[Help with removing Yontoo and TornTV]

Everything cleaned up and running great. One more time thank You for fast and proffesional help

[Help with removing Yontoo and TornTV]

Eset found a threat.

C:\Users\Jeanett\Downloads\750dfaac915b992401fd117e12748aa7dec2891a.exe Win32/Adware.1ClickDownload.J application

[Help with removing Yontoo and TornTV]

Back from work

Logs:

Malwarebytes Anti-Malware (Trial) 1.70.0.1100

www.malwarebytes.org

Database version: v2013.01.11.11

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Jeanett :: JEANETT-PC [administrator]

Protection: Enabled

11.01.2013 19:54:05

mbam-log-2013-01-11 (19-54-05).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 231275

Time elapsed: 34 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

hijackthis:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:57:37, on 11.01.2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16457)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe

C:\Program Files (x86)\USB Camera\VM331_STI.EXE

C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

D:\Origin\Origin.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe

C:\Users\Jeanett\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"

O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE

O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKUS\S-1-5-21-60387042-4199421674-78443358-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-60387042-4199421674-78443358-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd til OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105

O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Koblede OneNote-notater - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Koblede OneNote-notater - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--

End of file - 10926 bytes

I had no problem running any of the steps

[Help with removing Yontoo and TornTV]

Currently I'm at work so I'll run the steps and post and update with logs in around 9 hours

[Help with removing Yontoo and TornTV]

Combofix log after running the script:

ComboFix 13-01-11.01 - Jeanett 11.01.2013 7:03.2.8 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.47.1033.18.16283.13988 [GMT 1:00]

Kjører fra: c:\users\Jeanett\Desktop\ComboFix.exe

Command switches brukt :: c:\users\Jeanett\Desktop\CFScript.txt

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((( Filer Opprettet Fra 2012-12-11 til 2013-01-11 )))))))))))))))))))))))))))))))))

.

.

2013-01-11 06:05 . 2013-01-11 06:05 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2013-01-11 06:05 . 2013-01-11 06:05 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-01-10 20:46 . 2013-01-10 20:46 -------- d-----w- c:\users\Jeanett\AppData\Roaming\Malwarebytes

2013-01-10 20:46 . 2013-01-10 20:46 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2013-01-10 20:46 . 2013-01-10 20:46 -------- d-----w- c:\programdata\Malwarebytes

2013-01-10 20:46 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-01-10 20:46 . 2013-01-10 20:46 -------- d-----w- c:\users\Jeanett\AppData\Local\Programs

2013-01-10 10:20 . 2013-01-10 10:20 -------- d--h--r- c:\users\Jeanett\AppData\Roaming\SecuROM

2013-01-10 10:05 . 2013-01-10 10:05 -------- d-----w- c:\programdata\EA Core

2013-01-10 10:03 . 2013-01-10 10:03 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll

2013-01-10 10:03 . 2006-09-28 15:05 3977496 ----a-w- c:\windows\system32\d3dx9_31.dll

2013-01-10 10:03 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll

2013-01-10 00:00 . 2013-01-10 09:09 -------- d-----w- c:\users\Jeanett\AppData\Roaming\Origin

2013-01-10 00:00 . 2013-01-10 00:04 -------- d-----w- c:\program files (x86)\Origin Games

2013-01-10 00:00 . 2013-01-10 00:00 -------- d-----w- c:\users\Jeanett\AppData\Local\Origin

2013-01-09 23:57 . 2013-01-10 09:09 -------- d-----w- c:\programdata\Origin

2013-01-09 23:57 . 2013-01-09 23:57 -------- d-----w- c:\programdata\Electronic Arts

2013-01-09 10:04 . 2012-11-30 05:38 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2013-01-08 09:25 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F9151343-CBC5-4B05-A692-C55225D06979}\mpengine.dll

2012-12-21 19:41 . 2012-12-21 19:41 -------- d-----w- c:\program files\Microsoft Silverlight

2012-12-21 19:41 . 2012-12-21 19:41 -------- d-----w- c:\program files (x86)\Microsoft Silverlight

2012-12-21 19:41 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll

2012-12-21 19:41 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll

2012-12-21 19:41 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll

2012-12-21 19:41 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll

2012-12-14 22:17 . 2012-12-21 16:48 -------- d-----w- c:\users\Jeanett\AppData\Local\ElevatedDiagnostics

2012-12-12 09:50 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll

2012-12-12 09:50 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2012-12-12 09:49 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll

2012-12-12 09:49 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-01-10 02:00 . 2012-10-19 21:22 67599240 ----a-w- c:\windows\system32\MRT.exe

2013-01-09 10:51 . 2012-10-20 07:20 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-01-09 10:51 . 2012-10-20 07:20 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-11-30 04:45 . 2013-01-09 10:05 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2012-10-30 22:51 . 2012-10-19 22:17 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2012-10-30 22:51 . 2012-10-19 22:17 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2012-10-30 22:51 . 2012-10-19 22:17 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2012-10-30 22:51 . 2012-10-19 22:17 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys

2012-10-30 22:51 . 2012-10-19 22:17 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2012-10-30 22:51 . 2012-10-19 22:17 41224 ----a-w- c:\windows\avastSS.scr

2012-10-30 22:50 . 2012-10-19 22:17 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe

2012-10-30 22:50 . 2012-10-19 22:17 285328 ----a-w- c:\windows\system32\aswBoot.exe

2012-10-23 19:57 . 2012-10-23 19:57 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-10-23 19:57 . 2012-10-23 19:57 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-10-23 19:57 . 2012-10-23 19:57 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-10-19 23:10 . 2012-10-19 23:10 279392 ----a-w- c:\windows\system32\LenovoSdk.OKTDLL.dll

2012-10-19 23:06 . 2012-10-19 23:07 19872 ----a-w- c:\windows\system32\LenovoSDKEmSubSystem.dll

2012-10-19 23:06 . 2012-10-19 23:07 39008 ----a-w- c:\windows\system32\drivers\LhdX64.sys

2012-10-19 23:06 . 2011-12-15 12:09 30816 ----a-w- c:\windows\system32\drivers\AcpiVpc.sys

2012-10-19 22:02 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll

2012-10-19 22:02 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll

2012-10-19 21:01 . 2012-10-19 21:01 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2012-10-19 21:01 . 2012-10-19 21:01 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2012-10-19 21:01 . 2012-10-19 21:01 89088 ----a-w- c:\windows\system32\ie4uinit.exe

2012-10-19 21:01 . 2012-10-19 21:01 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll

2012-10-19 21:01 . 2012-10-19 21:01 85504 ----a-w- c:\windows\system32\iesetup.dll

2012-10-19 21:01 . 2012-10-19 21:01 82432 ----a-w- c:\windows\system32\icardie.dll

2012-10-19 21:01 . 2012-10-19 21:01 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2012-10-19 21:01 . 2012-10-19 21:01 76800 ----a-w- c:\windows\system32\tdc.ocx

2012-10-19 21:01 . 2012-10-19 21:01 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2012-10-19 21:01 . 2012-10-19 21:01 74752 ----a-w- c:\windows\SysWow64\iesetup.dll

2012-10-19 21:01 . 2012-10-19 21:01 65024 ----a-w- c:\windows\system32\pngfilt.dll

2012-10-19 21:01 . 2012-10-19 21:01 63488 ----a-w- c:\windows\SysWow64\tdc.ocx

2012-10-19 21:01 . 2012-10-19 21:01 55296 ----a-w- c:\windows\system32\msfeedsbs.dll

2012-10-19 21:01 . 2012-10-19 21:01 534528 ----a-w- c:\windows\system32\ieapfltr.dll

2012-10-19 21:01 . 2012-10-19 21:01 49664 ----a-w- c:\windows\system32\imgutil.dll

2012-10-19 21:01 . 2012-10-19 21:01 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2012-10-19 21:01 . 2012-10-19 21:01 48640 ----a-w- c:\windows\system32\mshtmler.dll

2012-10-19 21:01 . 2012-10-19 21:01 452608 ----a-w- c:\windows\system32\dxtmsft.dll

2012-10-19 21:01 . 2012-10-19 21:01 448512 ----a-w- c:\windows\system32\html.iec

2012-10-19 21:01 . 2012-10-19 21:01 403248 ----a-w- c:\windows\system32\iedkcs32.dll

2012-10-19 21:01 . 2012-10-19 21:01 39936 ----a-w- c:\windows\system32\iernonce.dll

2012-10-19 21:01 . 2012-10-19 21:01 3695416 ----a-w- c:\windows\system32\ieapfltr.dat

2012-10-19 21:01 . 2012-10-19 21:01 367104 ----a-w- c:\windows\SysWow64\html.iec

2012-10-19 21:01 . 2012-10-19 21:01 35840 ----a-w- c:\windows\SysWow64\imgutil.dll

2012-10-19 21:01 . 2012-10-19 21:01 30720 ----a-w- c:\windows\system32\licmgr10.dll

2012-10-19 21:01 . 2012-10-19 21:01 282112 ----a-w- c:\windows\system32\dxtrans.dll

2012-10-19 21:01 . 2012-10-19 21:01 267776 ----a-w- c:\windows\system32\ieaksie.dll

2012-10-19 21:01 . 2012-10-19 21:01 249344 ----a-w- c:\windows\system32\webcheck.dll

2012-10-19 21:01 . 2012-10-19 21:01 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll

2012-10-19 21:01 . 2012-10-19 21:01 222208 ----a-w- c:\windows\system32\msls31.dll

2012-10-19 21:01 . 2012-10-19 21:01 197120 ----a-w- c:\windows\system32\msrating.dll

2012-10-19 21:01 . 2012-10-19 21:01 165888 ----a-w- c:\windows\system32\iexpress.exe

2012-10-19 21:01 . 2012-10-19 21:01 163840 ----a-w- c:\windows\system32\ieakui.dll

2012-10-19 21:01 . 2012-10-19 21:01 161792 ----a-w- c:\windows\SysWow64\msls31.dll

2012-10-19 21:01 . 2012-10-19 21:01 160256 ----a-w- c:\windows\system32\wextract.exe

2012-10-19 21:01 . 2012-10-19 21:01 160256 ----a-w- c:\windows\system32\ieakeng.dll

2012-10-19 21:01 . 2012-10-19 21:01 152064 ----a-w- c:\windows\SysWow64\wextract.exe

2012-10-19 21:01 . 2012-10-19 21:01 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2012-10-19 21:01 . 2012-10-19 21:01 149504 ----a-w- c:\windows\system32\occache.dll

2012-10-19 21:01 . 2012-10-19 21:01 145920 ----a-w- c:\windows\system32\iepeers.dll

2012-10-19 21:01 . 2012-10-19 21:01 135168 ----a-w- c:\windows\system32\IEAdvpack.dll

2012-10-19 21:01 . 2012-10-19 21:01 12288 ----a-w- c:\windows\system32\mshta.exe

2012-10-19 21:01 . 2012-10-19 21:01 11776 ----a-w- c:\windows\SysWow64\mshta.exe

2012-10-19 21:01 . 2012-10-19 21:01 114176 ----a-w- c:\windows\system32\admparse.dll

2012-10-19 21:01 . 2012-10-19 21:01 111616 ----a-w- c:\windows\system32\iesysprep.dll

2012-10-19 21:01 . 2012-10-19 21:01 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2012-10-19 21:01 . 2012-10-19 21:01 10752 ----a-w- c:\windows\system32\msfeedssync.exe

2012-10-19 21:01 . 2012-10-19 21:01 103936 ----a-w- c:\windows\system32\inseng.dll

2012-10-19 21:01 . 2012-10-19 21:01 101888 ----a-w- c:\windows\SysWow64\admparse.dll

2012-10-16 08:38 . 2012-12-03 08:53 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2012-10-16 08:38 . 2012-12-03 08:53 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

2012-10-16 07:39 . 2012-12-03 08:53 561664 ----a-w- c:\windows\apppatch\AcLayers.dll

2012-10-15 16:59 . 2012-10-19 22:17 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys

.

.

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-10-19 17884848]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]

"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]

"331BigDog"="c:\program files (x86)\USB Camera\VM331_STI.EXE" [2011-11-24 548864]

"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-12 291608]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-10-19 160944]

R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-12-05 195584]

R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]

R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-19 1255736]

R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]

R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]

S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-12 16152]

S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2012-10-19 39008]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-05 659968]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]

S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-05 135952]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]

S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]

S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-02-28 161560]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-02-28 363800]

S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-08 594704]

S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2012-10-19 30816]

S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-12-05 195584]

S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2012-02-02 134696]

S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-12 356120]

S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-12 788760]

S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2011-08-25 173656]

S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-11-15 111216]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]

S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys [2011-12-06 952832]

.

.

Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

.

2013-01-11 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-20 10:51]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]

"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]

"SynLenovoGestureMgr"="c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" [bU]

"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-10-19 8079408]

"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-10-19 6200368]

"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-10-19 789856]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-27 12343400]

"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]

"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\windows\System32\nvinitx.dll

.

------- Tilleggsskanning -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd til OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\Jeanett\AppData\Roaming\Mozilla\Firefox\Profiles\ebh9f87r.default-1357881641531\

FF - ExtSQL: 2012-11-18 16:17; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF

.

.

--------------------- LÅSTE REGISTERNØKLER ---------------------

.

[HKEY_USERS\S-1-5-21-60387042-4199421674-78443358-1000\Software\SecuROM\License information*]

"datasecu"=hex:79,3d,20,eb,2e,ed,3c,38,4b,af,52,ae,58,5c,a9,b2,02,72,e8,a7,3a,

9b,03,f9,7d,6c,3a,c3,80,13,85,58,50,cf,76,98,64,06,f3,7c,37,83,4d,b6,e2,32,\

"rkeysecu"=hex:b9,49,ad,f7,ab,06,02,96,33,7d,b3,86,9c,dd,ff,99

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Tidspunkt ferdig: 2013-01-11 07:06:48

ComboFix-quarantined-files.txt 2013-01-11 06:06

ComboFix2.txt 2013-01-11 05:12

.

Pre-Run: 58 971 430 912 bytes free

Post-Run: 58 676 457 472 bytes free

.

- - End Of File - - E09746F530EAE40E4934BBCD2115DB1A

Conputer seems to be running fine.

[Help with removing Yontoo and TornTV]

TornTV addon is gone. Seems that everything is OK now.

Thank You very much for your help

[Help with removing Yontoo and TornTV]

Log from Combofix:

ComboFix 13-01-11.01 - Jeanett 11.01.2013 6:08.1.8 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.47.1033.18.16283.14134 [GMT 1:00]

Kjører fra: c:\users\Jeanett\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\Roaming

.

.

((((((((((((((((((((((((((( Filer Opprettet Fra 2012-12-11 til 2013-01-11 )))))))))))))))))))))))))))))))))

.

.

2013-01-11 05:10 . 2013-01-11 05:10 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2013-01-11 05:10 . 2013-01-11 05:10 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-01-10 20:46 . 2013-01-10 20:46 -------- d-----w- c:\users\Jeanett\AppData\Roaming\Malwarebytes

2013-01-10 20:46 . 2013-01-10 20:46 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2013-01-10 20:46 . 2013-01-10 20:46 -------- d-----w- c:\programdata\Malwarebytes

2013-01-10 20:46 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-01-10 20:46 . 2013-01-10 20:46 -------- d-----w- c:\users\Jeanett\AppData\Local\Programs

2013-01-10 10:20 . 2013-01-10 10:20 -------- d--h--r- c:\users\Jeanett\AppData\Roaming\SecuROM

2013-01-10 10:05 . 2013-01-10 10:05 -------- d-----w- c:\programdata\EA Core

2013-01-10 10:03 . 2013-01-10 10:03 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll

2013-01-10 10:03 . 2006-09-28 15:05 3977496 ----a-w- c:\windows\system32\d3dx9_31.dll

2013-01-10 10:03 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll

2013-01-10 00:00 . 2013-01-10 09:09 -------- d-----w- c:\users\Jeanett\AppData\Roaming\Origin

2013-01-10 00:00 . 2013-01-10 00:04 -------- d-----w- c:\program files (x86)\Origin Games

2013-01-10 00:00 . 2013-01-10 00:00 -------- d-----w- c:\users\Jeanett\AppData\Local\Origin

2013-01-09 23:57 . 2013-01-10 09:09 -------- d-----w- c:\programdata\Origin

2013-01-09 23:57 . 2013-01-09 23:57 -------- d-----w- c:\programdata\Electronic Arts

2013-01-09 10:04 . 2012-11-30 05:38 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2013-01-08 09:25 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F9151343-CBC5-4B05-A692-C55225D06979}\mpengine.dll

2012-12-21 19:41 . 2012-12-21 19:41 -------- d-----w- c:\program files\Microsoft Silverlight

2012-12-21 19:41 . 2012-12-21 19:41 -------- d-----w- c:\program files (x86)\Microsoft Silverlight

2012-12-21 19:41 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll

2012-12-21 19:41 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll

2012-12-21 19:41 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll

2012-12-21 19:41 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll

2012-12-14 22:17 . 2012-12-21 16:48 -------- d-----w- c:\users\Jeanett\AppData\Local\ElevatedDiagnostics

2012-12-12 09:50 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll

2012-12-12 09:50 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2012-12-12 09:49 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll

2012-12-12 09:49 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-01-10 02:00 . 2012-10-19 21:22 67599240 ----a-w- c:\windows\system32\MRT.exe

2013-01-09 10:51 . 2012-10-20 07:20 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-01-09 10:51 . 2012-10-20 07:20 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-11-30 04:45 . 2013-01-09 10:05 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2012-10-30 22:51 . 2012-10-19 22:17 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2012-10-30 22:51 . 2012-10-19 22:17 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2012-10-30 22:51 . 2012-10-19 22:17 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2012-10-30 22:51 . 2012-10-19 22:17 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys

2012-10-30 22:51 . 2012-10-19 22:17 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2012-10-30 22:51 . 2012-10-19 22:17 41224 ----a-w- c:\windows\avastSS.scr

2012-10-30 22:50 . 2012-10-19 22:17 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe

2012-10-30 22:50 . 2012-10-19 22:17 285328 ----a-w- c:\windows\system32\aswBoot.exe

2012-10-23 19:57 . 2012-10-23 19:57 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-10-23 19:57 . 2012-10-23 19:57 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-10-23 19:57 . 2012-10-23 19:57 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-10-19 23:10 . 2012-10-19 23:10 279392 ----a-w- c:\windows\system32\LenovoSdk.OKTDLL.dll

2012-10-19 23:06 . 2012-10-19 23:07 19872 ----a-w- c:\windows\system32\LenovoSDKEmSubSystem.dll

2012-10-19 23:06 . 2012-10-19 23:07 39008 ----a-w- c:\windows\system32\drivers\LhdX64.sys

2012-10-19 23:06 . 2011-12-15 12:09 30816 ----a-w- c:\windows\system32\drivers\AcpiVpc.sys

2012-10-19 22:02 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll

2012-10-19 22:02 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll

2012-10-19 21:01 . 2012-10-19 21:01 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2012-10-19 21:01 . 2012-10-19 21:01 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2012-10-19 21:01 . 2012-10-19 21:01 89088 ----a-w- c:\windows\system32\ie4uinit.exe

2012-10-19 21:01 . 2012-10-19 21:01 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll

2012-10-19 21:01 . 2012-10-19 21:01 85504 ----a-w- c:\windows\system32\iesetup.dll

2012-10-19 21:01 . 2012-10-19 21:01 82432 ----a-w- c:\windows\system32\icardie.dll

2012-10-19 21:01 . 2012-10-19 21:01 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2012-10-19 21:01 . 2012-10-19 21:01 76800 ----a-w- c:\windows\system32\tdc.ocx

2012-10-19 21:01 . 2012-10-19 21:01 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2012-10-19 21:01 . 2012-10-19 21:01 74752 ----a-w- c:\windows\SysWow64\iesetup.dll

2012-10-19 21:01 . 2012-10-19 21:01 65024 ----a-w- c:\windows\system32\pngfilt.dll

2012-10-19 21:01 . 2012-10-19 21:01 63488 ----a-w- c:\windows\SysWow64\tdc.ocx

2012-10-19 21:01 . 2012-10-19 21:01 55296 ----a-w- c:\windows\system32\msfeedsbs.dll

2012-10-19 21:01 . 2012-10-19 21:01 534528 ----a-w- c:\windows\system32\ieapfltr.dll

2012-10-19 21:01 . 2012-10-19 21:01 49664 ----a-w- c:\windows\system32\imgutil.dll

2012-10-19 21:01 . 2012-10-19 21:01 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2012-10-19 21:01 . 2012-10-19 21:01 48640 ----a-w- c:\windows\system32\mshtmler.dll

2012-10-19 21:01 . 2012-10-19 21:01 452608 ----a-w- c:\windows\system32\dxtmsft.dll

2012-10-19 21:01 . 2012-10-19 21:01 448512 ----a-w- c:\windows\system32\html.iec

2012-10-19 21:01 . 2012-10-19 21:01 403248 ----a-w- c:\windows\system32\iedkcs32.dll

2012-10-19 21:01 . 2012-10-19 21:01 39936 ----a-w- c:\windows\system32\iernonce.dll

2012-10-19 21:01 . 2012-10-19 21:01 3695416 ----a-w- c:\windows\system32\ieapfltr.dat

2012-10-19 21:01 . 2012-10-19 21:01 367104 ----a-w- c:\windows\SysWow64\html.iec

2012-10-19 21:01 . 2012-10-19 21:01 35840 ----a-w- c:\windows\SysWow64\imgutil.dll

2012-10-19 21:01 . 2012-10-19 21:01 30720 ----a-w- c:\windows\system32\licmgr10.dll

2012-10-19 21:01 . 2012-10-19 21:01 282112 ----a-w- c:\windows\system32\dxtrans.dll

2012-10-19 21:01 . 2012-10-19 21:01 267776 ----a-w- c:\windows\system32\ieaksie.dll

2012-10-19 21:01 . 2012-10-19 21:01 249344 ----a-w- c:\windows\system32\webcheck.dll

2012-10-19 21:01 . 2012-10-19 21:01 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll

2012-10-19 21:01 . 2012-10-19 21:01 222208 ----a-w- c:\windows\system32\msls31.dll

2012-10-19 21:01 . 2012-10-19 21:01 197120 ----a-w- c:\windows\system32\msrating.dll

2012-10-19 21:01 . 2012-10-19 21:01 165888 ----a-w- c:\windows\system32\iexpress.exe

2012-10-19 21:01 . 2012-10-19 21:01 163840 ----a-w- c:\windows\system32\ieakui.dll

2012-10-19 21:01 . 2012-10-19 21:01 161792 ----a-w- c:\windows\SysWow64\msls31.dll

2012-10-19 21:01 . 2012-10-19 21:01 160256 ----a-w- c:\windows\system32\wextract.exe

2012-10-19 21:01 . 2012-10-19 21:01 160256 ----a-w- c:\windows\system32\ieakeng.dll

2012-10-19 21:01 . 2012-10-19 21:01 152064 ----a-w- c:\windows\SysWow64\wextract.exe

2012-10-19 21:01 . 2012-10-19 21:01 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2012-10-19 21:01 . 2012-10-19 21:01 149504 ----a-w- c:\windows\system32\occache.dll

2012-10-19 21:01 . 2012-10-19 21:01 145920 ----a-w- c:\windows\system32\iepeers.dll

2012-10-19 21:01 . 2012-10-19 21:01 135168 ----a-w- c:\windows\system32\IEAdvpack.dll

2012-10-19 21:01 . 2012-10-19 21:01 12288 ----a-w- c:\windows\system32\mshta.exe

2012-10-19 21:01 . 2012-10-19 21:01 11776 ----a-w- c:\windows\SysWow64\mshta.exe

2012-10-19 21:01 . 2012-10-19 21:01 114176 ----a-w- c:\windows\system32\admparse.dll

2012-10-19 21:01 . 2012-10-19 21:01 111616 ----a-w- c:\windows\system32\iesysprep.dll

2012-10-19 21:01 . 2012-10-19 21:01 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2012-10-19 21:01 . 2012-10-19 21:01 10752 ----a-w- c:\windows\system32\msfeedssync.exe

2012-10-19 21:01 . 2012-10-19 21:01 103936 ----a-w- c:\windows\system32\inseng.dll

2012-10-19 21:01 . 2012-10-19 21:01 101888 ----a-w- c:\windows\SysWow64\admparse.dll

2012-10-16 08:38 . 2012-12-03 08:53 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2012-10-16 08:38 . 2012-12-03 08:53 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

2012-10-16 07:39 . 2012-12-03 08:53 561664 ----a-w- c:\windows\apppatch\AcLayers.dll

2012-10-15 16:59 . 2012-10-19 22:17 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys

.

.

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-10-19 17884848]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]

"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]

"331BigDog"="c:\program files (x86)\USB Camera\VM331_STI.EXE" [2011-11-24 548864]

"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-12 291608]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-10-19 160944]

R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-12-05 195584]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]

R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]

R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-19 1255736]

R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]

R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]

S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-12 16152]

S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2012-10-19 39008]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-05 659968]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]

S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-05 135952]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]

S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]

S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-02-28 161560]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-02-28 363800]

S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-08 594704]

S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2012-10-19 30816]

S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-12-05 195584]

S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2012-02-02 134696]

S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-12 356120]

S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-12 788760]

S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2011-08-25 173656]

S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-11-15 111216]

S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys [2011-12-06 952832]

.

.

Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

.

2013-01-11 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-20 10:51]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]

"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-10-19 8079408]

"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-10-19 6200368]

"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-10-19 789856]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-27 12343400]

"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]

"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\windows\System32\nvinitx.dll

.

------- Tilleggsskanning -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd til OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\Jeanett\AppData\Roaming\Mozilla\Firefox\Profiles\rvxofy0e.default\

FF - prefs.js: browser.startup.homepage - google.com

FF - ExtSQL: 2013-01-08 13:18; torntv@torntv.com; c:\users\Jeanett\AppData\Roaming\Mozilla\Firefox\Profiles\rvxofy0e.default\extensions\torntv@torntv.com.xpi

.

- - - - TOMME PEKERE FJERNET - - - -

.

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

HKLM-Run-SynLenovoGestureMgr - c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe

.

.

.

--------------------- LÅSTE REGISTERNØKLER ---------------------

.

[HKEY_USERS\S-1-5-21-60387042-4199421674-78443358-1000\Software\SecuROM\License information*]

"datasecu"=hex:79,3d,20,eb,2e,ed,3c,38,4b,af,52,ae,58,5c,a9,b2,02,72,e8,a7,3a,

9b,03,f9,7d,6c,3a,c3,80,13,85,58,50,cf,76,98,64,06,f3,7c,37,83,4d,b6,e2,32,\

"rkeysecu"=hex:b9,49,ad,f7,ab,06,02,96,33,7d,b3,86,9c,dd,ff,99

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Tidspunkt ferdig: 2013-01-11 06:12:15

ComboFix-quarantined-files.txt 2013-01-11 05:12

.

Pre-Run: 59 373 735 936 bytes free

Post-Run: 58 834 227 200 bytes free

.

- - End Of File - - FEF9855C50D53515EEB9D160F7EF6F90

I had no problems running ComboFix, but Firefox addons still contains TornTV.

[Help with removing Yontoo and TornTV]

From what I see in the installed programs, Yontoo has been removed, the unwanted ads are gone, but TornTV adon in firefox remains.

[Help with removing Yontoo and TornTV]

In the first place I would like to thank you for the fast response

Security Check:

Results of screen317's Security Check version 0.99.56

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

avast! Antivirus

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.70.0.1100

Java 7 Update 9

Adobe Flash Player 11.5.502.146

Adobe Reader XI

Mozilla Firefox (17.0.1)

````````Process Check: objlist.exe by Laurent````````

Malwarebytes Anti-Malware mbamservice.exe

Malwarebytes Anti-Malware mbamgui.exe

Malwarebytes' Anti-Malware mbamscheduler.exe

windows defender MpCmdRun.exe

AVAST Software Avast AvastSvc.exe

AVAST Software Avast AvastUI.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 13% Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log``````````````````````

adwcleaner:

# AdwCleaner v2.105 - Logfile created 01/10/2013 at 22:45:06

# Updated 08/01/2013 by Xplode

# Operating system : Windows 7 Professional Service Pack 1 (64 bits)

# User : Jeanett - JEANETT-PC

# Boot Mode : Normal

# Running from : C:\Users\Jeanett\Desktop\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Yontoo

Folder Deleted : C:\ProgramData\Tarma Installer

Folder Deleted : C:\Users\Jeanett\AppData\Roaming\Mozilla\Firefox\Profiles\rvxofy0e.default\extensions\plugin@yontoo.com

***** [Registry] *****

Key Deleted : HKCU\Software\1ClickDownload

Key Deleted : HKCU\Software\SweetIM

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}

Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api

Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1

Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers

Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1

Key Deleted : HKLM\Software\Iminent

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKLM\Software\SweetIM

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Key Deleted : HKLM\SOFTWARE\Tarma Installer

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (nb-NO)

File : C:\Users\Jeanett\AppData\Roaming\Mozilla\Firefox\Profiles\rvxofy0e.default\prefs.js

C:\Users\Jeanett\AppData\Roaming\Mozilla\Firefox\Profiles\rvxofy0e.default\user.js ... Deleted !

[OK] File is clean.

*************************

AdwCleaner[s1].txt - [3357 octets] - [10/01/2013 22:45:06]

########## EOF - C:\AdwCleaner[s1].txt - [3417 octets] ##########

roguekiller:

RogueKiller V8.4.3 [Jan 10 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Jeanett [Admin rights]

Mode : Remove -- Date : 01/10/2013 22:48:27

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 5 ¤¤¤

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> REPLACED (1)

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowUser (0) -> REPLACED (1)

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ADATA SX300 +++++

--- User ---

[MBR] 0086f36f0b7bc8b257f89fc226376c3d

[bSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows 7/8 MBR Code

Partition table:

0 - [XXXXXX] UNKNOWN (0xee) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo

User = LL1 ... OK!

User = LL2 ... OK!

+++++ PhysicalDrive1: ST750LM022 HN-M750MBB +++++

--- User ---

[MBR] 4e837da3528339c47a82281ce0eb59d3

[bSP] 5cafccd8003e1a1148e9878e7482b0de : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 714295 Mo

1 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 1462878272 | Size: 1108 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[2]_D_01102013_02d2248.txt >>

RKreport[1]_S_01102013_02d2248.txt ; RKreport[2]_D_01102013_02d2248.txt

[Help with removing Yontoo and TornTV]

Hello, today I noticed a lot of additional ads rendered on the websites, I checked the intalled addons and I noticed Yontoo 1.20.00 and TornTV 1.1 installed, which I think might be the cause. I tried running a full scan with Malwerbytes anti-malware but it didn't find anything. I would like to ask for assistance.

attach.txt

dds.txt