# AdwCleaner 7.0.3.1 - Logfile created on Fri Oct 06 09:43:33 2017
# Updated on 2017/29/09 by Malwarebytes 
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

Deleted: WinRST
Deleted: Update service
Deleted: PirritDesktop


***** [ Folders ] *****

Deleted: C:\Program Files (x86)\SearchProtect
Deleted: C:\Users\Eigenaar\AppData\Local\SearchProtect
Deleted: C:\Users\Eigenaar\AppData\Local\CheckCode
Deleted: C:\Program Files (x86)\LPT
Deleted: C:\Users\Eigenaar\AppData\Local\LPT
Deleted: C:\Program Files (x86)\WinRST
Deleted: C:\Users\Eigenaar\AppData\Local\HelperApp
Deleted: C:\Program Files (x86)\WebCake
Deleted: C:\Users\Eigenaar\AppData\Roaming\WebCake
Deleted: C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Deleted: C:\Users\Eigenaar\AppData\Roaming\Movdap
Deleted: C:\ProgramData\Tarma Installer
Deleted: C:\ProgramData\Application Data\Tarma Installer
Deleted: C:\Users\All Users\Tarma Installer
Deleted: C:\Users\Eigenaar\AppData\Roaming\Web Cake
Deleted: C:\Users\Eigenaar\AppData\Roaming\DRPSu
Deleted: C:\Users\Eigenaar\AppData\Roaming\Systweak
Deleted: C:\Users\Eigenaar\AppData\Local\Smartbar
Deleted: C:\Users\Eigenaar\AppData\LocalLow\Smartbar
Deleted: C:\Users\Eigenaar\AppData\Local\PirritSuggestor
Deleted: C:\Program Files (x86)\mixidj
Deleted: C:\Users\Eigenaar\AppData\LocalLow\mixidj
Deleted: C:\Users\Eigenaar\AppData\Roaming\mixidj


***** [ Files ] *****

Deleted: C:\END
Deleted: C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb
Deleted: C:\Windows\SysNative\roboot64.exe
Deleted: C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\SearchProtect
Deleted: [Key] - HKLM\SOFTWARE\RST
Deleted: [Key] - HKLM\SOFTWARE\WinUpd
Deleted: [Key] - HKLM\SOFTWARE\SI-App
Deleted: [Key] - HKLM\SOFTWARE\Pirrit
Deleted: [Key] - HKU\S-1-5-21-232980774-1606696947-1911411212-1001\Software\smartbarbackup
Deleted: [Key] - HKCU\Software\smartbarbackup
Deleted: [Key] - HKU\S-1-5-21-232980774-1606696947-1911411212-1001\Software\smartbarlog
Deleted: [Key] - HKCU\Software\smartbarlog
Deleted: [Key] - HKLM\SOFTWARE\Tarma Installer
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Deleted: [Key] - HKCU\Software\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\escort.DLL
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted: [Key] - HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\SPVC32LDR
Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\SPVC32Ldr|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\explorer.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\Layers\SPVC32LDR
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}
Deleted: [Key] - HKU\S-1-5-21-232980774-1606696947-1911411212-1001\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Deleted: [Key] - HKLM\SOFTWARE\Upt
Deleted: [Key] - HKLM\SOFTWARE\drpsu
Deleted: [Key] - HKU\S-1-5-21-232980774-1606696947-1911411212-1000\Software\drpsu
Deleted: [Key] - HKU\S-1-5-21-232980774-1606696947-1911411212-1001\Software\drpsu
Deleted: [Key] - HKCU\Software\drpsu
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\InstalledsDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\InstalledsDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}
Deleted: [Key] - HKLM\SOFTWARE\systweak
Deleted: [Key] - HKU\S-1-5-21-232980774-1606696947-1911411212-1001\Software\systweak
Deleted: [Key] - HKCU\Software\systweak
Deleted: [Key] - HKLM\SOFTWARE\mixidj
Deleted: [Key] - HKU\S-1-5-21-232980774-1606696947-1911411212-1001\Software\mixidj
Deleted: [Key] - HKCU\Software\mixidj


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

SearchProvider deleted: Trovi search - trovi.search


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [9447 B] - [2017/10/6 9:42:10]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########