double click

Meaningful discussion outside of the potato gun realm. Projects, theories, current events. Non-productive discussion will be locked.
Post Reply
User avatar
POLAND_SPUD
Captain
Captain
Posts: 5402
Joined: Sat Oct 13, 2007 4:43 pm
Been thanked: 1 time

Tue Oct 05, 2010 10:49 am

my sister has been using my computer for a few hours and uploading some files from her laptop...
now sometimes when I click once the mouse double clicks... I don't even have to explian how anoying it is...

I am pretty sure it is either a virus or malware, as my sister's laptop has the same problem... I scanned my computer with spybot and avast home edition but it didn't help...

any idea what to do next?
Children are the future

unless we stop them now
Top
User avatar
Pete Zaria
Corporal 5
Corporal 5
Posts: 954
Joined: Fri Mar 31, 2006 6:04 pm
Location: Near Seattle, WA

Tue Oct 05, 2010 11:12 am

Downlad HiJackThis: http://download.cnet.com/Trend-Micro-Hi ... 27353.html

Once you download and open it, do "Scan system and save a log file."

Then post the logfile here and I'll tell you whats wrong.

After that, try ComboFix: http://www.bleepingcomputer.com/combofi ... e-combofix

Peace,
Pete Zaria.
Top
User avatar
Technician1002
Captain
Captain
Posts: 5189
Joined: Sat Apr 04, 2009 11:10 am

Tue Oct 05, 2010 11:15 am

Try an external USB mouse. Sometimes the switch goes bad and will do that. A band aid fix is to slow the double click rate in Windows control panel under Mouse or Pointing Device. That way a high speed burst of static from a noisy switch won't be detected as a double click. This can fix a bad switch temporarily, but not a software bug.

Another way to test the hardware to rule out the software is to temporally replace the software. Grab a Linux (Ubuntu is great) install CD that can be run as a "Live" CD and boot it. You don't have to install it to test the hardware. Just boot it without installing it. See if something besides Windows has the same problem. If the problem is in just Windows, then it is likely a software problem. If both Windows and Linux have the same problem, it is bad hardware.

Grab an ISO of Ubuntu here. I use it to fix many problems with Windows. It can boot a broken Windows machine and allow copying off your documents to an external drive or CD before wiping the drive and reinstalling Windows from the recovery CD. If you like it you can install it instead of windows or dual boot into Windows or Linux.
http://www.ubuntu.com/desktop/get-ubuntu/download

Note the step 3 on the install page. You can run Ubuntu directly from the CD or USB stick without installing it. This is a feature sadly lacking in Windows. Reinstalling Windows to make a computer boot, often kills your documents folder so you can't back it up first.
Top
User avatar
POLAND_SPUD
Captain
Captain
Posts: 5402
Joined: Sat Oct 13, 2007 4:43 pm
Been thanked: 1 time

Tue Oct 05, 2010 11:35 am

here is the log
Attachments
hijackthis.rar
(2.98 KiB) Downloaded 155 times
Children are the future

unless we stop them now
Top
User avatar
Technician1002
Captain
Captain
Posts: 5189
Joined: Sat Apr 04, 2009 11:10 am

Tue Oct 05, 2010 11:43 am

Man, You need to upgrade IE. Version 6 is a hackers paradise. Do you really use all those toolbars?
Top
User avatar
POLAND_SPUD
Captain
Captain
Posts: 5402
Joined: Sat Oct 13, 2007 4:43 pm
Been thanked: 1 time

Tue Oct 05, 2010 11:44 am

naaah I don't use IE at all... mozzilla firefox is a lot better
Children are the future

unless we stop them now
Top
User avatar
Pete Zaria
Corporal 5
Corporal 5
Posts: 954
Joined: Fri Mar 31, 2006 6:04 pm
Location: Near Seattle, WA

Tue Oct 05, 2010 12:34 pm

Run HiJackThis again (no logfile required this time) and check the boxes for the following lines:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://wyborcza.biz/biznes/0,0.html?p=005 (unless you actually wanted that for your homepage)

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

This looks suspicious, not a real Flash Player update:
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p

Unless you specifically put this line in to allow 194.204.152.34, then check this line:
O17 - HKLM\System\CCS\Services\Tcpip\..\{408205AD-C232-42EB-94A8-8DBC3A0C24BD}: NameServer = 194.204.152.34

This one looks suspicious, too. Unless you know this file to be safe, check this line:
O23 - Service: B-Service - Unknown owner - C:\Documents and Settings\mirek\Dane aplikacji\Mikogo Extra\B-Service.exe

This is suspicious because this file should be in C:\Program File\Sony\Viao Launcher\ not Program Files\Livebox:
C:\Program Files\Livebox\Launcher\Launcher.exe

Same story with the next file, it's not where it belongs. If you don't use France Telecom, I'd check this one too:
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe

Once all the boxes are checked, click Fix Checked. Then reboot and report back.

Peace,
Pete Zaria.
Top
User avatar
POLAND_SPUD
Captain
Captain
Posts: 5402
Joined: Sat Oct 13, 2007 4:43 pm
Been thanked: 1 time

Tue Oct 05, 2010 2:09 pm

done... it seems that everything works fine now
thx
Children are the future

unless we stop them now
Top
User avatar
Pete Zaria
Corporal 5
Corporal 5
Posts: 954
Joined: Fri Mar 31, 2006 6:04 pm
Location: Near Seattle, WA

Tue Oct 05, 2010 3:21 pm

POLAND_SPUD wrote:done... it seems that everything works fine now
thx
No problem. Have a good one.

Peace,
Pete Zaria.
Top
Post Reply

Return to “Off-Topic Hobbies”