Mi notebook se infecto al descargar un ISO

2° parte del FRST


==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-23 02:33 - 2018-05-29 02:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-23 02:33 - 2018-04-11 18:04 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2019-03-23 02:29 - 2017-06-02 15:56 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-03-23 02:29 - 2016-01-25 15:01 - 000000000 __SHD C:\Users\Caro\IntelGraphicsProfiles
2019-03-23 02:27 - 2018-04-11 20:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-23 02:22 - 2016-04-28 01:30 - 000000000 ___RD C:\Users\Caro\Google Drive
2019-03-23 02:21 - 2016-01-25 23:32 - 000000000 ___RD C:\Users\Caro\Dropbox
2019-03-23 02:20 - 2016-11-03 14:16 - 000000000 ___RD C:\Users\Caro\iCloudDrive
2019-03-23 02:17 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-23 02:15 - 2016-08-22 22:09 - 000000000 ____D C:\ProgramData\NVIDIA
2019-03-23 01:51 - 2018-04-11 20:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-23 01:18 - 2018-05-29 02:41 - 000004204 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C6F4BD55-6BCC-4B51-BBE7-346301359930}
2019-03-22 01:57 - 2018-05-29 02:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-21 22:36 - 2018-11-16 22:28 - 000000000 ____D C:\Program Files\rempl
2019-03-21 22:33 - 2016-01-25 23:20 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-03-19 00:55 - 2015-08-15 06:43 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-03-19 00:50 - 2018-04-11 20:36 - 000000000 ____D C:\WINDOWS\INF
2019-03-16 01:58 - 2017-03-29 22:53 - 000000240 _____ C:\DelFix.txt
2019-03-15 01:28 - 2016-01-25 15:03 - 000000000 __RDL C:\Users\Caro\OneDrive
2019-03-14 00:08 - 2018-07-26 22:05 - 000000000 ____D C:\Users\Caro\AppData\Local\GoToMeeting
2019-03-13 00:52 - 2018-05-29 02:26 - 001768608 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-13 00:52 - 2018-04-12 13:18 - 000787744 _____ C:\WINDOWS\system32\perfh00A.dat
2019-03-13 00:52 - 2018-04-12 13:18 - 000155340 _____ C:\WINDOWS\system32\perfc00A.dat
2019-03-13 00:47 - 2018-05-29 02:06 - 000464120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-03-13 00:16 - 2018-04-11 20:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-03-13 00:16 - 2018-04-11 20:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-03-13 00:16 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-03-13 00:16 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-03-13 00:16 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-03-13 00:16 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-03-13 00:16 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-03-13 00:16 - 2018-04-11 20:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-03-13 00:11 - 2018-05-29 02:41 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2019-03-13 00:10 - 2018-04-11 18:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-03-13 00:09 - 2016-01-25 23:37 - 000000000 ____D C:\Users\Caro\AppData\Roaming\Skype
2019-03-12 23:44 - 2018-04-11 20:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-03-11 02:12 - 2018-05-20 14:45 - 000000000 ___DC C:\WINDOWS\Panther
2019-03-11 02:12 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-03-10 18:54 - 2018-07-26 22:05 - 000000648 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4145286444-108475074-2886558672-1009.job
2019-03-10 18:54 - 2018-07-26 22:05 - 000000552 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4145286444-108475074-2886558672-1009.job
2019-03-10 18:53 - 2018-05-29 02:14 - 000000000 ____D C:\Users\Caro
2019-03-10 18:05 - 2018-04-11 20:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-03-09 01:45 - 2018-07-26 22:05 - 000003802 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-4145286444-108475074-2886558672-1009
2019-03-09 01:45 - 2018-07-26 22:05 - 000003706 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-4145286444-108475074-2886558672-1009
2019-03-07 23:28 - 2017-12-15 02:08 - 000000000 ____D C:\Users\Caro\AppData\Local\PlaceholderTileLogoFolder
2019-03-07 23:28 - 2017-12-01 14:57 - 000000000 ____D C:\Users\Caro\AppData\Local\Packages
2019-03-07 23:08 - 2015-11-10 23:51 - 000002350 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-07 22:56 - 2016-01-25 23:20 - 000000966 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2019-03-07 22:56 - 2016-01-25 23:20 - 000000962 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2019-03-07 22:16 - 2016-05-16 23:47 - 000000000 ____D C:\Users\Caro\AppData\Local\ElevatedDiagnostics
2019-03-06 20:12 - 2018-05-29 02:14 - 000002445 _____ C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-03 13:54 - 2018-12-03 00:56 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-03-03 13:54 - 2018-12-03 00:56 - 000179608 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-02-23 23:35 - 2018-02-27 00:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Files in the root of some directories =======

2016-10-24 20:07 - 2016-11-24 15:21 - 000000033 _____ () C:\Users\Caro\AppData\Roaming\AdobeWLCMCache.dat
2019-02-10 04:54 - 2019-02-10 04:54 - 006161408 _____ () C:\Users\Caro\AppData\Local\dump007.dat
2018-10-05 22:20 - 2018-10-05 22:20 - 000000000 _____ () C:\Users\Caro\AppData\Local\oobelibMkey.log
2019-02-10 03:49 - 2019-02-10 03:49 - 000000003 _____ () C:\Users\Caro\AppData\Local\wbem.ini

Some zero byte size files/folders:
==========================
C:\Windows\System32\mysqld.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-29 02:06

================= End of FRST.txt ============================

el Adittion


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Caro (23-03-2019 02:41:31)
Running from C:\Users\Caro\Downloads
Windows 10 Home Single Language Version 1803 17134.648 (X64) (2018-05-29 05:43:13)
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-4145286444-108475074-2886558672-500 - Administrator - Disabled)
Caro (S-1-5-21-4145286444-108475074-2886558672-1009 - Administrator - Enabled) => C:\Users\Caro
DefaultAccount (S-1-5-21-4145286444-108475074-2886558672-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4145286444-108475074-2886558672-1005 - Limited - Enabled)
Invitado (S-1-5-21-4145286444-108475074-2886558672-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4145286444-108475074-2886558672-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Panda Dome (Disabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Dome (Disabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Actualización de NVIDIA 11.10.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 11.10.11 - NVIDIA Corporation) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.5.0.331 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015.3 (HKLM-x32\...\ILST_20_1_0) (Version: 20.1.0 - Adobe Systems Incorporated)
Adobe Lightroom CC (HKLM-x32\...\LRCC_1_0) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0_1) (Version: 17.0.1 - Adobe Systems Incorporated)
Apple Application Support (32 bits) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Backup and Sync from Google (HKLM\...\{693CADB0-962B-4AC1-A939-9524B258C997}) (Version: 3.43.2448.9071 - Google, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Box Sync (HKLM\...\{CD5CB679-159B-4E4C-B847-B29B492D106E}) (Version: 4.0.7929.0 - Box, Inc.)
Box Sync (HKLM-x32\...\{ee10352e-1caf-4132-add1-3809a8ea6d43}) (Version: 4.0.7929.0 - Box Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.32.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM-x32\...\{1D2682EA-75DD-44B6-BF2D-CD3C49EAD012}) (Version: 1.6.38.01 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 69.4.102 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.23 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.23 - Lenovo)
Enterprise Architect (HKLM-x32\...\{71A2AAC1-8DB5-40B4-AEF5-99C23238D37C}) (Version: 12.0.1210.14 - Sparx Systems)
Express Scribe, software para transcripciones (HKLM-x32\...\Scribe) (Version: 6.02 - NCH Software)
Gear IconX (HKLM-x32\...\Gear IconX) (Version: 2.0.170927.51 - Samsung Electronics Co, Ltd.)
GeForce Experience NvStream Client Components (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC) (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{0FC4261B-F502-48B3-B1CF-60021C8F7D22}) (Version: 1.0.481 - LogMeIn, Inc.)
GoToMeeting 8.40.1.12023 (HKU\S-1-5-21-4145286444-108475074-2886558672-1009\...\GoToMeeting) (Version: 8.40.1.12023 - LogMeIn, Inc.)
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
iTunes (HKLM\...\{514BCD3A-B38B-4835-8B8C-69DA8C48A7A7}) (Version: 12.9.3.3 - Apple Inc.)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Lenovo App Services (HKLM\...\Lenovo App Services) (Version: 0.200.8.268 - Lenovo)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.38.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10279 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Motion Control (HKLM-x32\...\{A60E1DE0-2AD1-4BD3-BBCC-4FBB22FB6F85}) (Version: 2.5.1.0225 - PointGrab) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{A60E1DE0-2AD1-4BD3-BBCC-4FBB22FB6F85}) (Version: 2.5.1.0225 - PointGrab)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.5.2624.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.5.2624.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo Service Bridge (HKU\S-1-5-21-4145286444-108475074-2886558672-1009\...\cbe8636f7dd0cf1d) (Version: 1.6.2.0 - Lenovo)
Lenovo Settings (HKLM-x32\...\{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.52 - Nombre de su organización) Hidden
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.52 - Nombre de su organización)
Logitech Options (HKLM\...\LogiOptions) (Version:  - Logitech)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Manuales de usuario (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.11328.20158 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4145286444-108475074-2886558672-1009\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation)
Microsoft Project Profesional 2016 - es-es (HKLM\...\ProjectProRetail - es-es) (Version: 16.0.11328.20158 - Microsoft Corporation)
Microsoft Visio Profesional 2016 - es-es (HKLM\...\VisioProRetail - es-es) (Version: 16.0.11328.20158 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
MySQL Workbench 6.2 CE (HKLM\...\{82D50D82-CAF2-4ABA-8BB7-090668162290}) (Version: 6.2.5 - Oracle Corporation)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.13.7500 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
Oracle VM VirtualBox 5.1.8 (HKLM\...\{65402252-5DA1-4360-A144-E09BB16AC7A9}) (Version: 5.1.8 - Oracle Corporation)
Panda Devices Agent (HKLM-x32\...\{3F9548B2-0B34-4453-A92E-35056B053F19}) (Version: 1.08.00 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.08 - Panda Security) Hidden
Panda Dome (HKLM\...\{DC22166B-6F26-4E2E-BFDE-CC3578246940}) (Version: 9.14.00 - Panda Security) Hidden
Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 18.6.0 - Panda Security)
Panel de control de NVIDIA 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.54 - NVIDIA Corporation) Hidden
Paquete de controladores de Windows - Lenovo (ACPIVPC) System  (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Paquete de controladores de Windows - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Polar FlowSync versión 2.6.2 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 2.6.2 - Polar Electro Oy)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.810.810.031214 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0251 - REALTEK Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.62.0 - Samsung Electronics Co., Ltd.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.5.0.1144 - Lenovo)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 1.7.306 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype Meetings App (HKLM-x32\...\{D20CE315-AC32-4B25-AB3A-7112A9AB6FC3}) (Version: 16.2.0.232 - Microsoft Corporation)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.5 - Synaptics Incorporated)
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.3.6 - Lenovo)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
x86_64-5.3.0-win32-seh-rt_v4-rev0 (HKLM-x32\...\x86_64-5.3.0-win32-seh-rt_v4-rev0) (Version:  - MinGW-W64)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232019024006980_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232019024006980_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\Caro\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.232\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232019024006980_Classes\CLSID\{4A8FCD9F-623C-4283-96F0-10F41846A98A} -> [Box Sync] => C:\Users\Caro\Box Sync [2019-02-10 03:08]
CustomCLSID: HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232019024006980_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Caro\AppData\Local\GoToMeeting\8953\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232019024006980_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Caro\Dropbox [2016-01-25 23:32]
CustomCLSID: HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232019024006980_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-4145286444-108475074-2886558672-1009_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-4145286444-108475074-2886558672-1009_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\Caro\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.232\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4145286444-108475074-2886558672-1009_Classes\CLSID\{4A8FCD9F-623C-4283-96F0-10F41846A98A} -> [Box Sync] => C:\Users\Caro\Box Sync [2019-02-10 03:08]
CustomCLSID: HKU\S-1-5-21-4145286444-108475074-2886558672-1009_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Caro\AppData\Local\GoToMeeting\8953\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-4145286444-108475074-2886558672-1009_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Caro\Dropbox [2016-01-25 23:32]
CustomCLSID: HKU\S-1-5-21-4145286444-108475074-2886558672-1009_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [    BoxSyncFileLocked] -> {06395f73-8d75-3c47-ac2f-93524a83ce03} => C:\Program Files\Box\Box Sync\IconOverlayClient.DLL [2018-11-30] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [    BoxSyncFileLockedByOther] -> {072d2f45-ddf0-35bd-a911-38b853695def} => C:\Program Files\Box\Box Sync\IconOverlayClient.DLL [2018-11-30] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [    BoxSyncNotSynced] -> {88092007-0d01-3d32-a4b4-56f7e19a1c49} => C:\Program Files\Box\Box Sync\IconOverlayClient.DLL [2018-11-30] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [    BoxSyncProblem] -> {507a0531-fd10-3efc-8eb8-64e35606e542} => C:\Program Files\Box\Box Sync\IconOverlayClient.DLL [2018-11-30] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [    BoxSyncSynced] -> {b9b9e487-7684-373f-a7a2-6b04c8d772a8} => C:\Program Files\Box\Box Sync\IconOverlayClient.DLL [2018-11-30] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google Inc -> Google)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Caro\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-14] () [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [BoxContextMenuClient] -> {53792c99-3144-3699-8968-fa4278ad3c1e} => C:\Program Files\Box\Box Sync\ContextMenuClient.DLL [2018-11-30] (Box, Inc. -> Box, Inc.)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [ContextMenuExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} =>  -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-12-07] (Google Inc -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Caro\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-14] () [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [BoxContextMenuClient] -> {53792c99-3144-3699-8968-fa4278ad3c1e} => C:\Program Files\Box\Box Sync\ContextMenuClient.DLL [2018-11-30] (Box, Inc. -> Box, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-12-07] (Google Inc -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security S.L. -> Panda Security, S.L.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0AA759FD-BA06-4A91-BB1E-60F13DAAFB0E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {14FFCA24-7FEB-4F0F-BE4A-A2E06176D3CE} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.1.207\DADUpdater.exe
Task: {1BBE00ED-04AD-4878-B989-60536A431F13} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {1C8BBC1E-06BD-4516-A0EF-1C93F300DC78} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe (LENOVO -> Lenovo)
Task: {34FEBD07-6327-4947-866D-478F20A5902D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {426AAB97-E52F-44AC-98F1-FC6A0C0E3A2D} - System32\Tasks\G2MUpdateTask-S-1-5-21-4145286444-108475074-2886558672-1009 => C:\Users\Caro\AppData\Local\GoToMeeting\12023\g2mupdate.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {5E1F9D01-1F53-47CF-89E6-303C4E5107EC} - no filepath
Task: {60EB643C-FC26-490A-82D7-D8C35F5C2092} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {64FE9004-F9C3-468E-B3E2-EEDA063BA8B6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {705E20AC-120B-4781-9EE0-8C034F946EB9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {7322D75D-291D-45CD-89F8-90BB56E8BCEC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {7AF5003E-30F5-417A-9C94-CF8FF376811C} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {7B6E4235-0635-492B-B326-49A4F07F9BA2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {7F2AAA77-8FD0-47BA-AFF8-BC57991DE983} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe (LENOVO -> )
Task: {848EBB28-3284-42CC-B4CF-FE6ECBCC8A09} - System32\Tasks\S-1-5-21-4145286444-108475074-2886558672-1009\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Microsoft Windows -> Microsoft Corporation)
Task: {85C4818D-D1EA-4DB9-B38B-BF99FC2662E3} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {87D3C943-57A6-456B-BA90-C35347BDA291} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe (Apple Inc. -> Apple Inc.)
Task: {89E7CAFD-A575-4D51-88EE-AD0248944799} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {8C4298DB-5950-4E87-AC81-36679A0AF032} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {9A494665-6B21-459D-8FB9-1EA33E33D8CC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9EA539CF-27FA-4BF9-80CE-39AA81FC8565} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {A0E5B763-191F-4993-BAC4-6AC8E87B314C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
Task: {A5F73776-FE31-4A83-BF0F-157BBC21DD20} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A62CF881-4D6D-4982-8555-70A5AF2542C1} - System32\Tasks\G2MUploadTask-S-1-5-21-4145286444-108475074-2886558672-1009 => C:\Users\Caro\AppData\Local\GoToMeeting\12023\g2mupload.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {A8095E53-C258-4B9F-AC53-55A50622B67D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A8893BE7-F8EA-4F68-AA71-446252EB2BD2} - no filepath
Task: {B28F0B91-51A5-41EE-929D-E6006CF09E17} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {B8AFEEA4-E809-479B-8555-D02183ECA6F6} - no filepath
Task: {C9F89DD1-9386-4252-B170-9F1A1545F96F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (LENOVO -> Lenovo)
Task: {D4418613-62D2-4F8A-A184-6F817E43988D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {D8821C90-531D-4E35-ACEE-59507E178A39} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {DD38262D-46D1-482F-AEE7-A3D48F6BE8D0} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {E2EDD6D7-C002-4E72-8BBB-A2BE69F2CC73} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F3710B49-BB7E-42C3-90B0-EAF0ED81859A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F84AE722-1E42-4351-B7BE-3DEF1499004C} - no filepath

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4145286444-108475074-2886558672-1009.job => C:\Users\Caro\AppData\Local\GoToMeeting\12023\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4145286444-108475074-2886558672-1009.job => C:\Users\Caro\AppData\Local\GoToMeeting\12023\g2mupload.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\{8931EFDE-73C7-49A3-B6A1-FA8FAF40E1E9}.job => C:\Program Files (x86)\Panda Security\Panda Security Protection\JobLauncher.exe
Task: C:\WINDOWS\Tasks\{C89190C7-347E-4BF6-B85D-E4DA12014C0C}.job => C:\Program Files (x86)\Panda Security\Panda Security Protection\JobLauncher.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Caro\Google Drive\Documentos_TRABAJO\TRABAJO2\info varias\Menú de aplicaciones de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Caro\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Hangouts de Google (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\Caro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\Caro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->   --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->   --disable-quic
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->   --disable-quic

==================== Loaded Modules (Whitelisted) ==============

2016-10-18 17:46 - 2016-10-04 11:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2014-05-01 11:13 - 2016-11-14 00:11 - 000592384 _____ () [File not signed] C:\Users\Caro\AppData\Local\MEGAsync\ShellExtX64.dll
2013-08-27 08:57 - 2013-08-27 08:57 - 001199104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Intel\iCLS Client\libeay32.dll
2019-03-10 18:05 - 2019-02-01 10:56 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-03-10 18:05 - 2019-02-01 10:56 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-03-10 18:05 - 2019-02-01 10:56 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-03-10 18:05 - 2019-02-01 10:56 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-03-10 18:05 - 2019-02-01 10:56 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-03-10 18:05 - 2019-02-01 10:56 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-03-10 18:05 - 2019-02-01 10:55 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-03-10 18:05 - 2019-02-01 10:56 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-03-10 18:05 - 2019-02-01 10:56 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-03-10 18:05 - 2019-02-01 10:56 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-03-10 18:05 - 2019-02-01 10:56 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-03-10 18:05 - 2019-02-01 10:56 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-03-10 18:05 - 2019-02-01 10:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-03-10 18:05 - 2019-02-01 10:56 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-03-10 18:05 - 2019-02-01 10:56 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-03-10 18:05 - 2019-02-01 10:56 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-03-10 18:05 - 2019-02-01 10:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-03-10 18:05 - 2019-02-01 10:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-03-10 18:05 - 2019-02-01 10:56 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-03-10 18:05 - 2019-02-01 10:56 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Caro\OneDrive\Documentos\CyberLink:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Caro\OneDrive\Documentos\Lenovo:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Caro\OneDrive\Documentos\Plantillas personalizadas de Office:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Caro\OneDrive\Documentos\WBS Schedule Pro:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 10:25 - 2017-03-20 00:03 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1       localhost

2016-11-28 23:04 - 2018-07-29 19:18 - 000000504 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

2.168.137.25 LGSmartTV.mshome.net # 2017 11 1 27 1 38 23 420

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Lenovo\FusionEngine;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Lenovo\Motion Control\;C:\Users\Caro\Documents\Software\mysql-5.7.11-winx64\MySQL\bin;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4145286444-108475074-2886558672-1009\Control Panel\Desktop\\Wallpaper -> C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-4145286444-108475074-2886558672-1009\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{6445E2B3-C093-4CC7-BC58-BC2DA17CED42}C:\users\caro\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.232\pluginhost.exe] => (Allow) C:\users\caro\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.232\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2F2A4B23-3D83-4182-B9B1-2A3FB06E2BF3}C:\users\caro\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.232\pluginhost.exe] => (Allow) C:\users\caro\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.232\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A8BE0E86-CEA7-452F-BC64-BEE87368C2FB}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{14A8C27A-7CCA-409A-B7A8-48FB6D981D92}] => (Allow) LPort=5354
FirewallRules: [{4145152B-A374-4F0F-A876-39009026ED1F}] => (Allow) LPort=5354
FirewallRules: [{0674A708-5DEE-4861-A3BB-4BA272DB92A3}] => (Allow) LPort=5354
FirewallRules: [{27D6803F-4825-4B84-BDA6-4EE002D2DBC3}] => (Allow) LPort=5354
FirewallRules: [{DD97A0C5-8919-40FE-98A7-729325A92EF9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8F906C73-765C-4552-881F-43CB181783E9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{15036AA2-E78D-4364-9416-8D5A3D062637}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6DDA5088-8A04-46B3-B968-1CBA466AADB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1EFA5A45-210F-4FA3-BC43-A97D2AECE0BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BBBDDB4B-CF12-4C1E-A4EB-2074D1B375A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EA093CDC-31F8-49D4-9655-1682E93C10DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7B6B033C-07C2-4858-95EB-2C591C697258}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{2D0273FB-A271-48EB-8F19-AA3E18D61678}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{7EB91165-18C1-48C1-AC9D-56ACA1478890}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{AC9DE88E-B852-4A2E-B7E9-3E4D8D925E82}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{110771D7-3E77-4252-A90B-E16779580AB6}] => (Allow) LPort=55100
FirewallRules: [{8CA91650-DBBE-4649-8970-B657B1E21C54}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo (Beijing) Limited -> Lenovo)
FirewallRules: [TCP Query User{12A3A7F4-6A6B-439C-AC71-836AED5B5305}C:\users\caro\documents\software\mysql-5.7.11-winx64\mysql\bin\mysqld.exe] => (Allow) C:\users\caro\documents\software\mysql-5.7.11-winx64\mysql\bin\mysqld.exe () [File not signed]
FirewallRules: [UDP Query User{93E4A2C4-8ABA-45CA-8E67-CD1B5C4CD218}C:\users\caro\documents\software\mysql-5.7.11-winx64\mysql\bin\mysqld.exe] => (Allow) C:\users\caro\documents\software\mysql-5.7.11-winx64\mysql\bin\mysqld.exe () [File not signed]
FirewallRules: [{7361BA51-FAA9-4046-9F08-83C7C7F4F7E5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B9269BC9-5D5C-436C-B1C9-1AB24263A7B2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C527C130-C338-401B-A37E-807FCF634468}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2CEF4505-F8EC-40BE-A8AF-FB3CA6F5D00D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B36AC524-C865-403D-B6CE-0A822332CB9B}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
FirewallRules: [{8128852A-27D9-436E-A5A8-694868766F70}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
FirewallRules: [{D695AC39-8CD1-4705-B275-F7D2208B81E4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{6A5E8FDA-A157-4006-836B-22DF5300B1E0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{4964FC4B-F48F-4934-9E84-65641CB9287D}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{440E1684-EC4E-43DF-A50D-59B0BEFD88D7}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{F485ED72-1381-4C95-80C6-65E984914B0D}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{8716827E-2E53-40C7-8E9C-4ECFE53D9A41}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B9D76EC6-5FB7-4A05-B6CF-9F284DE8200A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3654873E-FFB1-4473-919F-8FEC82C5E7CF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{57E99ECD-02CA-4FDF-A583-3C1DB32AC343}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0B8475F2-E966-4E9F-9C15-D8E2EF3C7FC2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3E0EB971-9FA2-422B-B0BC-15898F2ADA81}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{75F9EDB9-69CB-4B63-A784-DCAE77C2B107}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{AD90C594-2F9E-412E-87A3-9D49110727B6}] => (Allow) C:\Program Files (x86)\lXAYLUeDDfS.exe No File
FirewallRules: [{3AAFFCE5-D672-45B3-AAE9-051CE33B9229}] => (Allow) C:\Program Files (x86)\TZEA.exe No File
FirewallRules: [{C8926869-E834-4D9E-9C37-D1C7FAFE71B7}] => (Allow) C:\WINDOWS\SysWOW64\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{18700AA6-4DBC-4A43-9ABE-FF55893EF0F9}] => (Allow) C:\WINDOWS\SysWOW64\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7E76F635-6C83-420E-ADAE-E11120D984C6}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)
FirewallRules: [{309CACE3-3B76-46EE-B0EA-2A365358E90C}] => (Allow) C:\WINDOWS\SysWOW64\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4CC54563-AFF5-463D-81C8-EC36B85DD458}] => (Allow) C:\WINDOWS\SysWOW64\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{128B646B-C489-4EDB-B094-6197404FE9DE}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)
FirewallRules: [{088EAE30-D4C5-4F35-96DE-B719088158D6}] => (Allow) C:\WINDOWS\SysWOW64\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6007436F-1402-45A7-9FE8-F22AAFBDF9FF}] => (Allow) C:\WINDOWS\SysWOW64\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{DCF01053-205A-4F1D-9EC6-752407EA8DFF}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)
FirewallRules: [{8C631CE0-CE04-49F1-9EA3-D8AECD40ABF8}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{95CCCDE5-F74D-4B30-9BF1-C2E0F5FD286A}] => (Allow) C:\WINDOWS\SysWOW64\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3110D8E8-9527-4D6C-B0B0-FE1DF3398503}] => (Allow) C:\WINDOWS\SysWOW64\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B78B9F83-6EE6-43B0-A035-5A8133EF4923}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)
FirewallRules: [{EF38372C-8C43-4A2D-95FE-00629357988D}] => (Allow) C:\WINDOWS\SysWOW64\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6BEA2E63-8DA2-470C-B9A0-AEABDF21B16A}] => (Allow) C:\WINDOWS\SysWOW64\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C27330F4-EFFF-407B-9A62-10D03790C2AB}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)
FirewallRules: [{3C580D35-09EF-4E4D-A47A-F50BD9DF2255}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{0CF69197-17C3-4F59-BAFC-1B94FB35C494}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{72796C39-C1BF-4979-AD4C-D88CA1707C01}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)
FirewallRules: [{D21DA473-B5EE-4DBB-9B9C-FF51A7D470EB}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{2B6BC4E9-CEEF-4AA5-AF06-62B863C7144A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{C264845E-F511-4172-B9F5-85CADB7EA6C4}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)
FirewallRules: [{0594888D-C034-4CA2-9F5C-228EE1911F48}] => (Allow) C:\WINDOWS\SysWOW64\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{69299F49-8794-453F-9CC8-7472FD35B03D}] => (Allow) C:\WINDOWS\SysWOW64\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{98859968-459A-4920-84BB-683523FEAADF}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)
FirewallRules: [{CAADB3AE-6532-46E0-9EB8-7DBC56CEF31D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Restore Points =========================

01-03-2019 23:04:25 Windows Update
10-03-2019 19:31:16 Punto de control programado
21-03-2019 22:34:06 Windows Update

2° parte del Adittion



==================== Faulty Device Manager Devices =============

Name: Sonido Intel(R) para pantallas
Description: Sonido Intel(R) para pantallas
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel(R) Corporation
Service: IntcDAud
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvvad_WaveExtensible
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Lenovo Primary iM Controller
Description: Lenovo Primary iM Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Lenovo Corporation
Service: WUDFRd
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (03/23/2019 02:29:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: PickerHost.Exe, versión: 10.0.17134.1, marca de tiempo: 0x2fa59209
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.556, marca de tiempo: 0x74bed8b0
Código de excepción: 0xc0000374
Desplazamiento de errores: 0x00000000000f479b
Identificador del proceso con errores: 0x2314
Hora de inicio de la aplicación con errores: 0x01d4e139732e8c29
Ruta de acceso de la aplicación con errores: C:\Windows\System32\PickerHost.Exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: 79e3fa17-c10a-4704-8d85-8201c698a5c2
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (03/23/2019 02:19:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: PickerHost.Exe, versión: 10.0.17134.1, marca de tiempo: 0x2fa59209
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.556, marca de tiempo: 0x74bed8b0
Código de excepción: 0xc0000374
Desplazamiento de errores: 0x00000000000f479b
Identificador del proceso con errores: 0x2fac
Hora de inicio de la aplicación con errores: 0x01d4e137f5c608c0
Ruta de acceso de la aplicación con errores: C:\Windows\System32\PickerHost.Exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: c2698e83-9498-4a73-954c-56c71d16ac12
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (03/23/2019 01:42:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: PickerHost.Exe, versión: 10.0.17134.1, marca de tiempo: 0x2fa59209
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.556, marca de tiempo: 0x74bed8b0
Código de excepción: 0xc0000374
Desplazamiento de errores: 0x00000000000f479b
Identificador del proceso con errores: 0x2b48
Hora de inicio de la aplicación con errores: 0x01d4e132dbb318e1
Ruta de acceso de la aplicación con errores: C:\Windows\System32\PickerHost.Exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: 787e797f-850a-4b30-9e50-56f099f521e9
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (03/23/2019 01:42:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: PickerHost.Exe, versión: 10.0.17134.1, marca de tiempo: 0x2fa59209
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.556, marca de tiempo: 0x74bed8b0
Código de excepción: 0xc0000374
Desplazamiento de errores: 0x00000000000f479b
Identificador del proceso con errores: 0x2924
Hora de inicio de la aplicación con errores: 0x01d4e132dd69917f
Ruta de acceso de la aplicación con errores: C:\Windows\System32\PickerHost.Exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: b0985dbb-5b76-465c-9836-f2d22d861b27
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (03/22/2019 12:57:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AppleChromeDAV.exe, versión: 2.1.15.85, marca de tiempo: 0x5b2e1ace
Nombre del módulo con errores: VCRUNTIME140.dll, versión: 14.13.26118.0, marca de tiempo: 0x5a603d09
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000e99c
Identificador del proceso con errores: 0x3e3c
Hora de inicio de la aplicación con errores: 0x01d4e04ff8587c3a
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\VCRUNTIME140.dll
Identificador del informe: c9c3be20-3dfa-4b36-8379-913a1b19d09a
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (03/21/2019 10:53:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: PickerHost.Exe, versión: 10.0.17134.1, marca de tiempo: 0x2fa59209
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.556, marca de tiempo: 0x74bed8b0
Código de excepción: 0xc0000374
Desplazamiento de errores: 0x00000000000f479b
Identificador del proceso con errores: 0x2acc
Hora de inicio de la aplicación con errores: 0x01d4e052195f4967
Ruta de acceso de la aplicación con errores: C:\Windows\System32\PickerHost.Exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: b92559e6-e84d-451f-b9b7-80698817d05b
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (03/21/2019 10:37:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: PickerHost.Exe, versión: 10.0.17134.1, marca de tiempo: 0x2fa59209
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.556, marca de tiempo: 0x74bed8b0
Código de excepción: 0xc0000374
Desplazamiento de errores: 0x00000000000f479b
Identificador del proceso con errores: 0x3e7c
Hora de inicio de la aplicación con errores: 0x01d4e04fbe8c175f
Ruta de acceso de la aplicación con errores: C:\Windows\System32\PickerHost.Exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: dcd6d7d5-bfc4-4327-880f-898455476bb3
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (03/21/2019 10:37:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: PickerHost.Exe, versión: 10.0.17134.1, marca de tiempo: 0x2fa59209
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.556, marca de tiempo: 0x74bed8b0
Código de excepción: 0xc0000374
Desplazamiento de errores: 0x00000000000f479b
Identificador del proceso con errores: 0x44a8
Hora de inicio de la aplicación con errores: 0x01d4e04fbd49d017
Ruta de acceso de la aplicación con errores: C:\Windows\System32\PickerHost.Exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: c3ef7c3f-efa5-4508-884c-0f07d48483d7
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


System errors:
=============
Error: (03/23/2019 02:43:43 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1084" al intentar iniciar el servicio EventSystem con argumentos "No disponible" para ejecutar el servidor:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (03/23/2019 02:42:52 AM) (Source: DCOM) (EventID: 10005) (User: LENOVO-PC)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (03/23/2019 02:41:31 AM) (Source: DCOM) (EventID: 10005) (User: LENOVO-PC)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (03/23/2019 02:39:56 AM) (Source: DCOM) (EventID: 10005) (User: LENOVO-PC)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (03/23/2019 02:39:11 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{9E175B68-F52A-11D8-B9A5-505054503030}

Error: (03/23/2019 02:38:53 AM) (Source: DCOM) (EventID: 10005) (User: LENOVO-PC)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (03/23/2019 02:38:11 AM) (Source: DCOM) (EventID: 10005) (User: LENOVO-PC)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (03/23/2019 02:37:59 AM) (Source: DCOM) (EventID: 10005) (User: LENOVO-PC)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}


Windows Defender:
===================================
Date: 2019-03-23 02:01:13.898
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {513D5634-EB55-45B5-8DB8-B47375992264}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-03-22 00:52:05.400
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {5147E748-98BC-4281-9E56-3365D805EDD5}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-03-22 00:42:08.593
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {B56B908A-6E15-40E0-8225-25FEB5E3FE55}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-03-22 00:35:21.803
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {C4FFCBB2-B65B-4191-A642-00B06CC86068}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-03-22 00:10:18.608
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {C606D38A-5A7E-4E50-B32D-342619AA00D8}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-03-23 02:34:46.668
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2019-03-23 02:13:55.404
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2019-03-23 01:37:07.107
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2019-03-21 22:52:10.322
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.289.1599.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15800.1
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2019-03-20 01:26:46.374
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

CodeIntegrity:
===================================

Date: 2019-03-23 01:24:44.136
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-20 01:35:46.757
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-16 01:48:01.017
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-13 01:06:33.866
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-10 23:14:24.606
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-02-10 03:48:10.913
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-22 01:15:26.225
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-12-30 15:01:25.585
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 31%
Total physical RAM: 8104.27 MB
Available physical RAM: 5543.14 MB
Total Virtual: 16296.27 MB
Available Virtual: 13814.41 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:890.27 GB) (Free:649.48 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.33 GB) NTFS

\\?\Volume{a952e48a-011d-491b-b9cc-10f42f2f561f}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.68 GB) NTFS
\\?\Volume{19b15c48-1489-4267-85aa-446ab421d461}\ (PBR_DRV) (Fixed) (Total:13.91 GB) (Free:3.08 GB) NTFS
\\?\Volume{edf34597-8577-491a-a98e-38b5a892180e}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 24332868)

Partition: GPT.

==================== End of Addition.txt ============================

Espero que sirva de otra forma estuve reiniciando la pc un monton de veces porque no lo tomaba- Saludos

Hola Caro:

Agradezco todo el esfuerzo que le pones pero no nos estamos entendiendo.

Se que tienes infecciones, las veo en el reporte pero lo que actualmente mas me preocupa es el bloqueo que tiene tu ordenador.

Por ello te pedí que entraras a Modo Seguro y solamente abrieras tus archivos, probaras tu equipo en ese Modo, solo eso.

No ejecutes nada, solo prueba el Sistema en ese Modo Seguro sin red, tengo sospechas de que pudieras tener un daño en tu disco.

En cuanto me comentes como va el sistema en Modo Seguro te doy los pasos a seguir para eliminar las infecciones y comprobar el estado de tu disco.

Edito: Instalaste tu el antivirus Panda ? Tienes el antivirus Windows Defender activado por lo que puedo ver en el reporte.

Ademas de lo anterior en Modo Normal revisa lo siguiente:

Pincha el icono de Windows Defender >>> Presiona en Protección contra virus y amenazas >>> en Protección contra Rasomware >>> presiona en Administrar la protección contra Rasomware.

Allí revisa si el Acceso controlado a carpetas lo tienes en Desactivado si no es así desactivarlo.

Nos comentas.

Salu2

Hola Sandra, gracias tus comentarios

Paso a contarte, en modo normal pude abrir archivos. En modo seguro sin red no me dejo abrir ningun archivo de Office pues puso un cartel que no tenia acceso por no tener acceso a red, creo que estaba buscando algun antivirus para poder abrir, no me dejo abrir ningun archivo, entonces fui a abrir en modo seguro con red, y nunca habilitó la red, lo tomó como si hubiera seleccionado modo seguro sin red, así que tampoco pude abrir ningun archivo en ninguno de esos dos modos, pues el cartel era el mismo. Abri configuracion y veo que lo de Windows defender, en su momento cuando me lo pediste yo lo habia deshabilitado , no se porqué ahora está habilitado… Lo de acceso controlado a carpetas lo tengo “deshabilitado” , ya estaba así.

Ahora desactive la proteccion de Windows defender otra vez, tiempo real y proteccion contra virus y amenazas.

El Panda lo había instalado yo si, actualmente está desactivado. LA pc la uso para enviarte los reportes y casi no la estoy usando por el momento ,m aunque si necesito algunos archivos que por ahora estoy tratando de prescindir.

Ahora me abrio la configuracion , y pude ejecutar lo que pediste, antes quise cambiar la configuracion de la pantalla, y no abre, asi que eso esta andando cuando quiere, ahora no me deja hacer cambios ahí.

Saludos, que tengas un bonito día. :blush:

Hola @Carolina_Saggio

Si tienes el Ofice online es totalmente normal.

Es normal también solo se deshabilita por un tiempo corto, y solo se vuelve a rehabilitar.

Cada vez que ejecutes una herramienta tendrás que volver a deshabilitarlo.

1.- Desinstala Panda con su herramienta, y no instales ningún antivirus mas hasta que terminemos con Windows Defender es suficiente por el momento.

2.- Sigue el 3er. MÉTODO: descrito en esta Faq de ayuda :arrow_right: ¿Cómo usar CHKDSK para realizar una comprobación del disco?, que es válida también para un Windows 10.

Nos comentas.

Salu2

Hola Sandra como estas?

El Panda lo habia instalado yo hacía mucho, no ahora… Quise desinstalar Panda tal lo solicitaste y me puso, que tengo elementos en la papelera de reciclaje que estan neutralizados, y me pregunta que hacer, si los elimino o no elimininarlos ni neutralizarlos??? No se que que hacer en ese caso.

Otra pregunta, en las aplicaciones en configuracion tengo el desintalador y vos me pasaste el acceso a herramientas de desinstalacion, uso la que vos me indicaste descargando el desinstalador o con el que tengo alcanza? Saludos , gracias

Hola @Carolina_Saggio:

Con el desinstalador que te indique y si te pregunta eliminarlos se refiere a lo que está en cuarentena.

Salu2

Hola Sandra, cómo te va ? Ayer desinstale el Panda desde la herramienta que me dijiste … hoy estuve ejecutando la reparación de Windows… aún sin terminar quiero comentarte cómo va esto porque parece que algo anda mal . Primero llegaba el análisis hasta los 47%, lo dos o 3 veces hasta que de una llego al 100% . Luego hizo reparación e hizo lo mismo …Cuando reinició me puso un cartel que tuvo problemas para iniciar … me dio opción de Reiniciar o ir a opciones avanzadas, con lo que yo le di reiniciar … y acá estoy se quedo en el 11 % analizando y no parece avanzar … no se que hacer en ese caso , si abortar la operación y apagar o qué… dado que no tengo informe para enviarte aguardo tus comentarios… saludos , un beso

Hola @Carolina_Saggio

No se si te quedo claro que cuando usas la comprobación de disco no debes tocar el equipo, teclado ni ratón para nada.

:o: NOTA :o: NO debe pulsar ninguna tecla ni mueva el ratón al inicio del proceso, una vez que arranque Windows y salga la pantalla del chequeo, para evitar que se interrumpa el proceso.

Nos comentas.

Salu2.

HOLa sandra, buenas noches, si me quedo claro pero en mi máquina solicitó acción de parte mía porque sola no iba a arrancar pues tiro un error … así que si cuando reinicio por segunda vez . La primera lo hizo sola , pero no pudo seguir iniciando pues puso que hubo un error … lo más seguro es que termine abortando . saludos

Hola @Carolina_Saggio

Tu equipo esta raro, llamare a un compañero de Hard para que nos eche una mano para verificar tu disco.

Intentemos terminar con la limpieza haber si nos deja.

Te dejo los pasos, recuerda colocar los ejecutables en el escritorio >>> Modo Normal


1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Desactiva Temporalmente tu antivirus.

3.- Abre un nuevo archivo Notepad y copia y pega este contenido:


Start
CloseProcesses:
CreateRestorePoint:
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212019223050082\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409424 2018-04-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212019223050082\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2386384 2018-04-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212019223050082\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16093512 2015-08-15] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212019223050082\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1587680 2018-12-12] (Google Inc -> Google Inc.)
HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212019223050082\...\RunOnce: [Application Restart #4] => C:\Windows\RTFTrack.exe [5060864 2015-11-11] (Realtek Semiconductor Corp -> Realtek semiconductor)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
CHR Extension: (Chrome Media Router) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-27]
CHR HKU\S-1-5-21-4145286444-108475074-2886558672-1009\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Caro\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2017-03-21]
CHR HKU\S-1-5-21-4145286444-108475074-2886558672-1009\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212019223050082\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Caro\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2017-03-21]
CHR HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212019223050082\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-29] (Oracle America, Inc. -> Oracle Corporation)
S1 ZmQ1OTY5NzQ2MmViZjA0; \??\C:\WINDOWS\system32\drivers\ZmQ1OTY5NzQ2MmViZjA0 [X]
2019-03-13 00:05 - 2019-03-13 00:05 - 010607000 _____ (McAfee, Inc.) C:\Users\Caro\Downloads\MCPR.exe
2019-03-13 00:11 - 2018-05-29 02:41 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2019-03-10 18:54 - 2018-07-26 22:05 - 000000648 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4145286444-108475074-2886558672-1009.job
2019-03-10 18:54 - 2018-07-26 22:05 - 000000552 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4145286444-108475074-2886558672-1009.job
CustomCLSID: HKU\S-1-5-21-4145286444-108475074-2886558672-1009_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Caro\AppData\Local\GoToMeeting\8953\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232019024006980_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Caro\AppData\Local\GoToMeeting\8953\G2MOutlookAddin64.dll => No File
ContextMenuHandlers1: [ContextMenuExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
Task: {5E1F9D01-1F53-47CF-89E6-303C4E5107EC} - no filepath
Task: {8C4298DB-5950-4E87-AC81-36679A0AF032} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F84AE722-1E42-4351-B7BE-3DEF1499004C} - no filepath
AlternateDataStreams: C:\Users\Caro\OneDrive\Documentos\CyberLink:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Caro\OneDrive\Documentos\Lenovo:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Caro\OneDrive\Documentos\Plantillas personalizadas de Office:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Caro\OneDrive\Documentos\WBS Schedule Pro:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
FirewallRules: [{4964FC4B-F48F-4934-9E84-65641CB9287D}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{440E1684-EC4E-43DF-A50D-59B0BEFD88D7}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{F485ED72-1381-4C95-80C6-65E984914B0D}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{AD90C594-2F9E-412E-87A3-9D49110727B6}] => (Allow) C:\Program Files (x86)\lXAYLUeDDfS.exe No File
FirewallRules: [{3AAFFCE5-D672-45B3-AAE9-051CE33B9229}] => (Allow) C:\Program Files (x86)\TZEA.exe No File

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Nos comentas .

Salu2.

Hola Sandra, … raro ? Súper raro… quise apagar la pc con el botón y no se apagó … así que la dejo prendida toda la noche a ver si avanza o hace algo, por lo pronto sigue en 11% , pantalla prendida … y no me dejo apagar… mañana cuando despierte veo si puedo apagarla y luego por la noche trabajaré en lo que me dices. Saludos

Hola:

Por aquí esperamos tus comentarios.

Salu2

Bueno , avanzo pero volvió a solicitar una acción , cartel : reparación automática: tu pc no se inicio correctamente . Reiniciar tu pc en ocasiones puede reparar tu pc , también puedes presionar opciones avanzadas para intentar reparar tu pc Reiniciar Opciones avanzadas Ahí la dejé , porque la vez anterior presioné Reiniciar y va a volver a hacer lo mismo , no se que otras opciones hay dentro de opciones avanzadas

Vuelvo más tarde en algunas horas , por ahora la dejo prendida Que tengas buen día !

Hola @Carolina_Saggio

Revisa las faqs de Windows 10, especialmente la que menciona:

Cómo reparar el Inicio de Windows 10?

El punto 1.- a partir de “Opciones avanzadas” están los pasos para reparar tu arranque.

De todas maneras ve pensando en hacer una re-instalación de tu sistema, ya que no es común los problemas que tiene para iniciar y así intentar poder hacer lo chequeos correspondientes.

Windows 10 tiene la opción de reinstalar sin perder tus documentos, si se pierden los programas instalados, pero eso es mejor ya que no sabemos cual de ellos produjo semejante daño.

Nos comentas.

Salu2

Buenas Sandra, cómo estás …la comprobacion del disco nunca la termino con exito y si pude copiar un mensaje: El archivo afectado es C:\WINDOWS\System32\Logfiles\Srt\SrtTrail.txt, puesto que pude iniciar en modo normal y salir de la comprobacion dl disco voy a ejecutar Delfix

resultado


 DelFix v1.013 - Logfile created 30/03/2019 at 16:54:17
# Updated 17/04/2016 by Xplode
# Username : Caro - LENOVO-PC
# Operating System : Windows 10 Home  (64 bits)

~ Creating registry backup ... OK

########## - EOF - ##########
  1. Copie el txt del fixlist.txt en el escritorio y ejecute el Fix

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Caro (30-03-2019 17:08:26) Run:1
Running from C:\Users\Caro\OneDrive\Escritorio
Loaded Profiles: Caro (Available Profiles: Caro)
Boot Mode: Normal
==============================================

fixlist content:
*****************

Start
CloseProcesses:
CreateRestorePoint:
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212019223050082\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409424 2018-04-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212019223050082\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2386384 2018-04-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212019223050082\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16093512 2015-08-15] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212019223050082\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1587680 2018-12-12] (Google Inc -> Google Inc.)
HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212019223050082\...\RunOnce: [Application Restart #4] => C:\Windows\RTFTrack.exe [5060864 2015-11-11] (Realtek Semiconductor Corp -> Realtek semiconductor)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
CHR Extension: (Chrome Media Router) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-27]
CHR HKU\S-1-5-21-4145286444-108475074-2886558672-1009\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Caro\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2017-03-21]
CHR HKU\S-1-5-21-4145286444-108475074-2886558672-1009\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212019223050082\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Caro\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2017-03-21]
CHR HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212019223050082\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-29] (Oracle America, Inc. -> Oracle Corporation)
S1 ZmQ1OTY5NzQ2MmViZjA0; \??\C:\WINDOWS\system32\drivers\ZmQ1OTY5NzQ2MmViZjA0 [X]
2019-03-13 00:05 - 2019-03-13 00:05 - 010607000 _____ (McAfee, Inc.) C:\Users\Caro\Downloads\MCPR.exe
2019-03-13 00:11 - 2018-05-29 02:41 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2019-03-10 18:54 - 2018-07-26 22:05 - 000000648 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4145286444-108475074-2886558672-1009.job
2019-03-10 18:54 - 2018-07-26 22:05 - 000000552 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4145286444-108475074-2886558672-1009.job
CustomCLSID: HKU\S-1-5-21-4145286444-108475074-2886558672-1009_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Caro\AppData\Local\GoToMeeting\8953\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232019024006980_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Caro\AppData\Local\GoToMeeting\8953\G2MOutlookAddin64.dll => No File
ContextMenuHandlers1: [ContextMenuExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
Task: {5E1F9D01-1F53-47CF-89E6-303C4E5107EC} - no filepath
Task: {8C4298DB-5950-4E87-AC81-36679A0AF032} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F84AE722-1E42-4351-B7BE-3DEF1499004C} - no filepath
AlternateDataStreams: C:\Users\Caro\OneDrive\Documentos\CyberLink:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Caro\OneDrive\Documentos\Lenovo:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Caro\OneDrive\Documentos\Plantillas personalizadas de Office:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Caro\OneDrive\Documentos\WBS Schedule Pro:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
FirewallRules: [{4964FC4B-F48F-4934-9E84-65641CB9287D}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{440E1684-EC4E-43DF-A50D-59B0BEFD88D7}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{F485ED72-1381-4C95-80C6-65E984914B0D}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{AD90C594-2F9E-412E-87A3-9D49110727B6}] => (Allow) C:\Program Files (x86)\lXAYLUeDDfS.exe No File
FirewallRules: [{3AAFFCE5-D672-45B3-AAE9-051CE33B9229}] => (Allow) C:\Program Files (x86)\TZEA.exe No File

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
Restore point was successfully created.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\system32\GroupPolicy\User => moved successfully
"C:\WINDOWS\system32\GroupPolicy\Machine" => not found
HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212019223050082\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409424 2018-04-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated) => Error: No automatic fix found for this entry.
HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212019223050082\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2386384 2018-04-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated) => Error: No automatic fix found for this entry.
HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212019223050082\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16093512 2015-08-15] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) => Error: No automatic fix found for this entry.
HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212019223050082\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1587680 2018-12-12] (Google Inc -> Google Inc.) => Error: No automatic fix found for this entry.
HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212019223050082\...\RunOnce: [Application Restart #4] => C:\Windows\RTFTrack.exe [5060864 2015-11-11] (Realtek Semiconductor Corp -> Realtek semiconductor) => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => removed successfully
HKLM\Software\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => not found
HKLM\Software\Classes\PROTOCOLS\Filter\application/x-mfe-ipt => removed successfully
HKLM\Software\Classes\CLSID\{3EF5086B-5478-4598-A054-786C45D75692} => not found
CHR Extension: (Chrome Media Router) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-27] => Error: No automatic fix found for this entry.
HKU\S-1-5-21-4145286444-108475074-2886558672-1009\SOFTWARE\Google\Chrome\Extensions\apdfllckaahabafndbhieahigkjlhalf => removed successfully
C:\Users\Caro\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx => moved successfully
HKU\S-1-5-21-4145286444-108475074-2886558672-1009\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => removed successfully
CHR HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212019223050082\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Caro\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2017-03-21] => Error: No automatic fix found for this entry.
CHR HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212019223050082\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
"HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-29] (Oracle America, Inc." => not found
C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll => moved successfully
"HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-29] (Oracle America, Inc." => not found
C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll => moved successfully
HKLM\System\CurrentControlSet\Services\ZmQ1OTY5NzQ2MmViZjA0 => removed successfully
ZmQ1OTY5NzQ2MmViZjA0 => service removed successfully
C:\Users\Caro\Downloads\MCPR.exe => moved successfully
C:\WINDOWS\System32\Tasks\McAfee => moved successfully
C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4145286444-108475074-2886558672-1009.job => moved successfully
C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4145286444-108475074-2886558672-1009.job => moved successfully
HKU\S-1-5-21-4145286444-108475074-2886558672-1009_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309} => removed successfully
CustomCLSID: HKU\S-1-5-21-4145286444-108475074-2886558672-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232019024006980_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Caro\AppData\Local\GoToMeeting\8953\G2MOutlookAddin64.dll => No File => Error: No automatic fix found for this entry.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ContextMenuExt => removed successfully
HKLM\Software\Classes\CLSID\{6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5E1F9D01-1F53-47CF-89E6-303C4E5107EC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E1F9D01-1F53-47CF-89E6-303C4E5107EC}" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8C4298DB-5950-4E87-AC81-36679A0AF032} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C4298DB-5950-4E87-AC81-36679A0AF032} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F84AE722-1E42-4351-B7BE-3DEF1499004C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F84AE722-1E42-4351-B7BE-3DEF1499004C}" => removed successfully
C:\Users\Caro\OneDrive\Documentos\CyberLink => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Users\Caro\OneDrive\Documentos\Lenovo => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Users\Caro\OneDrive\Documentos\Plantillas personalizadas de Office => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Users\Caro\OneDrive\Documentos\WBS Schedule Pro => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4964FC4B-F48F-4934-9E84-65641CB9287D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{440E1684-EC4E-43DF-A50D-59B0BEFD88D7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F485ED72-1381-4C95-80C6-65E984914B0D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AD90C594-2F9E-412E-87A3-9D49110727B6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3AAFFCE5-D672-45B3-AAE9-051CE33B9229}" => removed successfully

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 5 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth 2 mientras los medios
est‚n desconectados.

Adaptador de Ethernet Ethernet:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 1:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 5:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Wi-Fi:

   Sufijo DNS espec¡fico para la conexi¢n. . : fibertel.com.ar
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.103
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.0.1

Adaptador de Ethernet Conexi¢n de red Bluetooth 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-4145286444-108475074-2886558672-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-4145286444-108475074-2886558672-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 11034624 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 30679886 B
Java, Flash, Steam htmlcache => 1020 B
Windows/system/drivers => 7614402 B
Edge => 43218153 B
Chrome => 150248014 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 6550 B
NetworkService => 0 B
Caro => 166822209 B

RecycleBin => 0 B
EmptyTemp: => 390.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:11:54 ====

Este es el informe . Buen Finde

Hola @Carolina_Saggio

Recuerdas que era exactamente lo que te mencionaba de ese archivo.

Ahora si me queda claro tus errores de inicio, por que no repara o por que no entras a veces a Modo Seguro.

El que tienes es un error muy complejo.

Intenta lo siguiente:

Sigue la ruta:

C:\WINDOWS\System32\Logfiles\Srt\SrtTrail.txt

Fíjate si tienes el archivo SrtTrail.txt, es un archivo muy largo hacia el final del mismo busca algo que ponga “error”. “fail” “unknown” y la linea que le siga, ello puede decirnos que es lo que esta fallando.

Ya que el archivo es por fecha y hora. Y nos copias aquí lo que encuentres.

Ademas tienes acceso a otro equipo y a un USB de unos 8 gigas.

Salu2

Hola Sandra revise el txt , no pude encontrar nada porque lo unico que dice que no pudo solucionar el problema dice asi: Causa principal encontrada:

Después de intentarlo varias veces, Reparación de inicio no puede determinar la causa del problema.

igual te lo voy a pegar para qe lo puedas ver. Respecto de otra pc no tengo quien me preste una, complicada ahí y USB si tengo Abrazos, besos

Hola Caro:

A ver intentemos si es posible actualizar tu equipo a la versión 1809 ya que en los reportes se ve que tienes Windows 10 1703, a ver si así puede solucionar el tema del arranque.

Entra al enlace y presiona en Descargar ahora la herramienta, luego la ejecutas y sigues los pasos para actualizar.

https://www.microsoft.com/es-es/software-download/windows10

Esperemos que funcione, si te da error nos subes una imagen.

Salu2