~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Home x64 
Ran by fernand (Administrator) on 27/12/2016 at 15:26:37,20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 14 

Failed to delete: C:\Users\fernand\AppData\Local\A776EEAB-1482852158-96F7-1A43-74D02B99725F (Folder)
Successfully deleted: C:\ProgramData\searchmodule (Folder) 
Successfully deleted: C:\Users\fernand\AppData\Local\browserair (Folder) 
Successfully deleted: C:\Users\fernand\Appdata\LocalLow\company (Folder) 
Successfully deleted: C:\Users\fernand\AppData\Roaming\browsers (Folder) 
Successfully deleted: C:\Users\fernand\AppData\Roaming\Mozilla\Firefox\Profiles\04iduxuy.default-1481252859664\Invalidprefs.js (File) 
Successfully deleted: C:\Users\fernand\AppData\Roaming\Mozilla\Firefox\Profiles\04iduxuy.default-1481252859664\searchplugins\smod.xml (File) 
Successfully deleted: C:\Users\fernand\AppData\Roaming\Mozilla\Firefox\Profiles\04iduxuy.default-1481252859664\searchplugins\trovi.xml (File) 
Successfully deleted: C:\Users\fernand\AppData\Roaming\Mozilla\Firefox\Profiles\04iduxuy.default-1481252859664\user.js (File) 
Successfully deleted: C:\Users\fernand\AppData\Roaming\spi (Folder) 
Successfully deleted: C:\WINDOWS\system32\drivers\cherimoya.sys (File) 
Successfully deleted: C:\WINDOWS\system32\Tasks\SMW_UpdateTask_Time_3438303737353231382d3755556c415a505757414a34 (Task)
Successfully deleted: C:\WINDOWS\SysWOW64\findit.xml (File) 
Successfully deleted: C:\Program Files (x86)\hdwallpaper (Folder) 

Deleted the following from C:\Users\fernand\AppData\Roaming\Mozilla\Firefox\Profiles\04iduxuy.default-1481252859664\prefs.js
user_pref(browser.search.searchengine.hp, hxxp://www.trotux.com/?z=d3d12680e93a75cf67c3846gazab6o3m2wcc7w9c5c&from=clc&uid=SanDiskXSSDXU100X256GB_130554400800&type=hp);
user_pref(browser.search.searchengine.sp, hxxp://www.trotux.com/search/?from=clc&q={searchTerms}&type=sp&uid=SanDiskXSSDXU100X256GB_130554400800&z=d3d12680e93a75cf67c3846ga
user_pref(browser.search.searchengine.uid, SanDiskXSSDXU100X256GB_130554400800);
user_pref(browser.search.searchengine.url, hxxp://www.trotux.com/search/?from=clc&q={searchTerms}&type=sp&uid=SanDiskXSSDXU100X256GB_130554400800&z=d3d12680e93a75cf67c3846g
user_pref(browser.urlbar.suggest.searches, true);



Registry: 19 

Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\39785243-D64E-4E6A-8D47-8AE3346905B2 (Registry Key) 
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\cherimoya (Registry Key) 
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\GoogleChromeUpService (Registry Key) 
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\ProntSpooler (Registry Key) 
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\SMUpd (Registry Key) 
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\SMUpdd (Registry Key) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\SearchAssistant (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchUrl\\Default (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6E290A5C-BCC6-4973-8D0F-800B3733CFD5} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9211B66D-AA1B-4BD0-bF35-65E6C6E5F23F} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9211B66D-AA1B-4BD0-bF35-65E6C6E5F23F} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page (Registry Value) 
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page (Registry Value) 
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl\\Default (Registry Value) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27/12/2016 at 15:40:58,96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~