I am currently helping a friend repair their computer. Symptoms: popup ads in Chrome, Internet Explorer, and FireFox; Slow computer; ntldr file missing which I replaced, using a Windows XP SP2 CD.
Thank you for any advice.
Requested Logs: Results of screen317's Security Check version 0.99.79 Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````[/u]
Windows Firewall Enabled!
Microsoft Security Essentials
`````````Anti-malware/Other Utilities Check:`````````[/u]
CCleaner
Java 2 Runtime Environment Standard Edition v1.3.1
Java version out of Date! Adobe Flash Player 12.0.0.44
Adobe Reader XI
Mozilla Firefox (27.0)
Google Chrome 32.0.1700.102
Google Chrome 32.0.1700.107
````````Process Check: objlist.exe by Laurent````````[/u]
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````[/u]
Total Fragmentation on Drive C:: 3%
````````````````````End of Log``````````````````````[/u]
# AdwCleaner v3.018 - Report created 07/02/2014 at 20:35:13
# Updated 28/01/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Norman - HOME
# Running from : C:\Documents and Settings\Norman\Desktop\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
Service Found : SProtection
***** [ Files / Folders ] *****
File Found : C:\Documents and Settings\Norman\Application Data\Mozilla\Firefox\Profiles\k1ntbvvo.default-1391812259765\user.js
File Found : C:\Program Files\Mozilla Firefox\defaults\pref\all-iminent.js
File Found : C:\windows\system32\roboot.exe
Folder Found C:\DOCUME~1\Norman\LOCALS~1\Temp\Iminent
Folder Found C:\Documents and Settings\All Users\Application Data\Systweak
Folder Found C:\Documents and Settings\Norman\Application Data\IminentToolbar
Folder Found C:\Documents and Settings\Norman\Application Data\Systweak
Folder Found C:\Documents and Settings\Norman\My Documents\optimizer pro
Folder Found C:\Program Files\Common Files\Umbrella
Folder Found C:\Program Files\Iminent
Folder Found C:\Program Files\IminentToolbar
Folder Found C:\Program Files\MyPC Backup
Folder Found C:\Program Files\MyPC Backup
Folder Found C:\Program Files\Viewpoint
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\Iminent
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DEDAF650-12B8-48F5-A843-BBA100716106}
Key Found : HKCU\Software\systweak
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\esrv.iminentESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.iminentESrvc.1
Key Found : HKLM\SOFTWARE\Classes\I
Key Found : HKLM\SOFTWARE\Classes\Iminent
Key Found : HKLM\SOFTWARE\Classes\iminent.iminentappCore
Key Found : HKLM\SOFTWARE\Classes\iminent.iminentappCore.1
Key Found : HKLM\SOFTWARE\Classes\iminent.iminentdskBnd
Key Found : HKLM\SOFTWARE\Classes\iminent.iminentdskBnd.1
Key Found : HKLM\SOFTWARE\Classes\iminent.iminentHlpr
Key Found : HKLM\SOFTWARE\Classes\iminent.iminentHlpr.1
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9DBB28C1-1925-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Key Found : HKLM\Software\Iminent
Key Found : HKLM\Software\MetaStream
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IMBoosterARP
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Found : HKLM\Software\systweak
Key Found : HKLM\Software\Umbrella
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v27.0 (en-US)
[ File : C:\Documents and Settings\Norman\Application Data\Mozilla\Firefox\Profiles\k1ntbvvo.default-1391812259765\prefs.js ]
-\\ Google Chrome v32.0.1700.107
[ File : C:\Documents and Settings\Norman\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [6805 octets] - [07/02/2014 20:35:13]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6865 octets] ##########
# AdwCleaner v3.018 - Report created 07/02/2014 at 20:38:35
# Updated 28/01/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Norman - HOME
# Running from : C:\Documents and Settings\Norman\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : SProtection
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Systweak
Folder Deleted : C:\Program Files\Iminent
Folder Deleted : C:\Program Files\IminentToolbar
Folder Deleted : C:\Program Files\MyPC Backup
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\Program Files\Common Files\Umbrella
Folder Deleted : C:\DOCUME~1\Norman\LOCALS~1\Temp\Iminent
Folder Deleted : C:\Documents and Settings\Norman\Application Data\IminentToolbar
Folder Deleted : C:\Documents and Settings\Norman\Application Data\Systweak
Folder Deleted : C:\Documents and Settings\Norman\My Documents\optimizer pro
File Deleted : C:\windows\system32\roboot.exe
File Deleted : C:\Program Files\Mozilla Firefox\defaults\pref\all-iminent.js
File Deleted : C:\Documents and Settings\Norman\Application Data\Mozilla\Firefox\Profiles\k1ntbvvo.default-1391812259765\user.js
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.iminentESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.iminentESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\I
Key Deleted : HKLM\SOFTWARE\Classes\Iminent
Key Deleted : HKLM\SOFTWARE\Classes\iminent.iminentappCore
Key Deleted : HKLM\SOFTWARE\Classes\iminent.iminentappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\iminent.iminentdskBnd
Key Deleted : HKLM\SOFTWARE\Classes\iminent.iminentdskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\iminent.iminentHlpr
Key Deleted : HKLM\SOFTWARE\Classes\iminent.iminentHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9DBB28C1-1925-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DEDAF650-12B8-48F5-A843-BBA100716106}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Umbrella
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IMBoosterARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v27.0 (en-US)
[ File : C:\Documents and Settings\Norman\Application Data\Mozilla\Firefox\Profiles\k1ntbvvo.default-1391812259765\prefs.js ]
-\\ Google Chrome v32.0.1700.107
[ File : C:\Documents and Settings\Norman\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [6945 octets] - [07/02/2014 20:35:13]
AdwCleaner[S0].txt - [7007 octets] - [07/02/2014 20:38:35]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7067 octets] ##########
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.orgDatabase version: v2014.02.08.02
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Norman :: HOME [administrator]
2/7/2014 8:58:30 PM
MBAM-log-2014-02-07 (21-18-48).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 234242
Time elapsed: 19 minute(s), 50 second(s)
Memory Processes Detected: 1
C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe (PUP.Optional.Adpeak) -> 1696 -> No action taken.
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 26
HKCR\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4} (PUP.Optional.Iminent.A) -> No action taken.
HKCR\CLSID\{112BA211-334C-4A90-90EC-2AD1CDAB287C} (PUP.Optional.Iminent.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{112BA211-334C-4A90-90EC-2AD1CDAB287C} (PUP.Optional.Iminent.A) -> No action taken.
HKCR\CLSID\{1FAFD711-ABF9-4F6A-8130-5166C7371427} (PUP.Optional.Iminent.A) -> No action taken.
HKCR\CLSID\{45470599-8237-486D-87B5-E89CD6AED154} (PUP.Optional.MyWordTool.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45470599-8237-486D-87B5-E89CD6AED154} (PUP.Optional.MyWordTool.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{45470599-8237-486D-87B5-E89CD6AED154} (PUP.Optional.MyWordTool.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.Optional.AirInstaller) -> No action taken.
HKCR\TypeLib\{ABB8A8A5-FF98-40F6-B573-5841B063EA37} (PUP.Optional.FreshyToolbar) -> No action taken.
HKCR\Interface\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F} (PUP.Optional.FreshyToolbar) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C93C258D-EAF7-41F6-8DE1-C5D066E2AAD0} (PUP.Optional.FreshyToolbar) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWordTool (PUP.Optional.MyWordTool.A) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\Level Quality Watcher (PUP.Optional.Adpeak) -> No action taken.
HKCU\SOFTWARE\IminentToolbar (PUP.Optional.Iminent.A) -> No action taken.
HKCU\SOFTWARE\MyWordTool (PUP.Optional.MyWordTool.A) -> No action taken.
HKCU\Software\MozillaPlugins\@tnt2ghost.com/Plugin (PUP.Optional.TidyNetwork.A) -> No action taken.
HKCU\Software\MozillaPlugins\@tnt2npapi.com/Plugin (PUP.Optional.TidyNetwork.A) -> No action taken.
HKLM\SOFTWARE\Highlightly (PUP.Optional.Highlightly) -> No action taken.
HKLM\SOFTWARE\IminentToolbar (PUP.Optional.Iminent.A) -> No action taken.
HKLM\SOFTWARE\MyWordTool (PUP.Optional.MyWordTool.A) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\WinkHandler (PUP.Optional.Iminent.A) -> No action taken.
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HLNFD (PUP.Optional.Highlightly) -> No action taken.
HKCR\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A} (PUP.Optional.TidyNetwork.A) -> No action taken.
HKCR\CLSID\{DDE92238-1E66-45D9-A225-9F090E0FD227} (PUP.Optional.TidyNetwork.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{DDE92238-1E66-45D9-A225-9F090E0FD227} (PUP.Optional.TidyNetwork.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DDE92238-1E66-45D9-A225-9F090E0FD227} (PUP.Optional.TidyNetwork.A) -> No action taken.
Registry Values Detected: 5
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{1FAFD711-ABF9-4F6A-8130-5166C7371427} (PUP.Optional.Iminent.A) -> Data: Iminent Toolbar -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{1FAFD711-ABF9-4F6A-8130-5166C7371427} (PUP.Optional.Iminent.A) -> Data: -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\hlnfd|DisplayName (PUP.Optional.Highlightly) -> Data: hlnfd -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{DDE92238-1E66-45D9-A225-9F090E0FD227} (PUP.Optional.TidyNetwork.A) -> Data: 8"éÝfÙE¢%Ÿ Ò' -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{DDE92238-1E66-45D9-A225-9F090E0FD227} (PUP.Optional.TidyNetwork.A) -> Data: -> No action taken.
Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Iminent.A) -> Bad: (
http://start.iminent.com/?appId=D4299943-B778-4BA9-AFCA-BF8D77C9CF8F) Good: (
http://www.Google.com) -> No action taken.
Folders Detected: 13
C:\Documents and Settings\Norman\Application Data\MyWordTool (PUP.Optional.MyWordTool.A) -> No action taken.
C:\Program Files\Level Quality Watcher\v1.01 (PUP.Optional.Adpeak) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temp\mt_ffx\IminentToolbar (PUP.Optional.Iminent.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temp\mt_ffx\IminentToolbar\iminent (PUP.Optional.Iminent.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temp\mt_ffx\IminentToolbar\iminent\1.8.28.3 (PUP.Optional.Iminent.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2 (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676 (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Common (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Profiles (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Profiles\10755 (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Profiles\10755\Cache (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\djgojpphcoccgjoafgdhiomafpcopmfn (PUP.Optional.MyWordTool.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\djgojpphcoccgjoafgdhiomafpcopmfn\1_0 (PUP.Optional.MyWordTool.A) -> No action taken.
Files Detected: 94
C:\Documents and Settings\Norman\Application Data\MyWordTool\temp.dat (PUP.Optional.MyWordTool.A) -> No action taken.
C:\Documents and Settings\Norman\My Documents\Downloads\Adobe%20Flash%20Player%2011.exe (PUP.Optional.Bundler) -> No action taken.
C:\Documents and Settings\Norman\My Documents\Downloads\delugetorrentclient-setup.exe (PUP.Optional.FullSpectrumAdmin) -> No action taken.
C:\Documents and Settings\Norman\My Documents\Downloads\Setup.exe (PUP.Optional.AirInstaller) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temp\nsb137.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temp\nsc134.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temp\nseF2.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temp\nsg13A.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temp\nsg13D.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temp\nshED.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temp\nsj93.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temp\nsoEA.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temp\nsp140.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temp\nst131.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temp\nstF1.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temp\nsvE7.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temp\nsyF3.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temp\RegClean7.exe (PUP.Optional.RegCleanerPro) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temp\n567\Iminent_1712-b2fcad5e.exe (PUP.Optional.Iminent.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temp\n567\RegClean_1612-230a802f.exe (PUP.Optional.RegCleanerPro) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\TNT2User.exe (PUP.Optional.FreshyToolbar) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temporary Internet Files\Content.IE5\8SN1OPZE\MinibarFirefox[1].exe (PUP.Optional.Iminent.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temporary Internet Files\Content.IE5\8SN1OPZE\SPSetup[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temporary Internet Files\Content.IE5\BJ0UNJOV\IMinentToolbar[1].exe (PUP.Optional.Iminent) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temporary Internet Files\Content.IE5\BJ0UNJOV\metro[1].exe (PUP.Optional.Iminent.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temporary Internet Files\Content.IE5\HNH5Q8V3\spstub[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temporary Internet Files\Content.IE5\X3O20ENY\IminentMinibarIE[1].exe (PUP.Optional.Iminent.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Temporary Internet Files\Content.IE5\X3O20ENY\SPIdentifierImpl[1].exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\Mozilla Firefox\browser\searchplugins\StartWeb.xml (PUP.Optional.Iminent.A) -> No action taken.
C:\Documents and Settings\Norman\Application Data\MyWordTool\.build (PUP.Optional.MyWordTool.A) -> No action taken.
C:\Documents and Settings\Norman\Application Data\MyWordTool\.user (PUP.Optional.MyWordTool.A) -> No action taken.
C:\Documents and Settings\Norman\Application Data\MyWordTool\uninst.exe (PUP.Optional.MyWordTool.A) -> No action taken.
C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe (PUP.Optional.Adpeak) -> No action taken.
C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe (PUP.Optional.Adpeak) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\Autorun.inf (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\crx.tar (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\GameApps.ini (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\GameConsole.exe (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\GameEngine.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\GLOBALUNINSTALL.TNT (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\hmac.1.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\iestage2.1.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\IEToolbar.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\IEToolbar64.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\INSTALL.TNT (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\LastSession.log (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\log.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\MinecraftShims64.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\npTNT2.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\npTNT2Ghost.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\PARTNER.TNT (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\passport.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\passport64.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\pinnedSearch.htm (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\pinnedSearch_FindWide.htm (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\progress.1.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\regsvr.1.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\RemoteSkin.wms (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\sqlite.1.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\tnt2chrome.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\TNT2UserPS.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\TNT2UserPS64.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\TntMagicDel.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\UnInjLib.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\UnInjLib64.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\UNINSTALL.TNT (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\UninstallDlg.1.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\untar.1.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\UPDATE.TNT (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\xpi.tar (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\2.0.0.1676\zipunzip.1.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Common\GameConsole.exe (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Common\pinnedSearch.htm (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Profiles\10755\icon.ico (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Profiles\10755\inst.ini (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Profiles\10755\LastSession.log (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Profiles\10755\os10755.xml (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Profiles\10755\PARTNER.1.TNT (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Profiles\10755\partner.dat (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Profiles\10755\passport.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Profiles\10755\passport64.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Profiles\10755\runt.ini (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Profiles\10755\tnt_32x32.png (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Profiles\10755\
[email protected] (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Profiles\10755\yah10755.xml (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Profiles\10755\Cache\1e9028fb17b03c9857fe82e37db03e49 (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Profiles\10755\Cache\5f9f36157429bedf799b0e93ace40a74 (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Profiles\10755\Cache\9ee6deec492971441eeb405bbafb4c72 (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Profiles\10755\Cache\b7d73a9a17988e27fe817c3afd99a6e6 (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Profiles\10755\Cache\f53fa0c1784cb861b48c6f9a2ad9331f (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\TNT2\Profiles\10755\Cache\ff0ade92be2a9b2c4dba0cd480fb941a (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\djgojpphcoccgjoafgdhiomafpcopmfn\1_0\build.json (PUP.Optional.MyWordTool.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\djgojpphcoccgjoafgdhiomafpcopmfn\1_0\manifest.json (PUP.Optional.MyWordTool.A) -> No action taken.
C:\Documents and Settings\Norman\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\djgojpphcoccgjoafgdhiomafpcopmfn\1_0\script.js (PUP.Optional.MyWordTool.A) -> No action taken.
(end)