Undiagnosed problem

Discussion in 'other security issues & news' started by will_857, Jun 9, 2005.

Thread Status:
Not open for further replies.
  1. will_857

    will_857 Registered Member

    Jun 9, 2005
    I have a problem with my computer - which I suspect must be a virus or trojan etc, but have been unable to find out what it is or how to get rid of it.

    The problem is that when I try to open a window with internet explorer for example, two windows are opened, and when I click the red x in the top left to close a window, two are closed sometimes. When I click with the mouse, for example in internet explorer on 'Favourites' it often does not work - I can see the menu come up, but it immediately disappears - you have to hold the mouse down for a few seconds if it is to stay up, and even then it sometimes goes later.

    I have scanned my computer with AVG, Avast, Spybot, Stinger, Clamwin, and normally run AVG, Clamwin, and ZoneAlarm firewall. I have also used numerous online scanners - trend micro, panda scan, rav antivirus, symantic, bit defender and mcafee freescan.

    The only thing of interest I can report is that when I scanned with rav online it showed up a win32 backdoor trojan - I can't remember exactly what it was, but when I couldnt get rid of it, I reebooted the computer, and it no longer shows up - I asume it has gone.

    Also, when I scan with Clamwin I get the following information:

    ERROR: Can't open file C:\WINDOWS\system32\config\SECURITY

    ERROR: Can't open file C:\WINDOWS\system32\config\SAM

    ERROR: Can't open file C:\WINDOWS\system32\config\SYSTEM

    ERROR: Can't open file C:\WINDOWS\system32\config\SOFTWARE

    ERROR: Can't open file C:\WINDOWS\system32\config\DEFAULT

    ERROR: Can't open file C:\WINDOWS\SoftwareDistribution\EventCache\7CBE9C53-20E8-4A4D-A957-7DF27CEAB2B0.bin

    ERROR: Can't open file C:\WINDOWS\SoftwareDistribution\EventCache\94E5B4A6-7558-40E8-A480-7F70971A58AB.bin

    -- summary --

    Known viruses: 35437

    Engine version: 0.85.1

    Scanned directories: 2288

    Scanned files: 34463

    Infected files: 0

    Any ideas? Thanks
  2. nadirah

    nadirah Registered Member

    Oct 14, 2003
    Which OS are you using? Windows 98, 98SE, 2000, XP home/pro?

    Have you tried scanning with a anti-spyware utility?

    Try Counterspy or Microsoft Antispyware

    If you want to make sure that the trojan is really gone, try scanning with TDS-3
    Update TDS-3 to the latest definitions first. I'll tell you what to do next.
  3. Notok

    Notok Registered Member

    May 28, 2004
    Portland, OR (USA)
    You can try the online malware scans in the sofware page in my link (includes trojan and spyware scans), but this sounds suspiciously like your mouse may be going out. The last few mice I had go out on me did so by double-clicking every time I clicked once. To test this, go into my computer and single click on each icon. Click on one, wait a second or two, then click on the next. if one of them opens then try a new mouse. You may have to do this for a little while to really see. I had one go out on me like this after using it only a few months.
  4. will_857

    will_857 Registered Member

    Jun 9, 2005
    Thanks nadirah and Notok. I’m running Windows XP, and had run Spybot recently, but I downloaded and ran with Microsoft Antisyware, and it didn’t find anything. Then I changed mice, and realised that the whole thing had been caused by a faulty mouse.

    I did previously have a Trojan etc but since I’ve been scanning my computer for the last week and a half with every program I can think of, and none of them find anything, I probably don’t have anything left. Correct me if I’m over confident.

    Just a general question. I’m currently running Zonealarm basic firewall, AVG, Avast, Clamwin, and Microsoft Antispyware, all the time. Are they all complementing each other and providing extra security, or are they just too much, and perhaps getting in the way of each other?

  5. HD rider UK

    HD rider UK Registered Member

    Feb 16, 2005
    Gloucestershire, UK
    Hi There
    While everyone will have their own views as to the "best" configuration of security apps, for what its worth, here is my assesment on your current security set. I note that you currently only use free applications, accordingly where I make suggestions below, they will be restricted similarly.

    Updates - I cannot stress this too highly. Whatever you use, keep it updated, and that includes your OS. If you dont, you are leaving yourself wide open to attack while at the same time tieing one hand behind your back. In particular, if you are on Win VP. ensure you have ay least Service Pack 1A installed and if your system is clear of malware, get SP2 on CD and upgrade to that.

    Firewall - ZA is fine. If you are happy with it, and it works for you, no need to change it for another product.

    Anti-Spyware - MSAS is as good as any and better than some, just make sure you keep it updated. You could also consider getting Spybot S&d and/or AdAware SE to supplement it/. The resident protection offered by the "Teatimer" utility within Spybot is usefull.

    Antivirus - you are running 3 AVs, AVG, Avast and Clamwin. This can cause problems and conflicts if you have more than 1 active in real time detection. I dont know much about Clamwin so will not comment on it, but between AVG and Avast, personally i consider that Avast is a more competent application than AVG, although I do like the frequent updates that are provided for AVG. My advice is that you could consider removing at least one of the three (or two of them if disk space is a problem for you) and supplement your onboard AV with online scans from someone like Kaspersky.

    Anti Trojan - Currently you are not running one although both your antivirus and anti spyware apps do provide a degree of coverage agains Trojans. I would download Ewido (Free 14 day trial with full functionality after which the real time protection is lost though you retain the facility to run On Demand scans and carry out updates) or Trojan Hunter (free trial after which the programme disables itself completely i think)

    Miscellaneous - I would recommend that you get Spywareblaster and Spywareguard from Javacool. These provide good protection to various attacks, supplementing the rest of your stuff in a layered defence. There are alternatives to these two available, and doubtless someone else with more knowledge of those products than I have will be able to advise you on their relative merits.

    Some more advanced defence strategies you could consider are things such as Prevx, Process Guard and Reg Defend. These are not however free although they come with free trials of varying functionality and length. Personally though, I would hesitate to recomment their use to more novice users.

    Just my opinions here, but I hope they have been of some use to you.

    Last edited: Jun 10, 2005
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.