• Registrarse
  • Iniciar sesión


  • Página 2 de 6 PrimeroPrimero 123456 ÚltimoÚltimo
    Resultados 11 al 20 de 52

    Vulnerable a un ataque wannacry/doublepulsar.(Solucionado)

    ...

          
    1. #11
      Usuario Avatar de Ibantor
      Registrado
      nov 2016
      Ubicación
      España
      Mensajes
      69

      Re: vulnerable a un ataque wannacry/doublepulsar.

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {108E07EA-7D9D-446B-8121-2FD7295C8776} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-18] ()
      Task: {1BBBEED8-2CEF-4E5F-9840-CD506435A3CF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-10-25] (NVIDIA Corporation)
      Task: {217F5943-7AEB-4830-B85A-14AD5DCC3E9E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-18] ()
      Task: {2C6F31FD-089C-4C76-949D-44609FE84067} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-10-25] (NVIDIA Corporation)
      Task: {354014BB-A7FA-4C4F-A53A-C85318A4631E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
      Task: {497DCFA1-9E4E-4068-B2BF-F6C8CAA2675B} - System32\Tasks\GlaryInitialize 5 => D:\Archivos de Programa\Glary Utilities 5\Initialize.exe [2017-10-23] (Glarysoft Ltd)
      Task: {4DB7F81D-250D-448C-9656-9F02572AD5F4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-11-16] (AVAST Software)
      Task: {532DE82E-F9EE-4F95-923E-1DBE7CA1CEAD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-12-06] (Microsoft Corporation)
      Task: {53C8C44C-74D1-4E08-89DD-3F9A6F11B34C} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
      Task: {853182F8-345D-4A09-B4FE-BE45292F499A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-12-06] (Microsoft Corporation)
      Task: {8A26C534-EC7C-431A-86B7-84D915369E89} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
      Task: {8A26C534-EC7C-431A-86B7-84D915369E89} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
      Task: {8A26C534-EC7C-431A-86B7-84D915369E89} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\GlaryInitialize 5" /ENABLE
      Task: {8A26C534-EC7C-431A-86B7-84D915369E89} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
      Task: {8A26C534-EC7C-431A-86B7-84D915369E89} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
      Task: {8A26C534-EC7C-431A-86B7-84D915369E89} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GU5SkipUAC" /ENABLE
      Task: {8A26C534-EC7C-431A-86B7-84D915369E89} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-3582436866-497898429-4200310158-1001" /ENABLE
      Task: {8A26C534-EC7C-431A-86B7-84D915369E89} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
      Task: {99C82BBD-9FA7-4047-830A-6CB8C18602F2} - System32\Tasks\GU5SkipUAC => D:\Archivos de Programa\Glary Utilities 5\Integrator.exe [2017-10-23] (Glarysoft Ltd)
      Task: {9B6B91EB-6350-4E23-B692-0F2F72E74F8B} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\ibane\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
      Task: {9BB91F71-7BA3-4123-B229-CE62677DDC9C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-11-08] (Piriform Ltd)
      Task: {A2D38C1F-34EA-4528-891C-18FC14A9754B} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
      Task: {A5E4AD3A-B0C5-4DB8-91C9-1D8C12ADDD82} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
      Task: {B2AB5329-C2B0-4DCB-AEC3-4610DF3866EF} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3582436866-497898429-4200310158-1001 => C:\Users\ibane\AppData\Local\MEGAsync\MEGAupdater.exe [2017-11-30] (Mega Limited)
      Task: {C2EC6B1B-E936-42C6-B342-F0CC6030403E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-29] (Google Inc.)
      Task: {C2EFD26C-5A82-4ECC-9027-AF9942CCC5D9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-23] (Microsoft Corporation)
      Task: {CCDB9E50-E9BD-4F2D-90AA-CBEFD23F59DA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-23] (Microsoft Corporation)
      Task: {D470B516-09F6-47C4-90A7-55105CFE76B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-29] (Google Inc.)
      Task: {D478B5B2-D17D-446A-A6E1-8ACF8486EB42} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-12-06] (Microsoft Corporation)
      Task: {DB86621A-1000-4031-88F3-5CA8104FE746} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-06] (Adobe Systems Incorporated)
      Task: {E7BAF3F3-8AE3-4A21-B42B-8CDD3A8010BC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-11-08] (Piriform Ltd)
      Task: {ED2B8E81-AC22-4738-9247-DDAA1B03A6AC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2017-12-07] (AVAST Software)
      Task: {EE491BA9-7BDB-4813-B913-59294D64AD1F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
      Task: {EF9059CC-2733-448E-9819-43114F81EC4C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
      Task: {FC26FCEB-D70D-4BAC-8B89-2B911F472CF8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
      Task: {FED676EF-611A-49F3-BDE3-4A0364EEB262} - System32\Tasks\SafeZone scheduled Autoupdate 1478709115 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      ==================== Loaded Modules (Whitelisted) ==============

      2016-07-16 12:42 - 2016-07-16 12:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
      2016-09-30 08:28 - 2016-09-15 18:25 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
      2015-05-19 08:11 - 2015-05-19 08:11 - 000007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
      2017-10-07 16:35 - 2017-10-04 12:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
      2016-11-05 15:35 - 2016-10-25 21:22 - 001147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
      2016-11-05 15:35 - 2016-10-25 21:22 - 004489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
      2016-11-05 15:35 - 2016-10-25 21:22 - 000418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
      2015-09-24 18:22 - 2015-09-24 18:22 - 000178184 _____ () D:\Archivos de Programa\SOLIDWORKS Electrical\server\EwServer.exe
      2017-09-17 22:51 - 2017-09-17 22:51 - 000076888 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe
      2017-10-18 22:51 - 2017-10-18 22:51 - 000598528 _____ () C:\Users\ibane\AppData\Local\MEGAsync\ShellExtX64.dll
      2016-07-16 12:42 - 2016-07-16 12:42 - 000130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
      2016-09-29 08:42 - 2016-09-29 08:42 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
      2016-10-12 22:36 - 2016-10-05 10:35 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
      2016-10-12 22:37 - 2016-10-05 10:21 - 009760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
      2016-10-12 22:37 - 2016-10-05 10:13 - 001401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
      2016-10-12 22:37 - 2016-10-05 10:13 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
      2016-10-12 22:37 - 2016-10-05 10:13 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
      2016-10-12 22:37 - 2016-10-05 10:13 - 002424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
      2016-10-12 22:37 - 2016-10-05 10:14 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
      2017-12-06 09:18 - 2017-12-06 09:18 - 000087040 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe
      2017-12-06 09:18 - 2017-12-06 09:18 - 000202752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
      2017-12-06 09:18 - 2017-12-06 09:18 - 025600000 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkyWrap.dll
      2017-12-06 09:18 - 2017-12-06 09:18 - 002546176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\skypert.dll
      2017-12-06 09:18 - 2017-12-06 09:18 - 000672256 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
      2016-07-16 12:42 - 2016-07-16 12:42 - 000361984 _____ () C:\WINDOWS\SYSTEM32\HrtfApo.dll
      2015-09-25 00:20 - 2015-09-25 00:20 - 000268280 _____ () D:\Archivos de Programa\SOLIDWORKS\sldBodyDiffu.dll
      2016-07-29 21:57 - 2016-02-24 05:48 - 000062024 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
      2016-07-29 21:57 - 2016-02-24 05:47 - 000110664 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
      2016-11-05 15:35 - 2016-10-25 21:21 - 000018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
      2017-11-16 22:10 - 2017-11-16 22:10 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
      2017-11-16 22:10 - 2017-11-16 22:10 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
      2017-07-07 17:33 - 2017-07-07 17:33 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
      2017-11-16 22:10 - 2017-11-16 22:10 - 000237808 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
      2017-11-16 22:10 - 2017-11-16 22:10 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
      2017-11-16 22:10 - 2017-11-16 22:10 - 000235816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
      2017-12-05 20:08 - 2017-12-05 20:08 - 000102088 _____ () C:\Users\ibane\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
      2016-11-05 15:35 - 2016-10-25 21:21 - 060817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
      2016-11-05 15:35 - 2016-10-25 20:57 - 000506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
      2016-11-05 15:35 - 2016-10-25 20:57 - 000255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
      2016-11-05 15:35 - 2016-10-25 20:57 - 002808256 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
      2016-11-05 15:35 - 2016-10-25 21:21 - 000900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
      2016-11-05 15:35 - 2016-10-25 21:21 - 003774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
      2016-11-05 15:35 - 2016-10-25 20:57 - 000246840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
      2016-11-05 15:35 - 2016-10-25 20:57 - 000436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
      2016-11-05 15:35 - 2016-10-25 20:57 - 000338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
      2016-11-05 15:35 - 2016-10-25 20:57 - 000968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
      2017-09-10 21:51 - 2017-09-10 21:51 - 000798208 _____ () C:\Users\ibane\AppData\Local\MEGAsync\libsodium.dll
      2017-12-06 19:49 - 2017-12-05 02:06 - 000725312 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
      2017-12-06 19:49 - 2017-12-05 02:06 - 002075456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
      2016-11-02 10:03 - 2017-12-05 02:06 - 000100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
      2016-11-02 10:03 - 2017-12-05 02:06 - 000018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
      2016-11-02 10:03 - 2017-12-05 02:08 - 000020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
      2016-11-02 10:03 - 2017-12-05 02:06 - 000035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
      2016-11-02 10:03 - 2017-12-05 02:06 - 000694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
      2016-11-02 10:03 - 2017-12-05 02:06 - 000130512 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 001856848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
      2017-12-06 19:49 - 2017-12-05 02:06 - 000145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
      2017-12-06 19:49 - 2017-12-05 02:06 - 000116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
      2016-11-02 10:03 - 2017-12-05 02:06 - 000105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
      2016-11-02 10:03 - 2017-12-05 02:08 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 000062784 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
      2016-11-02 10:03 - 2017-12-05 02:06 - 000024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 000040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
      2017-12-06 19:49 - 2017-12-05 02:06 - 000020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
      2016-11-02 10:03 - 2017-12-05 02:06 - 000124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
      2016-11-02 10:03 - 2017-12-05 02:06 - 000116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
      2017-12-06 19:49 - 2017-12-05 02:06 - 000392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
      2016-11-02 10:03 - 2017-12-05 02:08 - 000392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
      2016-11-02 10:03 - 2017-12-05 02:08 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
      2016-11-02 10:03 - 2017-12-05 02:06 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
      2016-11-02 10:03 - 2017-12-05 02:06 - 000175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
      2016-11-02 10:03 - 2017-12-05 02:06 - 000030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
      2016-11-02 10:03 - 2017-12-05 02:06 - 000043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
      2017-09-21 21:41 - 2017-12-05 02:06 - 000026056 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
      2016-11-02 10:03 - 2017-12-05 02:06 - 000048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
      2016-11-02 10:03 - 2017-12-05 02:06 - 000057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 000021824 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
      2017-09-09 05:48 - 2017-12-05 02:09 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 000022856 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
      2017-05-17 20:01 - 2017-12-05 02:08 - 000066392 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 001796920 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
      2016-11-02 10:03 - 2017-12-05 02:06 - 000084424 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 001956152 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 003859264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 000155464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 000521024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 000050496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 000042304 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 000131384 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 000218944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 000204096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
      2016-11-02 10:03 - 2017-12-05 02:09 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
      2016-11-02 10:03 - 2017-12-05 02:06 - 000060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
      2017-02-28 07:46 - 2017-12-05 02:09 - 000054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
      2016-11-02 10:03 - 2017-12-05 02:06 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
      2017-01-24 07:41 - 2017-12-05 02:09 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
      2016-11-02 10:03 - 2017-12-05 02:08 - 000100688 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
      2016-11-02 10:03 - 2017-12-05 02:06 - 000028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
      2017-01-24 07:41 - 2017-12-05 02:08 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
      2017-01-24 07:41 - 2017-12-05 02:09 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
      2017-01-24 07:41 - 2017-12-05 02:09 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
      2016-11-02 10:03 - 2017-12-05 02:06 - 000349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 000101184 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
      2016-11-02 10:03 - 2017-12-05 02:09 - 000023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 000025424 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
      2017-12-06 19:49 - 2017-12-05 02:06 - 000036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
      2017-12-06 19:49 - 2017-12-05 02:07 - 000032600 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
      2017-12-06 19:49 - 2017-12-05 02:06 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
      2017-12-06 19:49 - 2017-12-05 02:07 - 000181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
      2016-11-02 10:03 - 2017-12-05 02:08 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 000024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
      2017-12-06 19:49 - 2017-12-05 02:07 - 001638200 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
      2016-11-02 10:03 - 2017-12-05 02:09 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 000545080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 000359224 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
      2017-12-06 19:49 - 2017-12-05 02:07 - 000038208 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd
      2017-10-23 02:06 - 2017-10-23 02:06 - 000087032 _____ () D:\Archivos de Programa\Glary Utilities 5\zlib1.dll
      2015-07-10 22:37 - 2015-07-10 22:37 - 001243936 _____ () D:\Archivos de Programa\Intel\LMS\ACE.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)


      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Audiosrv => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\drmkaud => ""="Driver"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HDAudBus => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MMCSS => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Audiosrv => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\drmkaud => ""="Driver"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HDAudBus => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MMCSS => ""="Service"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

      HKU\S-1-5-21-3582436866-497898429-4200310158-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"

      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)


      ==================== Hosts content: ===============================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2016-07-29 20:40 - 2016-11-08 15:25 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts

      127.0.0.1 localhost

      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-3582436866-497898429-4200310158-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
      DNS Servers: 212.142.144.66
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Prompt)
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==


      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [{1CA965B6-469E-41C0-9D64-F594E75961FB}] => (Block) D:\archivos de programa\matlab\matlab production server\r2015a\bin\win64\matlab.exe
      FirewallRules: [{D7B3ABBA-6AAD-419E-BFF8-8F1071B95E67}] => (Block) D:\archivos de programa\matlab\matlab production server\r2015a\bin\win64\matlab.exe
      FirewallRules: [UDP Query User{8B944CCF-55DA-4EDC-9B15-DBD6811DC8A8}D:\archivos de programa\matlab\matlab production server\r2015a\bin\win64\matlab.exe] => (Allow) D:\archivos de programa\matlab\matlab production server\r2015a\bin\win64\matlab.exe
      FirewallRules: [TCP Query User{9C552832-CBD1-4B5C-9617-485ACB63854E}D:\archivos de programa\matlab\matlab production server\r2015a\bin\win64\matlab.exe] => (Allow) D:\archivos de programa\matlab\matlab production server\r2015a\bin\win64\matlab.exe
      FirewallRules: [UDP Query User{5CB75F0A-2FB2-4506-A19A-7D9D1E0562CC}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe
      FirewallRules: [TCP Query User{061C050D-19C8-4FFA-925E-4EF7935542BC}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe
      FirewallRules: [UDP Query User{57343A4F-DFE8-4028-9561-D15DE5BFE3F3}D:\archivos de programa\rayman legends\rayman legends.exe] => (Block) D:\archivos de programa\rayman legends\rayman legends.exe
      FirewallRules: [TCP Query User{C77EFA43-EBEB-42EF-BECB-FEB0380336C2}D:\archivos de programa\rayman legends\rayman legends.exe] => (Block) D:\archivos de programa\rayman legends\rayman legends.exe
      FirewallRules: [{7D18E067-D38E-42A7-B324-C1724F8F4406}] => (Allow) D:\Archivos de Programa\Steam\bin\steamwebhelper.exe
      FirewallRules: [{C47EA185-5335-44D9-AE4D-0687C64F1032}] => (Allow) D:\Archivos de Programa\Steam\bin\steamwebhelper.exe
      FirewallRules: [{EF4E74AC-826E-452D-8816-590C21173EDA}] => (Allow) D:\Archivos de Programa\Steam\Steam.exe
      FirewallRules: [{8E536B5F-5B4E-40FA-B15D-A4A4CBE6F20C}] => (Allow) D:\Archivos de Programa\Steam\Steam.exe
      FirewallRules: [{E0B379C4-0849-48AF-9CA1-F989C1149B47}] => (Allow) C:\Users\ibane\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{050AA5ED-AE6F-4810-B42B-55964DBCE5F7}] => (Allow) C:\Users\ibane\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{1471B0BB-54F8-4E10-8206-D9767610E955}] => (Allow) C:\Users\ibane\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{CEFD04B6-15AA-4FE9-A807-19AC658E2451}] => (Allow) C:\Users\ibane\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{D8D6BB06-DF8F-4632-9D12-6592B5B0D9F9}] => (Allow) C:\Users\ibane\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{B31AE44C-3ADB-4471-96BE-F89DEAF71588}] => (Allow) C:\Users\ibane\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [UDP Query User{A5A55964-4889-42B6-B6B2-EC826F136086}D:\archivos de programa\call of duty black ops iii\blackops3.exe] => (Allow) D:\archivos de programa\call of duty black ops iii\blackops3.exe
      FirewallRules: [TCP Query User{A656FF86-339C-4DCC-9989-2FB17F07E4E2}D:\archivos de programa\call of duty black ops iii\blackops3.exe] => (Allow) D:\archivos de programa\call of duty black ops iii\blackops3.exe
      FirewallRules: [{A08F5D97-33DC-49E4-8920-1EDAEC2C6AD8}] => (Allow) LPort=50248
      FirewallRules: [UDP Query User{1342BA63-077B-4B62-8F15-3CA5D9DBFF91}C:\users\ibane\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ibane\appdata\local\akamai\netsession_win.exe
      FirewallRules: [TCP Query User{F163AC7E-10AC-4466-98F6-E4973023BD27}C:\users\ibane\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ibane\appdata\local\akamai\netsession_win.exe
      FirewallRules: [{031ADB97-0348-4991-BAD3-243FE52FB63F}] => (Allow) D:\Archivos de Programa\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
      FirewallRules: [{140A8F92-7156-4125-A41E-BF3D63BC62A3}] => (Allow) D:\Archivos de Programa\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
      FirewallRules: [{2AAEECFD-F6A6-42F6-BEB0-E5227A3A0444}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
      FirewallRules: [{7D7970A1-8D85-40EA-9A68-47E9E2815278}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
      FirewallRules: [{5F2FC8AD-B413-4C84-830A-7E6CE12AEE3C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
      FirewallRules: [{F9F12A93-A213-4BFD-8313-274C7AB7A992}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
      FirewallRules: [{63050C0C-F688-4F61-AB2C-F518AA73F8DE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [{B7E54083-B6D5-4D4C-AE25-17BF6D13D5AF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [TCP Query User{25A1CA64-61C4-4610-9771-9D4F1D885DCA}D:\archivos de programa\dassault systemes\b20\win_b64\code\bin\orbixd.exe] => (Allow) D:\archivos de programa\dassault systemes\b20\win_b64\code\bin\orbixd.exe
      FirewallRules: [UDP Query User{6553807F-B7DC-4BE6-BA26-29D3E15BB3A1}D:\archivos de programa\dassault systemes\b20\win_b64\code\bin\orbixd.exe] => (Allow) D:\archivos de programa\dassault systemes\b20\win_b64\code\bin\orbixd.exe
      FirewallRules: [TCP Query User{C62C8D98-7BFD-4E55-8D19-1EEADCD2AC5D}D:\archivos de programa\dassault systemes\b20\win_b64\code\bin\cnext.exe] => (Allow) D:\archivos de programa\dassault systemes\b20\win_b64\code\bin\cnext.exe
      FirewallRules: [UDP Query User{5F25F4E6-E901-43E6-8A0B-AC5FD6B19EF7}D:\archivos de programa\dassault systemes\b20\win_b64\code\bin\cnext.exe] => (Allow) D:\archivos de programa\dassault systemes\b20\win_b64\code\bin\cnext.exe
      FirewallRules: [{723A6C30-A1C1-43D9-9C10-13B9AB1A8BE6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
      FirewallRules: [TCP Query User{9E1DC580-1312-44CF-B14D-AD65E5942B44}D:\games\doom\doomx64.exe] => (Allow) D:\games\doom\doomx64.exe
      FirewallRules: [UDP Query User{0D175123-C107-45F7-9FD9-137A6723700F}D:\games\doom\doomx64.exe] => (Allow) D:\games\doom\doomx64.exe
      FirewallRules: [{8BD2108C-0BEC-4AFE-A509-14226A5DAA59}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
      FirewallRules: [{32C626C1-A6CC-41F8-B164-9CB2EFD278B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
      FirewallRules: [{8E47B64A-A1B6-4EE7-AF2D-26ED8FDE7BCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
      FirewallRules: [{BE2667C5-012B-4999-96A1-8ADEE2BABCAB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{59DF8CBA-1E9C-4CB0-8DC7-C9DDFBE96ACB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{E051A405-247B-4975-A75F-B7386EABAA8E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
      FirewallRules: [{6E142535-B09D-4E72-B739-D61B0D0EBCEB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
      FirewallRules: [TCP Query User{7D30EE18-AD69-468A-A141-F67FB3BA0728}D:\games\half life 2\hl2.exe] => (Allow) D:\games\half life 2\hl2.exe
      FirewallRules: [UDP Query User{DC0D4709-E460-44AD-96E6-4D666C679023}D:\games\half life 2\hl2.exe] => (Allow) D:\games\half life 2\hl2.exe
      FirewallRules: [TCP Query User{3065DCDD-4A6A-4744-9217-81F5CD0DF67A}D:\games\far cry primal\bin\fcprimal.exe] => (Allow) D:\games\far cry primal\bin\fcprimal.exe
      FirewallRules: [UDP Query User{DDFC377E-25EC-4049-897C-DD7FAF904488}D:\games\far cry primal\bin\fcprimal.exe] => (Allow) D:\games\far cry primal\bin\fcprimal.exe
      FirewallRules: [TCP Query User{770E2F43-0BC4-4103-A86D-A5198A8AB610}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
      FirewallRules: [UDP Query User{1AEEC4D5-A978-4709-8021-4E38E98456EA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
      FirewallRules: [TCP Query User{2CB5707A-587C-4BBA-9726-E2CB3FEFE161}D:\games\alien isolation\ai.exe] => (Allow) D:\games\alien isolation\ai.exe
      FirewallRules: [UDP Query User{31CC7D76-D8BC-4486-B9F0-D6B0560DF1CD}D:\games\alien isolation\ai.exe] => (Allow) D:\games\alien isolation\ai.exe
      FirewallRules: [{0FD5C108-763F-4150-ABB1-EEA712747ACB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
      FirewallRules: [{DF9C8D38-A46D-47D7-B423-BDB3EC4D4E09}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
      FirewallRules: [TCP Query User{61847F1A-252E-4DDB-B575-011CDD7F2C4B}D:\far cry 3 complete collection\far cry 3\bin\farcry3.exe] => (Block) D:\far cry 3 complete collection\far cry 3\bin\farcry3.exe
      FirewallRules: [UDP Query User{91B5E659-5159-41B7-917F-C9672A96D961}D:\far cry 3 complete collection\far cry 3\bin\farcry3.exe] => (Block) D:\far cry 3 complete collection\far cry 3\bin\farcry3.exe
      FirewallRules: [{CE1C3D60-C2C5-44BF-8337-D48BCD6668A9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
      FirewallRules: [{94F18CA6-52EB-4203-B802-162C4E41AABC}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
      FirewallRules: [{659DE894-3568-4CC9-B35B-79928191A5F9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

      ==================== Restore Points =========================

      30-11-2017 20:48:48 Windows Update
      03-12-2017 21:22:30 Windows Update
      07-12-2017 11:02:38 Windows Update

      ==================== Faulty Device Manager Devices =============


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (12/07/2017 02:45:23 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: DESKTOP-DOU17HK)
      Description: 7.488: El servicio EFS produjo un error al aprovisionar un usuario para EDP. Código de error: 0x80070005.

      Error: (12/07/2017 02:16:20 PM) (Source: MsiInstaller) (EventID: 11310) (User: DESKTOP-DOU17HK)
      Description: Producto: Akamai NetSession Interface -- Error 1310. Error al escribir en el archivo C:\Users\ibane\AppData\Local\Akamai\admintool.exe. Error del sistema 0. Compruebe que dispone de acceso a ese directorio.

      Error: (12/07/2017 02:16:05 PM) (Source: MsiInstaller) (EventID: 11310) (User: DESKTOP-DOU17HK)
      Description: Producto: Akamai NetSession Interface -- Error 1310. Error al escribir en el archivo C:\Users\ibane\AppData\Local\Akamai\admintool.exe. Error del sistema 0. Compruebe que dispone de acceso a ese directorio.

      Error: (12/07/2017 01:20:49 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: DESKTOP-DOU17HK)
      Description: 7.488: El servicio EFS produjo un error al aprovisionar un usuario para EDP. Código de error: 0x80070005.

      Error: (12/07/2017 01:16:39 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: DESKTOP-DOU17HK)
      Description: 7.488: El servicio EFS produjo un error al aprovisionar un usuario para EDP. Código de error: 0x80070005.

      Error: (12/07/2017 01:14:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-DOU17HK)
      Description: No se pudo activar la aplicación Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

      Error: (12/07/2017 01:14:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-DOU17HK)
      Description: No se pudo activar la aplicación Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App debido al error: -2147024865. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

      Error: (12/07/2017 01:14:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-DOU17HK)
      Description: No se pudo activar la aplicación Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

      Error: (12/07/2017 01:13:35 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: DESKTOP-DOU17HK)
      Description: 7.488: El servicio EFS produjo un error al aprovisionar un usuario para EDP. Código de error: 0x80070005.

      Error: (12/07/2017 01:08:07 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: DESKTOP-DOU17HK)
      Description: 7.488: El servicio EFS produjo un error al aprovisionar un usuario para EDP. Código de error: 0x80070005.


      System errors:
      =============
      Error: (12/07/2017 02:48:24 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DOU17HK)
      Description: La configuración de permisos establecido de forma predeterminada en el equipo no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
      {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C}
      y APPID
      {CE79BC8B-2980-4CA9-9570-6E0BF5B93BF2}
      al usuario DESKTOP-DOU17HK\ibane con SID (S-1-5-21-3582436866-497898429-4200310158-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.Apprep.ChxApp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy (S-1-15-2-1255970798-2717750985-493741290-1721212560-3530798636-1829112236-3118580706). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

      Error: (12/07/2017 02:48:24 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DOU17HK)
      Description: La configuración de permisos establecido de forma predeterminada en el equipo no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
      {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C}
      y APPID
      {CE79BC8B-2980-4CA9-9570-6E0BF5B93BF2}
      al usuario DESKTOP-DOU17HK\ibane con SID (S-1-5-21-3582436866-497898429-4200310158-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.Apprep.ChxApp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy (S-1-15-2-1255970798-2717750985-493741290-1721212560-3530798636-1829112236-3118580706). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

      Error: (12/07/2017 02:47:19 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DOU17HK)
      Description: El servidor {21F282D1-A881-49E1-9A3A-26E44E39B86C} no se registró con DCOM dentro del tiempo de espera requerido.

      Error: (12/07/2017 02:45:27 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DOU17HK)
      Description: La configuración de permisos establecido de forma predeterminada en el equipo no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
      {C2F03A33-21F5-47FA-B4BB-156362A2F239}
      y APPID
      {316CDED5-E4AE-4B15-9113-7055D84DCC97}
      al usuario DESKTOP-DOU17HK\ibane con SID (S-1-5-21-3582436866-497898429-4200310158-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c (S-1-15-2-2246530975-808720366-1776470054-230329187-4153223113-3550430174-4193313734). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

      Error: (12/07/2017 02:44:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
      Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media se cerró con el siguiente error:
      Se intentó hacer referencia a un token que no existe.

      Error: (12/07/2017 02:44:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
      Description: El servicio HvHost se cerró con el siguiente error:
      Uno de los dispositivos conectados al sistema no funciona.

      Error: (12/07/2017 02:44:55 PM) (Source: NETLOGON) (EventID: 3095) (User: )
      Description: Este equipo se configuró como miembro de
      un grupo de trabajo y no como miembro de un dominio. No es necesario
      ejecutar el servicio de Net Logon en esta configuración.

      Error: (12/07/2017 02:44:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Intel(R) Security Assist se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (12/07/2017 02:44:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio SQL Server (TEW_SQLEXPRESS) se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (12/07/2017 02:44:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Intel(R) Dynamic Application Loader Host Interface Service se terminó de manera inesperada. Esto ha sucedido 1 veces.


      CodeIntegrity:
      ===================================
      Date: 2017-11-12 16:50:06.490
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

      Date: 2017-11-06 15:26:27.354
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

      Date: 2017-11-06 1548.354
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

      Date: 2017-11-05 16:41:35.157
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

      Date: 2017-11-05 16:41:25.860
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

      Date: 2017-11-05 16:41:23.342
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

      Date: 2017-11-02 21:32:53.110
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

      Date: 2017-11-02 20:59:05.188
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

      Date: 2017-11-01 10:53:27.021
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

      Date: 2017-11-01 10:53:20.665
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


      ==================== Memory info ===========================

      Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
      Percentage of memory in use: 16%
      Total physical RAM: 16257.68 MB
      Available physical RAM: 13516.39 MB
      Total Virtual: 18689.68 MB
      Available Virtual: 15921.63 MB

      ==================== Drives ================================

      Drive c: () (Fixed) (Total:111.25 GB) (Free:27.25 GB) NTFS
      Drive d: (Datos) (Fixed) (Total:931.51 GB) (Free:322.79 GB) NTFS
      Drive i: (My Passport) (Fixed) (Total:1397.23 GB) (Free:445.51 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 936A89A2)
      Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
      Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
      Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

      ========================================================
      Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 51D3C233)
      Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

      ========================================================
      Disk: 2 (MBR Code: Windows XP) (Size: 1397.2 GB) (Disk ID: CEC18BC2)
      Partition 1: (Not Active) - (Size=1397.2 GB) - (Type=07 NTFS)

      ==================== End of Addition.txt ============================

    2. #12
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      19.428

      Re: vulnerable a un ataque wannacry/doublepulsar.

      Realiza lo siguiente por favor:

      En el equipo con los demas programas cerrados:
      Inicio >>> Ejecutar >>>Escribes notepad.exe.

      Ahora copia y pega estos archivos dentro del Notepad: (Se excluye la palabra código)

      Código:
      Start
      CreateRestorePoint:
      CloseProcesses:
      
      HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
      2017-12-06 22:13 - 2017-12-06 22:42 - 000000000 ___HD C:\$WINDOWS.~BT
      2017-12-06 20:37 - 2017-12-06 22:42 - 000000000 ___HD C:\$GetCurrent
      
      
      HOSTS:
      REMOVEPROXY:
      EMPTYTEMP:
      CMD: netsh winsock reset
      CMD: ipconfig /renew
      CMD: ipconfig /flushdns
      CMD: bitsadmin /reset /allusers
      END
      Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

      Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.
      Ejecutas Frst.exe.

      Presionas el botón Fix y aguardas a que termine.
      La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
      ATENCION!!!! El siguiente Script de reparación fue hecho específicamente por un miembro del staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo
      Lo pegas en tu próxima respuesta y realizas.


      Descarga Windows Repair all in one. , hazlo con la versión portable suele estar la ultima de todas donde veas que te pone :

      - Direct Download

      Es un fichero ZIP con este nombre "tweaking.com_windows_repair_aio.zip", lo descomprimes y ejecutas desde la carpeta que se habrá generado.

      Haces doble clic sobre el archivo Repair_Windows.exe.(Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

      :
      Vas a:
      • Repairs- Main y luego a
      • Preset:all repairs y
      • Start Repairs



      Cuando finalize reinicias el Pc y compruebas Windows update
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #13
      Usuario Avatar de Ibantor
      Registrado
      nov 2016
      Ubicación
      España
      Mensajes
      69

      Re: vulnerable a un ataque wannacry/doublepulsar.

      Fix result of Farbar Recovery Scan Tool (x64) Version: 06-12-2017
      Ran by ibane (07-12-2017 17:43:31) Run:1
      Running from D:\iban\Desktop
      Loaded Profiles: ibane (Available Profiles: ibane)
      Boot Mode: Normal
      ==============================================

      fixlist content:
      *****************
      Start
      CreateRestorePoint:
      CloseProcesses:

      HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
      2017-12-06 22:13 - 2017-12-06 22:42 - 000000000 ___HD C:\$WINDOWS.~BT
      2017-12-06 20:37 - 2017-12-06 22:42 - 000000000 ___HD C:\$GetCurrent


      HOSTS:
      REMOVEPROXY:
      EMPTYTEMP:
      CMD: netsh winsock reset
      CMD: ipconfig /renew
      CMD: ipconfig /flushdns
      CMD: bitsadmin /reset /allusers
      END
      *****************

      Restore point was successfully created.
      Processes closed successfully.
      HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
      "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
      "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => removed successfully
      "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => removed successfully
      C:\$WINDOWS.~BT => moved successfully
      C:\$GetCurrent => moved successfully
      C:\Windows\System32\Drivers\etc\hosts => moved successfully
      Hosts restored successfully.

      ========= RemoveProxy: =========

      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
      HKU\S-1-5-21-3582436866-497898429-4200310158-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
      HKU\S-1-5-21-3582436866-497898429-4200310158-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


      ========= End of RemoveProxy: =========


      ========= netsh winsock reset =========


      El cat*logo Winsock se restableci¢ correctamente.
      Debe reiniciar el equipo para completar el restablecimiento.


      ========= End of CMD: =========


      ========= ipconfig /renew =========


      Configuraci¢n IP de Windows


      Adaptador de Ethernet Ethernet:

      Sufijo DNS espec¡fico para la conexi¢n. . :
      V¡nculo: direcci¢n IPv6 local. . . : fe80::41e4:cf00:4dfe:72b9%6
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.31
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.0.1

      Adaptador de t£nel isatap.{5FE7E968-580E-4CF3-BBE5-391B6F23E39C}:

      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :

      Adaptador de t£nel Teredo Tunneling Pseudo-Interface:

      Sufijo DNS espec¡fico para la conexi¢n. . :
      Direcci¢n IPv6 . . . . . . . . . . : 2001:0:9d38:953c:3060:2bc3:aaaa:fdad
      V¡nculo: direcci¢n IPv6 local. . . : fe80::3060:2bc3:aaaa:fdad%10
      Puerta de enlace predeterminada . . . . . : ::

      ========= End of CMD: =========


      ========= ipconfig /flushdns =========


      Configuraci¢n IP de Windows

      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

      ========= End of CMD: =========


      ========= bitsadmin /reset /allusers =========


      BITSADMIN version 3.0
      BITS administration utility.
      (C) Copyright 2000-2006 Microsoft Corp.

      BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
      Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

      0 out of 0 jobs canceled.

      ========= End of CMD: =========


      =========== EmptyTemp: ==========

      BITS transfer queue => 583648 B
      DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 139486995 B
      Java, Flash, Steam htmlcache => 572 B
      Windows/system/drivers => 30182855 B
      Edge => 304500 B
      Chrome => 345412 B
      Firefox => 386707116 B
      Opera => 0 B

      Temp, IE cache, history, cookies, recent:
      Default => 0 B
      Users => 0 B
      ProgramData => 0 B
      Public => 0 B
      systemprofile => 128 B
      systemprofile32 => 0 B
      LocalService => 9096 B
      NetworkService => 7746 B
      ibane => 31971137 B

      RecycleBin => 0 B
      EmptyTemp: => 562.3 MB temporary data Removed.

      ================================


      The system needed a reboot.

      ==== End of Fixlog 17:44:05 ====


      Tras hacer todo lo que debía hacer y reniciar el ordenador he ido a windows update, y, aunque antes de darle a buscar actualizaciones ponia que mi equipo estaba totalmente actualizado, le he dado a buscar actualizaciones y me ha vuelto a dar el mismo problema.

    4. #14
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      19.428

      Re: vulnerable a un ataque wannacry/doublepulsar.

      Pues realizas lo indicado en mi anterior respuesta, descargas la Iso con la herramienta de creación de medios y sigues las indicaciones para actualizar el sistema.

      Al usar la version completa de Windows, no deberías tener problemas para actualizar

      Ya me dices si todo bien
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #15
      Usuario Avatar de Ibantor
      Registrado
      nov 2016
      Ubicación
      España
      Mensajes
      69

      Re: vulnerable a un ataque wannacry/doublepulsar.

      Buenas

      Me he descargao la herramienta, pero cuando la he ejecutado me ha saltado el siguiente reporte:
      No estamos seguros de lo que sucedió, pero no podemos ejecutar esta herramienta en tu PC. Si sigues teniendo problemas,
      haz referencia al codigo de error cuando te pongas en contacto con el soporte tecnico. Codigo de error: 0x80072F76-0x20017

    6. #16
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      19.428

      Re: vulnerable a un ataque wannacry/doublepulsar.

      Eliminas la herramienta y cambias a Dns de google >< https://www.downloadsource.es/como-c...google/n/8016/

      La de cagaras al escritorio esta vez, y ejecutas

      Comentas
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #17
      Usuario Avatar de Ibantor
      Registrado
      nov 2016
      Ubicación
      España
      Mensajes
      69

      Re: vulnerable a un ataque wannacry/doublepulsar.

      He cambiado a DNS Google, me he vuelto a descargar la herramienta, la he puesto en el escritorio, la he ejecutado y me ha dado el mismo error que antes.

    8. #18
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      19.428

      Re: vulnerable a un ataque wannacry/doublepulsar.



      Prueba esto >> https://answers.microsoft.com/es-es/...5eb9e06?auth=1

      Y si no , expandes las respuestas y un usuario da un posibkle opcion, con una extension para Chrome
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #19
      Usuario Avatar de Ibantor
      Registrado
      nov 2016
      Ubicación
      España
      Mensajes
      69

      Re: vulnerable a un ataque wannacry/doublepulsar.

      Buenos días, he entrado en la pagina que comentas, he hecho los pasos de la respuesta esa en relacion con la aplicacion movil de google chrome. Desde la extension he ido a la pagina de descarga creación de medios. Ahora mismo estoy descargando una imagen de Windows10, aunque a diferencia de lo que dice en el comentario, en ningun momento he visto que haya una vesrsion movil al ejecutarlo desde la extensión. Quizás no haya entendido bien que querían decir en el comentario con eso. El tema es que ahora mismo me estoy bajando la imagen de windows 10. ¿que se supone que debo hacer con eso? crear un USB booteable y volver a instalar el sistema operativo? Yo tengo un monton de programas y documentos que no me gustaría perder. Un saludo.

      Edito: El archivo, en formato .iso, que me he descargado se llama: Win10_1709_Spanish_x64

    10. #20
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      19.428

      Re: vulnerable a un ataque wannacry/doublepulsar.

      Solo tienes que hacer lo que te habia puesto


      https://answers.microsoft.com/es-es/...7cb16a1?auth=1

      Cnmo indica puedes hacerlo conservando todo....es lo mismo que actualizar ,pero con la imagen completa
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.