A quick look at a HJT log?

[jornsen]

Hi

On a friends PC, I have followed the steps in "READ ME before posting...", and it was a success (IE startpage is back at google, 2 virus warning popups are gone).
However, I am still not impressed with performance on the PC, so I wonder if somebody would have a fast look at the HJT log.

I attach my own log from the cleaning procedure along with ewido log and HJT log.

Config: Intel Celeron M 1.46 GHz, 1.46 GHz (!!??), 1 GB RAM, 53.6 GB disk

Best regards
/Jornsen

[jholland1964]

Hi again, just posted in YOUR thread!
These clean up logs, Ewido and the other look pretty good, though there are some items remaining. It will take awhile to work up fixes for the few items remaining and also for me to go through the HJT log here too.
One thing you can do is download and run CCleaner and clean out all the temp files, cookies, internet temp files. Some items were found in all of those.
I will get back with other fixes ASAP.
Judy

[jholland1964]

removed folder c:\Programmer\Media-Codec and content manually.

This was ok to do.
Now do the following;
Look in Add/Remove
See if you see listings for;
VirusBurst
Media-Codec.(just in case this one remains)
If you do remove them both.

Next follow the steps given on this link How to Remove VirusBurst

This will involve the download and running of several additional programs so Please read the instructions very carefully, print them out if that will help.
Once you have followed all the instructions EXACTLY as given on the link then run a new HJT scan and post it back here.

[jornsen]

Hi Judy

Not to sound rude or anything, but why do you think I have this Virusburst? I cannot find any trace of it although the description sounds a lot like something that I HAD, but were gone after the "READ THIS before you.." clean..
(just to be sure before I start a new half-night raid.. :-)

Best regards
/John

[jholland1964]

Hi John,
Please believe me, I do not feel you were rude. You caught an error and I am greatful for it. You are correct, Ewido DID remove VirusBurst. I have no excuse except not reading far enough.
Your HJT log looks good, except for a few unnecessary programs running at start up it looks clean.
Is the computer still running slowly or have things improved?

[jornsen]

Hi Judy

OK, now I'm glad that I asked...

Well, I'm still not impressed with the performance of the computer, but as it is not my own, I really don't know how it should be...

Thanks for your help!!!

PS: The few unnecessary programs starting up at boot, which are they?

/John

[jholland1964]

Hi John,
These are the ones I know for sure that can be disabled;
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe>>>have found no information for it except that it is non-essential and can be disabled
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE>>>Realtek AC97 Audio - Event Monitor. "Sypware" file used surreptitiously monitor one's actions. It is not a sinister one, like remote control programs, but it is being used by Realtek to gather data about customers

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe>>>Quick access to the control panel via a System Tray icon for graphics based upon the Intel chipsets (ie, i810). These chipsets are often included on motherboards. Available via Start -> Settings -> Control Panel

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe>>>Installed by the Intel 810 and 815 chipset graphic drivers. If you want the Ctrl Alt F12 or similar keypresses to access Intel's customised graphics properties, you need it, otherwise not. Can be disabled via the Display Properties in Control Panel

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe>>>Associated with the Common User Interface module for Intel graphics cards

Unless he purchased the Ewido program I would also disable that automatic scanning in the background portion of the program. Unless this is the paid version of the program the background scanner won't really work after two weeks of download and it would be pointless to have it keep starting up. The manual scanner portion of the free program will work without purchase so it can be left on the computer, just disable the auto-start background scanner.

There ARE a few others which are native to laptop computers which say are unnecessary however I am somewhat leery to recommend disabling as I am not certain how your friend uses the laptop and these may be items that he uses on a regular basis. I would hate to have you disable something and then have you find out that he cannot do something easily that he used to be able to do without thinking about it.
Judy

[jornsen]

Hi Judy

OK, I'll have a look at it.
Again, thanks a million for your help - from both myself and my friend!!

/John

[jholland1964]

Happy to help John. Keep us posted!