Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17-03-2019 Ran by Salta Game (25-03-2019 19:21:43) Running from C:\Users\Salta Game\Desktop Microsoft Windows 7 Home Basic Service Pack 1 (X86) (2017-11-04 20:49:38) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-1404873637-3125058992-18802451-500 - Administrator - Disabled) Invitado (S-1-5-21-1404873637-3125058992-18802451-501 - Limited - Disabled) Salta Game (S-1-5-21-1404873637-3125058992-18802451-1000 - Administrator - Enabled) => C:\Users\Salta Game UpdatusUser (S-1-5-21-1404873637-3125058992-18802451-1001 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) $Hard Disk Sentinel Pro (HKLM\...\Hard Disk Sentinel Pro 5.30 Build 9417 Final) (Version: - ) Actualización de NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation) Argente Utilities 1.0.7.0 (HKLM\...\Argente Utilities_is1) (Version: 1.0.7.0 - Raúl Argente) CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform Ltd.) Epson Event Manager (HKLM\...\{006C8256-3855-43BF-8BA5-4B4C40F41F71}) (Version: 3.10.0065 - Seiko Epson Corporation) EPSON L380 Series Printer Uninstall (HKLM\...\EPSON L380 Series) (Version: - Seiko Epson Corporation) Epson Scan 2 (HKLM\...\Epson Scan 2) (Version: - Seiko Epson Corporation) Epson Software Updater (HKLM\...\{6DBD132B-7F42-4594-BBE7-0BB677EB2926}) (Version: 4.4.2 - SEIKO EPSON CORPORATION) ESET Premium Line Encryption (HKLM\...\{A88A7368-8FEE-421F-A785-B067A5575AF6}) (Version: 1.0.14 - ESET) Hidden ESET Security (HKLM\...\{0D52CADB-3AE2-4473-9747-B8435B81D350}) (Version: 12.1.31.0 - ESET, spol. s r.o.) GESTIONPRO V5.30 (HKLM\...\GESTIONPRO V5.30) (Version: - ) Google Chrome (HKLM\...\Google Chrome) (Version: 73.0.3683.86 - Google Inc.) Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Java 8 Update 201 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) K-Lite Codec Pack 11.8.5 Full (HKLM\...\KLiteCodecPack_is1) (Version: 11.8.5 - KLCP) Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes) Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation) Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{e6edaf4d-f9a1-4023-be00-d6189343feb9}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 66.0 (x86 es-AR) (HKLM\...\Mozilla Firefox 66.0 (x86 es-AR)) (Version: 66.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.0.7012 - Mozilla) NVIDIA Controlador de gráficos 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation) Panel de control de NVIDIA 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 309.08 - NVIDIA Corporation) Hidden Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x86) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8254 - Realtek Semiconductor Corp.) Revo Uninstaller Pro (HKLM\...\Revo Uninstaller Pro) (Version: - VS Revo Group) Senior Conta 2.4.13.0 (HKLM\...\Senior Conta_is1) (Version: - DSG Software S.L.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) TeamViewer v13.0.6447.0 (HKLM\...\TeamViewer_is1) (Version: 13.0.6447.0 - TeamViewer GmbH) TNod User & Password Finder (HKLM\...\TNod) (Version: 1.6.7.0 - Tukero[X]Team) Ultracopier 1.6.1.2 (HKLM\...\Ultracopier) (Version: 1.6.1.2 - Ultracopier) UltraISO Premium V9.7 (HKLM\...\UltraISO_is1) (Version: - ) UnderCoverXP 1.21 (HKLM\...\UnderCoverXP_is1) (Version: - Wicked & Wild Inc.) UsbFix Anti-Malware Premium (HKLM\...\UsbFix) (Version: 11.0.1.1 - SOSVirus (SOSVirus.Net)) VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN) VSO ConvertXToDVD 7 (HKLM\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.59 - VSO Software) WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1404873637-3125058992-18802451-1000_Classes\CLSID\{68D44A27-FFB6-4B89-A3E5-7B0E50A7AB33}\InprocServer32 -> C:\Program Files\Ultracopier\PluginLoader\catchcopy-v0002\catchcopy32.dll () [File not signed] ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-02-27] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-02-27] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files\UltraISO\isoshell.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files\UltraISO\isoshell.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-01-30] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-02-27] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2018-09-06] (VS Revo Group Ltd. -> VS Revo Group) ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files\UltraISO\isoshell.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0175656C-3A0F-47AA-94EB-FBB3B6D3B756} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe () [File not signed] Task: {0FEF8AC5-67C8-4594-AFDC-A549B830E9A9} - System32\Tasks\{0AC6A361-F1A9-4CA1-810B-3B7F16E8778E} => C:\Windows\system32\pcalua.exe -a "C:\Users\Salta Game\Downloads\ghosts-n-goblins-0-4-en (1).exe" -d "C:\Users\Salta Game\Downloads" Task: {67E79771-8935-411D-A762-4DC8964D3D8E} - System32\Tasks\{C897FB8E-B695-4F0F-B089-29CF623ACA9E} => C:\Windows\system32\pcalua.exe -a C:\Users\SALTAG~1\AppData\Local\Temp\jre-8u191-windows-au.exe -d C:\Windows\system32 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION Task: {747C09FA-DDA7-4AFD-9862-A05B1F4A8AA6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {97C2A9D3-301E-4312-B1FE-1536BBF71CF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {CB8A376A-D77E-46D8-A40D-8DF3B561F625} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Salta_20Game => C:\Program Files\Hard Disk Sentinel\HDSentinel.exe (H.D.S. Hungary) [File not signed] Task: {E2418863-9B87-46A1-BA5D-75C7BFF1F911} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {E5B704BF-3BB5-475E-9B02-06650DFB7834} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd) Task: {EDA914E1-DBBA-4B0A-A00C-D0117FEA2707} - System32\Tasks\KMS_VL_ALL => C:\Users\Salta [Argument = Game\AppData\Local\Temp\WinActiveData\KMS_VL_ALL.cmd -renewalonly] <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ==================== Loaded Modules (Whitelisted) ============== 2019-03-20 19:03 - 2019-03-22 21:11 - 003084800 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll 2019-03-20 19:03 - 2019-03-22 21:11 - 005139968 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll 2019-03-20 19:03 - 2019-03-22 21:11 - 005010944 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll 2019-03-20 19:03 - 2019-03-22 21:11 - 002950144 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll 2019-03-20 19:03 - 2019-03-22 21:11 - 002234880 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll 2019-03-20 19:03 - 2019-03-22 21:11 - 004571648 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll 2019-03-20 19:03 - 2019-03-22 21:11 - 000438272 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll 2019-03-22 20:56 - 2019-03-22 21:11 - 001181184 _____ () C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll 2019-03-22 20:56 - 2019-03-22 21:11 - 000124928 _____ () C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll 2019-03-22 21:11 - 2019-03-22 21:11 - 000026112 _____ () C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll 2019-03-22 21:11 - 2019-03-22 21:11 - 000020992 _____ () C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll 2019-03-20 19:03 - 2019-03-22 21:11 - 000259584 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll 2019-03-22 21:11 - 2019-03-22 21:11 - 000014848 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll 2019-03-22 21:11 - 2019-03-22 21:11 - 000729088 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll 2019-03-22 21:11 - 2019-03-22 21:11 - 000073216 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll 2019-03-22 21:11 - 2019-03-22 21:11 - 000179712 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll 2019-03-22 21:11 - 2019-03-22 21:11 - 000014848 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll 2019-03-22 21:11 - 2019-03-22 21:11 - 000014848 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll 2019-03-22 21:11 - 2019-03-22 21:11 - 000101888 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll 2019-03-22 20:56 - 2019-03-22 21:11 - 000035328 _____ () C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows\system32\config\systemprofile:.repos [6040198] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 23:04 - 2019-03-23 18:00 - 000000181 _____ C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost 0.0.0.0 analytics.ff.avast.com 0.0.0.0 ipm-provider.ff.avast.com 0.0.0.0 license.piriform.com 0.0.0.0 www.ccleaner.com 0.0.0.0 shepherd.ff.avast.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1404873637-3125058992-18802451-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Salta Game\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.100.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. MSCONFIG\startupreg: Argente Utilities => C:\Program Files\Argente Utilities\ArgenteU.exe /Tray ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{5C79814E-4938-4A21-B193-B3F9ABD1C635}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{F08B421B-ECFD-40C2-ADAF-F8DE4F130FC1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{7BD01CC4-D189-4C96-9F9C-A0879FE61681}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{220AF820-CB8D-4CB7-92B7-D3B5310AE332}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A627BCBA-D49C-4C44-9F78-122EA32B0EBB}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{7B967F3C-8B9D-46D3-958A-52607C44FEFF}] => (Block) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH) [File not signed] FirewallRules: [{8137C30A-935D-49D9-9036-F11BC27180AB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH) [File not signed] FirewallRules: [{4707156F-507B-41AD-9C7B-F2C5DE11136E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) ==================== Restore Points ========================= 22-03-2019 17:57:11 Windows Update 23-03-2019 19:26:57 JRT Pre-Junkware Removal 25-03-2019 18:57:33 Windows Update ==================== Faulty Device Manager Devices ============= Name: YjBiZDU1NjNiYTg4 Description: YjBiZDU1NjNiYTg4 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: YjBiZDU1NjNiYTg4 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: MpKsld8c8093b Description: MpKsld8c8093b Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: MpKsld8c8093b Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (03/25/2019 06:46:20 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema. Error: (03/25/2019 06:44:44 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Error de activación de la licencia de Windows. Error 0x00000000. Error: (03/25/2019 06:44:44 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Error de la activación de licencia (slui.exe) con el siguiente código: 0x80070005 Error: (03/23/2019 07:25:46 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema. Error: (03/23/2019 07:24:16 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Error de activación de la licencia de Windows. Error 0x00000000. Error: (03/23/2019 07:24:16 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Error de la activación de licencia (slui.exe) con el siguiente código: 0x80070005 Error: (03/23/2019 06:58:04 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema. Error: (03/23/2019 06:56:36 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Error de activación de la licencia de Windows. Error 0x00000000. System errors: ============= Error: (03/25/2019 06:44:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: YjBiZDU1NjNiYTg4 Error: (03/23/2019 08:06:29 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Se recibió la siguiente alerta irrecuperable: 70. Error: (03/23/2019 08:06:29 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Se recibió la siguiente alerta irrecuperable: 70. Error: (03/23/2019 07:24:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: YjBiZDU1NjNiYTg4 Error: (03/23/2019 07:22:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio Protección de software terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio. Error: (03/23/2019 07:22:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio. Error: (03/23/2019 07:22:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: El servicio Office Software Protection Platform se terminó de manera inesperada. Esto ha sucedido 1 veces. Error: (03/23/2019 06:56:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: YjBiZDU1NjNiYTg4 ==================== Memory info =========================== Processor: AMD Athlon(tm) II X2 245 Processor Percentage of memory in use: 83% Total physical RAM: 1919.29 MB Available physical RAM: 309.43 MB Total Virtual: 3838.58 MB Available Virtual: 2112.04 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:97.66 GB) (Free:22.51 GB) NTFS Drive d: () (Fixed) (Total:135.13 GB) (Free:53.77 GB) NTFS Drive e: (Soda Stereo) (CDROM) (Total:4.36 GB) (Free:0 GB) UDF \\?\Volume{93217d84-1ecd-11e7-975b-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 97BE5B6A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=135.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================