Rauven

Everything cleaned up and running great. One more time thank You for fast and proffesional help

Eset found a threat. C:\Users\Jeanett\Downloads\750dfaac915b992401fd117e12748aa7dec2891a.exe Win32/Adware.1ClickDownload.J application

Back from work Logs: Malwarebytes Anti-Malware (Trial) 1.70.0.1100 www.malwarebytes.org Database version: v2013.01.11.11 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Jeanett :: JEANETT-PC [administrator] Protection: Enabled 11.01.2013 19:54:05 mbam-log-2013-01-11 (19-54-05).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 231275 Time elapsed: 34 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) hijackthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:57:37, on 11.01.2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe C:\Program Files (x86)\USB Camera\VM331_STI.EXE C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe D:\Origin\Origin.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe C:\Users\Jeanett\Downloads\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-21-60387042-4199421674-78443358-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-60387042-4199421674-78443358-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd til OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Koblede OneNote-notater - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Koblede OneNote-notater - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- End of file - 10926 bytes I had no problem running any of the steps

Currently I'm at work so I'll run the steps and post and update with logs in around 9 hours

Combofix log after running the script: ComboFix 13-01-11.01 - Jeanett 11.01.2013 7:03.2.8 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.47.1033.18.16283.13988 [GMT 1:00] Kjører fra: c:\users\Jeanett\Desktop\ComboFix.exe Command switches brukt :: c:\users\Jeanett\Desktop\CFScript.txt AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((( Filer Opprettet Fra 2012-12-11 til 2013-01-11 ))))))))))))))))))))))))))))))))) . . 2013-01-11 06:05 . 2013-01-11 06:05 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2013-01-11 06:05 . 2013-01-11 06:05 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-01-10 20:46 . 2013-01-10 20:46 -------- d-----w- c:\users\Jeanett\AppData\Roaming\Malwarebytes 2013-01-10 20:46 . 2013-01-10 20:46 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-01-10 20:46 . 2013-01-10 20:46 -------- d-----w- c:\programdata\Malwarebytes 2013-01-10 20:46 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-01-10 20:46 . 2013-01-10 20:46 -------- d-----w- c:\users\Jeanett\AppData\Local\Programs 2013-01-10 10:20 . 2013-01-10 10:20 -------- d--h--r- c:\users\Jeanett\AppData\Roaming\SecuROM 2013-01-10 10:05 . 2013-01-10 10:05 -------- d-----w- c:\programdata\EA Core 2013-01-10 10:03 . 2013-01-10 10:03 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll 2013-01-10 10:03 . 2006-09-28 15:05 3977496 ----a-w- c:\windows\system32\d3dx9_31.dll 2013-01-10 10:03 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll 2013-01-10 00:00 . 2013-01-10 09:09 -------- d-----w- c:\users\Jeanett\AppData\Roaming\Origin 2013-01-10 00:00 . 2013-01-10 00:04 -------- d-----w- c:\program files (x86)\Origin Games 2013-01-10 00:00 . 2013-01-10 00:00 -------- d-----w- c:\users\Jeanett\AppData\Local\Origin 2013-01-09 23:57 . 2013-01-10 09:09 -------- d-----w- c:\programdata\Origin 2013-01-09 23:57 . 2013-01-09 23:57 -------- d-----w- c:\programdata\Electronic Arts 2013-01-09 10:04 . 2012-11-30 05:38 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2013-01-08 09:25 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F9151343-CBC5-4B05-A692-C55225D06979}\mpengine.dll 2012-12-21 19:41 . 2012-12-21 19:41 -------- d-----w- c:\program files\Microsoft Silverlight 2012-12-21 19:41 . 2012-12-21 19:41 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2012-12-21 19:41 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-21 19:41 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-21 19:41 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-21 19:41 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-14 22:17 . 2012-12-21 16:48 -------- d-----w- c:\users\Jeanett\AppData\Local\ElevatedDiagnostics 2012-12-12 09:50 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll 2012-12-12 09:50 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-12-12 09:49 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll 2012-12-12 09:49 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-01-10 02:00 . 2012-10-19 21:22 67599240 ----a-w- c:\windows\system32\MRT.exe 2013-01-09 10:51 . 2012-10-20 07:20 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-01-09 10:51 . 2012-10-20 07:20 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-11-30 04:45 . 2013-01-09 10:05 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-10-30 22:51 . 2012-10-19 22:17 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-10-30 22:51 . 2012-10-19 22:17 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-10-30 22:51 . 2012-10-19 22:17 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-10-30 22:51 . 2012-10-19 22:17 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-10-30 22:51 . 2012-10-19 22:17 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-10-30 22:51 . 2012-10-19 22:17 41224 ----a-w- c:\windows\avastSS.scr 2012-10-30 22:50 . 2012-10-19 22:17 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe 2012-10-30 22:50 . 2012-10-19 22:17 285328 ----a-w- c:\windows\system32\aswBoot.exe 2012-10-23 19:57 . 2012-10-23 19:57 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2012-10-23 19:57 . 2012-10-23 19:57 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-10-23 19:57 . 2012-10-23 19:57 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-10-19 23:10 . 2012-10-19 23:10 279392 ----a-w- c:\windows\system32\LenovoSdk.OKTDLL.dll 2012-10-19 23:06 . 2012-10-19 23:07 19872 ----a-w- c:\windows\system32\LenovoSDKEmSubSystem.dll 2012-10-19 23:06 . 2012-10-19 23:07 39008 ----a-w- c:\windows\system32\drivers\LhdX64.sys 2012-10-19 23:06 . 2011-12-15 12:09 30816 ----a-w- c:\windows\system32\drivers\AcpiVpc.sys 2012-10-19 22:02 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll 2012-10-19 22:02 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll 2012-10-19 21:01 . 2012-10-19 21:01 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-10-19 21:01 . 2012-10-19 21:01 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-10-19 21:01 . 2012-10-19 21:01 89088 ----a-w- c:\windows\system32\ie4uinit.exe 2012-10-19 21:01 . 2012-10-19 21:01 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll 2012-10-19 21:01 . 2012-10-19 21:01 85504 ----a-w- c:\windows\system32\iesetup.dll 2012-10-19 21:01 . 2012-10-19 21:01 82432 ----a-w- c:\windows\system32\icardie.dll 2012-10-19 21:01 . 2012-10-19 21:01 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2012-10-19 21:01 . 2012-10-19 21:01 76800 ----a-w- c:\windows\system32\tdc.ocx 2012-10-19 21:01 . 2012-10-19 21:01 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 2012-10-19 21:01 . 2012-10-19 21:01 74752 ----a-w- c:\windows\SysWow64\iesetup.dll 2012-10-19 21:01 . 2012-10-19 21:01 65024 ----a-w- c:\windows\system32\pngfilt.dll 2012-10-19 21:01 . 2012-10-19 21:01 63488 ----a-w- c:\windows\SysWow64\tdc.ocx 2012-10-19 21:01 . 2012-10-19 21:01 55296 ----a-w- c:\windows\system32\msfeedsbs.dll 2012-10-19 21:01 . 2012-10-19 21:01 534528 ----a-w- c:\windows\system32\ieapfltr.dll 2012-10-19 21:01 . 2012-10-19 21:01 49664 ----a-w- c:\windows\system32\imgutil.dll 2012-10-19 21:01 . 2012-10-19 21:01 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2012-10-19 21:01 . 2012-10-19 21:01 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-10-19 21:01 . 2012-10-19 21:01 452608 ----a-w- c:\windows\system32\dxtmsft.dll 2012-10-19 21:01 . 2012-10-19 21:01 448512 ----a-w- c:\windows\system32\html.iec 2012-10-19 21:01 . 2012-10-19 21:01 403248 ----a-w- c:\windows\system32\iedkcs32.dll 2012-10-19 21:01 . 2012-10-19 21:01 39936 ----a-w- c:\windows\system32\iernonce.dll 2012-10-19 21:01 . 2012-10-19 21:01 3695416 ----a-w- c:\windows\system32\ieapfltr.dat 2012-10-19 21:01 . 2012-10-19 21:01 367104 ----a-w- c:\windows\SysWow64\html.iec 2012-10-19 21:01 . 2012-10-19 21:01 35840 ----a-w- c:\windows\SysWow64\imgutil.dll 2012-10-19 21:01 . 2012-10-19 21:01 30720 ----a-w- c:\windows\system32\licmgr10.dll 2012-10-19 21:01 . 2012-10-19 21:01 282112 ----a-w- c:\windows\system32\dxtrans.dll 2012-10-19 21:01 . 2012-10-19 21:01 267776 ----a-w- c:\windows\system32\ieaksie.dll 2012-10-19 21:01 . 2012-10-19 21:01 249344 ----a-w- c:\windows\system32\webcheck.dll 2012-10-19 21:01 . 2012-10-19 21:01 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll 2012-10-19 21:01 . 2012-10-19 21:01 222208 ----a-w- c:\windows\system32\msls31.dll 2012-10-19 21:01 . 2012-10-19 21:01 197120 ----a-w- c:\windows\system32\msrating.dll 2012-10-19 21:01 . 2012-10-19 21:01 165888 ----a-w- c:\windows\system32\iexpress.exe 2012-10-19 21:01 . 2012-10-19 21:01 163840 ----a-w- c:\windows\system32\ieakui.dll 2012-10-19 21:01 . 2012-10-19 21:01 161792 ----a-w- c:\windows\SysWow64\msls31.dll 2012-10-19 21:01 . 2012-10-19 21:01 160256 ----a-w- c:\windows\system32\wextract.exe 2012-10-19 21:01 . 2012-10-19 21:01 160256 ----a-w- c:\windows\system32\ieakeng.dll 2012-10-19 21:01 . 2012-10-19 21:01 152064 ----a-w- c:\windows\SysWow64\wextract.exe 2012-10-19 21:01 . 2012-10-19 21:01 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2012-10-19 21:01 . 2012-10-19 21:01 149504 ----a-w- c:\windows\system32\occache.dll 2012-10-19 21:01 . 2012-10-19 21:01 145920 ----a-w- c:\windows\system32\iepeers.dll 2012-10-19 21:01 . 2012-10-19 21:01 135168 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-10-19 21:01 . 2012-10-19 21:01 12288 ----a-w- c:\windows\system32\mshta.exe 2012-10-19 21:01 . 2012-10-19 21:01 11776 ----a-w- c:\windows\SysWow64\mshta.exe 2012-10-19 21:01 . 2012-10-19 21:01 114176 ----a-w- c:\windows\system32\admparse.dll 2012-10-19 21:01 . 2012-10-19 21:01 111616 ----a-w- c:\windows\system32\iesysprep.dll 2012-10-19 21:01 . 2012-10-19 21:01 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2012-10-19 21:01 . 2012-10-19 21:01 10752 ----a-w- c:\windows\system32\msfeedssync.exe 2012-10-19 21:01 . 2012-10-19 21:01 103936 ----a-w- c:\windows\system32\inseng.dll 2012-10-19 21:01 . 2012-10-19 21:01 101888 ----a-w- c:\windows\SysWow64\admparse.dll 2012-10-16 08:38 . 2012-12-03 08:53 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 08:38 . 2012-12-03 08:53 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 07:39 . 2012-12-03 08:53 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-15 16:59 . 2012-10-19 22:17 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys . . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-10-19 17884848] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896] "UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504] "331BigDog"="c:\program files (x86)\USB Camera\VM331_STI.EXE" [2011-11-24 548864] "USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-12 291608] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-10-19 160944] R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-12-05 195584] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168] R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-19 1255736] R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088] R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840] S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-12 16152] S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2012-10-19 39008] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-05 659968] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600] S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-05 135952] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592] S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448] S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-02-28 161560] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-02-28 363800] S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-08 594704] S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2012-10-19 30816] S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-12-05 195584] S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2012-02-02 134696] S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-12 356120] S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-12 788760] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2011-08-25 173656] S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-11-15 111216] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176] S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys [2011-12-06 952832] . . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) . 2013-01-11 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-20 10:51] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504] "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU] "SynLenovoGestureMgr"="c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" [bU] "Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-10-19 8079408] "EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-10-19 6200368] "OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-10-19 789856] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-27 12343400] "RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712] "Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Tilleggsskanning ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd til OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Jeanett\AppData\Roaming\Mozilla\Firefox\Profiles\ebh9f87r.default-1357881641531\ FF - ExtSQL: 2012-11-18 16:17; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF . . --------------------- LÅSTE REGISTERNØKLER --------------------- . [HKEY_USERS\S-1-5-21-60387042-4199421674-78443358-1000\Software\SecuROM\License information*] "datasecu"=hex:79,3d,20,eb,2e,ed,3c,38,4b,af,52,ae,58,5c,a9,b2,02,72,e8,a7,3a, 9b,03,f9,7d,6c,3a,c3,80,13,85,58,50,cf,76,98,64,06,f3,7c,37,83,4d,b6,e2,32,\ "rkeysecu"=hex:b9,49,ad,f7,ab,06,02,96,33,7d,b3,86,9c,dd,ff,99 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Tidspunkt ferdig: 2013-01-11 07:06:48 ComboFix-quarantined-files.txt 2013-01-11 06:06 ComboFix2.txt 2013-01-11 05:12 . Pre-Run: 58 971 430 912 bytes free Post-Run: 58 676 457 472 bytes free . - - End Of File - - E09746F530EAE40E4934BBCD2115DB1A Conputer seems to be running fine.

TornTV addon is gone. Seems that everything is OK now. Thank You very much for your help

Log from Combofix: ComboFix 13-01-11.01 - Jeanett 11.01.2013 6:08.1.8 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.47.1033.18.16283.14134 [GMT 1:00] Kjører fra: c:\users\Jeanett\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Roaming . . ((((((((((((((((((((((((((( Filer Opprettet Fra 2012-12-11 til 2013-01-11 ))))))))))))))))))))))))))))))))) . . 2013-01-11 05:10 . 2013-01-11 05:10 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2013-01-11 05:10 . 2013-01-11 05:10 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-01-10 20:46 . 2013-01-10 20:46 -------- d-----w- c:\users\Jeanett\AppData\Roaming\Malwarebytes 2013-01-10 20:46 . 2013-01-10 20:46 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-01-10 20:46 . 2013-01-10 20:46 -------- d-----w- c:\programdata\Malwarebytes 2013-01-10 20:46 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-01-10 20:46 . 2013-01-10 20:46 -------- d-----w- c:\users\Jeanett\AppData\Local\Programs 2013-01-10 10:20 . 2013-01-10 10:20 -------- d--h--r- c:\users\Jeanett\AppData\Roaming\SecuROM 2013-01-10 10:05 . 2013-01-10 10:05 -------- d-----w- c:\programdata\EA Core 2013-01-10 10:03 . 2013-01-10 10:03 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll 2013-01-10 10:03 . 2006-09-28 15:05 3977496 ----a-w- c:\windows\system32\d3dx9_31.dll 2013-01-10 10:03 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll 2013-01-10 00:00 . 2013-01-10 09:09 -------- d-----w- c:\users\Jeanett\AppData\Roaming\Origin 2013-01-10 00:00 . 2013-01-10 00:04 -------- d-----w- c:\program files (x86)\Origin Games 2013-01-10 00:00 . 2013-01-10 00:00 -------- d-----w- c:\users\Jeanett\AppData\Local\Origin 2013-01-09 23:57 . 2013-01-10 09:09 -------- d-----w- c:\programdata\Origin 2013-01-09 23:57 . 2013-01-09 23:57 -------- d-----w- c:\programdata\Electronic Arts 2013-01-09 10:04 . 2012-11-30 05:38 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2013-01-08 09:25 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F9151343-CBC5-4B05-A692-C55225D06979}\mpengine.dll 2012-12-21 19:41 . 2012-12-21 19:41 -------- d-----w- c:\program files\Microsoft Silverlight 2012-12-21 19:41 . 2012-12-21 19:41 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2012-12-21 19:41 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-21 19:41 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-21 19:41 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-21 19:41 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-14 22:17 . 2012-12-21 16:48 -------- d-----w- c:\users\Jeanett\AppData\Local\ElevatedDiagnostics 2012-12-12 09:50 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll 2012-12-12 09:50 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-12-12 09:49 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll 2012-12-12 09:49 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-01-10 02:00 . 2012-10-19 21:22 67599240 ----a-w- c:\windows\system32\MRT.exe 2013-01-09 10:51 . 2012-10-20 07:20 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-01-09 10:51 . 2012-10-20 07:20 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-11-30 04:45 . 2013-01-09 10:05 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-10-30 22:51 . 2012-10-19 22:17 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-10-30 22:51 . 2012-10-19 22:17 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-10-30 22:51 . 2012-10-19 22:17 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-10-30 22:51 . 2012-10-19 22:17 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-10-30 22:51 . 2012-10-19 22:17 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-10-30 22:51 . 2012-10-19 22:17 41224 ----a-w- c:\windows\avastSS.scr 2012-10-30 22:50 . 2012-10-19 22:17 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe 2012-10-30 22:50 . 2012-10-19 22:17 285328 ----a-w- c:\windows\system32\aswBoot.exe 2012-10-23 19:57 . 2012-10-23 19:57 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2012-10-23 19:57 . 2012-10-23 19:57 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-10-23 19:57 . 2012-10-23 19:57 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-10-19 23:10 . 2012-10-19 23:10 279392 ----a-w- c:\windows\system32\LenovoSdk.OKTDLL.dll 2012-10-19 23:06 . 2012-10-19 23:07 19872 ----a-w- c:\windows\system32\LenovoSDKEmSubSystem.dll 2012-10-19 23:06 . 2012-10-19 23:07 39008 ----a-w- c:\windows\system32\drivers\LhdX64.sys 2012-10-19 23:06 . 2011-12-15 12:09 30816 ----a-w- c:\windows\system32\drivers\AcpiVpc.sys 2012-10-19 22:02 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll 2012-10-19 22:02 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll 2012-10-19 21:01 . 2012-10-19 21:01 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-10-19 21:01 . 2012-10-19 21:01 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-10-19 21:01 . 2012-10-19 21:01 89088 ----a-w- c:\windows\system32\ie4uinit.exe 2012-10-19 21:01 . 2012-10-19 21:01 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll 2012-10-19 21:01 . 2012-10-19 21:01 85504 ----a-w- c:\windows\system32\iesetup.dll 2012-10-19 21:01 . 2012-10-19 21:01 82432 ----a-w- c:\windows\system32\icardie.dll 2012-10-19 21:01 . 2012-10-19 21:01 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2012-10-19 21:01 . 2012-10-19 21:01 76800 ----a-w- c:\windows\system32\tdc.ocx 2012-10-19 21:01 . 2012-10-19 21:01 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 2012-10-19 21:01 . 2012-10-19 21:01 74752 ----a-w- c:\windows\SysWow64\iesetup.dll 2012-10-19 21:01 . 2012-10-19 21:01 65024 ----a-w- c:\windows\system32\pngfilt.dll 2012-10-19 21:01 . 2012-10-19 21:01 63488 ----a-w- c:\windows\SysWow64\tdc.ocx 2012-10-19 21:01 . 2012-10-19 21:01 55296 ----a-w- c:\windows\system32\msfeedsbs.dll 2012-10-19 21:01 . 2012-10-19 21:01 534528 ----a-w- c:\windows\system32\ieapfltr.dll 2012-10-19 21:01 . 2012-10-19 21:01 49664 ----a-w- c:\windows\system32\imgutil.dll 2012-10-19 21:01 . 2012-10-19 21:01 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2012-10-19 21:01 . 2012-10-19 21:01 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-10-19 21:01 . 2012-10-19 21:01 452608 ----a-w- c:\windows\system32\dxtmsft.dll 2012-10-19 21:01 . 2012-10-19 21:01 448512 ----a-w- c:\windows\system32\html.iec 2012-10-19 21:01 . 2012-10-19 21:01 403248 ----a-w- c:\windows\system32\iedkcs32.dll 2012-10-19 21:01 . 2012-10-19 21:01 39936 ----a-w- c:\windows\system32\iernonce.dll 2012-10-19 21:01 . 2012-10-19 21:01 3695416 ----a-w- c:\windows\system32\ieapfltr.dat 2012-10-19 21:01 . 2012-10-19 21:01 367104 ----a-w- c:\windows\SysWow64\html.iec 2012-10-19 21:01 . 2012-10-19 21:01 35840 ----a-w- c:\windows\SysWow64\imgutil.dll 2012-10-19 21:01 . 2012-10-19 21:01 30720 ----a-w- c:\windows\system32\licmgr10.dll 2012-10-19 21:01 . 2012-10-19 21:01 282112 ----a-w- c:\windows\system32\dxtrans.dll 2012-10-19 21:01 . 2012-10-19 21:01 267776 ----a-w- c:\windows\system32\ieaksie.dll 2012-10-19 21:01 . 2012-10-19 21:01 249344 ----a-w- c:\windows\system32\webcheck.dll 2012-10-19 21:01 . 2012-10-19 21:01 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll 2012-10-19 21:01 . 2012-10-19 21:01 222208 ----a-w- c:\windows\system32\msls31.dll 2012-10-19 21:01 . 2012-10-19 21:01 197120 ----a-w- c:\windows\system32\msrating.dll 2012-10-19 21:01 . 2012-10-19 21:01 165888 ----a-w- c:\windows\system32\iexpress.exe 2012-10-19 21:01 . 2012-10-19 21:01 163840 ----a-w- c:\windows\system32\ieakui.dll 2012-10-19 21:01 . 2012-10-19 21:01 161792 ----a-w- c:\windows\SysWow64\msls31.dll 2012-10-19 21:01 . 2012-10-19 21:01 160256 ----a-w- c:\windows\system32\wextract.exe 2012-10-19 21:01 . 2012-10-19 21:01 160256 ----a-w- c:\windows\system32\ieakeng.dll 2012-10-19 21:01 . 2012-10-19 21:01 152064 ----a-w- c:\windows\SysWow64\wextract.exe 2012-10-19 21:01 . 2012-10-19 21:01 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2012-10-19 21:01 . 2012-10-19 21:01 149504 ----a-w- c:\windows\system32\occache.dll 2012-10-19 21:01 . 2012-10-19 21:01 145920 ----a-w- c:\windows\system32\iepeers.dll 2012-10-19 21:01 . 2012-10-19 21:01 135168 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-10-19 21:01 . 2012-10-19 21:01 12288 ----a-w- c:\windows\system32\mshta.exe 2012-10-19 21:01 . 2012-10-19 21:01 11776 ----a-w- c:\windows\SysWow64\mshta.exe 2012-10-19 21:01 . 2012-10-19 21:01 114176 ----a-w- c:\windows\system32\admparse.dll 2012-10-19 21:01 . 2012-10-19 21:01 111616 ----a-w- c:\windows\system32\iesysprep.dll 2012-10-19 21:01 . 2012-10-19 21:01 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2012-10-19 21:01 . 2012-10-19 21:01 10752 ----a-w- c:\windows\system32\msfeedssync.exe 2012-10-19 21:01 . 2012-10-19 21:01 103936 ----a-w- c:\windows\system32\inseng.dll 2012-10-19 21:01 . 2012-10-19 21:01 101888 ----a-w- c:\windows\SysWow64\admparse.dll 2012-10-16 08:38 . 2012-12-03 08:53 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 08:38 . 2012-12-03 08:53 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 07:39 . 2012-12-03 08:53 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-15 16:59 . 2012-10-19 22:17 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys . . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-10-19 17884848] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896] "UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504] "331BigDog"="c:\program files (x86)\USB Camera\VM331_STI.EXE" [2011-11-24 548864] "USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-12 291608] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-10-19 160944] R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-12-05 195584] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168] R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-19 1255736] R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088] R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840] S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-12 16152] S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2012-10-19 39008] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-05 659968] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600] S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-05 135952] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592] S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448] S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-02-28 161560] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-02-28 363800] S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-08 594704] S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2012-10-19 30816] S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-12-05 195584] S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2012-02-02 134696] S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-12 356120] S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-12 788760] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2011-08-25 173656] S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-11-15 111216] S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys [2011-12-06 952832] . . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) . 2013-01-11 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-20 10:51] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504] "Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-10-19 8079408] "EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-10-19 6200368] "OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-10-19 789856] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-27 12343400] "RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712] "Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Tilleggsskanning ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd til OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Jeanett\AppData\Roaming\Mozilla\Firefox\Profiles\rvxofy0e.default\ FF - prefs.js: browser.startup.homepage - google.com FF - ExtSQL: 2013-01-08 13:18; torntv@torntv.com; c:\users\Jeanett\AppData\Roaming\Mozilla\Firefox\Profiles\rvxofy0e.default\extensions\torntv@torntv.com.xpi . - - - - TOMME PEKERE FJERNET - - - - . HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe HKLM-Run-SynLenovoGestureMgr - c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe . . . --------------------- LÅSTE REGISTERNØKLER --------------------- . [HKEY_USERS\S-1-5-21-60387042-4199421674-78443358-1000\Software\SecuROM\License information*] "datasecu"=hex:79,3d,20,eb,2e,ed,3c,38,4b,af,52,ae,58,5c,a9,b2,02,72,e8,a7,3a, 9b,03,f9,7d,6c,3a,c3,80,13,85,58,50,cf,76,98,64,06,f3,7c,37,83,4d,b6,e2,32,\ "rkeysecu"=hex:b9,49,ad,f7,ab,06,02,96,33,7d,b3,86,9c,dd,ff,99 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Tidspunkt ferdig: 2013-01-11 06:12:15 ComboFix-quarantined-files.txt 2013-01-11 05:12 . Pre-Run: 59 373 735 936 bytes free Post-Run: 58 834 227 200 bytes free . - - End Of File - - FEF9855C50D53515EEB9D160F7EF6F90 I had no problems running ComboFix, but Firefox addons still contains TornTV.

From what I see in the installed programs, Yontoo has been removed, the unwanted ads are gone, but TornTV adon in firefox remains.

In the first place I would like to thank you for the fast response Security Check: Results of screen317's Security Check version 0.99.56 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.70.0.1100 Java 7 Update 9 Adobe Flash Player 11.5.502.146 Adobe Reader XI Mozilla Firefox (17.0.1) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe windows defender MpCmdRun.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 13% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log`````````````````````` adwcleaner: # AdwCleaner v2.105 - Logfile created 01/10/2013 at 22:45:06 # Updated 08/01/2013 by Xplode # Operating system : Windows 7 Professional Service Pack 1 (64 bits) # User : Jeanett - JEANETT-PC # Boot Mode : Normal # Running from : C:\Users\Jeanett\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Program Files (x86)\Yontoo Folder Deleted : C:\ProgramData\Tarma Installer Folder Deleted : C:\Users\Jeanett\AppData\Roaming\Mozilla\Firefox\Profiles\rvxofy0e.default\extensions\plugin@yontoo.com ***** [Registry] ***** Key Deleted : HKCU\Software\1ClickDownload Key Deleted : HKCU\Software\SweetIM Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967} Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1 Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1 Key Deleted : HKLM\Software\Iminent Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKLM\Software\SweetIM Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Key Deleted : HKLM\SOFTWARE\Tarma Installer ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16457 [OK] Registry is clean. -\\ Mozilla Firefox v17.0.1 (nb-NO) File : C:\Users\Jeanett\AppData\Roaming\Mozilla\Firefox\Profiles\rvxofy0e.default\prefs.js C:\Users\Jeanett\AppData\Roaming\Mozilla\Firefox\Profiles\rvxofy0e.default\user.js ... Deleted ! [OK] File is clean. ************************* AdwCleaner[s1].txt - [3357 octets] - [10/01/2013 22:45:06] ########## EOF - C:\AdwCleaner[s1].txt - [3417 octets] ########## roguekiller: RogueKiller V8.4.3 [Jan 10 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Jeanett [Admin rights] Mode : Remove -- Date : 01/10/2013 22:48:27 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 5 ¤¤¤ [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> REPLACED (1) [HJ SMENU] HKCU\[...]\Advanced : Start_ShowUser (0) -> REPLACED (1) [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1) [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ADATA SX300 +++++ --- User --- [MBR] 0086f36f0b7bc8b257f89fc226376c3d [bSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] UNKNOWN (0xee) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: ST750LM022 HN-M750MBB +++++ --- User --- [MBR] 4e837da3528339c47a82281ce0eb59d3 [bSP] 5cafccd8003e1a1148e9878e7482b0de : Windows Vista MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 714295 Mo 1 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 1462878272 | Size: 1108 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[2]_D_01102013_02d2248.txt >> RKreport[1]_S_01102013_02d2248.txt ; RKreport[2]_D_01102013_02d2248.txt

Hello, today I noticed a lot of additional ads rendered on the websites, I checked the intalled addons and I noticed Yontoo 1.20.00 and TornTV 1.1 installed, which I think might be the cause. I tried running a full scan with Malwerbytes anti-malware but it didn't find anything. I would like to ask for assistance. attach.txt dds.txt