maquina lenta inminent

Estado
Cerrado para nuevas respuestas.

lapeli

Miembro
Miembro
Les dejo el log de hijackthis y el malwares

Código:
Logfile of Trend Micro HijackThis v2.0.5
[SPOILER="CLIC para ver el Log de HijackThis"]Scan saved at 05:46:27 p.m., on 17/07/2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21359)

FIREFOX: 34.0.5 (x86 es-AR)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\crypserv.exe
C:\Archivos de programa\Firebird\Firebird_2_1\bin\fbguard.exe
C:\Archivos de programa\Archivos comunes\IMGUpdater\IMGUpdater.exe
C:\Archivos de programa\Panda USB Vaccine\USBVaccine.exe
C:\Archivos de programa\HP\HPLaserJetService\HPLaserJetService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\HPSIsvc.exe
C:\Documents and Settings\All Users\Datos de programa\DatacardService\HWDeviceService.exe
C:\ElsaWin\bin\LcSvrAdm.exe
C:\ElsaWin\bin\LcSvrDba.exe
C:\ElsaWin\bin\LcSvrHis.exe
C:\ElsaWin\bin\LcSvrPas.exe
C:\ElsaWin\bin\LcSvrSaz.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
C:\ElsaWin\bin\VSgate.exe
C:\Archivos de programa\HP\Digital Imaging\bin\hpqSRMon.exe
C:\Archivos de programa\PowerISO\PWRISOVM.EXE
C:\ARCHIV~1\ALWILS~1\Avast5\avastUI.exe
C:\Archivos de programa\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Messenger\msmsgs.exe
C:\Archivos de programa\Firebird\Firebird_2_1\bin\fbserver.exe
C:\Archivos de programa\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
C:\ElsaWin\bin\LcSvrAuf.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Archivos de programa\PERSONAL\GSM\Personal.exe
C:\Archivos de programa\SPC-GE\spcge.exe
C:\Archivos de programa\Malwarebytes Anti-Malware\mbam.exe
C:\Archivos de programa\Malwarebytes Anti-Malware\mbamservice.exe
C:\Archivos de programa\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\Archivos de programa\ESET\ESET Online Scanner\OnlineScannerApp.exe
C:\Archivos de programa\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
H:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [URL]http://go.microsoft.com/fwlink/?LinkId=54896[/URL]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [URL]http://start.iminent.com/?appId=7311A51D-12A4-45DE-8038-F93FDD99196F[/URL]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [URL]http://go.microsoft.com/fwlink/?LinkId=69157[/URL]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [URL]http://go.microsoft.com/fwlink/?LinkId=54896[/URL]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [URL]http://go.microsoft.com/fwlink/?LinkId=54896[/URL]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [URL]http://go.microsoft.com/fwlink/?LinkId=69157[/URL]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
R3 - URLSearchHook: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Archivos de programa\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - (no file)
O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Archivos de programa\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [hpqSRMon] C:\Archivos de programa\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Archivos de programa\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Archivos de programa\HP\HP UT LEDM\bin\hppusg.exe" "C:\Archivos de programa\HP\HP UT LEDM\"
O4 - HKLM\..\Run: [avast5] C:\ARCHIV~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [20131121] C:\Archivos de programa\Alwil Software\Avast5\setup\emupdate\385e9b53-0915-4deb-b260-486f7dc795fb.exe /check
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Archivos de programa\Archivos comunes\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Archivos de programa\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Archivos de programa\Messenger\msmsgs.exe" /background
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_17_0_0_134_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: Anexar a PDF existente - res://C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Anexar destino de vínculo a PDF existente - res://C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convertir a Adobe PDF - res://C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir destino de vínculo a Adobe PDF - res://C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Selección inteligente de HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Archivos de programa\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - [URL]http://download.eset.com/special/eos/OnlineScanner.cab[/URL]
O17 - HKLM\System\CCS\Services\Tcpip\..\{620EFBB0-E2ED-402D-84D7-69AAC3CDE7EF}: NameServer = 172.21.7.7 172.25.7.6
O18 - Protocol: vw-wi - {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} - C:\ElsaWin\bin\wiProt.dll
O22 - SharedTaskScheduler: Precargador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demonio de caché de las categorías de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Servicio del administrador de discos lógicos (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Registro de sucesos (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Archivos de programa\Firebird\Firebird_2_1\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Archivos de programa\Firebird\Firebird_2_1\bin\fbserver.exe
O23 - Service: GlobalUpdater - SIEN S.A. - C:\Archivos de programa\Archivos comunes\IMGUpdater\IMGUpdater.exe
O23 - Service: Google Update Servicio (gupdate) (gupdate) - Unknown owner - C:\Archivos de programa\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Unknown owner - C:\Archivos de programa\Google\Update\GoogleUpdate.exe
O23 - Service: HP LaserJet Service - HP - C:\Archivos de programa\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\WINDOWS\system32\HPSIsvc.exe
O23 - Service: HWDeviceService.exe - Unknown owner - C:\Documents and Settings\All Users\Datos de programa\DatacardService\HWDeviceService.exe
O23 - Service: Servicio COM de grabación de CD de IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: ELSA Administration Service (LcSvrAdm) - Volkswagen AG - C:\ElsaWin\bin\LcSvrAdm.exe
O23 - Service: ELSA Auftragsverwaltungs Service (LcSvrAuf) - Volkswagen AG - C:\ElsaWin\bin\LcSvrAuf.exe
O23 - Service: ELSA DBA Server (LcSvrDba) - Volkswagen AG - C:\ElsaWin\bin\LcSvrDba.exe
O23 - Service: ELSA Historie Server (LcSvrHis) - Volkswagen AG - C:\ElsaWin\bin\LcSvrHis.exe
O23 - Service: ELSA PASS Server (LcSvrPAS) - Volkswagen AG - C:\ElsaWin\bin\LcSvrPas.exe
O23 - Service: ELSA APOSpro Server (LcSvrSaz) - Volkswagen AG - C:\ElsaWin\bin\LcSvrSaz.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Archivos de programa\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Archivos de programa\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Escritorio remoto compartido de NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: organiser database (organiserservice) - Acresso - C:\ARCHIV~1\VIVIDW~1\ORGANI~1.EXE
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Administrador de sesión de Ayuda de escritorio remoto (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Tarjeta inteligente (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: ServiceLayer - Nokia. - C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Registros y alertas de rendimiento (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Archivos de programa\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
O23 - Service: ELSA Vaudis Service (VSGate) - Volkswagen AG - C:\ElsaWin\bin\VSgate.exe
O23 - Service: Instantáneas de volumen (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Adaptador de rendimiento de WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

--
End of file - 12824 bytes[/SPOILER]

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 17/07/2015
Scan Time: 04:31:31 p.m.
Logfile: mal.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.11.20.06
Rootkit Database: v2014.11.18.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: User

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 313493
Time Elapsed: 18 min, 25 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
PUP.Optional.IMGUpdater.A, C:\Archivos de programa\Archivos comunes\IMGUpdater\IMGUpdater.exe, 1620, , [2cda5ce2abd116208c36eab48f72d32d]

Modules: 0
(No malicious items detected)

Registry Keys: 32
PUP.Optional.IMGUpdater.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\GlobalUpdater, , [2cda5ce2abd116208c36eab48f72d32d],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\APPID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}, , [fa0c86b8dca02b0b7d5401bfa45e3fc1],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [858167d7b1cb16201546d321cb37aa56],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.BrowserHelperObject.1, , [858167d7b1cb16201546d321cb37aa56],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.BrowserHelperObject, , [858167d7b1cb16201546d321cb37aa56],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [858167d7b1cb16201546d321cb37aa56],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1659004503-1788223648-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [858167d7b1cb16201546d321cb37aa56],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1659004503-1788223648-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}, , [2fd76ed07ffd88ae4041467542c06e92],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1659004503-1788223648-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, , [96703e003e3e7eb820a9e014de24fe02],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, , [7b8bd569562679bd4be92bca40c20bf5],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, , [7a8cfa44e795ec4a3bfa7f76ed1557a9],
Hacktool.KewlButtonz, HKLM\SOFTWARE\CLASSES\CLSID\{D4BBE4C0-BD72-4A33-817C-2E7E16DE20BC}, , [778f50ee3448201625add9419c69c739],
Hacktool.KewlButtonz, HKLM\SOFTWARE\CLASSES\TYPELIB\{D18BBD1F-82BB-4385-BED3-E9D31A3E361E}, , [778f50ee3448201625add9419c69c739],
Hacktool.KewlButtonz, HKLM\SOFTWARE\CLASSES\INTERFACE\{9DC243A5-EE33-4674-8563-89B48E779EB1}, , [778f50ee3448201625add9419c69c739],
Hacktool.KewlButtonz, HKLM\SOFTWARE\CLASSES\INTERFACE\{B3D14CB9-183B-4BC8-8CE4-CBA37A6FE8C6}, , [778f50ee3448201625add9419c69c739],
Hacktool.KewlButtonz, HKLM\SOFTWARE\CLASSES\KewlButtonz.KewlButtons, , [778f50ee3448201625add9419c69c739],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\Iminent, , [b94dd06e6c10c27425ce265031d2c63a],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\esrv.iminentESrvc, , [54b20f2f69132a0cc5e21a5c50b32fd1],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\esrv.iminentESrvc.1, , [6c9afa442b5140f6e2c5a3d3da29d52b],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.ScriptExtender, , [d82ebc822953c86e42f1731a7193ef11],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.ScriptExtender.1, , [6d997fbfbebec67079ba4647df25e41c],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\APPID\Iminent.WebBooster.InternetExplorer.DLL, , [5ea861dd275585b1cd424e476f9532ce],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ehhlaekjfiiojlddgndcnefflngfmhen, , [798da39bd2aafa3cc84ff64c877cf50b],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\icdlfehblmklkikfigmjhbmmpmkmpooj, , [7e8856e81f5db6805a3a590648bb6a96],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\mhkaekfpcppmmioggniknbnbdbcigpkk, , [ac5aa896ceae91a5187d1c4331d20cf4],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nbljechdpodpbchbmjcoamidppmpnmlc, , [788e1d2136464fe718fe360c9a69af51],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pkhojieggfgllhllcegoffdcnmdeojgb, , [d4325de14c3079bd84aaadcb22e1bd43],
PUP.Optional.IMGUpdater.A, HKLM\SOFTWARE\IMGUPDATER, , [9c6aee503646da5c88a32c2bc340fd03],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DatamngrCoordinator.exe, , [fc0a50eea9d383b39a2c52fc54af4ab6],
PUP.Optional.Umbrella.A, HKLM\SOFTWARE\UMBRELLA, , [da2c3e0057253cfa2f97a9e4f50f3fc1],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1659004503-1788223648-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, , [c34352ecb3c9092dac482254ac573cc4],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1659004503-1788223648-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\Iminent, , [23e3d06e3a420d29efec4c15c63db050],

Registry Values: 6
PUP.Optional.Iminent.A, HKU\S-1-5-21-1659004503-1788223648-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, , [96703e003e3e7eb820a9e014de24fe02],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1659004503-1788223648-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, , [7d89b08e1f5dbb7b2d9c54a00ff305fb],
Hacktool.KewlButtonz, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\WINDOWS\SYSTEM32\KEWLBUTTONZ.OCX, 1, , [778f50ee3448201625add9419c69c739]
PUP.Optional.IMGUpdater.A, HKLM\SOFTWARE\IMGUPDATER|ConfigBlockJSN, {
"MAIN_SWITCH" : true,
"UPDATABLE" : {
"064A36CC-4404-42F9-B26E-3BFD515F2447" : {
"lastupdated" : 0,
"mindeltatime" : 259200
},
"2C200CBA-D536-40C8-902D-9C34FD10AD85" : {
"lastupdated" : 0,
"localversion" : "0",
"mindeltatime" : 259200
},
"4C973056-22D8-488C-A358-AEA00CC2EC7D" : {
"lastupdated" : 0,
"mindeltatime" : 259200
}
}
}
, , [9c6aee503646da5c88a32c2bc340fd03]
PUP.Optional.Umbrella.A, HKLM\SOFTWARE\UMBRELLA|MUpdBlock, {
"MASSUPDATE" : {
"CHROME_MBAR" : {
"Checked" : 1,
"RetryIdx" : 0,
"Version" : 1
},
"FIREFOX_MBAR" : {
"Checked" : 1,
"RetryIdx" : 0,
"Version" : 3
},
"IEXPLORE_BHO" : {
"Checked" : 1,
"RetryIdx" : 0,
"Version" : 4
}
}
}
, , [da2c3e0057253cfa2f97a9e4f50f3fc1]
PUP.Optional.IMGUpdater.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\GLOBALUPDATER|ImagePath, C:\Archivos de programa\Archivos comunes\IMGUpdater\IMGUpdater.exe, , [6a9cc5793d3f3204816a5403f50e728e]

Registry Data: 1
PUP.Optional.Iminent.A, HKU\S-1-5-21-1659004503-1788223648-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://start.iminent.com/?appId=7311A51D-12A4-45DE-8038-F93FDD99196F, Good: (www.Google.com), Bad: (http://start.iminent.com/?appId=731...DD99196F),,[c5417ec0b9c382b4f38b2d22af56619f]

Folders: 1
PUP.Optional.Iminent.A, C:\Documents and Settings\User\Configuración local\Temp\Iminent, , [50b66dd198e4e452f8c512f6a261c937],

Files: 12
PUP.Optional.IMGUpdater.A, C:\Archivos de programa\Archivos comunes\IMGUpdater\IMGUpdater.exe, , [2cda5ce2abd116208c36eab48f72d32d],
Hacktool.KewlButtonz, C:\WINDOWS\system32\KewlButtonz.ocx, , [778f50ee3448201625add9419c69c739],
PUP.Optional.Spigot.A, C:\WINDOWS\Installer\3a91ea.msi, , [b2540737c3b9ef4711b68045a061946c],
PUP.Optional.Iminent.A, C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\default\Local Storage\chrome-extension_ehhlaekjfiiojlddgndcnefflngfmhen_0.localstorage, , [12f43509384459ddfa41044222e1c040],
PUP.Optional.Iminent.A, C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\default\Local Storage\chrome-extension_nbljechdpodpbchbmjcoamidppmpnmlc_0.localstorage, , [b05642fc3b4195a13c008eb8c340e61a],
PUP.Optional.Iminent.A, C:\Documents and Settings\User\Datos de programa\Mozilla\Firefox\Profiles\qd0p93ld.default\extensions\firefoxmini@go.im.xpi, , [c640033be19b3cfa5bd472d62fd4d52b],
PUP.Optional.Iminent.A, C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\default\Local Storage\chrome-extension_jdkokpcldhneihjdhigfjmoeojkdcbmg_0.localstorage, , [bf47bd81493384b27c3dc9851ae906fa],
PUP.Optional.Iminent.A, C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage, , [c34387b7bbc185b19e42acb39f640000],
PUP.Optional.Iminent.A, C:\Documents and Settings\User\Datos de programa\Mozilla\Firefox\Profiles\qd0p93ld.default\searchplugins\iminent.xml, , [bb4b71cd5329dd59a6fd86e57192a060],
PUP.Optional.Iminent.A, C:\Archivos de programa\Mozilla Firefox\browser\searchplugins\StartWeb.xml, , [c34355e9b1cbde589bd24a2b81825ea2],
PUP.Optional.Iminent.A, C:\Archivos de programa\Mozilla Firefox\defaults\pref\all-iminent.js, , [6a9c0c32b6c6fc3aadf6b2d71fe5b749],
PUP.Optional.Iminent.A, C:\Documents and Settings\User\Datos de programa\Mozilla\Firefox\Profiles\qd0p93ld.default\prefs.js, Good: (), Bad: (user_pref("browser.newtab.url", "http://start.iminent.com/?ref=NewTab&appId=00000000-0000-0000-0000-000000000000");), ,[9b6b112dd6a6b383d900dfa68382e61a]

Physical Sectors: 0
(No malicious items detected)


(end)
 

Kbite

Aprender y compartir
Administrador
Hola lapeli.

Para eliminar "start.iminent" de todos los navegadores que puedas tener instalados utiliza esta herramienta específica para ello: AdwCleaner, con esto debería solucionarse el problema.

Pero ya que estamos eliminaremos algunas entradas que no hacen nada en el log:

○» Cierra todas las aplicaciones y ejecuta el HijackThis con clic derecho como Administrador.

○» Haz clic en el botón "Do a system scan only"

○» Selecciona las casillas de las siguientes entradas y presiona el botón Fix Checked (la primera podría no aparecer por haber sido ya eliminada)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.iminent.com/?appId=7311A51D-12A4-45DE-8038-F93FDD99196F
R3 - URLSearchHook: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - (no file)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

○» Cierra el HijackThis.

En tu respuesta nos dejas el informe del AdwCleaner y un nuevo log de HijackThis como control. Nos comentas como te va todo ahora.

Saludos, Kbite
 

lapeli

Miembro
Miembro
# AdwCleaner v4.208 - Registro generado 21/07/2015 en 19:08:44
# Actualizado 09/07/2015 por Xplode
# Base de datos : 2015-07-09.2 [Local]
# Sistema operativo : Microsoft Windows XP Service Pack 3 (x86)
# Nombre de usuario : User - EDUARDO
# Ejecutado desde : C:\Documents and Settings\User\Mis documentos\Descargas\adwcleaner_4.208.exe
# Opción : Limpiar

***** [ Servicios ] *****

[#] Servicio Eliminar : GlobalUpdater

***** [ Archivos / Carpetas ] *****

Carpeta Eliminar : C:\Documents and Settings\All Users\Datos de programa\apn
Carpeta Eliminar : C:\Archivos de programa\Archivos comunes\IMGUpdater
Carpeta Eliminar : C:\Archivos de programa\Archivos comunes\Umbrella
Carpeta Eliminar : C:\Archivos de programa\Archivos comunes\Hydrup
Carpeta Eliminar : C:\DOCUME~1\User\CONFIG~1\Temp\Iminent
Carpeta Eliminar : C:\Documents and Settings\User\Datos de programa\HPAppData
[!] Carpeta Eliminar : C:\Documents and Settings\User\Datos de programa\Mozilla\Firefox\Profiles\qd0p93ld.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi
[!] Carpeta Eliminar : C:\Documents and Settings\User\Datos de programa\Mozilla\Firefox\Profiles\qd0p93ld.default\Extensions\firefoxmini@go.im.xpi
Carpeta Eliminar : C:\Documents and Settings\User\Datos de programa\Mozilla\Firefox\Profiles\qd0p93ld.default\Extensions\WebSiteRecommendation@weliketheweb.com
Carpeta Eliminar : C:\Documents and Settings\User\Datos de programa\Mozilla\Firefox\Profiles\qd0p93ld.default\Extensions\veggy@veggyAddon.com
Archivo Eliminar : C:\Documents and Settings\User\Datos de programa\Mozilla\Firefox\Profiles\qd0p93ld.default\Extensions\firefoxmini@go.im.xpi
Archivo Eliminar : C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ehhlaekjfiiojlddgndcnefflngfmhen_0.localstorage
Archivo Eliminar : C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Archivo Eliminar : C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nbljechdpodpbchbmjcoamidppmpnmlc_0.localstorage
Archivo Eliminar : C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olakgnkoldmagdblaalodobkmeokmgjj_0.localstorage
Archivo Eliminar : C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jdkokpcldhneihjdhigfjmoeojkdcbmg_0.localstorage
Archivo Eliminar : C:\Archivos de programa\Mozilla Firefox\defaults\pref\all-iminent.js
Archivo Eliminar : C:\Documents and Settings\User\Datos de programa\Mozilla\Firefox\Profiles\qd0p93ld.default\searchplugins\iminent.xml
Archivo Eliminar : C:\Archivos de programa\Mozilla Firefox\browser\searchplugins\StartWeb.xml

***** [ Tareas programadas... ] *****


***** [ Accesos directos ] *****


***** [ Registro ] *****

Llave Eliminar : HKLM\SOFTWARE\Google\Chrome\Extensions\ehhlaekjfiiojlddgndcnefflngfmhen
Llave Eliminar : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Llave Eliminar : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Llave Eliminar : HKLM\SOFTWARE\Google\Chrome\Extensions\nbljechdpodpbchbmjcoamidppmpnmlc
Llave Eliminar : HKLM\SOFTWARE\Google\Chrome\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb
Llave Eliminar : HKCU\Software\SIEN SA
Llave Eliminar : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Llave Eliminar : HKLM\SOFTWARE\Classes\d
Llave Eliminar : HKLM\SOFTWARE\Classes\esrv.iminentESrvc
Llave Eliminar : HKLM\SOFTWARE\Classes\esrv.iminentESrvc.1
Llave Eliminar : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Llave Eliminar : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Llave Eliminar : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Llave Eliminar : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Llave Eliminar : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Llave Eliminar : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Llave Eliminar : HKLM\SOFTWARE\Classes\AppID\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Llave Eliminar : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Llave Eliminar : HKLM\SOFTWARE\Classes\CLSID\{99E71BF1-5F51-4AF9-830B-67015D59640D}
Llave Eliminar : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Llave Eliminar : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Llave Eliminar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Llave Eliminar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{208D4124-3895-4974-B293-A159BD306078}
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Llave Eliminar : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Llave Eliminar : HKCU\Software\APN PIP
Llave Eliminar : HKCU\Software\Iminent
Llave Eliminar : HKCU\Software\UpToDown
Llave Eliminar : HKLM\SOFTWARE\Conduit
Llave Eliminar : HKLM\SOFTWARE\IMGUPDATER
Llave Eliminar : HKLM\SOFTWARE\Iminent
Llave Eliminar : HKLM\SOFTWARE\Umbrella
Llave Eliminar : HKU\.DEFAULT\Software\AskPartnerNetwork
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0702826FCAC36EE52AC0441EEEEE2170
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1198E28F40C3E185E9958608554D4253
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14C66209FCA938858B9729645C666684
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15A073601B9AEC3549BE4A9314794615
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F7C80F9CE5CDF44E9AADDC99402534C
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\206AF45B775E3A445B3B2273827DA85F
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\225C3CBCEB850204D860A6C7CC7724AF
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2310FC151CD4F185798FA0996B3524D7
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\28572D2E2DE533256AC6B560EA573C22
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29C79786B109AC443B0DC7BFD61B1896
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2ABB56EABB920EB59B04BDDD26A62083
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2DABA02DFED47E352A2FA2EBDD6F6187
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\311567B4A9A002050BB9423FD73FB880
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\373FCED70D7F84E5FB5F3F7B76BEE024
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3BE992C130B235E53A2937391FDCA35B
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3DA5F64B3483DE549947A9164ACBAD21
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3ED93605BB9B6635E9D0D86615AF31F1
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4759B017032BA185F9BA6F7DBC95A2D4
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4A78ABCBB54E46E5482A3EE0AD66C39E
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4F9E947B6B895EB5A86757FC5D3DB862
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4FEEA83BF72B97E43A2DF0EE4BE4F261
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\509EC7EFB89B7D942997574AB14037A4
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50A730A9A3A61BF5BA70CA8A3B7C133B
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\51A95A1D4CDE4F958A9451FBB39BF54A
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\536133807DE80465BA6CD0A9742B7DE5
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5E25036E68895D45B95E72D1C3C58C74
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60ECC80C54085B141A40437A96CA2618
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60FD8CD5BE007315CA3B5C7E41F24017
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\618E7D05458C4F257909ED9C8CDC0D66
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\621C21014D3C152529E2460FA6304EE3
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6241FF6F317CABD4EBBEE0DE9076BD94
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\636B9C23C79154B57AB561F39A139BFD
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65AAF0F0CB7F0B45F900FDF19CEAAF2B
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6879A5E348601C45986308CA84958E94
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6A6F3B7A9805E1F5492A1020EEDF2341
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B1F5D204E4EEB342A5AD1D7E60D61BF
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7005A2A4DCF9DD7548137AB17E3A3AF3
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\712EAF07EE73CC65C822CC3BAE3B2483
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75FF6D97AF9FC004A9521D4B83FA6321
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7947B301B2446E752A3FE06EAD7D26B5
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7987CE52D13E16258B0E1E3DB1BB0974
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7BEED197C514FDA53901AE8DD8EF0891
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DFDCF03D46C34159BDE29FBDBF1ACF5
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\87EC9ACEAFE8ECD52A529663CD35213F
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\890F436B85B790A55A582B7307DA12CE
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C13DA6755F685B529615C8E92B3CA39
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D07CD9CB3E6BE652872BF06A1CCA782
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90841B1FC98200349925C88999866F17
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\94194FDD4DF523E53A888D65722A135D
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95266D07D008D2E4E9B6F8E0DD15432A
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4223BBC9438CAD49BBE10B4E344B1DD
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A72F23B1D745C27508518132197BC982
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A89E2B6FB14D8275DA63D075171DA184
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A9C43CD4001E9E4518B274AF9A0EFDA9
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AABA081CF7F19915FBB80B3BAF47CE63
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AC2A0FFD0A1686D53A4E24D6E96949E4
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AE5BDB2750259915D8442D4591A7717B
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1A79C71D5DC1C150B76B6ED11195DFC
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6D497DB33974935488761F7C4C3D755
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B752EF3300008394886C402CC27B474F
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B8C8BCC1206978D51A8B9EECBF806C53
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAD3576CEA646895B962F94754612791
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BB4091512C8F4295E99CE2D061ED2020
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEE6BBC9A31531F598794A62120B51C7
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C19162788CA4D235E829F88E2F771567
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C71F07DA356B66B5484A8E7F2ADEB7DC
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C96AD15EE8E887B56BAF2136A9088503
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C9E6B66ECC49D155888399C51D05C49E
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA360F24F0B214744BE40657FDA0B727
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB13D869D7D092348847B7481BB59E27
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE85F265816AE2D4E9B73C3E207E679C
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5389AEEA4A1E20428D045E86BCF643B
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5B62BB7BC607FB539585E2B7B6AFD16
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB027F01D4D53765C8E4FBE7DB77E07E
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DC2EB492393411F5ABE8ED13C59FBF20
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDA2534BD056D1F44B6EC96AAA7F1F6E
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDCA763D4C48A105086B4CCCEE78043F
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DEF7558C7CD27EF46AF802AFBE402675
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E05B987540A9E2849AAF9E5B06C27DA8
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E09F4A6B9D2A08B599AE9E38BFC93CD6
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E27B6535D0D94A24E91047C7D86F27BC
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E45D171E075A5425CBACF6631A45FA39
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E513C2076D90AD04F888BD762143F191
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E8F4C985459564F5B8DCFF2B3C7EBD27
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E96E33222BAC06B57A1FA9D72951C945
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EAA46CE9007F70A5CAFA5F26E5DDEBE5
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE43FF091A8714A599F33EF2533FB59A
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE790015CF30DAA569960905FF1651A0
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EEB44C47185BD304D80FDF5A4BBE8F54
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F214EB834D2EC474CA76C1CDE306CF3A
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F25491036D0FA5D5FA6742F5742F151A
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2E0D3DD9E5E4B74CA43BCE77815E287
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F4D1BA8B482D9734E943EE260A7ADEF2
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F6704141BAAF6884785EC6843143D6A7
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7507D4D4C310125E9A22BD909A41FB6
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F79C21D785419125595AC59458A6142D
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA15C90F092A60F53A4E0F88CED02968
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA1CF130B3D58B553833ACB6BE8AFAD4
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB0F1A18E4F0DBD509A42F4D4C05C02A
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FD17ED194F1C2B457B4F6EF4AE8DEAF3
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A
Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DatamngrCoordinator.exe

***** [ Navegadores Web ] *****

-\\ Internet Explorer v7.0.6000.21359


-\\ Mozilla Firefox v34.0.5 (x86 es-AR)

[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("browser.newtab.url", "hxxp://start.iminent.com/?ref=NewTab&appId=00000000-0000-0000-0000-000000000000");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("extensions.iminent.admin", false);
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("extensions.iminent.aflt", "orgnl");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("extensions.iminent.autoRvrt", "false");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("extensions.iminent.dfltLng", "");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("extensions.iminent.excTlbr", false);
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("extensions.iminent.ffxUnstlRst", false);
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("extensions.iminent.id", "c47a36e1000000000000582c80139263");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("extensions.iminent.instlDay", "15958");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("extensions.iminent.instlRef", "");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("extensions.iminent.newTab", false);
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("extensions.iminent.prdct", "iminent");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("extensions.iminent.prtnrId", "iminent");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("extensions.iminent.rvrt", "false");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("extensions.iminent.smplGrp", "none");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("extensions.iminent.tlbrId", "base");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("extensions.iminent.vrsn", "1.8.25.0");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("extensions.iminent.vrsnTs", "1.8.25.018:09:20");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("extensions.iminent.vrsni", "1.8.25.0");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("iminent.BirthDate", "1408733178");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("iminent.LayoutId", "1");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("iminent.ShowThankyouPixel", "0");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("iminent.enableToolbar", "true");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("iminent.enabledAds", "false");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("iminent.newtabredirect", "true");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("iminent.nomsi", "true");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("iminent.registerToolbarEvent100", "1379105491708");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("iminent.registerToolbarEvent101", "1379017288689");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("iminent.registerToolbarEvent102", "1379442323675");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("iminent.registerToolbarEvent109", "1379097934272");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("iminent.registerToolbarEvent111", "1379097934283");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("iminent.registerToolbarEvent112", "1379097981022");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("iminent.registerToolbarEvent122", "1379097934286");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("iminent.registerToolbarEvent140", "1379019732886");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("iminent.searchindex", "1");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("iminent.version", "7.36.1.1");
[qd0p93ld.default\prefs.js] - Línea Eliminar : user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.36.1.1\",\"InstallEventCTime\":1379094234484,\"InstallEvent\":\"True\"}");

-\\ Google Chrome v43.0.2357.134

[C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Web Data] - Eliminar [Search Provider] : hxxp://start.iminent.com/?appId=7311A51D-12A4-45DE-8038-F93FDD99196F&ref=toolbox&q={searchTerms}

*************************

AdwCleaner[R0].txt - [2816 bytes] - [10/09/2013 16:11:06]
AdwCleaner[R1].txt - [11179 bytes] - [17/09/2013 15:29:57]
AdwCleaner[R2].txt - [1102 bytes] - [19/09/2013 15:27:41]
AdwCleaner[R3].txt - [1222 bytes] - [24/09/2013 16:04:19]
AdwCleaner[R4].txt - [1282 bytes] - [24/09/2013 16:23:55]
AdwCleaner[R5].txt - [1343 bytes] - [24/09/2013 16:44:17]
AdwCleaner[R6].txt - [26066 bytes] - [21/07/2015 19:06:39]
AdwCleaner[S0].txt - [2783 bytes] - [10/09/2013 16:12:26]
AdwCleaner[S1].txt - [10257 bytes] - [17/09/2013 15:33:11]
AdwCleaner[S2].txt - [1162 bytes] - [19/09/2013 15:28:27]
AdwCleaner[S3].txt - [1402 bytes] - [24/09/2013 16:44:52]
AdwCleaner[S4].txt - [25870 bytes] - [21/07/2015 19:08:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [25930 bytes] ##########

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 17/07/2015
Scan Time: 04:31:31 p.m.
Logfile: mal.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.11.20.06
Rootkit Database: v2014.11.18.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: User

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 313493
Time Elapsed: 18 min, 25 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
PUP.Optional.IMGUpdater.A, C:\Archivos de programa\Archivos comunes\IMGUpdater\IMGUpdater.exe, 1620, , [2cda5ce2abd116208c36eab48f72d32d]

Modules: 0
(No malicious items detected)

Registry Keys: 32
PUP.Optional.IMGUpdater.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\GlobalUpdater, , [2cda5ce2abd116208c36eab48f72d32d],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\APPID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}, , [fa0c86b8dca02b0b7d5401bfa45e3fc1],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [858167d7b1cb16201546d321cb37aa56],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.BrowserHelperObject.1, , [858167d7b1cb16201546d321cb37aa56],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.BrowserHelperObject, , [858167d7b1cb16201546d321cb37aa56],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [858167d7b1cb16201546d321cb37aa56],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1659004503-1788223648-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [858167d7b1cb16201546d321cb37aa56],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1659004503-1788223648-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}, , [2fd76ed07ffd88ae4041467542c06e92],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1659004503-1788223648-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, , [96703e003e3e7eb820a9e014de24fe02],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, , [7b8bd569562679bd4be92bca40c20bf5],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, , [7a8cfa44e795ec4a3bfa7f76ed1557a9],
Hacktool.KewlButtonz, HKLM\SOFTWARE\CLASSES\CLSID\{D4BBE4C0-BD72-4A33-817C-2E7E16DE20BC}, , [778f50ee3448201625add9419c69c739],
Hacktool.KewlButtonz, HKLM\SOFTWARE\CLASSES\TYPELIB\{D18BBD1F-82BB-4385-BED3-E9D31A3E361E}, , [778f50ee3448201625add9419c69c739],
Hacktool.KewlButtonz, HKLM\SOFTWARE\CLASSES\INTERFACE\{9DC243A5-EE33-4674-8563-89B48E779EB1}, , [778f50ee3448201625add9419c69c739],
Hacktool.KewlButtonz, HKLM\SOFTWARE\CLASSES\INTERFACE\{B3D14CB9-183B-4BC8-8CE4-CBA37A6FE8C6}, , [778f50ee3448201625add9419c69c739],
Hacktool.KewlButtonz, HKLM\SOFTWARE\CLASSES\KewlButtonz.KewlButtons, , [778f50ee3448201625add9419c69c739],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\Iminent, , [b94dd06e6c10c27425ce265031d2c63a],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\esrv.iminentESrvc, , [54b20f2f69132a0cc5e21a5c50b32fd1],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\esrv.iminentESrvc.1, , [6c9afa442b5140f6e2c5a3d3da29d52b],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.ScriptExtender, , [d82ebc822953c86e42f1731a7193ef11],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.ScriptExtender.1, , [6d997fbfbebec67079ba4647df25e41c],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\APPID\Iminent.WebBooster.InternetExplorer.DLL, , [5ea861dd275585b1cd424e476f9532ce],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ehhlaekjfiiojlddgndcnefflngfmhen, , [798da39bd2aafa3cc84ff64c877cf50b],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\icdlfehblmklkikfigmjhbmmpmkmpooj, , [7e8856e81f5db6805a3a590648bb6a96],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\mhkaekfpcppmmioggniknbnbdbcigpkk, , [ac5aa896ceae91a5187d1c4331d20cf4],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nbljechdpodpbchbmjcoamidppmpnmlc, , [788e1d2136464fe718fe360c9a69af51],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pkhojieggfgllhllcegoffdcnmdeojgb, , [d4325de14c3079bd84aaadcb22e1bd43],
PUP.Optional.IMGUpdater.A, HKLM\SOFTWARE\IMGUPDATER, , [9c6aee503646da5c88a32c2bc340fd03],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DatamngrCoordinator.exe, , [fc0a50eea9d383b39a2c52fc54af4ab6],
PUP.Optional.Umbrella.A, HKLM\SOFTWARE\UMBRELLA, , [da2c3e0057253cfa2f97a9e4f50f3fc1],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1659004503-1788223648-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, , [c34352ecb3c9092dac482254ac573cc4],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1659004503-1788223648-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\Iminent, , [23e3d06e3a420d29efec4c15c63db050],

Registry Values: 6
PUP.Optional.Iminent.A, HKU\S-1-5-21-1659004503-1788223648-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, , [96703e003e3e7eb820a9e014de24fe02],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1659004503-1788223648-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, , [7d89b08e1f5dbb7b2d9c54a00ff305fb],
Hacktool.KewlButtonz, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\WINDOWS\SYSTEM32\KEWLBUTTONZ.OCX, 1, , [778f50ee3448201625add9419c69c739]
PUP.Optional.IMGUpdater.A, HKLM\SOFTWARE\IMGUPDATER|ConfigBlockJSN, {
"MAIN_SWITCH" : true,
"UPDATABLE" : {
"064A36CC-4404-42F9-B26E-3BFD515F2447" : {
"lastupdated" : 0,
"mindeltatime" : 259200
},
"2C200CBA-D536-40C8-902D-9C34FD10AD85" : {
"lastupdated" : 0,
"localversion" : "0",
"mindeltatime" : 259200
},
"4C973056-22D8-488C-A358-AEA00CC2EC7D" : {
"lastupdated" : 0,
"mindeltatime" : 259200
}
}
}
, , [9c6aee503646da5c88a32c2bc340fd03]
PUP.Optional.Umbrella.A, HKLM\SOFTWARE\UMBRELLA|MUpdBlock, {
"MASSUPDATE" : {
"CHROME_MBAR" : {
"Checked" : 1,
"RetryIdx" : 0,
"Version" : 1
},
"FIREFOX_MBAR" : {
"Checked" : 1,
"RetryIdx" : 0,
"Version" : 3
},
"IEXPLORE_BHO" : {
"Checked" : 1,
"RetryIdx" : 0,
"Version" : 4
}
}
}
, , [da2c3e0057253cfa2f97a9e4f50f3fc1]
PUP.Optional.IMGUpdater.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\GLOBALUPDATER|ImagePath, C:\Archivos de programa\Archivos comunes\IMGUpdater\IMGUpdater.exe, , [6a9cc5793d3f3204816a5403f50e728e]

Registry Data: 1
PUP.Optional.Iminent.A, HKU\S-1-5-21-1659004503-1788223648-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://start.iminent.com/?appId=7311A51D-12A4-45DE-8038-F93FDD99196F, Good: (www.Google.com), Bad: (http://start.iminent.com/?appId=731...DD99196F),,[c5417ec0b9c382b4f38b2d22af56619f]

Folders: 1
PUP.Optional.Iminent.A, C:\Documents and Settings\User\Configuración local\Temp\Iminent, , [50b66dd198e4e452f8c512f6a261c937],

Files: 12
PUP.Optional.IMGUpdater.A, C:\Archivos de programa\Archivos comunes\IMGUpdater\IMGUpdater.exe, , [2cda5ce2abd116208c36eab48f72d32d],
Hacktool.KewlButtonz, C:\WINDOWS\system32\KewlButtonz.ocx, , [778f50ee3448201625add9419c69c739],
PUP.Optional.Spigot.A, C:\WINDOWS\Installer\3a91ea.msi, , [b2540737c3b9ef4711b68045a061946c],
PUP.Optional.Iminent.A, C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\default\Local Storage\chrome-extension_ehhlaekjfiiojlddgndcnefflngfmhen_0.localstorage, , [12f43509384459ddfa41044222e1c040],
PUP.Optional.Iminent.A, C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\default\Local Storage\chrome-extension_nbljechdpodpbchbmjcoamidppmpnmlc_0.localstorage, , [b05642fc3b4195a13c008eb8c340e61a],
PUP.Optional.Iminent.A, C:\Documents and Settings\User\Datos de programa\Mozilla\Firefox\Profiles\qd0p93ld.default\extensions\firefoxmini@go.im.xpi, , [c640033be19b3cfa5bd472d62fd4d52b],
PUP.Optional.Iminent.A, C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\default\Local Storage\chrome-extension_jdkokpcldhneihjdhigfjmoeojkdcbmg_0.localstorage, , [bf47bd81493384b27c3dc9851ae906fa],
PUP.Optional.Iminent.A, C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage, , [c34387b7bbc185b19e42acb39f640000],
PUP.Optional.Iminent.A, C:\Documents and Settings\User\Datos de programa\Mozilla\Firefox\Profiles\qd0p93ld.default\searchplugins\iminent.xml, , [bb4b71cd5329dd59a6fd86e57192a060],
PUP.Optional.Iminent.A, C:\Archivos de programa\Mozilla Firefox\browser\searchplugins\StartWeb.xml, , [c34355e9b1cbde589bd24a2b81825ea2],
PUP.Optional.Iminent.A, C:\Archivos de programa\Mozilla Firefox\defaults\pref\all-iminent.js, , [6a9c0c32b6c6fc3aadf6b2d71fe5b749],
PUP.Optional.Iminent.A, C:\Documents and Settings\User\Datos de programa\Mozilla\Firefox\Profiles\qd0p93ld.default\prefs.js, Good: (), Bad: (user_pref("browser.newtab.url", "http://start.iminent.com/?ref=NewTab&appId=00000000-0000-0000-0000-000000000000");), ,[9b6b112dd6a6b383d900dfa68382e61a]

Physical Sectors: 0
(No malicious items detected)


(end)

Código:
Logfile of Trend Micro HijackThis v2.0.5
[SPOILER="CLIC para ver el Log de HijackThis"]Scan saved at 06:45:22 p.m., on 23/07/2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21359)

FIREFOX: 34.0.5 (x86 es-AR)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\crypserv.exe
C:\Archivos de programa\Firebird\Firebird_2_1\bin\fbguard.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Panda USB Vaccine\USBVaccine.exe
C:\Archivos de programa\HP\HPLaserJetService\HPLaserJetService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\HPSIsvc.exe
C:\Documents and Settings\All Users\Datos de programa\DatacardService\HWDeviceService.exe
C:\ElsaWin\bin\LcSvrAdm.exe
C:\ElsaWin\bin\LcSvrDba.exe
C:\ElsaWin\bin\LcSvrHis.exe
C:\ElsaWin\bin\LcSvrPas.exe
C:\ElsaWin\bin\LcSvrSaz.exe
C:\Archivos de programa\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Archivos de programa\Malwarebytes Anti-Malware\mbamservice.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Malwarebytes Anti-Malware\mbam.exe
C:\Archivos de programa\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
C:\ElsaWin\bin\VSgate.exe
C:\Archivos de programa\HP\Digital Imaging\bin\hpqSRMon.exe
C:\Archivos de programa\PowerISO\PWRISOVM.EXE
C:\ARCHIV~1\ALWILS~1\Avast5\avastUI.exe
C:\Archivos de programa\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Messenger\msmsgs.exe
C:\Archivos de programa\Firebird\Firebird_2_1\bin\fbserver.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Archivos de programa\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
C:\ElsaWin\bin\LcSvrAuf.exe
C:\Archivos de programa\SPC-GE\spcge.exe
C:\Archivos de programa\SPC-GE\spcge.exe
C:\Archivos de programa\SPC-GE\spcge.exe
H:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [URL]http://go.microsoft.com/fwlink/?LinkId=54896[/URL]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [URL]http://go.microsoft.com/fwlink/?LinkId=69157[/URL]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [URL]http://go.microsoft.com/fwlink/?LinkId=54896[/URL]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [URL]http://go.microsoft.com/fwlink/?LinkId=54896[/URL]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [URL]http://go.microsoft.com/fwlink/?LinkId=69157[/URL]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Archivos de programa\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Archivos de programa\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [hpqSRMon] C:\Archivos de programa\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Archivos de programa\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Archivos de programa\HP\HP UT LEDM\bin\hppusg.exe" "C:\Archivos de programa\HP\HP UT LEDM\"
O4 - HKLM\..\Run: [avast5] C:\ARCHIV~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [20131121] C:\Archivos de programa\Alwil Software\Avast5\setup\emupdate\385e9b53-0915-4deb-b260-486f7dc795fb.exe /check
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Archivos de programa\Archivos comunes\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Archivos de programa\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Archivos de programa\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: Anexar a PDF existente - res://C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Anexar destino de vínculo a PDF existente - res://C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convertir a Adobe PDF - res://C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir destino de vínculo a Adobe PDF - res://C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Selección inteligente de HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Archivos de programa\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - [URL]http://download.eset.com/special/eos/OnlineScanner.cab[/URL]
O18 - Protocol: vw-wi - {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} - C:\ElsaWin\bin\wiProt.dll
O22 - SharedTaskScheduler: Precargador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demonio de caché de las categorías de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Servicio del administrador de discos lógicos (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Registro de sucesos (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Archivos de programa\Firebird\Firebird_2_1\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Archivos de programa\Firebird\Firebird_2_1\bin\fbserver.exe
O23 - Service: Google Update Servicio (gupdate) (gupdate) - Unknown owner - C:\Archivos de programa\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Unknown owner - C:\Archivos de programa\Google\Update\GoogleUpdate.exe
O23 - Service: HP LaserJet Service - HP - C:\Archivos de programa\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\WINDOWS\system32\HPSIsvc.exe
O23 - Service: HWDeviceService.exe - Unknown owner - C:\Documents and Settings\All Users\Datos de programa\DatacardService\HWDeviceService.exe
O23 - Service: Servicio COM de grabación de CD de IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: ELSA Administration Service (LcSvrAdm) - Volkswagen AG - C:\ElsaWin\bin\LcSvrAdm.exe
O23 - Service: ELSA Auftragsverwaltungs Service (LcSvrAuf) - Volkswagen AG - C:\ElsaWin\bin\LcSvrAuf.exe
O23 - Service: ELSA DBA Server (LcSvrDba) - Volkswagen AG - C:\ElsaWin\bin\LcSvrDba.exe
O23 - Service: ELSA Historie Server (LcSvrHis) - Volkswagen AG - C:\ElsaWin\bin\LcSvrHis.exe
O23 - Service: ELSA PASS Server (LcSvrPAS) - Volkswagen AG - C:\ElsaWin\bin\LcSvrPas.exe
O23 - Service: ELSA APOSpro Server (LcSvrSaz) - Volkswagen AG - C:\ElsaWin\bin\LcSvrSaz.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Archivos de programa\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Archivos de programa\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Escritorio remoto compartido de NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: organiser database (organiserservice) - Acresso - C:\ARCHIV~1\VIVIDW~1\ORGANI~1.EXE
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Administrador de sesión de Ayuda de escritorio remoto (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Tarjeta inteligente (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: ServiceLayer - Nokia. - C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Registros y alertas de rendimiento (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Archivos de programa\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
O23 - Service: ELSA Vaudis Service (VSGate) - Volkswagen AG - C:\ElsaWin\bin\VSgate.exe
O23 - Service: Instantáneas de volumen (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Adaptador de rendimiento de WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

--
End of file - 11858 bytes[/SPOILER]
 

Kbite

Aprender y compartir
Administrador
Hola lapeli.

El log de HijackThis está limpio. El del Malwarebytes parece repetido del anterior pero está bien. El AdwCleaner limpió mucho por lo que supongo que el problema se resolvió, en tu respuesta nos dices si se ha solucionado o necesitas algo más.

Saludos, Kbite
 
Estado
Cerrado para nuevas respuestas.
Arriba Pie