Help
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Thank you so much to anyone who may be able to give me a little advice
My concern is with the first three items. I ran hijackthis and they were there when they hadn't been before. I also
find it a little disconcerting that they don't show in task manager. I checked around online and found that the three of them
are sometimes legit and sometimes bad. I'm pretty sure I have the dirty ones but how can I tell the difference??
Thanks again!!
Page 1 of 1
Legit or Dirty???? New items shown to be running in the registry
Back to top
#2
- Retired
-
- Group: Members
- Posts: 1,123
- Joined: 15-October 07
- Gender:Male
Posted 10 November 2009 - 08:57 AM
Run SuperAntiSpyware
http://www.superantispyware.com/download.html
and
Malwarebytes
http://www.malwarebytes.org/mbam.php
On the SuperAntiSpyware Main Page,
you can also click on link at the bottom:
"Find out what's running on your computer!"
Very useful information; you can send in unknown
files for analysis; feedback if you supply email address
and there's a problem file or files.
If you still have doubts you should post the problem in the Forum
"Security - Am I infected? - What do I do?"
http://www.superantispyware.com/download.html
and
Malwarebytes
http://www.malwarebytes.org/mbam.php
On the SuperAntiSpyware Main Page,
you can also click on link at the bottom:
"Find out what's running on your computer!"
Very useful information; you can send in unknown
files for analysis; feedback if you supply email address
and there's a problem file or files.
If you still have doubts you should post the problem in the Forum
"Security - Am I infected? - What do I do?"
#3
- Forum Addict
-
- Group: BC Advisor
- Posts: 4,587
- Joined: 14-April 06
- Gender:Male
- Location:West Tennessee
Posted 10 November 2009 - 09:29 AM
In the links below are BC's comments on those files.
http://www.bleepingcomputer.com/startups/imjpmig-2171.html
http://www.bleepingcomputer.com/startups/TINTSETP-5758.html
http://www.bleepingcomputer.com/startups/imjpmig-2171.html
http://www.bleepingcomputer.com/startups/TINTSETP-5758.html
#4
- Learning To Bleep
-
- Group: BC Advisor
- Posts: 2,834
- Joined: 06-July 08
- Gender:Not Telling
- Location:127.0.0.1
Posted 10 November 2009 - 09:35 AM
It appears you have installed Microsoft IME (Input Method Editors) recently.
http://www.microsoft.com/windows/ie/ie6/do...me/default.mspx
IMJPMIG.EXE and TINTSETP.EXE are both Microsoft programs related to IME.
Quote
International communication keeps getting easier thanks to full-featured, high-performance IMEs. An IME is a program that allows computer users to enter complex characters and symbols, such as Japanese characters, using a standard keyboard. Microsoft is now offering two Global IMEs—Global IME 5.02 and Global IME for Office XP.
http://www.microsoft.com/windows/ie/ie6/do...me/default.mspx
IMJPMIG.EXE and TINTSETP.EXE are both Microsoft programs related to IME.
#5
- New Member
-
- Group: Members
- Posts: 2
- Joined: 10-November 09
Posted 10 November 2009 - 01:01 PM
Thanks for the help. I'm gonna go ahead and remove it. It may be harmless for all I know but what I do know is
1. Nobody knowingly installed IME and it was never there before
2. Some kind or another of garbage disguises itself as the IME programs I found
3. It certainly wouldn't be the first time we've had a piggyback issue. I can't tell you how many times I've reinstalled XP....
and I even recently had to replace my HD due to the fact that it was shot by viruses...etc which hubby was unwittingly infecting us with
by constantly downloading everything from retarded plugins to everybody's favorite havoc wreaking purple ape (I didn't even know he was avail. anymore)
3. It's not a required program and is certainly not worth the risk.
Thanks Again!!
1. Nobody knowingly installed IME and it was never there before
2. Some kind or another of garbage disguises itself as the IME programs I found
3. It certainly wouldn't be the first time we've had a piggyback issue. I can't tell you how many times I've reinstalled XP....
and I even recently had to replace my HD due to the fact that it was shot by viruses...etc which hubby was unwittingly infecting us with
by constantly downloading everything from retarded plugins to everybody's favorite havoc wreaking purple ape (I didn't even know he was avail. anymore)
3. It's not a required program and is certainly not worth the risk.
Thanks Again!!
Share this topic:
Page 1 of 1