Alerta de riskware tipo akamai.la

Eliminar Malwares
10

Hola

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe( en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación inicia tu equipo desde el Modo Seguro de Windows sin función de red

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
(AutoIt Consulting Ltd -> AutoIt Team) C:\Users\D248D~1.BAR\AppData\Local\Temp\3011574b.exe
HKU\S-1-5-21-2954118894-3608850858-569747133-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] () [File not signed]
HKU\S-1-5-21-2954118894-3608850858-569747133-1001\...\RunOnce: [011574b42] => C:\ProgramData\WoHaOLnv\011574b4.exe [937776 2019-05-31] (AutoIt Consulting Ltd -> AutoIt Team)
HKU\S-1-5-21-2954118894-3608850858-569747133-1001\...\RunOnce: [011574b4] => C:\ProgramData\011574b4\011574b4.exe C:\ProgramData\011574b4\011574b4.au3
HKLM\...\Drivers32: [vidc.XVID] => C:\WINDOWS\system32\xvidvfw.dll [251392 2014-10-19] () [File not signed]
HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\WINDOWS\SysWOW64\xvidvfw.dll [235520 2014-10-19] () [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {118A05BB-E7BC-45EE-998F-1E2892FFA4A8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-04-10] (AVAST Software s.r.o. -> AVAST Software)
Task: {73A1A29D-5DF6-4746-9734-92A01891B49D} - System32\Tasks\McAfeeLogon => C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe
Task: {8EA61BC0-936B-4DC0-AF89-43FD76804EC0} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {93636B84-92C1-4754-ADF3-258F5225B205} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1606784 2015-03-03] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
Task: {E4562062-C39F-4107-A67A-B6995B269F91} - \McAfee\McAfee Idle Detection Task -> No File <==== ATTENTION
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll [2019-05-15] (Adobe Inc. -> )
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
CHR Extension: (Chrome Media Router) - C:\Users\D. Barja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-23]
S2 HPSLPSVC; C:\Users\D248D~1.BAR\AppData\Local\Temp\7zS3951\hpslpsvc64.dll [X] <==== ATTENTION
2019-05-31 20:20 - 2019-05-31 20:20 - 000000000 ____D C:\ProgramData\JyxRQd
2019-05-30 20:49 - 2019-05-30 20:49 - 000000000 ____D C:\ProgramData\TIrmMLGd
2019-05-29 18:52 - 2019-05-31 08:52 - 000000000 ____D C:\Users\D. Barja\AppData\Roaming\2435cc815c849d1b410ab59c0b54c3d6
2019-05-31 08:51 - 2017-07-11 20:40 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ShellIconOverlayIdentifiers: [     !AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.3.2.601\ASUSWSShellExt64.dll [2017-04-21] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [     !AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.3.2.601\ASUSWSShellExt64.dll [2017-04-21] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [     !AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.3.2.601\ASUSWSShellExt64.dll [2017-04-21] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.


  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
  • Presionar el botón FIX y aguardar a que termine.
  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo