TechSpot

Suspected malware/viral infection

By chuckpeterson
Oct 6, 2009
  1. avira acan - no hits
    malwarebytes scan - no hits log attached
    sas scan - detected and quarantined cookies log attached
    java current at 6 update 16
    hijackthis log attached

    System runs slowly and at times becomes unresponsive for 5 - 10 sec then ok
    boot time have become excessive (8 minutes+)

    if you have any thoughts, I would love to get back to good performance.

    thanks

    Chuck
     
  2. Tmagic650

    Tmagic650 TS Ambassador Posts: 20,985   +168

    Do you recognize these:
    "DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.8.cab"...
    "DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab"...

    What are your computer specs? I know XP, SP3 and IE8, but is this an ACER laptop? Make and model?

    For slowness, stop/disable or uninstall the following:
    C:\Program Files\Bonjour\mDNSResponder.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

    Set to run manually:
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
     
  3. chuckpeterson

    chuckpeterson TS Rookie Topic Starter

    Thanks for your help.

    machine is an acer aspire 9400 1.6Ghz T2050 with 1 GB DDR2 and a 120GB hd.

    The two items you asked about.. linkedin is IIRC a social networking system used by my son in law during his job search. Google indicated the other is some sort of download manager. Both can go if it serves, although I'm not sure yet how to delete them.

    I uninstalled Bonjour and goggle toolbar via control panel, disabled Javaquickstart via the Java console. The Google updater seemed to go away with the toolbar deletion.

    I'm providing a post updates hijackthis2.log in case it may serve
    Thanks again
     
  4. DouguiDone

    DouguiDone TS Rookie

    Hi, you should try to do a disk clean up, a defragmentation and a checkdisk. You should try a scan with the microsoft malicious removal tool. May be it will help.
     
  5. Tmagic650

    Tmagic650 TS Ambassador Posts: 20,985   +168

    So any speed improvement chuckpeterson?
     
  6. chuckpeterson

    chuckpeterson TS Rookie Topic Starter

    I sense an improvement, not dramatic but clearly better. Boot time improved and so far none of the short lockups. As another poster had suggested, I had done a cleanup and defrag before I opened the thread.

    It may be a good as it can get, without a format and reinstall. If you have any other ideas, I'm more than happy to see them. My inclination is to close the thread and call it a win.

    Thanks for your help
     
  7. captaincranky

    captaincranky TechSpot Addict Posts: 10,967   +955

    You should stop this from running; O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE It's not really malware, but just a parasitic, unnecessary program inserted by Realtek Audio to monitor, (phone home), your "activities" with respect to their audio devices. Stop it by running "msconfig", and unchecking its box to prevent it from running at startup.
     
  8. chuckpeterson

    chuckpeterson TS Rookie Topic Starter

    I will do that. Thanks
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.