I check your logs and they look clean. You have 2 antivirus programs running though> please decide which you want to keep and have HijackThis remove all the processes for the other: These are not all of the processes- just to show you which two programs are installed.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
About security:
Since the system has slowed down, consider this: you are running two similar translating programs:
[IMJPMIG8.1]>> Part of MS Input Method Editor which is used to ease the input of Asian characters in MS Office (Chinese, Korean and this one is Japanese)
[PHIME2002A]>> Part of Microsoft's Input Message Editor (IME) for translating Japanese/Chinese text in IE, Outlook and Word
If it my understanding that one of these programs would be sufficient, but I'll leave that up to you.
As far as all of the ELSA processes: as far as I found, these are work manuals for Volkawagen and there are many processes as well as Services running. If you don't need all of them all of the time, have HijackThis remove those you don't need, open the program and make the appropriate changes, and change the Startup Type for the Service to Manual instead of Automatic. This is best done in Safe Mode.
C:\ElsaWin\bin\LcSvrAdm.exe
C:\ElsaWin\bin\LcSvrDba.exe
C:\ElsaWin\bin\LcSvrHis.exe
C:\ElsaWin\bin\LcSvrPas.exe
C:\ElsaWin\bin\LcSvrSaz.exe
C:\ElsaWin\bin\LcSvrAuf.exe
O18 - Protocol: vw-wi - {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} - C:\ElsaWin\bin\wiProt.dll
O23 - Service: ELSA Administration Service (LcSvrAdm) - Volkswagen AG - C:\ElsaWin\bin\LcSvrAdm.exe
O23 - Service: ELSA Auftragsverwaltungs Service (LcSvrAuf) - Volkswagen AG - C:\ElsaWin\bin\LcSvrAuf.exe
O23 - Service: ELSA DBA Server (LcSvrDba) - Volkswagen AG - C:\ElsaWin\bin\LcSvrDba.exe
O23 - Service: ELSA Historie Server (LcSvrHis) - Volkswagen AG - C:\ElsaWin\bin\LcSvrHis.exe
O23 - Service: ELSA PASS Server (LcSvrPAS) - Volkswagen AG - C:\ElsaWin\bin\LcSvrPas.exe
O23 - Service: ELSA APOSpro Server (LcSvrSaz) - Volkswagen AG - C:\ElsaWin\bin\LcSvrSaz.exe
O23 - Service: ELSA Vaudis Service (VSGate) - Volkswagen AG - C:\ElsaWin\bin\VSgate.exe
To remove processes, re-open HiJackThis and scan.*
Check* the boxes next to all the entries to be removed, then close all windows other than HiJackThis, then click
Fix Checked. Close HiJackThis and reboot into Safe Mode:
You should also use the msconfig utility to take EVERYTHING off of Startup EXCEPT the AV& firewall. Other programs can be started manually if needed.
To stop Startups:Start> Run> type in 'msconfig' without quotes> enter> Selective Startup> Startup tab> UNCHECK the appropriate processes> Apply> OK
To change the Services: Start> Run type in services.msc> enter> right click on the Service> Properties> change Startup type to either Disabled or Manual (the AV you aren't keeping should be set to Disabled, the other left at Automatic)
Uninstall Programs: Control Panel> Add/Remove Programs> UNINSTALL any programs you don't or won't use.
Reboot into Normal Mode. You will get a nag message you can close after checking 'don't show this message again.
To remove the cleaning tools:
* Download OTCleanIt (
http://download.bleepingcomputer.com/oldtimer/OTCleanIt.exe)
* Click the CleanUp! button.
* It will go thorough the list and remove all of the tools it finds and then delete itself (requiring a reboot).
Clear your existing System Restore points and establish a new clean restore point: (malware can get into the restore points. They are protected files so the cleaning doesn't remove them.
Go to Start > All Programs > Accessories > System Tools > System Restore> Select Create a restore point> OK.
Next, go to Start > Run and type in
cleanmgr> Select the More options tab> Choose the option to clean up System Restore and OK it.
This will remove all restore points except the new one you just created.
Let me know if you have any questions>
