Hola Estoy utilizando la herramienta HiJacksThis y me aconsejan que comparta con ustedes el resultado de mi informe, ya que yo no se utilizar esta herramienta.
He utilizado varios antivirus y cada uno me confirmaba que ya estaba libre de amenazas pero al utilizar el siguiente volvía a detectar de nuevo el Troyano,
quiero estar segura de que he conseguido eliminarlo,
si pudieran ayudarme lo agradecería muchisimo.
Muchas gracias y un saludo! aquí les adjunto el informe de HiJacksthis
ogfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18
Platform: x64 Windows 10 (Home), 10.0.17763.1039 (ReleaseId: 1809), Service Pack: 0
Time: 24.02.2020 - 10:38 (UTC+01:00)
Language: OS: Spanish (0xC0A). Display: Spanish (0xC0A). Non-Unicode: Spanish (0xC0A)
Elevated: Yes
Ran by: celia (group: Administrator) on DESKTOP-4PL4MMU, FirstRun: no
Chrome: 79.0.3945.130
Firefox: 72.0.2.7321
Edge: 11.0.17763.1039
Internet Explorer: 11.0.17763.771
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Huion Tablet\Huion Tablet.exe
1 C:\Huion Tablet\x64\TabletDriverCore.exe
1 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
1 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
14 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe
1 C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
1 C:\Program Files\ESET\ESET Security\egui.exe
1 C:\Program Files\ESET\ESET Security\eguiProxy.exe
1 C:\Program Files\ESET\ESET Security\ekrn.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
1 C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.19081.28230.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsStore_12002.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20012.133.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20012.133.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
1 C:\Users\celia\Downloads\HiJackThis.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\CompPkgSrv.exe
1 C:\Windows\System32\MicrosoftEdgeCP.exe
1 C:\Windows\System32\MicrosoftEdgeSH.exe
2 C:\Windows\System32\RtkAudUService64.exe
10 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
2 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\SystemSettingsBroker.exe
1 C:\Windows\System32\Taskmgr.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\backgroundTaskHost.exe
1 C:\Windows\System32\browser_broker.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
76 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
1 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
2 C:\Windows\explorer.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = www.google.com
O4 - HKCU\..\StartupApproved\Run: [utweb] = C:\Users\celia\AppData\Roaming\uTorrent Web\utweb.exe /MINIMIZED (file missing) (2020/02/21)
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\RtkAudUService64.exe -background
O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKLM\..\Run: [TabletDriver] = C:\Huion Tablet\Huion Tablet.exe huion-hklm
O4 - HKLM\..\Run: [egui] = C:\Program Files\ESET\ESET Security\ecmds.exe /run /hide /proxy
O4 - HKLM\..\StartupApproved\Run32: [SwitchBoard] = C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (2020/02/21)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Huion Tablet.lnk -> C:\Huion Tablet\Huion Tablet.exe huion-hklm (1601/01/01)
O4-32 - HKLM\..\Run: [AdobeCS6ServiceManager] = C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin
O15 - Trusted Zone: *.localhost
O17 - DHCP DNS 1: 80.58.61.250
O17 - DHCP DNS 2: 80.58.61.254
O23 - Service R2: ESET Service - (ekrn) - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\RtkAudUService64.exe
O23 - Service R3: ESET Firewall Helper - (ekrnEpfw) - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service S2: Servicio de Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\elevation_service.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Servicio de Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: SwitchBoard - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
--
End of file - Time spent: 12,7 sec. - 14118 bytes, CRC32: FFFFFFFF. Sign: 軀믊