBG] Starting service...

Wed Jun 13 18:41:07 2007 [DBG] Service started

Wed Jun 13 18:47:19 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 18:54:42 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 19:06:13 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 19:14:43 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 19:17:41 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 19:24:48 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 19:32:23 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 19:35:47 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 19:38:08 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 19:42:33 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 20:02:04 2007 [DBG] Starting service...

Wed Jun 13 20:02:26 2007 [DBG] Service started

Wed Jun 13 20:04:22 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 20:31:02 2007 [WRN] Generic error in connection/blocksock

Wed Jun 13 20:40:50 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 10:07:39 2007 [DBG] Starting service...

Thu Jun 14 10:08:02 2007 [DBG] Service started

Thu Jun 14 10:58:24 2007 [DBG] Starting service...

Thu Jun 14 10:58:46 2007 [DBG] Service started

Thu Jun 14 11:48:29 2007 [DBG] Starting service...

Thu Jun 14 11:48:50 2007 [DBG] Service started

Thu Jun 14 15:08:44 2007 [DBG] Starting service...

Thu Jun 14 15:09:08 2007 [DBG] Service started

Thu Jun 14 15:48:14 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 16:06:32 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 16:19:06 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 16:50:02 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 17:11:42 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 17:19:57 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 17:40:17 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 17:49:19 2007 [DBG] Starting service...

Thu Jun 14 17:49:40 2007 [DBG] Service started

Thu Jun 14 17:56:48 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 18:08:11 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 18:12:37 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 18:15:31 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 18:29:21 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 18:52:17 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 19:01:26 2007 [DBG] Starting service...

Thu Jun 14 19:01:47 2007 [DBG] Service started

Thu Jun 14 19:03:06 2007 [DBG] Starting service...

Thu Jun 14 19:03:29 2007 [DBG] Service started

Thu Jun 14 19:03:52 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 19:03:52 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 19:04:01 2007 [ERR] Error connecting to the license server

Thu Jun 14 19:10:34 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 19:15:54 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 19:26:30 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 19:28:20 2007 [DBG] Starting service...

Thu Jun 14 19:28:42 2007 [DBG] Service started

Thu Jun 14 19:39:36 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 19:43:43 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 19:49:29 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 19:59:38 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 20:01:59 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 20:04:58 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 20:07:19 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 20:13:33 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 20:18:10 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 20:19:38 2007 [DBG] Starting service...

Thu Jun 14 20:20:02 2007 [DBG] Service started

Thu Jun 14 20:21:18 2007 [DBG] Starting service...

Thu Jun 14 20:21:44 2007 [DBG] Service started

Thu Jun 14 20:22:06 2007 [WRN] Generic error in connection/blocksock

Thu Jun 14 20:22:08 2007 [ERR] Error connecting to the license server

Thu Jun 14 20:43:37 2007 [DBG] Starting service...

Thu Jun 14 20:44:06 2007 [DBG] Service started

Thu Jun 14 20:44:59 2007 [WRN] Generic error in connection/blocksock

Gracias por su tiempo.

MasterChris · Mensaje por **MasterChris** » 15 Jun 2007, 04:52

Se me olvidaba, me apecio un mensaje de error:

"Proceso host de Windows (Rundll32) dejo de funcionar".

No se si sirva, pero de todas formas lo coloco.

MasterChris · Mensaje por **MasterChris** » 15 Jun 2007, 05:04

Tres mensajes seguidos ya es mucho pero despúes de mandar el ultimo mensaje se abrieron como 38 ventanas de explorador (lo bueno es que tenia activado el modo en grupo) es la primera vez que me ocurre, asi que vuevo a mandar mi blog por si acaso:

Logfile of HijackThis v1.99.1

Scan saved at 09:06:48 p.m., on 14/06/2007

Platform: Unknown Windows (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16386)

Running processes:

C:\Windows\Explorer.EXE

C:\Program Files\WinRAR\WinRAR.exe

C:\Users\MASTER~1\AppData\Local\Temp\Rar$EX00.997\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.5.19.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll

O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"

O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"

O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\OPTENET\bin\OPTGui.exe

O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - Global Startup: Inicio rápido de Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Download &Flash Movies - C:\Program Files\Flash2X\Flash Hunter\save.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll

O9 - Extra button: Flash2X Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save.htm (HKCU)

O9 - Extra 'Tools' menuitem: &Launch Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save.htm (HKCU)

O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll

O11 - Options group: [INTERNATIONAL] International*

O13 - Gopher Prefix:

O17 - HKLM\System\CCS\Services\Tcpip\..\{1574CAF4-FCE9-4BE1-857E-A18A16750A09}: NameServer = 208.67.222.222,208.67.220.220

O17 - HKLM\System\CS1\Services\Tcpip\..\{1574CAF4-FCE9-4BE1-857E-A18A16750A09}: NameServer = 208.67.222.222,208.67.220.220

O17 - HKLM\System\CS2\Services\Tcpip\..\{1574CAF4-FCE9-4BE1-857E-A18A16750A09}: NameServer = 208.67.222.222,208.67.220.220

O20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxdev.dll

O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Validación de contraseña de Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)

O23 - Service: OPTENET Content Filter (OPTENET_FILTER) - Optenet - C:\Program Files\OPTENET\bin\optproxy.exe

O23 - Service: Programador de LiveUpdate automático - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

Mensaje por **msc hotline sat** » 15 Jun 2007, 07:46

Pues ya veremos los ficheros cuando los analicemos, pero ya he visto la razon del porqué el ELISTARA no funciona: Está usando VISTA y no son compatibles.

saludos

ms, 15-06-2007