Buenas tardes, hace unos días se detecto un malware en mi pc el antivirus según lo elimino pero me empezó aparecer un anuncio en Google diciendo que mis contraseñas se habían filtrado, ya formatee la laptop e hice un scan con hijackthis, pego los resultados para ver si lo pueden revisar y ver si ya se ha borrado todo y si no es así a ver si me pudieran apoyar para borrarlo. El resultado de Hijackthis es este:
Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.31
Platform: x64 Windows 10 (Home Single Language), 10.0.19045.4239 (ReleaseId: 2009, 22H2), Service Pack: 0
Time: 01.04.2024 - 12:40 (UTC-06:00)
Language: OS: Spanish (0x80A). Display: Spanish (0x80A). Non-Unicode: Spanish (0x80A)
Memory: 6106 MiB Free (41 %). CPU Loading: (19 %)
Elevated: Yes
Ran by: rsamp (group: Administrators) on DESKTOP-QTPLPS2, FirstRun: yes
Chrome: 123.0.6312.86
Internet Explorer: 11.0.19041.3636
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
10 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
18 C:\Program Files\Google\Chrome\Application\chrome.exe
1 C:\Program Files\Microsoft OneDrive\24.055.0317.0001\FileCoAuth.exe
1 C:\Program Files\Microsoft OneDrive\OneDrive.exe
2 C:\Program Files\Norton Security\Engine\22.24.2.6\NortonSecurity.exe
1 C:\Program Files\Norton Security\Engine\22.24.2.6\nsWscSvc.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeApp.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
1 C:\Users\rsamp\OneDrive\Escritorio\HiJackThis\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\RtkBtManServ.exe
1 C:\Windows\System32\AggregatorHost.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\CompPkgSrv.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
3 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_c3ef1d31421e9aea\x64\TouchpointAnalyticsClientService.exe
1 C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_6666c94b7ce92349\x64\AppHelperCap.exe
1 C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_6666c94b7ce92349\x64\BridgeCommunication.exe
1 C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_6666c94b7ce92349\x64\DiagsCap.exe
1 C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_6666c94b7ce92349\x64\NetworkCap.exe
1 C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_6666c94b7ce92349\x64\SysInfoCap.exe
3 C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_fdd83e4dd87bcfa1\RtkAudUService64.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0358167.inf_amd64_cc9bd0ef13c05690\B356644\atiesrxx.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\ETDCtrl.exe
1 C:\Windows\System32\ETDService.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\MoUsoCoreWorker.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
6 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SECOMN64.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
79 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\unsecapp.exe
3 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
O2 - HKLM\..\BHO: Norton Password Manager - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security\Engine\22.24.2.6\coIEPlg.dll
O2-32 - HKLM\..\BHO: Norton Password Manager - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security\Engine32\22.24.2.6\coIEPlg.dll
O3 - HKLM\..\Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.24.2.6\coIEPlg.dll
O3-32 - HKLM\..\Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.24.2.6\coIEPlg.dll
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_91D3CC2945DA3B614009E9D7E81E053E] = C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_859C335E0A3655BB3681A03FC12DC668] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start
O4 - HKCU\..\Run: [OneDrive] = C:\Program Files\Microsoft OneDrive\OneDrive.exe /background (Microsoft)
O4 - HKLM\..\Run: [RtkAudUService] = C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_fdd83e4dd87bcfa1\RtkAudUService64.exe -background
O4 - HKLM\..\RunOnce: [Delete Cached Standalone Update Binary] = C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe"
O4 - HKLM\..\RunOnce: [Delete Cached Update Binary] = C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe"
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O17 - DHCP DNS 1: 192.168.100.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Norton Security\Engine\22.24.2.6\buShell.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Norton Security\Engine32\22.24.2.6\buShell.dll
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (Microsoft) (user missing)
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (Microsoft) (user missing)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks: \Microsoft\Office\Office Performance Monitor - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe (Microsoft)
O22 - Tasks: \Microsoft\Windows\AppListBackup\BackupNonMaintenance - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\Windows\system32\AppListBackupLauncher.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\AppxDeploymentClient\UCPD velocity - C:\Windows\system32\UCPDMgr.exe (Microsoft)
O22 - Tasks: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\Windows\System32\CloudRestoreLauncher.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask - {82AA0895-198A-4C1B-B2D1-C16894218AFB} - C:\Windows\System32\unifiedconsent.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\Windows\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Tasks: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\Windows\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Tasks: \Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache - {07369A67-07A6-4608-ABEA-379491CB7C46} - C:\Windows\System32\UpdatePolicy.dll (Microsoft)
O22 - Tasks: \Norton 360\Norton 360 Autofix - C:\Program Files\Norton Security\Engine\22.24.2.6\SymErr.exe /ui
O22 - Tasks: \Norton 360\Norton 360 Error Analyzer - C:\Program Files\Norton Security\Engine\22.24.2.6\SymErr.exe /analyze
O22 - Tasks: \Norton 360\Norton 360 Error Processor - C:\Program Files\Norton Security\Engine\22.24.2.6\SymErr.exe /submit
O22 - Tasks: GoogleUpdateTaskMachineCore{6555D02F-D0F0-496A-89D9-FDC285DE3B73} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Tasks: GoogleUpdateTaskMachineUA{A8ADFB00-D8E5-41C0-A750-1AF8716DDCBB} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Tasks: Norton WSC Integration - C:\Program Files\Norton Security\Engine\22.24.2.6\WSCStub.exe /taskschd
O22 - Tasks: OneDrive Per-Machine Standalone Update Task - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-3787807162-2120602913-3090578621-1001 - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting
O23 - Service R2: "Realtek Bluetooth Device Manager Service" ;RtkServ - (RtkBtManServ) - C:\Windows\RtkBtManServ.exe
O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\u0358167.inf_amd64_cc9bd0ef13c05690\B356644\atiesrxx.exe
O23 - Service R2: ELAN Service - (ETDService) - C:\Windows\System32\ETDService.exe
O23 - Service R2: HP App Helper HSA Service - (HPAppHelperCap) - C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_6666c94b7ce92349\x64\AppHelperCap.exe
O23 - Service R2: HP Diagnostics HSA Service - (HPDiagsCap) - C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_6666c94b7ce92349\x64\DiagsCap.exe
O23 - Service R2: HP Insights Analytics - (HpTouchpointAnalyticsService) - C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_c3ef1d31421e9aea\x64\TouchpointAnalyticsClientService.exe
O23 - Service R2: HP Network HSA Service - (HPNetworkCap) - C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_6666c94b7ce92349\x64\NetworkCap.exe
O23 - Service R2: HP System Info HSA Service - (HPSysInfoCap) - C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_6666c94b7ce92349\x64\SysInfoCap.exe
O23 - Service R2: Norton Security - (NortonSecurity) - C:\Program Files\Norton Security\Engine\22.24.2.6\NortonSecurity.exe /s "NortonSecurity" /m "C:\Program Files\Norton Security\Engine\22.24.2.6\diMaster.dll" /prefetch:1
O23 - Service R2: Norton WSC Service - (nsWscSvc) - C:\Program Files\Norton Security\Engine\22.24.2.6\nsWscSvc.exe
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_fdd83e4dd87bcfa1\RtkAudUService64.exe
O23 - Service R2: Sound Research SECOMN Service - (SECOMNService) - C:\Windows\System32\SECOMN64.exe
O23 - Service S2: Google Update Servicio (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: FileSyncHelper - C:\Program Files\Microsoft OneDrive\24.055.0317.0001\FileSyncHelper.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\123.0.6312.86\elevation_service.exe
O23 - Service S3: Google Update Servicio (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: OneDrive Updater Service - C:\Program Files\Microsoft OneDrive\24.055.0317.0001\OneDriveUpdaterService.exe
--
End of file - Time spent: 14.8 sec. - 28028 bytes, CRC32: FFFFFFFF. Sign: 扌ꌩ
Muchas gracias por su ayuda y por el tiempo