TornTV Hijacker

By GoldSparrow in Browser Hijackers

Translate To:

Threat Scorecard

Ranking:	1,294
Threat Level:	70 % (High)
Infected Computers:	100,495

First Seen:	February 4, 2013
Last Seen:	March 18, 2024
OS(es) Affected:	Windows

The TornTV Hijacker is a threat that is associated with Torn TV, an online service that supposedly allows computer users to watch TV shows on their computer, both in live streams and by downloading videos of the episodes the user wants to watch. It is possible to install Torn TV directly from the company's website. Security researchers have observed that criminals bundle this application with malicious toolbars and adware, such as CouponDropDown. This added malware will often be installed by default unless the computer user opts out. However, the installer is designed to make the opt-out check boxes easy to miss. It is also important to point out that Torn TV and the TornTV Hijacker are built on Yontoo, a platform that has been closely associated with adware and irritating browser hijackers. ESG security researchers consider that the TornTV Hijacker poses as a security risk.

Table of Contents

The TornTV Hijacker May Be Associated with the Bifrose Backdoor Trojan

One of the reasons why ESG security researchers consider the TornTV Hijacker more dangerous than typical adware hijackers is that there have been reports of the TornTV Hijacker being installed along with the Bifrose backdoor Trojan. This is a dangerous malware infection that creates an unauthorized opening in the infected computer's security. This allows criminals to gain access to the infected computer from a remote location, allowing them to spy on your online activity and install other malware on your computer.

The main symptom associated with TornTV Hijacker is the way TornTV Hijacker affects its victim's web browsing. The TornTV Hijacker takes over the victim's web browser, forcing it to visit the Torn TV website repeatedly. The victim's homepage, default search engine, favorite websites and other predetermined websites may also be changed by the TornTV Hijacker without the computer user's authorization. Since the TornTV Hijacker makes unwanted changes to your web browser's settings, removing TornTV Hijacker involves undoing these unwanted changes as well. ESG security researchers advise using a reliable anti-malware program to remove the TornTV Hijacker from your computer and then making sure that all of your security settings and web browser preferences had been restored to what they were before the computer was infected with the TornTV Hijacker.

SpyHunter Detects & Remove TornTV Hijacker

File System Details

TornTV Hijacker may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	torntvsvc.exe	83662cf544a10bb30a1b39834dcf619c	3,655
Name: torntvsvc.exe MD5: 83662cf544a10bb30a1b39834dcf619c Size: 19.45 KB (19456 bytes) Detections: 3,655 Type: Executable File Path: c:\Users\<username>\appdata\roaming\torntv.com\torntvsvc.exe Group: Malware file Last Updated: February 11, 2024
2.	TornTVSvc.exe	5bcf46557be6ee9e6993fe4610b19537	883
Name: TornTVSvc.exe MD5: 5bcf46557be6ee9e6993fe4610b19537 Size: 10.24 KB (10240 bytes) Detections: 883 Type: Executable File Path: %APPDATA%\TornTV.com Group: Malware file Last Updated: August 21, 2020
3.	TornTVSvc.exe	69091e879c6ade285a45c24b65300917	478
Name: TornTVSvc.exe MD5: 69091e879c6ade285a45c24b65300917 Size: 19.45 KB (19456 bytes) Detections: 478 Type: Executable File Path: C:\Users\<username>\AppData\Roaming\TornTV.com\TornTVSvc.exe Group: Malware file Last Updated: February 15, 2023
4.	Torntv Downloader.exe	df0dc06e8150509082e4cc512075f9bf	469
Name: Torntv Downloader.exe MD5: df0dc06e8150509082e4cc512075f9bf Size: 280.57 KB (280576 bytes) Detections: 469 Type: Executable File Path: %APPDATA%\TornTV.com Group: Malware file Last Updated: August 21, 2020
5.	TornTV Downloader.exe.vir	f1cf8e7f9d1b3230950ffeef0a2e504b	466
Name: TornTV Downloader.exe.vir MD5: f1cf8e7f9d1b3230950ffeef0a2e504b Size: 306.17 KB (306176 bytes) Detections: 466 Path: C:\AdwCleaner\Quarantine\C\Users\<username>\AppData\Roaming\TornTV.com\TornTV Downloader.exe.vir Group: Malware file Last Updated: May 29, 2022
6.	TornTVSvc.exe.vir	79f6359d5489c46493966ec5cc8e9ba7	317
Name: TornTVSvc.exe.vir MD5: 79f6359d5489c46493966ec5cc8e9ba7 Size: 23.55 KB (23552 bytes) Detections: 317 Path: C:\AdwCleaner\Quarantine\C\Users\<username>\AppData\Roaming\TornTV.com\TornTVSvc.exe.vir Group: Malware file Last Updated: August 10, 2022
7.	TornTV Downloader.exe	69410c721a1768a49e29f97f9a10d5f9	286
Name: TornTV Downloader.exe MD5: 69410c721a1768a49e29f97f9a10d5f9 Size: 280.57 KB (280576 bytes) Detections: 286 Type: Executable File Path: C:\Music\Backup Oraclon 09-01-15\Cliente\AppData\Roaming\TornTV.com\TornTV Downloader.exe Group: Malware file Last Updated: February 15, 2023
8.	torntvupdater10.exe	c4bad843f6530526bd48a6c87f97f279	261
Name: torntvupdater10.exe MD5: c4bad843f6530526bd48a6c87f97f279 Size: 232.97 KB (232976 bytes) Detections: 261 Type: Executable File Path: %APPDATA%\TornTV.com\log Group: Malware file Last Updated: September 6, 2020
9.	TornTVSvc.exe	ad2ef75768cec428d9452695376b58d7	135
Name: TornTVSvc.exe MD5: ad2ef75768cec428d9452695376b58d7 Size: 10.24 KB (10240 bytes) Detections: 135 Type: Executable File Path: C:\Users\<username>\AppData\Roaming\TornTV.com\TornTVSvc.exe Group: Malware file Last Updated: August 2, 2021
10.	TornTvUpdater.exe	92705c07f0c725156c1d45110ef8ade3	117
Name: TornTvUpdater.exe MD5: 92705c07f0c725156c1d45110ef8ade3 Size: 10.24 KB (10240 bytes) Detections: 117 Type: Executable File Path: C:\Users\<username>\AppData\Roaming\TornTV.com\TornTvUpdater.exe Group: Malware file Last Updated: February 11, 2024
11.	TornTV.exe.vir	e876e34992e87644578f4e5d59f9d4a0	73
Name: TornTV.exe.vir MD5: e876e34992e87644578f4e5d59f9d4a0 Size: 827.64 KB (827648 bytes) Detections: 73 Path: C:\AdwCleaner\Quarantine\C\Documents and Settings\Tulasi\Application Data\TornTV.com\TornTV.exe.vir Group: Malware file Last Updated: February 15, 2023
12.	TornTVSvc.exe	f4bace96ec5292bc01a9119879050f67	54
Name: TornTVSvc.exe MD5: f4bace96ec5292bc01a9119879050f67 Size: 23.55 KB (23552 bytes) Detections: 54 Type: Executable File Path: %APPDATA%\TornTV.com Group: Malware file Last Updated: January 24, 2020
13.	torntv downloader.exe	ffccd2cc44aac7a7ea2aabab325cc3ed	7
Name: torntv downloader.exe MD5: ffccd2cc44aac7a7ea2aabab325cc3ed Size: 310.27 KB (310272 bytes) Detections: 7 Type: Executable File Path: c:\Users\<username>\appdata\roaming\torntv.com\torntv downloader.exe Group: Malware file Last Updated: October 15, 2021
14.	TornTV Downloader.exe	27ae23e281318202e85ff49ec8635036	5
Name: TornTV Downloader.exe MD5: 27ae23e281318202e85ff49ec8635036 Size: 306.17 KB (306176 bytes) Detections: 5 Type: Executable File Path: %APPDATA%\TornTV.com Group: Malware file Last Updated: March 23, 2016
15.	TornTV Downloader.exe	462a24319ce6ba816f7b0e75f6b6ca97	4
Name: TornTV Downloader.exe MD5: 462a24319ce6ba816f7b0e75f6b6ca97 Size: 280.57 KB (280576 bytes) Detections: 4 Type: Executable File Path: %APPDATA%\TornTV.com Group: Malware file Last Updated: March 23, 2016
16.	TornTVSvc.exe	3b719cac4cc7d18cecb2e28828c8ff77	3
Name: TornTVSvc.exe MD5: 3b719cac4cc7d18cecb2e28828c8ff77 Size: 24.57 KB (24576 bytes) Detections: 3 Type: Executable File Path: %APPDATA%\TornTV.com Group: Malware file Last Updated: March 23, 2016
17.	TornTvDownloader.lnk	23797cfa65aeb4d1baa328c1171657af	3
Name: TornTvDownloader.lnk MD5: 23797cfa65aeb4d1baa328c1171657af Size: 3.2 KB (3204 bytes) Detections: 3 Type: Shortcut Path: %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup Group: Malware file Last Updated: March 23, 2016
18.	TornTVSvc.exe	3faf1020d7c014a4b97bf3b3ee0ba5f5	2
Name: TornTVSvc.exe MD5: 3faf1020d7c014a4b97bf3b3ee0ba5f5 Size: 19.45 KB (19456 bytes) Detections: 2 Type: Executable File Path: %APPDATA%\TornTV.com Group: Malware file Last Updated: March 23, 2016
19.	TornTvUpdater.exe	a5c1e41bd1982666e3fc61cd60cde5f0	2
Name: TornTvUpdater.exe MD5: a5c1e41bd1982666e3fc61cd60cde5f0 Size: 9.21 KB (9216 bytes) Detections: 2 Type: Executable File Path: %APPDATA%\TornTV.com Group: Malware file Last Updated: September 29, 2020
20.	Torntv Downloader.exe	6df6c2c1e31ecd291153572f42947159	1
Name: Torntv Downloader.exe MD5: 6df6c2c1e31ecd291153572f42947159 Size: 296.96 KB (296960 bytes) Detections: 1 Type: Executable File Path: %APPDATA%\TornTV.com Group: Malware file Last Updated: March 23, 2016
21.	TornTVSvc.exe	3c3175340bdf679db9428ff76915396a	1
Name: TornTVSvc.exe MD5: 3c3175340bdf679db9428ff76915396a Size: 10.24 KB (10240 bytes) Detections: 1 Type: Executable File Path: %APPDATA%\TornTV.com Group: Malware file Last Updated: March 23, 2016
22.	TornTvDownloader.lnk	736fe6b6008a1095d4a507326cd05a66	1
Name: TornTvDownloader.lnk MD5: 736fe6b6008a1095d4a507326cd05a66 Size: 1.9 KB (1903 bytes) Detections: 1 Type: Shortcut Path: %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup Group: Malware file Last Updated: March 23, 2016
23.	Torntv Downloader.exe	5005b1f3f92b68ce4a25947cb1f0c46f	1
Name: Torntv Downloader.exe MD5: 5005b1f3f92b68ce4a25947cb1f0c46f Size: 308.73 KB (308732 bytes) Detections: 1 Type: Executable File Path: %APPDATA%\TornTV.com Group: Malware file Last Updated: March 23, 2016
24.	TornTvDownloader.lnk	7335fa54213c5f8c0e2f666cc5191ace	1
Name: TornTvDownloader.lnk MD5: 7335fa54213c5f8c0e2f666cc5191ace Size: 1.9 KB (1902 bytes) Detections: 1 Type: Shortcut Path: %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup Group: Malware file Last Updated: March 23, 2016
25.	torntvupdater10.exe	df028f7a84c202280ed205c3e3933909	1
Name: torntvupdater10.exe MD5: df028f7a84c202280ed205c3e3933909 Size: 231.76 KB (231768 bytes) Detections: 1 Type: Executable File Path: %APPDATA%\TornTV.com\log Group: Malware file Last Updated: March 23, 2016
26.	torntvupdater10.exe	9dad1573a4bbd102b2a16b717cf812bc	1
Name: torntvupdater10.exe MD5: 9dad1573a4bbd102b2a16b717cf812bc Size: 232.16 KB (232164 bytes) Detections: 1 Type: Executable File Path: %APPDATA%\TornTV.com\log Group: Malware file Last Updated: March 23, 2016
27.	torntv.exe
Name: torntv.exe Type: Executable File Group: Malware file
28.	server.exe
Name: server.exe Type: Executable File Group: Malware file
29.	%ProgramFiles%\YontooIEClient.DLL
Name: %ProgramFiles%\YontooIEClient.DLL Type: Dynamic link library Group: Malware file
30.	%ProgramFiles%\TornTV.com\*
Name: %ProgramFiles%\TornTV.com\* Group: Malware file

More files

Registry Details

TornTV Hijacker may create the following registry entry or registry entries:

CLSID

{11111111-1111-1111-1111-110311551178}

{11111111-1111-1111-1111-110411591160}

{11111111-1111-1111-1111-110411901140}

{11111111-1111-1111-1111-110511131190}

{22222222-2222-2222-2222-220322552278}

{22222222-2222-2222-2222-220422592260}

{22222222-2222-2222-2222-220422902240}

{22222222-2222-2222-2222-220522132290}

{44444444-4444-4444-4444-440344554478}

{44444444-4444-4444-4444-440444594460}

{44444444-4444-4444-4444-440444904440}

{44444444-4444-4444-4444-440544134490}

{55555555-5555-5555-5555-550355555578}

{55555555-5555-5555-5555-550455595560}

{55555555-5555-5555-5555-550455905540}

{55555555-5555-5555-5555-550555135590}

{66666666-6666-6666-6666-660366556678}

{66666666-6666-6666-6666-660466596660}

{66666666-6666-6666-6666-660466906640}

{66666666-6666-6666-6666-660566136690}

File name without path

http_www.torntv-tvv.org_0.localstorage

http_www.torntv-tvv.org_0.localstorage-journal

Torntv Downloader.lnk

TornTv.lnk

Regexp file mask

%TEMP%\Torntv V9.0Installer_[RANDOM CHARACTERS].log

%windir%\Tasks\2e10d0f9-1239-4dc7-85f8-42db6a7eaea5[RANDOM CHARACTERS].job

HKEY..\..\..\..{RegistryKeys}

Software\1ClickDownload

Software\AppDataLow\Software\Crossrider\onBeforeNavigate\35578

Software\AppDataLow\Software\Crossrider\onBeforeNavigate\45960

Software\AppDataLow\Software\Crossrider\onBeforeNavigate\49040

Software\AppDataLow\Software\Crossrider\onBeforeNavigate\51390

Software\AppDataLow\Software\Crossrider\onRequest\35578

Software\AppDataLow\Software\Crossrider\onRequest\45960

Software\AppDataLow\Software\Crossrider\onRequest\49040

Software\AppDataLow\Software\Crossrider\onRequest\51390

Software\AppDataLow\Software\Torntv 2

Software\AppDataLow\Software\Torntv V6.0

Software\AppDataLow\Software\Torntv V7.0

Software\AppDataLow\Software\Torntv V9.0

Software\AppDataLow\Software\V9.0 Torntv 1.1

SOFTWARE\Classes\.torrent\OpenWithProgIDs\TorntvDownloader

SOFTWARE\Classes\6bd34e315cba4997ad71181b65e074a50070001.BHO

SOFTWARE\Classes\6bd34e315cba4997ad71181b65e074a50070001.BHO.1

SOFTWARE\Classes\6bd34e315cba4997ad71181b65e074a50070001.Sandbox

SOFTWARE\Classes\6bd34e315cba4997ad71181b65e074a50070001.Sandbox.1

SOFTWARE\Classes\9ab333d0052b01323ffd0f6cdde3bdb00063311.BHO

SOFTWARE\Classes\9ab333d0052b01323ffd0f6cdde3bdb00063311.BHO.1

SOFTWARE\Classes\9ab333d0052b01323ffd0f6cdde3bdb00063311.Sandbox

SOFTWARE\Classes\9ab333d0052b01323ffd0f6cdde3bdb00063311.Sandbox.1

SOFTWARE\Classes\CrossriderApp0035578.BHO

SOFTWARE\Classes\CrossriderApp0035578.BHO.1

SOFTWARE\Classes\CrossriderApp0035578.Sandbox

SOFTWARE\Classes\CrossriderApp0045960.BHO

SOFTWARE\Classes\CrossriderApp0045960.BHO.1

SOFTWARE\Classes\CrossriderApp0045960.Sandbox

SOFTWARE\Classes\CrossriderApp0045960.Sandbox.1

SOFTWARE\Classes\CrossriderApp0049040.BHO

SOFTWARE\Classes\CrossriderApp0049040.BHO.1

SOFTWARE\Classes\CrossriderApp0049040.Sandbox

SOFTWARE\Classes\CrossriderApp0049040.Sandbox.1

SOFTWARE\Classes\CrossriderApp0051390.BHO

SOFTWARE\Classes\CrossriderApp0051390.BHO.1

SOFTWARE\Classes\CrossriderApp0051390.Sandbox

SOFTWARE\Classes\CrossriderApp0051390.Sandbox.1

Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\TheTorntv V10

Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Torntv 2

Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Torntv V6.0

Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Torntv V7.0

Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Torntv V9.0

Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\V9.0 Torntv 1.1

SOFTWARE\Classes\TorntvDownloader

Software\Classes\TornTvDownloader.File

Software\Classes\TornTvDownloader.File\

SOFTWARE\Classes\TorntvDownloader.torrentFile

Software\Crossrider\onBeforeNavigate\51390

Software\Crossrider\onRequest\51390

Software\InstalledBrowserExtensions\3874

Software\InstalledBrowserExtensions\esc\61177

Software\InstalledBrowserExtensions\esc\61855

Software\InstalledBrowserExtensions\esc\63311

Software\InstalledBrowserExtensions\Qwerty

Software\InstalledBrowserExtensions\tom\51390

Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110311551178}

Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110411591160}

Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110411901140}

Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110511131190}

Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration\{11111111-1111-1111-1111-110311551178}

Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration\{11111111-1111-1111-1111-110411591160}

Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration\{11111111-1111-1111-1111-110411901140}

Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration\{11111111-1111-1111-1111-110511131190}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{03a7f11c-9738-4147-aa95-53f19f7acaf6}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{046b5803-0809-4af4-86d1-49a8a6e3e77e}

SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{091f7430-e568-4477-8302-60be90dff142}

SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0eac069f-41c7-4df5-8143-3808234c9e15}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21d81749-b73c-4ada-a1e9-f3c79779a743}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4391e1a3-6881-425b-8f13-e1d11b4e4cda}

SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44141d66-1fa6-4c28-b2d9-07fd14352eb6}

SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{547e32d9-d44c-4e27-8eb1-38139385cb1b}

SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5c17b20f-6076-4378-9abe-687ace5b2ee5}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5cfad20e-6920-4da6-8014-cb1a1347d497}

SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{698052cc-e3ca-48c9-ae68-6d5d5934797c}

SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70fc0ad7-e6e0-4273-8d17-63b240e194b2}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7d7b90ec-0f77-49ec-bfa5-07a12bb9f394}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7e8b9605-0386-4d5b-973f-06444721f450}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84014d04-125a-4cb6-99a8-dc29ee36459f}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{844df3e1-690e-4fee-b263-3c437e27d628}

SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8f3263a9-ae07-449d-bf03-5cedf0e9d7ae}

SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9518bc89-9639-4183-804d-7af98b230886}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9bb72b76-56f5-40bc-bcfe-583aa8efa8d1}

SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9ce037a0-9f4d-4d58-82be-ce45256d47da}

SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ab3b6b05-5dfc-4ebd-a023-2bde2ef48487}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ac675dc0-4e83-4f1e-a6aa-2fadf678459f}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{bc8988c0-651c-4ae6-a307-1ab9e2da67b9}

SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c002c2b0-b030-4fb9-898f-66aa04ed7768}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ccffe97f-6737-43a1-a9f9-4a0c78082e0b}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d49cfa8c-0142-453f-bc43-12931743833d}

SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d59e146b-1f74-453f-8244-899e65b3d975}

SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d8440e5c-16c7-4ada-855f-d069c4a64673}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{df1ddecd-5fe5-4e0c-872b-ae4985af5171}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e25bd778-2418-43bd-b417-98d94f67b0ed}

SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ecbe83d0-245c-4197-accb-06a3724d15d5}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f585a701-a226-4877-9017-837f3e37a228}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa83ca79-53ef-4d9d-b3a0-8724dc94fbae}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{febbade8-04ef-47cd-9766-290e82ccfe52}

SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\TheTorntvs V10 1.1 --bg.exe

SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\Torntv V6.0-bg.exe

SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\Torntv V7.0-bg.exe

SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\Torntv V9.0-bg.exe

SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32

SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS

SOFTWARE\Microsoft\Tracing\TornTVSetup_RASAPI32

SOFTWARE\Microsoft\Tracing\TornTVSetup_RASMANCS

SOFTWARE\Microsoft\Tracing\TornTVSvc_RASAPI32

SOFTWARE\Microsoft\Tracing\TornTVSvc_RASMANCS

SOFTWARE\Microsoft\Tracing\TornTvUpdater_RASAPI32

SOFTWARE\Microsoft\Tracing\TornTvUpdater_RASMANCS

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\Torntv V6.0-firefoxinstaller.job

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\Torntv V6.0-firefoxinstaller.job.fp

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\Torntv V6.0-updater.job

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\Torntv V6.0-updater.job.fp

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Torntv V6.0-chromeinstaller

SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551178}

SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901140}

SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131190}

SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311551178}

SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411591160}

SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110511131190}

Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311551178}

Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110411591160}

Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110411901140}

Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511131190}

Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311551178}

Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411591160}

Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411901140}

Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511131190}

Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{11111111-1111-1111-1111-110311551178}

Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{11111111-1111-1111-1111-110411591160}

SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{11111111-1111-1111-1111-110511131190}

SOFTWARE\Microsoft\Windows\CurrentVersion\Run\TornTv Downloader

SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Torntv V6.0

Software\TheTorntvs V10 1.1 -

Software\TornTv Downloader

SOFTWARE\Torntv V6.0

SOFTWARE\Torntv V7.0

SOFTWARE\Torntv V9.0

SOFTWARE\Wow6432Node\InstalledBrowserExtensions\3874

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{03a7f11c-9738-4147-aa95-53f19f7acaf6}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{046b5803-0809-4af4-86d1-49a8a6e3e77e}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{091f7430-e568-4477-8302-60be90dff142}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0eac069f-41c7-4df5-8143-3808234c9e15}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21d81749-b73c-4ada-a1e9-f3c79779a743}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4391e1a3-6881-425b-8f13-e1d11b4e4cda}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44141d66-1fa6-4c28-b2d9-07fd14352eb6}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{547e32d9-d44c-4e27-8eb1-38139385cb1b}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5c17b20f-6076-4378-9abe-687ace5b2ee5}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5cfad20e-6920-4da6-8014-cb1a1347d497}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{698052cc-e3ca-48c9-ae68-6d5d5934797c}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70fc0ad7-e6e0-4273-8d17-63b240e194b2}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7d7b90ec-0f77-49ec-bfa5-07a12bb9f394}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7e8b9605-0386-4d5b-973f-06444721f450}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84014d04-125a-4cb6-99a8-dc29ee36459f}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{844df3e1-690e-4fee-b263-3c437e27d628}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8f3263a9-ae07-449d-bf03-5cedf0e9d7ae}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9518bc89-9639-4183-804d-7af98b230886}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9bb72b76-56f5-40bc-bcfe-583aa8efa8d1}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9ce037a0-9f4d-4d58-82be-ce45256d47da}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ab3b6b05-5dfc-4ebd-a023-2bde2ef48487}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{bc8988c0-651c-4ae6-a307-1ab9e2da67b9}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c002c2b0-b030-4fb9-898f-66aa04ed7768}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ccffe97f-6737-43a1-a9f9-4a0c78082e0b}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d49cfa8c-0142-453f-bc43-12931743833d}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d59e146b-1f74-453f-8244-899e65b3d975}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d8440e5c-16c7-4ada-855f-d069c4a64673}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{df1ddecd-5fe5-4e0c-872b-ae4985af5171}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e25bd778-2418-43bd-b417-98d94f67b0ed}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ecbe83d0-245c-4197-accb-06a3724d15d5}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f585a701-a226-4877-9017-837f3e37a228}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa83ca79-53ef-4d9d-b3a0-8724dc94fbae}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{febbade8-04ef-47cd-9766-290e82ccfe52}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\Torntv 2-bg.exe

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\Torntv V6.0-bg.exe

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\Torntv V7.0-bg.exe

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\Torntv V9.0-bg.exe

SOFTWARE\Wow6432Node\Microsoft\Tracing\Torntv Downloader_RASAPI32

SOFTWARE\Wow6432Node\Microsoft\Tracing\Torntv Downloader_RASMANCS

SOFTWARE\Wow6432Node\Microsoft\Tracing\TornTV_RASAPI32

SOFTWARE\Wow6432Node\Microsoft\Tracing\TornTV_RASMANCS

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551178}

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901140}

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131190}

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311551178}

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411591160}

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411901140}

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110511131190}

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{11111111-1111-1111-1111-110511131190}

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Torntv 2

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Torntv V6.0

SOFTWARE\Wow6432Node\Torntv 2

SOFTWARE\Wow6432Node\Torntv V6.0

SOFTWARE\Wow6432Node\Torntv V7.0

SOFTWARE\Wow6432Node\Torntv V9.0

SOFTWARE\Wow6432Node\V9.0 Torntv 1.1

SYSTEM\ControlSet001\services\eventlog\Application\Torntv

SYSTEM\ControlSet001\services\trntv

SYSTEM\ControlSet002\services\eventlog\Application\Torntv

SYSTEM\ControlSet002\services\trntv

SYSTEM\CurrentControlSet\services\eventlog\Application\Torntv

SYSTEM\CurrentControlSet\services\trntv

HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}

1ClickDownload

1ClickDownloader

Torntv V7.0

Torntv V9.0

Directories

TornTV Hijacker may create the following directory or directories:

%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\TornTV.com

%APPDATA%\Microsoft\Windows\Start Menu\Programs\TornTV.com

%APPDATA%\TornTV.com

%PROGRAMFILES%\TheTorntv V10

%PROGRAMFILES%\TheTorntvs V10 1.1 -

%PROGRAMFILES%\TornPlusTV_version1.11

%PROGRAMFILES%\TornTV.com

%PROGRAMFILES%\Torntv 2

%PROGRAMFILES%\Torntv V6.0

%PROGRAMFILES%\Torntv V7.0

%PROGRAMFILES%\Torntv V9.0

%PROGRAMFILES(x86)%\TheTorntv V10

%PROGRAMFILES(x86)%\TheTorntvs V10 1.1 -

%PROGRAMFILES(x86)%\TornPlusTV_version1.11

%PROGRAMFILES(x86)%\TornTV.com

%PROGRAMFILES(x86)%\Torntv 2

%PROGRAMFILES(x86)%\Torntv V6.0

%PROGRAMFILES(x86)%\Torntv V7.0

%PROGRAMFILES(x86)%\Torntv V9.0

%USERPROFILE%\Start Menu\Programs\TornTV.com

URLs

TornTV Hijacker may call the following URLs:

torntv-downloader-dl.info

torntv-downloader.com

torntv-tvv.org

torntv.com

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

TornTV Hijacker

Threat Scorecard

EnigmaSoft Threat Scorecard

The TornTV Hijacker May Be Associated with the Bifrose Backdoor Trojan

SpyHunter Detects & Remove TornTV Hijacker

File System Details

Registry Details

Directories

URLs

Submit Comment

Trending

Wisz Ransomware

Wiaw Ransomware

SaveFrom.net

Most Viewed

Discord Shows Black Screen when Sharing Screen

How To Fix 'Printer Driver is Unavailable' Error

What is Msedge.exe?