No puedo desinstalar Malwarebytes

Hola @Marcelo_Bianchi

Entonces intenta lo siguiente:

Descarga y ejecuta (Botón derecho sobre el ejecutable >>> seleccionas Ejecutar como Administrador >>> Malwarebytes Support Tool

Y sigue sus pasos, intentará desinstalar y re-instalar Malwarebytes.

Si hay algún error te dará un reporte.

Nos comentas.

Salu2

me hace lo mismo, me pide reiniciar una y otra vez cuando arranca el programa

Hola @Marcelo_Bianchi

Tocara hacerlo manualmente.

Vuelve a ejecutar FRST y nos traes un reporte fresco de ambos, tal como lo hiciste la primera vez.

Salu2.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-04-2019
Ran by MARCELO (administrator) on MARCELO-PC (BIOSTAR Group N61PA-M2S) (23-04-2019 00:21:27)
Running from C:\Users\MARCELO\Desktop
Loaded Profiles: MARCELO (Available Profiles: MARCELO)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Malwarebytes Corporation -> Malwarebytes Corporation) C:\Users\MARCELO\AppData\Local\Temp\mwb3B6A.tmp\mb-support.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Windows\Temp\AdAppMgrUpdater.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [170128 2019-04-10] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [44016 2019-04-08] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1151016 2016-02-02] (Autodesk, Inc -> Autodesk, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-10] (Google LLC -> Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1980B2DD-05C6-468C-9589-5AC0E51D9206} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {20C23B6C-DA67-4BFB-8626-CC457B71A906} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1166572213-2147164125-1135358989-1000 => C:\ProgramData\MEGAsync\MEGAupdater.exe [615160 2019-02-07] (Mega Limited -> Mega Limited)
Task: {2864F254-81D2-48B8-9984-E8555938FF88} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\MARCELO\Desktop\esetonlinescanner_esn.exe [7665272 2019-04-22] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {297B8544-9FFC-4808-A0C9-116CFC742DCA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7658200 2017-06-30] (Piriform Ltd -> Piriform Ltd)
Task: {60FE3F3F-D99E-4BA1-82CB-0FCF80A06FA0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [281720 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E59EDCE-2C78-4102-9786-8D9A9C8F786A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1064112 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E3C529E-403E-4BF3-82F3-3242083FE97D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-12-13] (Google Inc -> Google Inc.)
Task: {862C2F3E-3020-4449-9F0F-D4DEA53F8088} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\MARCELO\Desktop\esetonlinescanner_esn.exe [7665272 2019-04-22] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {8B820CB7-3119-47BC-B22A-D7A00DE7C686} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-12-13] (Google Inc -> Google Inc.)
Task: {90E5A160-0087-406A-8AB6-01F833F08DA9} - System32\Tasks\AutoRearm => C:\Windows\AutoRearm\AutoRearm.exe [5745664 2018-12-13] () [File not signed]
Task: {93672AFD-C44D-440E-8CC1-53B241CD3CA1} - System32\Tasks\EPSON L380 Series Update {BED6025A-3492-412D-BE5A-4F9E441E93BF} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TTSRQE.EXE [690536 2013-11-21] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {A58089FB-2FE8-4D7B-A329-63C1B58AD62D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [281720 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {AF4ABBE4-36F6-4D05-8094-8E983DCD8E06} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-09] (Adobe Inc. -> Adobe)
Task: {F14C3C7E-52A7-418C-820A-EA529844A69C} - System32\Tasks\{BDB4B602-8DB0-43B2-A30E-14D8EEF89860} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller"
Task: {F1E91C11-F338-4BE9-BE34-190050217A0E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe [1456696 2019-04-09] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\EPSON L380 Series Update {BED6025A-3492-412D-BE5A-4F9E441E93BF}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TTSRQE.EXE:/EXE:{BED6025A-3492-412D-BE5A-4F9E441E93BF} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{07796CC6-62EF-48F8-8467-28748D7CB128}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D3088D10-33EA-4247-B2DA-61AC05100460}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2014-11-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2014-11-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 4i68gl3l.default-1548876356353
FF ProfilePath: C:\Users\MARCELO\AppData\Roaming\Mozilla\Firefox\Profiles\4i68gl3l.default-1548876356353 [2019-04-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com.ar/
CHR StartupUrls: Default -> "hxxps://www.google.com.ar/"
CHR Profile: C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default [2019-04-22]
CHR Extension: (Documentos) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-13]
CHR Extension: (Google Drive) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-13]
CHR Extension: (YouTube) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-13]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-13]
CHR Extension: (Ace Script) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2019-02-10]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-13]
CHR Extension: (Gmail) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-12-13]
CHR Extension: (Chrome Media Router) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-31]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1162616 2018-11-30] (Autodesk, Inc. -> Autodesk Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [1887640 2019-04-10] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [1887640 2019-04-10] (ESET, spol. s r.o. -> ESET)
S4 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [591800 2018-06-11] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
S4 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [223560 2016-04-18] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S4 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE [143424 2013-04-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1233376 2019-02-25] (Flexera Software LLC -> Flexera Software LLC)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5247944 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
S4 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.242\WsAppService.exe [495720 2018-08-29] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [125056 2019-03-07] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [147288 2019-03-07] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [94856 2019-03-07] (ESET, spol. s r.o. -> ESET)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [25864 2019-04-17] (Glarysoft LTD -> Glarysoft Ltd)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [240440 2019-04-23] (Malwarebytes Corporation -> Malwarebytes)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Microsoft Windows -> Ralink Technology Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-23 00:21 - 2019-04-23 00:22 - 000013807 _____ C:\Users\MARCELO\Desktop\FRST.txt
2019-04-23 00:21 - 2019-04-23 00:21 - 000000000 ____D C:\Users\MARCELO\Desktop\FRST-OlderVersion
2019-04-23 00:19 - 2019-04-23 00:19 - 000001100 _____ C:\Users\MARCELO\fixlist.rar
2019-04-23 00:18 - 2019-04-23 00:18 - 000000000 ____D C:\Users\MARCELO\AppData\Local\mbamtray
2019-04-23 00:18 - 2019-04-23 00:18 - 000000000 ____D C:\Users\MARCELO\AppData\Local\mbam
2019-04-23 00:17 - 2019-04-23 00:17 - 000240440 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-04-23 00:17 - 2019-04-23 00:17 - 000002024 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-23 00:17 - 2019-04-23 00:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-23 00:17 - 2019-04-23 00:17 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-23 00:17 - 2019-04-23 00:17 - 000000000 ____D C:\Program Files\Malwarebytes
2019-04-23 00:17 - 2019-01-08 16:32 - 000128552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2019-04-23 00:15 - 2019-04-23 00:16 - 062824224 _____ (Malwarebytes ) C:\Windows\system32\mb-setup.exe
2019-04-23 00:07 - 2019-04-23 00:08 - 008043416 _____ C:\Users\MARCELO\Desktop\mb-support-1.3.2.588.exe
2019-04-22 22:26 - 2019-04-22 22:27 - 064309056 _____ (Malwarebytes ) C:\Users\MARCELO\Desktop\mb3-setup-009996.009996-3.7.1.2839-1.0.538-1.0.9074.exe
2019-04-22 18:49 - 2019-04-22 18:49 - 007665272 _____ (ESET spol. s r.o.) C:\Users\MARCELO\Desktop\esetonlinescanner_esn.exe
2019-04-22 01:55 - 2019-04-22 01:55 - 000002028 _____ C:\Users\MARCELO\fixlist.txt
2019-04-20 21:15 - 2019-04-23 00:21 - 001794560 _____ (Farbar) C:\Users\MARCELO\Desktop\FRST.exe
2019-04-20 21:15 - 2019-04-23 00:21 - 000000000 ____D C:\FRST
2019-04-17 18:45 - 2019-04-17 18:45 - 000025864 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2019-04-17 18:45 - 2019-04-17 18:45 - 000001054 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2019-04-17 18:45 - 2019-04-17 18:45 - 000001042 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2019-04-17 18:45 - 2019-04-17 18:45 - 000000000 ____D C:\Users\MARCELO\AppData\Roaming\GlarySoft
2019-04-17 18:45 - 2019-04-17 18:45 - 000000000 ____D C:\Users\MARCELO\AppData\Roaming\DiskDefrag
2019-04-17 18:45 - 2019-04-17 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2019-04-17 18:45 - 2019-04-17 18:45 - 000000000 ____D C:\Program Files\Glary Utilities 5
2019-04-10 09:33 - 2019-04-10 17:07 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-04-03 12:03 - 2019-04-03 12:03 - 000001191 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2019-04-03 12:03 - 2019-04-03 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-04-03 12:03 - 2019-04-03 12:03 - 000000000 ____D C:\Program Files\VS Revo Group

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-23 00:21 - 2009-07-14 01:34 - 000026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-23 00:21 - 2009-07-14 01:34 - 000026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-23 00:19 - 2018-12-12 20:11 - 000000000 ___RD C:\Users\MARCELO
2019-04-23 00:19 - 2011-04-11 22:30 - 000746992 _____ C:\Windows\system32\perfh00A.dat
2019-04-23 00:19 - 2011-04-11 22:30 - 000158464 _____ C:\Windows\system32\perfc00A.dat
2019-04-23 00:19 - 2010-11-20 18:01 - 001675926 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-23 00:19 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\inf
2019-04-23 00:14 - 2019-02-24 23:55 - 000000000 ____D C:\ProgramData\Autodesk
2019-04-23 00:14 - 2018-12-13 21:21 - 000000000 ____D C:\Users\MARCELO\AppData\LocalLow\Mozilla
2019-04-23 00:14 - 2009-07-14 01:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-22 23:53 - 2018-12-14 23:53 - 000000917 _____ C:\Windows\Tasks\EPSON L380 Series Update {BED6025A-3492-412D-BE5A-4F9E441E93BF}.job
2019-04-22 21:05 - 2018-12-13 18:22 - 000000000 ____D C:\Windows Loader
2019-04-22 20:16 - 2018-12-13 17:49 - 000000000 ____D C:\Windows\AutoKMS
2019-04-22 18:50 - 2018-12-15 20:36 - 000000000 ____D C:\Users\MARCELO\AppData\Local\ESET
2019-04-22 18:49 - 2018-12-14 22:37 - 000005632 ___SH C:\Users\MARCELO\Thumbs.db
2019-04-22 02:04 - 2018-12-17 19:54 - 000000000 ____D C:\Users\MARCELO\AppData\LocalLow\Temp
2019-04-20 21:49 - 2019-02-09 19:13 - 000000000 ____D C:\Windows\system32\Macromed
2019-04-11 02:15 - 2018-12-17 20:06 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-11 02:01 - 2018-12-14 15:12 - 000000000 ____D C:\Users\MARCELO\AppData\Local\ElevatedDiagnostics
2019-04-11 02:01 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\system32\NDF
2019-04-10 17:07 - 2018-12-13 21:21 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-04-10 13:55 - 2018-12-13 18:27 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-10 13:55 - 2018-12-13 18:27 - 000002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-09 22:30 - 2019-02-09 19:13 - 000842296 _____ (Adobe) C:\Windows\system32\FlashPlayerApp.exe
2019-04-09 22:30 - 2019-02-09 19:13 - 000175160 _____ (Adobe) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-04-06 04:35 - 2018-12-27 17:11 - 000001268 _____ C:\Users\Public\Desktop\Skype.lnk
2019-04-06 04:35 - 2018-12-27 17:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-03-28 04:31 - 2009-07-14 01:53 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories =======

2019-01-10 20:01 - 2019-01-10 20:02 - 000012304 _____ () C:\Users\MARCELO\copia de seguridad registro.reg
2018-12-14 22:37 - 2018-09-19 17:21 - 000000741 _____ () C:\Users\MARCELO\Install.cmd

Some files in TEMP:
====================
2019-04-22 22:35 - 2019-04-22 22:27 - 064309056 _____ (Malwarebytes ) C:\Users\MARCELO\AppData\Local\Temp\mb3-setup-009996.009996-3.7.1.2839-1.0.538-1.0.9074.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-04-17 17:48
==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-04-2019
Ran by MARCELO (23-04-2019 00:22:30)
Running from C:\Users\MARCELO\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2018-12-12 23:11:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1166572213-2147164125-1135358989-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-1166572213-2147164125-1135358989-1002 - Limited - Enabled)
Invitado (S-1-5-21-1166572213-2147164125-1135358989-501 - Limited - Disabled)
MARCELO (S-1-5-21-1166572213-2147164125-1135358989-1000 - Administrator - Enabled) => C:\Users\MARCELO

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A360 Desktop (HKLM\...\{7758802D-9486-4883-9927-CCAC366A3BA4}) (Version: 7.2.3.1800 - Autodesk)
ACA & MEP 2017 Object Enabler (HKLM\...\{28B89EEF-0004-0000-5002-CF3F3A09B77D}) (Version: 7.9.45.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-0001-0000-3002-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Adobe Acrobat Reader DC - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
Adobe Photoshop CS6 versión 13.0.1 (HKLM\...\{A724DC44-6241-42D3-BA57-778B178ABC17}_is1) (Version: 13.0.1 - Adobe Systems, Inc.)
Aplicación de escritorio de Autodesk (HKLM\...\Autodesk Desktop App) (Version: 7.0.12.84 - Autodesk)
Aplicaciones destacadas de Autodesk 2016-2017 (HKLM\...\{27C15055-713B-4D0E-881F-19598A2DFD59}) (Version: 2.2.0 - Autodesk)
aTuner (remove only) (HKLM\...\aTuner) (Version: aTuner 1.9.85 - )
AutoCAD 2017 - Español (Spanish) (HKLM\...\{28B89EEF-0001-040A-2002-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017  Language Pack - Español (Spanish) (HKLM\...\{28B89EEF-0001-040A-1002-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 (HKLM\...\{28B89EEF-0001-0000-0002-CF3F3A09B77D}) (Version: 21.0.104.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2017 (HKLM\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk App Manager 2016-2017 (HKLM\...\{C0954809-F5DC-426C-847E-8409DE14E4C0}) (Version: 2.2.0 - Autodesk)
Autodesk AutoCAD 2017 - Español (Spanish) (HKLM\...\AutoCAD 2017 - Español (Spanish)) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD 2017 SP 1 (HKLM\...\AutoCAD 2017 SP1) (Version: 21.0.104.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM\...\{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}) (Version: 1.2.5.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 32 bit (HKLM\...\{A65662B5-45CC-41D3-AEDC-1448577664EE}) (Version: 4.37.6853 - Autodesk)
Autodesk Material Library 2017 (HKLM\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
Desinstalar impresora EPSON L380 Series (HKLM\...\EPSON L380 Series) (Version:  - Seiko Epson Corporation)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.83.0000 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM\...\{922E2D91-9314-45AA-9AEF-E585F93B59A9}) (Version: 2.6.1.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM\...\{006C8256-3855-43BF-8BA5-4B4C40F41F71}) (Version: 3.10.0065 - Seiko Epson Corporation)
Epson Scan 2 (HKLM\...\Epson Scan 2) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM\...\{6DBD132B-7F42-4594-BBE7-0BB677EB2926}) (Version: 4.4.2 - SEIKO EPSON CORPORATION)
ESET Security (HKLM\...\{0BA8BBB6-4354-40BD-AA15-D4FF2E551998}) (Version: 12.1.34.0 - ESET, spol. s r.o.)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Glary Utilities 5.117 (HKLM\...\Glary Utilities 5) (Version: 5.117.0.142 - Glarysoft Ltd)
Google Chrome (HKLM\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Importación de SketchUp 2016-2017 (HKLM\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Manual Epson L380 (HKLM\...\UsersGuideManual Epson L380_is1) (Version: 1.0 - Epson America, Inc.)
MEGAsync (HKLM\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Mozilla Firefox 66.0.3 (x86 es-AR) (HKLM\...\Mozilla Firefox 66.0.3 (x86 es-AR)) (Version: 66.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.3.7038 - Mozilla)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Skype versión 8.42 (HKLM\...\Skype_is1) (Version: 8.42 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1166572213-2147164125-1135358989-1000_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1166572213-2147164125-1135358989-1000_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1166572213-2147164125-1135358989-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\es-ES\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-06] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2016-02-06] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2019-03-10] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2019-03-10] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2019-03-10] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-04-23 00:17 - 2019-03-13 09:22 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-04-23 00:17 - 2019-03-13 09:22 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-04-23 00:17 - 2019-03-13 09:22 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-04-23 00:17 - 2019-03-13 09:22 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-04-23 00:17 - 2019-03-13 09:22 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-04-23 00:17 - 2019-03-13 09:22 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-04-23 00:17 - 2019-03-13 09:22 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-04-23 00:17 - 2019-03-13 09:22 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-04-23 00:17 - 2019-03-13 09:22 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-04-23 00:17 - 2019-03-13 09:22 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-23 00:17 - 2019-03-13 09:22 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-04-23 00:17 - 2019-03-13 09:22 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-04-23 00:17 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-23 00:17 - 2019-03-13 09:22 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-23 00:17 - 2019-03-13 09:22 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-23 00:17 - 2019-03-13 09:22 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-23 00:17 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-23 00:17 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-23 00:17 - 2019-03-13 09:22 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-04-23 00:17 - 2019-03-13 09:22 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
2019-04-23 00:17 - 2019-03-13 09:22 - 000086016 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\qml_winextras.dll
2019-04-23 00:17 - 2019-03-13 09:22 - 000037888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\dialogsprivateplugin.dll
2019-04-23 00:17 - 2019-03-13 09:22 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\qmlfolderlistmodelplugin.dll
2019-04-23 00:17 - 2019-03-13 09:22 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\qmlsettingsplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:04 - 2019-04-22 02:03 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MARCELO\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: ekrn => 2
MSCONFIG\Services: EpsonCustomerResearchParticipation => 2
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: EPSON_PM_RPCV4_06 => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: WsAppService => 2
MSCONFIG\startupfolder: C:^Users^MARCELO^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupreg: Autodesk Desktop App => "C:\Program Files\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: EEventManager => "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files\Microsoft\Skype for Desktop\Skype.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

17-04-2019 17:55:22 Punto de control programado
22-04-2019 02:02:51 Restore Point Created by FRST

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/23/2019 12:11:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mb-support.exe, versión: 1.3.2.588, marca de tiempo: 0x5c703caa
Nombre del módulo con errores: KERNELBASE.dll, versión: 6.1.7601.17932, marca de tiempo: 0x503275ba
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x0000d3cf
Id. del proceso con errores: 0x790
Hora de inicio de la aplicación con errores: 0x01d4f98211bb5f40
Ruta de acceso de la aplicación con errores: C:\Users\MARCELO\AppData\Local\Temp\mwb4A2B.tmp\mb-support.exe
Ruta de acceso del módulo con errores: C:\Windows\system32\KERNELBASE.dll
Id. del informe: 7a857380-6575-11e9-bcc2-00e04d7348e8

Error: (04/23/2019 12:11:14 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: mb-support.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
Stack:
   at mbsupport.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
   at System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
   at System.Windows.Application.<_ctor>b__0(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run(System.Windows.Window)
   at mbsupport.App.Main()

Error: (04/22/2019 10:35:33 PM) (Source: MBAMIService) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/22/2019 02:02:51 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {de012646-7ab2-4b01-9a09-c2e31d45abcd}

Error: (04/22/2019 01:37:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/21/2019 08:54:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/21/2019 08:47:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/21/2019 03:26:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.


System errors:
=============
Error: (04/22/2019 02:03:18 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: El Administrador de control de servicios intentó realizar una acción correctora (Reiniciar el servicio) después de la terminación inesperada del servicio Windows Search, pero ocurrió el siguiente error: 
Ya se está ejecutando una instancia de este servicio.

Error: (04/22/2019 02:02:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Search terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (04/22/2019 02:02:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (04/22/2019 02:02:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Acrobat Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/22/2019 02:02:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Autodesk Desktop App Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/22/2019 01:35:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Luminati Net Updater no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (04/21/2019 08:52:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Luminati Net Updater no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (04/21/2019 08:45:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Luminati Net Updater no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.


==================== Memory info =========================== 

BIOS: Phoenix Technologies, LTD 6.00 PG 12/05/2007
Motherboard: BIOSTAR Group N61PA-M2S
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4800+
Percentage of memory in use: 82%
Total physical RAM: 2942.55 MB
Available physical RAM: 510.51 MB
Total Virtual: 5883.39 MB
Available Virtual: 3278.39 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:124.66 GB) (Free:85.45 GB) NTFS
Drive d: () (Fixed) (Total:806.75 GB) (Free:787.18 GB) NTFS

\\?\Volume{980f26a4-fe62-11e8-8ff8-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=124.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=806.8 GB) - (Type=05)

==================== End of Addition.txt ============================

Me apareció una ventana de que Malwarebytes estaba reparado, lo intenté y de nuevo me pide reiniciar

Hola @Marcelo_Bianchi

No lo vuelvas a intentar ejecutar ni instalar por que sino jamas lo lograremos.

Para poder eliminarlo correctamente:

1.- Descarga y ejecuta la herramienta de desinstalación de Malwarebytes.

2.- Luego de reiniciar traes un nuevo reporte de FRST y Addition, NO INTENTES reinstalarlo por tu cuenta, por que antes necesitamos eliminar sus rastros.

Salu2

Gracias por estar ahi Sandra_tocaya, sigo tus instrucciones

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-04-2019
Ran by MARCELO (administrator) on MARCELO-PC (BIOSTAR Group N61PA-M2S) (23-04-2019 01:05:02)
Running from D:\!!NO BORRAR\Desktop
Loaded Profiles: MARCELO (Available Profiles: MARCELO)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Desktop App\ADPClientService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Windows\Temp\AdAppMgrUpdater.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [170128 2019-04-10] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [44016 2019-04-08] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1151016 2016-02-02] (Autodesk, Inc -> Autodesk, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-10] (Google LLC -> Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1980B2DD-05C6-468C-9589-5AC0E51D9206} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {20C23B6C-DA67-4BFB-8626-CC457B71A906} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1166572213-2147164125-1135358989-1000 => C:\ProgramData\MEGAsync\MEGAupdater.exe [615160 2019-02-07] (Mega Limited -> Mega Limited)
Task: {2864F254-81D2-48B8-9984-E8555938FF88} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\MARCELO\Desktop\esetonlinescanner_esn.exe [7665272 2019-04-22] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {297B8544-9FFC-4808-A0C9-116CFC742DCA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7658200 2017-06-30] (Piriform Ltd -> Piriform Ltd)
Task: {60FE3F3F-D99E-4BA1-82CB-0FCF80A06FA0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [281720 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E59EDCE-2C78-4102-9786-8D9A9C8F786A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1064112 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E3C529E-403E-4BF3-82F3-3242083FE97D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-12-13] (Google Inc -> Google Inc.)
Task: {862C2F3E-3020-4449-9F0F-D4DEA53F8088} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\MARCELO\Desktop\esetonlinescanner_esn.exe [7665272 2019-04-22] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {8B820CB7-3119-47BC-B22A-D7A00DE7C686} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-12-13] (Google Inc -> Google Inc.)
Task: {90E5A160-0087-406A-8AB6-01F833F08DA9} - System32\Tasks\AutoRearm => C:\Windows\AutoRearm\AutoRearm.exe [5745664 2018-12-13] () [File not signed]
Task: {93672AFD-C44D-440E-8CC1-53B241CD3CA1} - System32\Tasks\EPSON L380 Series Update {BED6025A-3492-412D-BE5A-4F9E441E93BF} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TTSRQE.EXE [690536 2013-11-21] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {A58089FB-2FE8-4D7B-A329-63C1B58AD62D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [281720 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {AF4ABBE4-36F6-4D05-8094-8E983DCD8E06} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-09] (Adobe Inc. -> Adobe)
Task: {F14C3C7E-52A7-418C-820A-EA529844A69C} - System32\Tasks\{BDB4B602-8DB0-43B2-A30E-14D8EEF89860} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller"
Task: {F1E91C11-F338-4BE9-BE34-190050217A0E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe [1456696 2019-04-09] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\EPSON L380 Series Update {BED6025A-3492-412D-BE5A-4F9E441E93BF}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TTSRQE.EXE:/EXE:{BED6025A-3492-412D-BE5A-4F9E441E93BF} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{07796CC6-62EF-48F8-8467-28748D7CB128}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D3088D10-33EA-4247-B2DA-61AC05100460}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2014-11-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2014-11-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 4i68gl3l.default-1548876356353
FF ProfilePath: C:\Users\MARCELO\AppData\Roaming\Mozilla\Firefox\Profiles\4i68gl3l.default-1548876356353 [2019-04-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com.ar/
CHR StartupUrls: Default -> "hxxps://www.google.com.ar/"
CHR Profile: C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default [2019-04-22]
CHR Extension: (Documentos) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-13]
CHR Extension: (Google Drive) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-13]
CHR Extension: (YouTube) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-13]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-13]
CHR Extension: (Ace Script) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2019-02-10]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-13]
CHR Extension: (Gmail) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-12-13]
CHR Extension: (Chrome Media Router) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-31]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1162616 2018-11-30] (Autodesk, Inc. -> Autodesk Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [1887640 2019-04-10] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [1887640 2019-04-10] (ESET, spol. s r.o. -> ESET)
S4 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [591800 2018-06-11] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
S4 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [223560 2016-04-18] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S4 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE [143424 2013-04-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1233376 2019-02-25] (Flexera Software LLC -> Flexera Software LLC)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
S4 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.242\WsAppService.exe [495720 2018-08-29] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [125056 2019-03-07] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [147288 2019-03-07] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [94856 2019-03-07] (ESET, spol. s r.o. -> ESET)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [25864 2019-04-17] (Glarysoft LTD -> Glarysoft Ltd)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Microsoft Windows -> Ralink Technology Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-23 01:03 - 2019-04-23 01:03 - 000001726 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-23 01:03 - 2019-04-23 01:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-23 01:03 - 2019-04-23 01:03 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-23 01:03 - 2019-04-23 01:03 - 000000000 ____D C:\Program Files\Malwarebytes
2019-04-23 01:03 - 2019-01-08 15:32 - 000128552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2019-04-23 01:01 - 2019-04-23 01:01 - 000858912 _____ (Malwarebytes) C:\Users\MARCELO\Desktop\mb-clean-3.1.0.1035.exe
2019-04-23 00:22 - 2019-04-23 00:23 - 000028447 _____ C:\Users\MARCELO\Desktop\Addition.txt
2019-04-23 00:21 - 2019-04-23 00:23 - 000020486 _____ C:\Users\MARCELO\Desktop\FRST.txt
2019-04-23 00:21 - 2019-04-23 00:21 - 000000000 ____D C:\Users\MARCELO\Desktop\FRST-OlderVersion
2019-04-23 00:19 - 2019-04-23 00:19 - 000001100 _____ C:\Users\MARCELO\fixlist.rar
2019-04-23 00:18 - 2019-04-23 00:18 - 000000000 ____D C:\Users\MARCELO\AppData\Local\mbamtray
2019-04-23 00:18 - 2019-04-23 00:18 - 000000000 ____D C:\Users\MARCELO\AppData\Local\mbam
2019-04-23 00:15 - 2019-04-23 00:16 - 062824224 _____ (Malwarebytes ) C:\Windows\system32\mb-setup.exe
2019-04-23 00:07 - 2019-04-23 00:08 - 008043416 _____ C:\Users\MARCELO\Desktop\mb-support-1.3.2.588.exe
2019-04-22 22:26 - 2019-04-22 22:27 - 064309056 _____ (Malwarebytes ) C:\Users\MARCELO\Desktop\mb3-setup-009996.009996-3.7.1.2839-1.0.538-1.0.9074.exe
2019-04-22 18:49 - 2019-04-22 18:49 - 007665272 _____ (ESET spol. s r.o.) C:\Users\MARCELO\Desktop\esetonlinescanner_esn.exe
2019-04-22 01:55 - 2019-04-22 01:55 - 000002028 _____ C:\Users\MARCELO\fixlist.txt
2019-04-20 21:15 - 2019-04-23 01:05 - 000000000 ____D C:\FRST
2019-04-20 21:15 - 2019-04-23 00:21 - 001794560 _____ (Farbar) C:\Users\MARCELO\Desktop\FRST.exe
2019-04-17 18:45 - 2019-04-17 18:45 - 000025864 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2019-04-17 18:45 - 2019-04-17 18:45 - 000001054 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2019-04-17 18:45 - 2019-04-17 18:45 - 000001042 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2019-04-17 18:45 - 2019-04-17 18:45 - 000000000 ____D C:\Users\MARCELO\AppData\Roaming\GlarySoft
2019-04-17 18:45 - 2019-04-17 18:45 - 000000000 ____D C:\Users\MARCELO\AppData\Roaming\DiskDefrag
2019-04-17 18:45 - 2019-04-17 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2019-04-17 18:45 - 2019-04-17 18:45 - 000000000 ____D C:\Program Files\Glary Utilities 5
2019-04-10 09:33 - 2019-04-10 17:07 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-04-03 12:03 - 2019-04-03 12:03 - 000001191 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2019-04-03 12:03 - 2019-04-03 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-04-03 12:03 - 2019-04-03 12:03 - 000000000 ____D C:\Program Files\VS Revo Group

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-23 01:03 - 2019-02-24 23:55 - 000000000 ____D C:\ProgramData\Autodesk
2019-04-23 01:03 - 2018-12-13 21:21 - 000000000 ____D C:\Users\MARCELO\AppData\LocalLow\Mozilla
2019-04-23 01:03 - 2009-07-14 01:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-23 00:53 - 2018-12-14 23:53 - 000000917 _____ C:\Windows\Tasks\EPSON L380 Series Update {BED6025A-3492-412D-BE5A-4F9E441E93BF}.job
2019-04-23 00:21 - 2009-07-14 01:34 - 000026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-23 00:21 - 2009-07-14 01:34 - 000026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-23 00:19 - 2018-12-12 20:11 - 000000000 ___RD C:\Users\MARCELO
2019-04-23 00:19 - 2011-04-11 22:30 - 000746992 _____ C:\Windows\system32\perfh00A.dat
2019-04-23 00:19 - 2011-04-11 22:30 - 000158464 _____ C:\Windows\system32\perfc00A.dat
2019-04-23 00:19 - 2010-11-20 18:01 - 001675926 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-23 00:19 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\inf
2019-04-22 21:05 - 2018-12-13 18:22 - 000000000 ____D C:\Windows Loader
2019-04-22 20:16 - 2018-12-13 17:49 - 000000000 ____D C:\Windows\AutoKMS
2019-04-22 18:50 - 2018-12-15 20:36 - 000000000 ____D C:\Users\MARCELO\AppData\Local\ESET
2019-04-22 18:49 - 2018-12-14 22:37 - 000005632 ___SH C:\Users\MARCELO\Thumbs.db
2019-04-22 02:04 - 2018-12-17 19:54 - 000000000 ____D C:\Users\MARCELO\AppData\LocalLow\Temp
2019-04-20 21:49 - 2019-02-09 19:13 - 000000000 ____D C:\Windows\system32\Macromed
2019-04-11 02:15 - 2018-12-17 20:06 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-11 02:01 - 2018-12-14 15:12 - 000000000 ____D C:\Users\MARCELO\AppData\Local\ElevatedDiagnostics
2019-04-11 02:01 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\system32\NDF
2019-04-10 17:07 - 2018-12-13 21:21 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-04-10 13:55 - 2018-12-13 18:27 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-10 13:55 - 2018-12-13 18:27 - 000002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-09 22:30 - 2019-02-09 19:13 - 000842296 _____ (Adobe) C:\Windows\system32\FlashPlayerApp.exe
2019-04-09 22:30 - 2019-02-09 19:13 - 000175160 _____ (Adobe) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-04-06 04:35 - 2018-12-27 17:11 - 000001268 _____ C:\Users\Public\Desktop\Skype.lnk
2019-04-06 04:35 - 2018-12-27 17:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-03-28 04:31 - 2009-07-14 01:53 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories =======

2019-01-10 20:01 - 2019-01-10 20:02 - 000012304 _____ () C:\Users\MARCELO\copia de seguridad registro.reg
2018-12-14 22:37 - 2018-09-19 17:21 - 000000741 _____ () C:\Users\MARCELO\Install.cmd

Some files in TEMP:
====================
2019-04-22 22:35 - 2019-04-22 22:27 - 064309056 _____ (Malwarebytes ) C:\Users\MARCELO\AppData\Local\Temp\mb3-setup-009996.009996-3.7.1.2839-1.0.538-1.0.9074.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-04-17 17:48
==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-04-2019
Ran by MARCELO (23-04-2019 01:06:29)
Running from D:\!!NO BORRAR\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2018-12-12 23:11:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1166572213-2147164125-1135358989-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-1166572213-2147164125-1135358989-1002 - Limited - Enabled)
Invitado (S-1-5-21-1166572213-2147164125-1135358989-501 - Limited - Disabled)
MARCELO (S-1-5-21-1166572213-2147164125-1135358989-1000 - Administrator - Enabled) => C:\Users\MARCELO

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A360 Desktop (HKLM\...\{7758802D-9486-4883-9927-CCAC366A3BA4}) (Version: 7.2.3.1800 - Autodesk)
ACA & MEP 2017 Object Enabler (HKLM\...\{28B89EEF-0004-0000-5002-CF3F3A09B77D}) (Version: 7.9.45.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-0001-0000-3002-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Adobe Acrobat Reader DC - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
Adobe Photoshop CS6 versión 13.0.1 (HKLM\...\{A724DC44-6241-42D3-BA57-778B178ABC17}_is1) (Version: 13.0.1 - Adobe Systems, Inc.)
Aplicación de escritorio de Autodesk (HKLM\...\Autodesk Desktop App) (Version: 7.0.12.84 - Autodesk)
Aplicaciones destacadas de Autodesk 2016-2017 (HKLM\...\{27C15055-713B-4D0E-881F-19598A2DFD59}) (Version: 2.2.0 - Autodesk)
aTuner (remove only) (HKLM\...\aTuner) (Version: aTuner 1.9.85 - )
AutoCAD 2017 - Español (Spanish) (HKLM\...\{28B89EEF-0001-040A-2002-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017  Language Pack - Español (Spanish) (HKLM\...\{28B89EEF-0001-040A-1002-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 (HKLM\...\{28B89EEF-0001-0000-0002-CF3F3A09B77D}) (Version: 21.0.104.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2017 (HKLM\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk App Manager 2016-2017 (HKLM\...\{C0954809-F5DC-426C-847E-8409DE14E4C0}) (Version: 2.2.0 - Autodesk)
Autodesk AutoCAD 2017 - Español (Spanish) (HKLM\...\AutoCAD 2017 - Español (Spanish)) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD 2017 SP 1 (HKLM\...\AutoCAD 2017 SP1) (Version: 21.0.104.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM\...\{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}) (Version: 1.2.5.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 32 bit (HKLM\...\{A65662B5-45CC-41D3-AEDC-1448577664EE}) (Version: 4.37.6853 - Autodesk)
Autodesk Material Library 2017 (HKLM\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
Desinstalar impresora EPSON L380 Series (HKLM\...\EPSON L380 Series) (Version:  - Seiko Epson Corporation)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.83.0000 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM\...\{922E2D91-9314-45AA-9AEF-E585F93B59A9}) (Version: 2.6.1.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM\...\{006C8256-3855-43BF-8BA5-4B4C40F41F71}) (Version: 3.10.0065 - Seiko Epson Corporation)
Epson Scan 2 (HKLM\...\Epson Scan 2) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM\...\{6DBD132B-7F42-4594-BBE7-0BB677EB2926}) (Version: 4.4.2 - SEIKO EPSON CORPORATION)
ESET Security (HKLM\...\{0BA8BBB6-4354-40BD-AA15-D4FF2E551998}) (Version: 12.1.34.0 - ESET, spol. s r.o.)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Glary Utilities 5.117 (HKLM\...\Glary Utilities 5) (Version: 5.117.0.142 - Glarysoft Ltd)
Google Chrome (HKLM\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Importación de SketchUp 2016-2017 (HKLM\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Manual Epson L380 (HKLM\...\UsersGuideManual Epson L380_is1) (Version: 1.0 - Epson America, Inc.)
MEGAsync (HKLM\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Mozilla Firefox 66.0.3 (x86 es-AR) (HKLM\...\Mozilla Firefox 66.0.3 (x86 es-AR)) (Version: 66.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.3.7038 - Mozilla)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Skype versión 8.42 (HKLM\...\Skype_is1) (Version: 8.42 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1166572213-2147164125-1135358989-1000_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1166572213-2147164125-1135358989-1000_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1166572213-2147164125-1135358989-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\es-ES\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-06] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2016-02-06] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2019-03-10] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2019-03-10] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2019-03-10] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============


==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:04 - 2019-04-22 02:03 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MARCELO\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: ekrn => 2
MSCONFIG\Services: EpsonCustomerResearchParticipation => 2
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: EPSON_PM_RPCV4_06 => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: WsAppService => 2
MSCONFIG\startupfolder: C:^Users^MARCELO^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupreg: Autodesk Desktop App => "C:\Program Files\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: EEventManager => "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files\Microsoft\Skype for Desktop\Skype.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

17-04-2019 17:55:22 Punto de control programado
22-04-2019 02:02:51 Restore Point Created by FRST

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/23/2019 12:11:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mb-support.exe, versión: 1.3.2.588, marca de tiempo: 0x5c703caa
Nombre del módulo con errores: KERNELBASE.dll, versión: 6.1.7601.17932, marca de tiempo: 0x503275ba
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x0000d3cf
Id. del proceso con errores: 0x790
Hora de inicio de la aplicación con errores: 0x01d4f98211bb5f40
Ruta de acceso de la aplicación con errores: C:\Users\MARCELO\AppData\Local\Temp\mwb4A2B.tmp\mb-support.exe
Ruta de acceso del módulo con errores: C:\Windows\system32\KERNELBASE.dll
Id. del informe: 7a857380-6575-11e9-bcc2-00e04d7348e8

Error: (04/23/2019 12:11:14 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: mb-support.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
Stack:
   at mbsupport.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
   at System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
   at System.Windows.Application.<_ctor>b__0(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run(System.Windows.Window)
   at mbsupport.App.Main()

Error: (04/22/2019 10:35:33 PM) (Source: MBAMIService) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/22/2019 02:02:51 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {de012646-7ab2-4b01-9a09-c2e31d45abcd}

Error: (04/22/2019 01:37:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/21/2019 08:54:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/21/2019 08:47:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/21/2019 03:26:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.


System errors:
=============
Error: (04/23/2019 01:02:20 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (04/22/2019 02:03:18 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: El Administrador de control de servicios intentó realizar una acción correctora (Reiniciar el servicio) después de la terminación inesperada del servicio Windows Search, pero ocurrió el siguiente error: 
Ya se está ejecutando una instancia de este servicio.

Error: (04/22/2019 02:02:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Search terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (04/22/2019 02:02:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (04/22/2019 02:02:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Acrobat Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/22/2019 02:02:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Autodesk Desktop App Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/22/2019 01:35:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Luminati Net Updater no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (04/21/2019 08:52:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Luminati Net Updater no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.


==================== Memory info =========================== 

BIOS: Phoenix Technologies, LTD 6.00 PG 12/05/2007
Motherboard: BIOSTAR Group N61PA-M2S
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4800+
Percentage of memory in use: 72%
Total physical RAM: 2942.55 MB
Available physical RAM: 807.88 MB
Total Virtual: 5883.39 MB
Available Virtual: 3819.13 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:124.66 GB) (Free:85.51 GB) NTFS
Drive d: () (Fixed) (Total:806.75 GB) (Free:787.18 GB) NTFS

\\?\Volume{980f26a4-fe62-11e8-8ff8-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=124.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=806.8 GB) - (Type=05)

==================== End of Addition.txt ============================

No se pq cuernos vuelve a correr dede el D, es el mismo que usé antes desde el escritorio en la carpeta Marcelo

encontré esta reporte del mbam clean

2019-04-23 01:02:10.832   mb-clean:3.1.0.1035  @ Malwarebytes. All rights reserved.
2019-04-23 01:02:11.300   Find Malwarebytes 3 installation location from C:\Program Files\Malwarebytes\Anti-Malware\.
2019-04-23 01:02:11.737   Malwarebytes self-protection module is not installed.
2019-04-23 01:02:11.737   Launching process:C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /log="C:\Users\MARCELO\AppData\Local\Temp\Mbam3x.log"
2019-04-23 01:02:11.737   Failed to launch C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /log="C:\Users\MARCELO\AppData\Local\Temp\Mbam3x.log", reason:((error=2))
2019-04-23 01:02:11.753   >>>>>> Starting 2nd phase cleanup for Malwarebytes version 3.x.x.xxxx <<<<<<
2019-04-23 01:02:11.753   HKLM\SYSTEM\CurrentControlSet\Services\ESProtectionDriver does not exist.
2019-04-23 01:02:11.753   HKLM\SYSTEM\CurrentControlSet\Services\MBAMChameleon does not exist.
2019-04-23 01:02:11.753   HKLM\SYSTEM\CurrentControlSet\Services\MBAMFarflt does not exist.
2019-04-23 01:02:11.768   HKLM\SYSTEM\CurrentControlSet\Services\MBAMProtection does not exist.
2019-04-23 01:02:11.768   HKLM\SYSTEM\CurrentControlSet\Services\MBAMService does not exist.
2019-04-23 01:02:11.768   HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy does not exist.
2019-04-23 01:02:11.768   HKLM\SYSTEM\CurrentControlSet\Services\MBAMWebProtection does not exist.
2019-04-23 01:02:12.673   Trying to delete path C:\ProgramData\Malwarebytes\
2019-04-23 01:02:12.673   Cannot delete path C:\ProgramData\Malwarebytes\, reason:((error=3))
2019-04-23 01:02:12.673   Trying to delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\
2019-04-23 01:02:12.673   Cannot delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\, reason:((error=3))
2019-04-23 01:02:12.673   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\
2019-04-23 01:02:12.673   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\iconengines\
2019-04-23 01:02:12.673   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
2019-04-23 01:02:12.673   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\iconengines\
2019-04-23 01:02:12.689   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\imageformats\
2019-04-23 01:02:12.689   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-23 01:02:12.689   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-04-23 01:02:12.689   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\
2019-04-23 01:02:12.689   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
2019-04-23 01:02:12.689   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
2019-04-23 01:02:12.704   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\platforms\
2019-04-23 01:02:12.704   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-04-23 01:02:12.704   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\platforms\
2019-04-23 01:02:12.704   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\Qt\
2019-04-23 01:02:12.704   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\
2019-04-23 01:02:12.704   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\
2019-04-23 01:02:12.720   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\qmlfolderlistmodelplugin.dll
2019-04-23 01:02:12.720   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\
2019-04-23 01:02:12.720   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\
2019-04-23 01:02:12.720   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\qmlsettingsplugin.dll
2019-04-23 01:02:12.720   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\
2019-04-23 01:02:12.720   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\
2019-04-23 01:02:12.720   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\
2019-04-23 01:02:12.720   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-04-23 01:02:12.720   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-04-23 01:02:12.736   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-04-23 01:02:12.736   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-04-23 01:02:12.736   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-04-23 01:02:12.736   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-04-23 01:02:12.736   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-04-23 01:02:12.736   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-04-23 01:02:12.736   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQml\
2019-04-23 01:02:12.751   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\
2019-04-23 01:02:12.751   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-23 01:02:12.751   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\
2019-04-23 01:02:12.751   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQml\
2019-04-23 01:02:12.751   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\
2019-04-23 01:02:12.751   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\
2019-04-23 01:02:12.751   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-23 01:02:12.751   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\
2019-04-23 01:02:12.767   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\
2019-04-23 01:02:12.767   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-23 01:02:12.767   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\
2019-04-23 01:02:12.767   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\dialogsprivateplugin.dll
2019-04-23 01:02:12.767   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\
2019-04-23 01:02:12.767   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\
2019-04-23 01:02:12.767   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\
2019-04-23 01:02:12.767   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-23 01:02:12.767   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\
2019-04-23 01:02:12.767   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\
2019-04-23 01:02:12.782   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-04-23 01:02:12.782   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\
2019-04-23 01:02:12.782   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\
2019-04-23 01:02:12.782   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-23 01:02:12.782   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\
2019-04-23 01:02:12.782   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\
2019-04-23 01:02:12.782   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\
2019-04-23 01:02:12.782   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-23 01:02:12.782   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\
2019-04-23 01:02:12.782   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\
2019-04-23 01:02:12.798   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\qml_winextras.dll
2019-04-23 01:02:12.798   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\
2019-04-23 01:02:12.798   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\
2019-04-23 01:02:12.798   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\, reason:((error=145))
2019-04-23 01:02:12.798   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\ on reboot
2019-04-23 01:02:12.798   Trying to delete REG key: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService
2019-04-23 01:02:12.798   Trying to delete REG key: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService
2019-04-23 01:02:19.225   --------END OF LOG FILE ----------
2019-04-23 01:03:37.112   >>>>>Starting post reboot phase cleanup for Malwarebytes version 3.x.x.xxxx <<<<<<<<.
2019-04-23 01:03:37.361   Trying to delete REG key: HKCU\SOFTWARE\Malwarebytes
2019-04-23 01:03:37.377   HKLM\SYSTEM\CurrentControlSet\Services\ESProtectionDriver does not exist.
2019-04-23 01:03:37.377   HKLM\SYSTEM\CurrentControlSet\Services\MBAMChameleon does not exist.
2019-04-23 01:03:37.392   HKLM\SYSTEM\CurrentControlSet\Services\MBAMFarflt does not exist.
2019-04-23 01:03:37.424   HKLM\SYSTEM\CurrentControlSet\Services\MBAMProtection does not exist.
2019-04-23 01:03:37.424   HKLM\SYSTEM\CurrentControlSet\Services\MBAMService does not exist.
2019-04-23 01:03:37.439   HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy does not exist.
2019-04-23 01:03:37.439   HKLM\SYSTEM\CurrentControlSet\Services\MBAMWebProtection does not exist.
2019-04-23 01:03:41.980   Trying to delete path C:\ProgramData\Malwarebytes\
2019-04-23 01:03:41.980   Trying to delete path C:\ProgramData\Malwarebytes\MBAMService\
2019-04-23 01:03:41.980   Trying to delete path C:\ProgramData\Malwarebytes\MBAMService\config\
2019-04-23 01:03:41.980   Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\config\
2019-04-23 01:03:41.995   Trying to delete path C:\ProgramData\Malwarebytes\MBAMService\logs\
2019-04-23 01:03:41.995   Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\logs\
2019-04-23 01:03:41.995   Trying to delete path C:\ProgramData\Malwarebytes\MBAMService\tempdb\
2019-04-23 01:03:41.995   Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\tempdb\
2019-04-23 01:03:42.011   Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\
2019-04-23 01:03:42.011   Trying to delete file or folder: C:\ProgramData\Malwarebytes\
2019-04-23 01:03:42.011   Trying to delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\
2019-04-23 01:03:42.011   Cannot delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\, reason:((error=3))
2019-04-23 01:03:42.011   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\
2019-04-23 01:03:42.011   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\AEControllerImpl.dll
2019-04-23 01:03:42.027   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\ArwControllerImpl.dll
2019-04-23 01:03:42.027   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\assistant.exe
2019-04-23 01:03:42.027   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\changes.txt
2019-04-23 01:03:42.042   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\CleanControllerImpl.dll
2019-04-23 01:03:42.042   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\CloudControllerImpl.dll
2019-04-23 01:03:42.042   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\iconengines\
2019-04-23 01:03:42.042   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
2019-04-23 01:03:42.042   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\iconengines\
2019-04-23 01:03:42.058   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\imageformats\
2019-04-23 01:03:42.058   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-23 01:03:42.058   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-04-23 01:03:42.058   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\
2019-04-23 01:03:42.058   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\Languages\
2019-04-23 01:03:42.058   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_bg.qm
2019-04-23 01:03:42.073   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_cs.qm
2019-04-23 01:03:42.073   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_da.qm
2019-04-23 01:03:42.073   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_de.qm
2019-04-23 01:03:42.073   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_en_GB.qm
2019-04-23 01:03:42.089   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_en_US.qm
2019-04-23 01:03:42.089   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_es.qm
2019-04-23 01:03:42.089   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_fi.qm
2019-04-23 01:03:42.089   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_fr.qm
2019-04-23 01:03:42.089   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_hr.qm
2019-04-23 01:03:42.089   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_hu.qm
2019-04-23 01:03:42.105   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_it.qm
2019-04-23 01:03:42.105   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_ja.qm
2019-04-23 01:03:42.105   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_ko.qm
2019-04-23 01:03:42.105   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_nl.qm
2019-04-23 01:03:42.105   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_no.qm
2019-04-23 01:03:42.120   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_pl.qm
2019-04-23 01:03:42.120   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_pt_BR.qm
2019-04-23 01:03:42.120   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_pt_PT.qm
2019-04-23 01:03:42.120   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_ro.qm
2019-04-23 01:03:42.120   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_ru.qm
2019-04-23 01:03:42.120   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_sk.qm
2019-04-23 01:03:42.136   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_sl.qm
2019-04-23 01:03:42.136   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_sv.qm
2019-04-23 01:03:42.136   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_zh_TW.qm
2019-04-23 01:03:42.136   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\
2019-04-23 01:03:42.729   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\LicenseControllerImpl.dll
2019-04-23 01:03:42.853   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe
2019-04-23 01:03:43.025   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
2019-04-23 01:03:43.103   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
2019-04-23 01:03:43.134   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
2019-04-23 01:03:43.259   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
2019-04-23 01:03:43.556   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\MWACControllerImpl.dll
2019-04-23 01:03:43.634   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\platforms\
2019-04-23 01:03:43.666   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-04-23 01:03:43.744   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\platforms\
2019-04-23 01:03:44.009   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\PoliciesControllerImpl.dll
2019-04-23 01:03:44.134   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\Qt\
2019-04-23 01:03:44.149   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\
2019-04-23 01:03:44.149   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\
2019-04-23 01:03:44.149   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\plugins.qmltypes
2019-04-23 01:03:44.321   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\qmldir
2019-04-23 01:03:44.524   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\qmlfolderlistmodelplugin.dll
2019-04-23 01:03:45.304   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\
2019-04-23 01:03:46.724   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\
2019-04-23 01:03:46.740   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\plugins.qmltypes
2019-04-23 01:03:46.755   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\qmldir
2019-04-23 01:03:46.755   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\qmlsettingsplugin.dll
2019-04-23 01:03:47.879   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\
2019-04-23 01:03:48.128   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\
2019-04-23 01:03:48.128   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\
2019-04-23 01:03:48.159   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-04-23 01:03:48.237   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-04-23 01:03:48.347   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-04-23 01:03:48.705   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-04-23 01:03:48.815   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-04-23 01:03:48.815   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-04-23 01:03:50.780   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-04-23 01:03:51.108   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-04-23 01:03:51.123   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQml\
2019-04-23 01:03:51.123   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\
2019-04-23 01:03:51.279   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-23 01:03:51.654   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\plugins.qmltypes
2019-04-23 01:03:51.701   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\qmldir
2019-04-23 01:03:51.981   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\
2019-04-23 01:03:51.981   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQml\
2019-04-23 01:03:51.997   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\
2019-04-23 01:03:53.011   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\
2019-04-23 01:03:53.011   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\plugins.qmltypes
2019-04-23 01:03:53.027   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qmldir
2019-04-23 01:03:53.027   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-23 01:03:53.042   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\
2019-04-23 01:03:53.042   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Flat\
2019-04-23 01:03:53.058   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Flat\qmldir
2019-04-23 01:03:53.089   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Flat\qtquickextrasflatplugin.dll
2019-04-23 01:03:53.089   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Flat\
2019-04-23 01:03:53.089   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\
2019-04-23 01:03:53.105   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\
2019-04-23 01:03:53.105   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\
2019-04-23 01:03:53.120   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-23 01:03:53.120   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\images\
2019-04-23 01:03:53.120   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\images\
2019-04-23 01:03:53.120   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\images\, reason:((error=145))
2019-04-23 01:03:53.120   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\images\ on reboot
2019-04-23 01:03:54.134   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\plugins.qmltypes
2019-04-23 01:03:54.150   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\
2019-04-23 01:03:54.197   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\dialogsprivateplugin.dll
2019-04-23 01:03:54.197   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\plugins.qmltypes
2019-04-23 01:03:54.229   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\qmldir
2019-04-23 01:03:54.447   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\
2019-04-23 01:03:54.447   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\qml\
2019-04-23 01:03:54.447   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\qml\qmldir
2019-04-23 01:03:54.463   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\qml\
2019-04-23 01:03:54.463   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\qml\, reason:((error=145))
2019-04-23 01:03:54.463   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\qml\ on reboot
2019-04-23 01:03:54.463   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\qmldir
2019-04-23 01:03:54.494   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\
2019-04-23 01:03:54.494   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\, reason:((error=145))
2019-04-23 01:03:54.494   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\ on reboot
2019-04-23 01:03:54.494   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\
2019-04-23 01:03:54.525   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\plugins.qmltypes
2019-04-23 01:03:54.541   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qmldir
2019-04-23 01:03:54.541   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-23 01:03:54.572   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\
2019-04-23 01:03:54.572   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\
2019-04-23 01:03:54.572   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\plugins.qmltypes
2019-04-23 01:03:54.572   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\qmldir
2019-04-23 01:03:54.588   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-04-23 01:03:54.588   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\
2019-04-23 01:03:54.775   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\
2019-04-23 01:03:54.775   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\plugins.qmltypes
2019-04-23 01:03:54.775   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\qmldir
2019-04-23 01:03:54.806   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-23 01:03:54.868   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\
2019-04-23 01:03:54.884   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\
2019-04-23 01:03:54.900   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\, reason:((error=145))
2019-04-23 01:03:54.900   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\ on reboot
2019-04-23 01:03:54.900   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\
2019-04-23 01:03:54.900   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\plugins.qmltypes
2019-04-23 01:03:54.900   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qmldir
2019-04-23 01:03:54.900   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-23 01:03:54.915   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\
2019-04-23 01:03:54.915   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\
2019-04-23 01:03:54.931   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\plugins.qmltypes
2019-04-23 01:03:54.931   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\qmldir
2019-04-23 01:03:54.931   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\qml_winextras.dll
2019-04-23 01:03:54.946   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\
2019-04-23 01:03:54.946   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\RTPControllerImpl.dll
2019-04-23 01:03:54.962   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\ScanControllerImpl.dll
2019-04-23 01:03:54.962   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\scenegraph\
2019-04-23 01:03:54.962   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\scenegraph\
2019-04-23 01:03:54.962   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\scenegraph\, reason:((error=145))
2019-04-23 01:03:54.962   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\scenegraph\ on reboot
2019-04-23 01:03:54.962   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\SPControllerImpl.dll
2019-04-23 01:03:54.978   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\suhlpr.dll
2019-04-23 01:03:54.978   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\TelemetryControllerImpl.dll
2019-04-23 01:03:54.993   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\unins000.dat
2019-04-23 01:03:55.009   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe
2019-04-23 01:03:55.009   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\unins000.msg
2019-04-23 01:03:55.071   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\UpdateControllerImpl.dll
2019-04-23 01:03:55.071   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\zlib.dll
2019-04-23 01:03:55.071   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\
2019-04-23 01:03:55.087   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\, reason:((error=145))
2019-04-23 01:03:55.102   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\ on reboot
2019-04-23 01:03:55.102   Trying to delete REG key: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService
2019-04-23 01:03:55.118   Trying to delete REG key: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService
2019-04-23 01:04:50.950   --------END OF LOG FILE ----------

Hola @Marcelo_Bianchi

Ahora realiza lo siguiente:

Abre un nuevo archivo Notepad y copia y pega este contenido:

Start
CloseProcesses:
CreateRestorePoint:
2019-04-23 01:03 - 2019-04-23 01:03 - 000001726 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-23 01:03 - 2019-04-23 01:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-23 01:03 - 2019-04-23 01:03 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-23 01:03 - 2019-04-23 01:03 - 000000000 ____D C:\Program Files\Malwarebytes
2019-04-23 01:03 - 2019-01-08 15:32 - 000128552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2019-04-23 01:01 - 2019-04-23 01:01 - 000858912 _____ (Malwarebytes) C:\Users\MARCELO\Desktop\mb-clean-3.1.0.1035.exe
2019-04-23 00:18 - 2019-04-23 00:18 - 000000000 ____D C:\Users\MARCELO\AppData\Local\mbamtray
2019-04-23 00:18 - 2019-04-23 00:18 - 000000000 ____D C:\Users\MARCELO\AppData\Local\mbam
2019-04-23 00:15 - 2019-04-23 00:16 - 062824224 _____ (Malwarebytes ) C:\Windows\system32\mb-setup.exe
2019-04-23 00:07 - 2019-04-23 00:08 - 008043416 _____ C:\Users\MARCELO\Desktop\mb-support-1.3.2.588.exe
2019-04-22 22:26 - 2019-04-22 22:27 - 064309056 _____ (Malwarebytes ) C:\Users\MARCELO\Desktop\mb3-setup-009996.009996-3.7.1.2839-1.0.538-1.0.9074.exe
2019-04-22 22:35 - 2019-04-22 22:27 - 064309056 _____ (Malwarebytes ) C:\Users\MARCELO\AppData\Local\Temp\mb3-setup-009996.009996-3.7.1.2839-1.0.538-1.0.9074.exe
C:\Users\MARCELO\AppData\Local\Temp\mwb4A2B.tmp\mb-support.exe

EmptyTemp:
Hosts:
END

• Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

• Ejecutas Frst.exe.
• Presionas el botón Fix y aguardas a que termine.
• La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
• Lo pegas en tu próxima respuesta.

Nos intentes aun instalarlo.

Salu2.

Hola, aqui va el fixlog:

Fix result of Farbar Recovery Scan Tool (x86) Version: 23-04-2019
Ran by MARCELO (23-04-2019 15:44:18) Run:2
Running from C:\Users\MARCELO\!!NO BORRAR\Desktop
Loaded Profiles: MARCELO (Available Profiles: MARCELO)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
2019-04-23 01:03 - 2019-04-23 01:03 - 000001726 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-23 01:03 - 2019-04-23 01:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-23 01:03 - 2019-04-23 01:03 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-23 01:03 - 2019-04-23 01:03 - 000000000 ____D C:\Program Files\Malwarebytes
2019-04-23 01:03 - 2019-01-08 15:32 - 000128552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2019-04-23 01:01 - 2019-04-23 01:01 - 000858912 _____ (Malwarebytes) C:\Users\MARCELO\Desktop\mb-clean-3.1.0.1035.exe
2019-04-23 00:18 - 2019-04-23 00:18 - 000000000 ____D C:\Users\MARCELO\AppData\Local\mbamtray
2019-04-23 00:18 - 2019-04-23 00:18 - 000000000 ____D C:\Users\MARCELO\AppData\Local\mbam
2019-04-23 00:15 - 2019-04-23 00:16 - 062824224 _____ (Malwarebytes ) C:\Windows\system32\mb-setup.exe
2019-04-23 00:07 - 2019-04-23 00:08 - 008043416 _____ C:\Users\MARCELO\Desktop\mb-support-1.3.2.588.exe
2019-04-22 22:26 - 2019-04-22 22:27 - 064309056 _____ (Malwarebytes ) C:\Users\MARCELO\Desktop\mb3-setup-009996.009996-3.7.1.2839-1.0.538-1.0.9074.exe
2019-04-22 22:35 - 2019-04-22 22:27 - 064309056 _____ (Malwarebytes ) C:\Users\MARCELO\AppData\Local\Temp\mb3-setup-009996.009996-3.7.1.2839-1.0.538-1.0.9074.exe
C:\Users\MARCELO\AppData\Local\Temp\mwb4A2B.tmp\mb-support.exe

EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
Restore point was successfully created.
C:\Users\Public\Desktop\Malwarebytes.lnk => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes => moved successfully
C:\ProgramData\Malwarebytes => moved successfully
C:\Program Files\Malwarebytes => moved successfully
C:\Windows\system32\Drivers\mbae.sys => moved successfully
C:\Users\MARCELO\Desktop\mb-clean-3.1.0.1035.exe => moved successfully
C:\Users\MARCELO\AppData\Local\mbamtray => moved successfully
C:\Users\MARCELO\AppData\Local\mbam => moved successfully
C:\Windows\system32\mb-setup.exe => moved successfully
C:\Users\MARCELO\Desktop\mb-support-1.3.2.588.exe => moved successfully
C:\Users\MARCELO\Desktop\mb3-setup-009996.009996-3.7.1.2839-1.0.538-1.0.9074.exe => moved successfully
C:\Users\MARCELO\AppData\Local\Temp\mb3-setup-009996.009996-3.7.1.2839-1.0.538-1.0.9074.exe => moved successfully
C:\Users\MARCELO\AppData\Local\Temp\mwb4A2B.tmp\mb-support.exe => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15204024 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 188890599 B
Edge => 0 B
Chrome => 0 B
Firefox => 1092288090 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66228 B
LocalService => 66228 B
NetworkService => 692 B
MARCELO => 107057309 B

RecycleBin => 5453061 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:45:01 ====

Hola @Marcelo_Bianchi

Prueba lo siguiente:

Descarga SystemLook en tu escritorio desde uno de los siguientes enlaces, según la arquitectura de tu Sistema Operativo.

Como saber si Mi Windows es de 32 o de 64 Bits ?

• SystemLook >>> Para sistemas de 32 Bits.
• SystemLook_x64 >>> Para sistemas de 64 Bits.

Una vez descargado realiza lo siguiente:

• Doble clic al archivo SystemLook para ejecutarlo.(Si usas Windows Vista, 7/8/10 presiona clic derecho y selecciona “Ejecutar como Administrador.”)

• Copia y pegua el texto del recuadro de aquí abajo en la ventana del programa y pulsa en Look.

:filefind  
*Malwarebytes*
            
:regfind  
Malwarebytes
 
:folderfind
Malwarebytes

• Espera unos segundos hasta que finalice la búsqueda.
• Al terminar se abrirá el Bloc de Notas con un reporte que debes copiar y pegar en tu próxima respuesta…

Nota: Ese reporte también quedará en el archivo SystemLook.txt del escritorio.

Salu2.

segundos? hace 10 min que esta escaneando

Hola:

Espera que se puede tardar

Si en no mas de media hora ves que se colgó lo cierras y vuelves a ejecutarlo.

Salu2

ok, gracias,esperare un poco mas, saludos

Hola:

Ten en cuenta que cuando se active nuevamente la casilla Look te abrá dejado el reporte en el escritorio bajo el nombre SystemLook.txt, no lo veras en la ventana del programa,

Salu2

fuera de tema, se truena todo en Cordoba

Hola @Marcelo_Bianchi

Aquí en nuestra Patagonia, hace mucho Frío!!!

Esperamos ese reporte para ver si por fin pudimos eliminar el programa o aun quedan restos.

Salu2.

sigue scanning…lo corto y arranco de nuevo?