Página 1 de 1
Avatar de Usuario syrdax
Registrado: 27/01/2006
Mensajes: 225
ZoNeR@ de éLiTe
ZoNeR@ de éLiTe
Lun 06 Jul, 17:52
Hola a todos.
Hace 2 o 3 días, el PC del trabajo se volvio una tortuga, literalmente. Es lento para todo, para abrir un word, un pdf, para todo. Es como si de repente se pusiese a hacer 1000 cosas a la vez.
En la lista de procesos, hay varios "searchfiterhost"; "searchprotocolhost"; "searchindexers" que usan casi el 30% de la memoria.
No le han hecho nada al PC, solo de repente se puso lento.
Aqui el log del CpuZ:

-----------------------
CPU-Z version 1.51
-------------------------

Processors Map
------------------------------------------------------------------------------------

Number of processors 1
Number of threads 1

Processor 0
-- Core 0
-- Thread 0


Processors Information
------------------------------------------------------------------------------------

Processor 1 (ID = 0)
Number of cores 1 (max 1)
Number of threads 1 (max 1)
Name Intel Pentium 4 506
Codename Prescott
Specification Intel(R) Pentium(R) 4 CPU 2.66GHz
Package Socket 775 LGA (platform ID = 4h)
CPUID F.4.1
Extended CPUID F.4
Core Stepping E0
Technology 90 nm
Core Speed 2660.0 MHz (20.0 x 133.0 MHz)
Rated Bus speed 532.0 MHz
Stock frequency 2666 MHz
Instructions sets MMX, SSE, SSE2, SSE3, EM64T
L1 Data cache 16 KBytes, 8-way set associative, 64-byte line size
Trace cache 12 Kuops, 8-way set associative
L2 cache 1024 KBytes, 8-way set associative, 64-byte line size
FID/VID Control no
Features
Memory SPD
------------------------------------------------------------------------------

DIMM #1

General
Memory type DDR2
Module format Regular UDIMM
Manufacturer (ID) Hyundai Electronics (AD00000000000000)
Size 512 MBytes
Max bandwidth PC2-4300 (266 MHz)
Part number HYMP564U64BP8-C4
Serial number 00004206
Manufacturing date Week 13/Year 06

Attributes
Number of banks 1
Data width 64 bits
Correction None
Nominal Voltage 1.80 Volts
EPP no
XMP no

Timings table
Frequency (MHz) 200 266 266
CAS# 3.0 4.0 5.0
RAS# to CAS# delay 3 4 4
RAS# Precharge 3 4 4
TRAS 9 12 12
TRC 12 16 16

DIMM #2

General
Memory type DDR2
Module format Regular UDIMM
Manufacturer (ID) Hyundai Electronics (AD00000000000000)
Size 512 MBytes
Max bandwidth PC2-4300 (266 MHz)
Part number HYMP564U64BP8-C4
Serial number 00003209
Manufacturing date Week 13/Year 06

Attributes
Number of banks 1
Data width 64 bits
Correction None
Nominal Voltage 1.80 Volts
EPP no
XMP no

Timings table
Frequency (MHz) 200 266 266
CAS# 3.0 4.0 5.0
RAS# to CAS# delay 3 4 4
RAS# Precharge 3 4 4
TRAS 9 12 12
TRC 12 16 16

Pongo el log de Hijackthis! por las dudas.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:38:47, on 06/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\pcAnywhere\awhost32.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe
C:\WINDOWS\system32\CCM\CcmExec.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Symantec AntiVirus\vpc32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\xxxxxxxx\Local Settings\Temporary Internet Files\Content.IE5\AJXSKGJQ\HiJackThis[1].exe
C:\WINDOWS\system32\SearchProtocolHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.0.10.11:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.dg.it;<local>
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\cwbsvstr.exe"
O4 - HKLM\..\Run: [Client Access Help Update] "C:\Program Files\IBM\Client Access\cwbinhlp.exe"
O4 - HKLM\..\Run: [Client Access Check Version] "C:\Program Files\IBM\Client Access\cwbckver.exe" LOGIN
O4 - HKLM\..\Run: [Client Access Express Welcome] "C:\Program Files\IBM\Client Access\cwbwlwiz.exe"
O4 - HKLM\..\Run: [Client Access PC5250 Sound] "C:\Program Files\IBM\Client Access\Emulator\pcssnd.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.juegos.com/juego/3d-penalty.html"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: VPN Client.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 1074978935
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://gamenextes.oberon-media.com/Game ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = europe.dg.it
O17 - HKLM\Software\..\Telephony: DomainName = europe.dg.it
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = europe.dg.it
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = europe.dg.it
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Comando remoto iSeries Access per Windows (Cwbrxd) - IBM Corporation - C:\WINDOWS\CWBRXD.EXE
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: OKI OPHC DCS Loader - Oki Data Corporation - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHCLDCS.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe


Gracias y lamento si he puesto esto en el lugar equivocado.
Space for rent
Avatar de Usuario gohuca
Registrado: 18/11/2005
Mensajes: 39616
Administrador
Administrador
Mar 07 Jul, 00:16
Borra estas entradas:

O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.juegos.com/juego/3d-penalty.html"

O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://gamenextes.oberon-media.com/Game ... meHost.cab

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = europe.dg.it

O17 - HKLM\Software\..\Telephony: DomainName = europe.dg.it

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = europe.dg.it

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = europe.dg.it

Haz una limpieza del registro y pasa malwarebytes antimalware y spybot


Salu2


Gohuca
Avatar de Usuario syrdax
Registrado: 27/01/2006
Mensajes: 225
ZoNeR@ de éLiTe
ZoNeR@ de éLiTe
Mar 07 Jul, 08:55
Gracias gohuca;
Con respecto a las entradas "europe.dg.it", una consulta. Es el PC del trabajo, este se conecta por red a un servidor de Italia (casa madre de la empresa), por lo tanto, si borro esto, no me causara problemas?
Gracias de nuevo.
Space for rent
Avatar de Usuario Ayax
Registrado: 20/10/2008
Mensajes: 10833
Mega Zoner@
Mega Zoner@
Mar 07 Jul, 09:00
No borres entonces las entradas relacionadas con europe.dg.it :wink:

Saludos.
Imagen
SoftZone en Imagen
Avatar de Usuario syrdax
Registrado: 27/01/2006
Mensajes: 225
ZoNeR@ de éLiTe
ZoNeR@ de éLiTe
Mar 07 Jul, 17:19
Muchas gracias Ajax.
Por cierto, luego de corregir lo que me has dicho gohuca, y pasarle el Norton (lo siento, viene de "empresa") todo ha vuelto a la normalidad (le he pasado el Norton antes y no encontro nada).
Por cierto, lo de los juegos no es mio, es el pc de mi compañero de trabajo, que a pesar de que le digo que aunque borre el historial, en Italia se enteran sigue metiendose en todas esas paginas :P
Gracias!
Space for rent

Volver a Windows 98/XP/2000/Vista