NEW here with a problem with my Cursor?

Since March 2008, I've been fighting a problem with my cursor, someone suggested it was a cursor comet virus. I apparently picked it up at a website I was visiting.

I first notice a line about an inch long on my screen next to the cursor and pink in color then it grows to a one inch square box with pink stripes. The frame freezes, you cannot move to exit the page. ctrl, alt, delete doesn't work, as well as escape. You have to turn the computer off at the tower. When you reboot it, it seems to grow. Each time you reboot it, it gets worse to a point where you can't get on the startup page. You cannot turn off the machine other than by turning off at the tower. This thing also turns off your keyboard and monitor as well.

I tried to get into safe mode with some success, but could not resolve the problem even with running my virus protection or SpyBot programs. I tried safe mode with networking and came to Microsoft site and scanned from the sites scanner with no threat or virus results found by any of the runs I made.

I finally gave up and reloaded my XP program and upgraded all files, with the help of Mircosoft techs and ran virus and spyware programs, found no problems, and thought the problem solved, good for about 10 days and I had it back. It got so bad from turning off at the machine, I eventually corrupted the start up program and it would not start. I tried using the repair mode from the original XP disc and that too failed. I reinstalled the XP program a second time, upgrade everthing. IE 7, SP3 and installed Kaspersky Internet Security, it found and removed over 200 entry's, still had the problem far worse than ever. I called Microsot tech support, and as suggested downloaded Super Anti Spyware. NO luck! By now it was so bad I again could not get to the startup page. I finally went to HiJack This as a last resort using the Safe Mode with networking and downloaded their program and ran a scan. It listed most of the program entries about 35, I figured the computer was toast anyway and went ahead and deleted the entire search find, and the problem went away. I was lucky enough to be able to start up and get to the startup page and spent the next 18 hrs repairing and or reinstalling the programs.

Just hoping it doesn't return and if anyone else experienced this!
Jim Bresett

 

If you think you may still have a problem with malware or if you just want to check and make sure its gone.

Perform all the steps for your OS in this thread http://forums.majorgeeks.com/showthread.php?t=35407

Then make a new post in the Malware Forum with the logs from the tests run, and one the malware geniuses will tell you if you are clean or helped ya get cleaned up.

Welcome to MG's

 

Dyamond, so far I purchased the Uniblue regisrty repair and downloaded it, ran a scan and they found 2,049 problems and repaired 1,748. This computer right now is running like brand new. I also upgraded Java. So I'm moving on to the next thing to do. I'm doing exactly as you're telling me so it will probably take a little time. It's 12:40 am here, but I'm going to stay with it. I finally have confidence that I came to the right place. Jim

 

Hi Jim,

Im not sure why you purchase the Uniblue registry repair as thats not part of the read and run me. Have you gone through all the steps indicated in the thread I linked to you?

I myself have gone through that procedure and if you follow it to the letter, your malware problems are gone. The have the best malware folk here that I have ever ran into.

If you are interested in really being sure your rid of your malware problems, please follow all the steps in the thread I linked to you and if you have any questions/problems with the read and run me, dont hesitate to start a thread in the malware forum.

Im glad your enjoying your stay, majorgeeks is a great place

 

Dyamond, I'm sending this from HiJack This, I'm now haveing trouble with it again and I'm trying desperately to get rid of this thing, Thanks, Jim Bresett

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:29:26 AM, on 6/5/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

<Inline HJT removed by Administrator - please read this link http://forums.majorgeeks.com/showthread.php?t=38752 >

End of file - 3653 bytes

 

This is hard to figure out for me, it seems when I copy and paste the results from HiJack this and try to go to the web site it knocks off the internet connection. I think I fooed it just one time my previous post. Gawd!

 

Im sorry Jim, I dont have the knowledge to see if you have any malware problems.

My best suggestion once again is to follow this thread (http://forums.majorgeeks.com/showthread.php?t=35407) to the letter and then make a new posting with the results of the scans (or if you have any question/problems regarding running the scans) here (http://forums.majorgeeks.com/forumdisplay.php?f=35).

Good Luck!

 

hey thanks for your help, I can't download any programs and at this time I'm in safe mode. I guess I lost my computer. I'll just go buy a new hard drive. I already sved all my documents yesterday. It beat me, I even lose internet connections now and can't type in the search menus. We tried right, been a long night!

 

:-D Dyamond, I think I got it. I reapplied all the suggestions in safe mode and so far it seems to be cleaned up! When the pink stripes were removed from my screen I booted in normal startup and reran all suggested downloads but I keep finding adware, spyware and even a virus called Heur Invader. however during the process I lost some of my programs and drivers that were either corrupted or destroyed. I need some repair tools that are recommeded by this web site. When I look on the web, I get really confused about safe down loads to fix or repair components. I'm going to run the programs one more time and see if they are anymore adware or spyware attachments.

By the way a BIG THANKS to you and this staff!

 

Dyamond, ok after reading the "complete instructions" I see where Kaspersky read "Heur Invader". I was just so dam paranoid. When I was tring to load the Major Geeks programs, whatever I had messing with me wouldn't let me download and it and it would stop me during the process's. after 3 or 4 attemps I mangaed to downnload them. I'm still getting adware spyware detected results when I run them.

 

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

 

Hi Jim,

Please direct all malware inquires to this http://forums.majorgeeks.com/forumdisplay.php?f=35 forum by starting a new post there. They are the only ones who can answer your questions regarding the running/using of the applications listed in the read and run me. Also, please dont include scan logs inline on your post. Please read this http://forums.majorgeeks.com/showthread.php?t=86880 thread to learn how to attach them.

This way you will get the correct answer to your question (I have no knowledge what so ever LOL)

Just start a new post there. List everything you've done and list what problems your having (maybe linking to this thread). They will set you on the right path.

Good luck!

 

1st - don't post anymore inline hjt logs (you'll hear about it later on).
2nd - don't buy another h/d yet.
3rd - don't waste anymore money (unless, your rich, or getting it for free) or time talking to microsoft techs. you can find everything you need here. sometimes, you might have to wait a bit for responses, but it's worth it!!
4th - is your computer a manufactured computer (ie - dell, gateway, hp, etc)? if so, what is the make/model, and is there a service tag # (if so, post this information)? we will probably need some drivers.

if you have backed up/saved everything that you want, i'd totally wipe the h/d clean, and reinstall your os. especially if it's that bad. your gonna spend hours and hours trying to fix it (as you already have), and my opinion, is that your still gonna have problems. like i mentioned, it's my opinion. it's up to you to decide what you want to do. do you have another comp you can access the internet with in case you need drivers to get to the net?

http://www.majorgeeks.com/Dariks_Boot_and_Nuke_d4596.html <-- Darik's Boot and Nuke 2007-04-29 Beta

should you consider this option, then follow along. 1st backup all your data (ie - pictures, music, spreadsheets, etc.) if you purchased software (ie - your registry cleaner), make sure you have a copy of the program(s), and/or your installation key(s). don't forget your bookmarks, as well.

make sure you have the cd/dvd drive 1st in your boot order (in order to boot from the cd).

the boot and nuke program that i linked to above, needs to be burned to a cd. when you d/l the file (save it where you can find it) it will create a .iso file, and you need to burn it to a cd, with nero or something that will burn an "image to disk", don't just click and drag to the disk, as it won't work.

http://prdownloads.sourceforge.net/dban/dban-1.0.7_i386.exe?download <-- Download DBAN for installation on floppy disks and USB flash drives

i added the extra link in case you have a floppy drive. you want to run the program, i believe i had to type in "autonuke" (read the prompts), to start the process, and it does a triple pass of your h/d.

then you just reinstall your os, as you normally would. we can walk you thru this if need be. you might want to also d/l an antivirus program prior to all this, but not totally necessary. - g/l, sos

edit - DO NOT access your data (whatever you backed it up to - cd/dvd, external h/d, or usb thumbdrive), until you scan it for malware (ie - antivirus programs, and antispyware programs). that would be one quick way to mess up a fresh install, by accessing potentially corrupted data, prior to scanning it.

will post more info, if you decide to go this route. - sos

 

Hello sosaman, everything seems to be working and fine at this time. I completed all the steps including combofix.exe and ccleaner. The only thing I need to do is fix 4 corrupted drivers and 6 registry keys. I can log on, there is no malware or spyware or tracking cookies left. Thanx again for all your help! 3 days of hair pulling, cussing, a tiny bit of patience, and loss of sleep!

 

ok, g/l. if you need more help, just post. if it's malware related, make sure you keep it to the malware forum. if it's driver related, or registry stuff, then post in the appropriate forum. - sos

 

Hello sosaman, thanks for all, LOL I found the driver thread and did simple searches there and found my answers and have so far repaired 4 of the drivers by going to the manufacturers sites. I'm thinking about the $$$$ I could have blown by going to the driver repair web sites. You guys ought to have a $$$ donation link, I'd donate because of the work and bucks you guys saved me! This forum is GREAT!

Lurkers, if you're having trouble with adware and malware, computer going crazy? Don't panic like I did! Take a deep breath, relax, calm down and most of all be patient and just follow Major Geeks program and do not short cut. You probably won't even have to post! And Good Luck!