Can't find the PEST!!!

Discussion in 'Malware Help (A Specialist Will Reply)' started by swalsh19, Aug 9, 2006.

  1. swalsh19

    swalsh19 Private First Class

    I have some sort of Malware in the system as when I'm in SAFE mode the computer works fine. When I go into normal mode my mouse will freeze up. Sometimes it is 2mins sometimes it is 20, but it will lock up. Wheel will still scroll on a page but cursor will not move.

    I have attached my Hijackthis log, as well as the ActiveScan results, and I have combined the newfiles & runkeys textfiles into one file.

    ActiveScan did find a couple of things...


    Before I came to Majorgeeks, I ran the following programs. Adaware, Spybot, Xoftspy, and Ewido. Also I ran AVG Free. I have removed hundreds if not close to a thousand pieces of spyware bits, and I did remove 7 Viruses all of the LOP variety...
     

    Attached Files:

    swalsh19, Aug 9, 2006
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Majorgeeks!

    Where is your BitDefender log?

    Also we need HijackThis logs from normal boot mode as requested in step 7 of the READ ME. Please attach a new log from Normal Boot mode.

    Is your copy of Ewido a free or paid version?
     
    chaslang, Aug 9, 2006
    #2
  3. swalsh19

    swalsh19 Private First Class

    My bad I forgot to mention that about BitDefender. Sorry... When I tried to launch the scan it gave me an error about not being able to load the ActiveX stating it was an error on the webpage and to contact the webmaster. I tried both Safe Mode and Normal Mode.

    As for Ewido it is the free version.

    As per your request I have run a HJT in Normal Mode and attached..

    Also I should note that the startup of the computer is really slow. I was wondering if this could be Malware, or should I run Microsoft's Bootvis on the system...

    Thanks,
    Steve
     

    Attached Files:

    swalsh19, Aug 9, 2006
    #3
  4. swalsh19

    swalsh19 Private First Class

    OK from your reply I did as you said. I ran into one problem when deleting all the files out of the TEMP folder. The perflib_perfdata_440.dat file said it was being used by another application.

    Next all the below:

    "DisplayName"="J2SE Runtime Environment 5.0 Update 4"
    "DisplayName"="J2SE Runtime Environment 5.0 Update 6"
    "DisplayName"="Java 2 Runtime Environment Standard Edition v1.3.1_02"
    "DisplayName"="LimeWire 4.9.30"
    "DisplayName"="Mozilla Firefox (1.5)"
    "DisplayName"="screensaver"

    I wasn't sure what to do with this, or where to locate it.

    All the rest has been removed.

    Steve
     
    swalsh19, Aug 9, 2006
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    That message was a message under edit that was not meant for you to do anything with as I as waiting for the additional info from you. It was deleted as soon as I posted it to avoid you seeing it but I guess you refreshed before it was deleted.


    First install the current version of Sun Java from: Sun Java Runtime Environment

    Then install the current version of FireFox from: Mozilla Firefox

    Then uninstall the below old versions of software:
    J2SE Runtime Environment 5.0 Update 4
    J2SE Runtime Environment 5.0 Update 6
    Java 2 Runtime Environment Standard Edition v1.3.1_02
    Mozilla Firefox (1.5)

    Note that you are using Limewire! Most versions of Limewire are know to come with bundled malware.

    Did you delete the below files? If not, please delete them:
    C:\Documents and Settings\All Users\Application Data\mixaimballbows\chin pile.exe
    C:\Documents and Settings\All Users\Application Data\mixaimballbows\Soap four.exe
    C:\Documents and Settings\Louis\My Documents\Junk\My Received Files\smileytown.exe
    C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.6.inf
    C:\WINDOWS\Downloaded Program Files\imloader.exe

    The files in Downloaded Program Files must be deleted from a command prompt or by using another tool. Windows Explorer will not even show them.


    Now Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

    Make sure viewing of hidden files is enabled (per the tutorial).

    Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

    O18 - Protocol: bw+0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {008CF42C-2A57-48F6-9432-FBCEE1D1CFA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll


    After clicking Fix, exit HJT.:


    Now reboot in normal mode and post a new HJT log.

    Make sure you tell me how things are working now.

    Reminder Note: Once we have determined you are malware free you will need to disable System Restore, reboot, and re-enable system restore per step 1 of the READ & RUN ME. This only applies to if using WinXP or WinMe.
     
    Last edited: Aug 10, 2006
    chaslang, Aug 10, 2006
    #5
  6. swalsh19

    swalsh19 Private First Class

    Ok I have done everything as requested. Only one issue. I deleted the f3initialsetup1.0.0.6.inf via a Command Prompt but the other file imloader.exe is not existant. I did run TrendMicro's online scan after the original post and it did delete a couple things so i assume it got it.

    Originally I went to the java.com/en page and it only showed Version 6 of the Java to install, thats why it was not up-to-date.

    As for the receiving the info I received it via email, I was wondering why there wasn't a post showing yet I received the email.

    System once started seems to be running fine. I have control of my mouse now, however on first restart I lost it almost immediately. I re-booted and I have had it for a good 20mins.

    The system does take a long tim to startup. WHen it goes from the scrolling bar across the bottom I get a black screen for almost a minute before Starting Windows appears, and then that lags another minute before I can select User Account. I have used Microsoft's Bootvis in the past, should I try that, or do you think this is still Malware?

    - Updated HJT attached.
     

    Attached Files:

    swalsh19, Aug 10, 2006
    #6
  7. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You should uninstall Ewido! It is slowing down your boot up and it can conflict with Windows Defender. Since it is a free version it will not be of any use after the trial expires.

    What is the below used for? Is it necessary to have this load at startup?
    O4 - HKLM\..\Run: [GameDrive] "C:\Program Files\FarStone\GameDrive\GDTask.exe" /AutoRestore

    Do you really believe the below are worth having? I personally don't find them necessary or that valuable but you need to decide for yourself whether you really see any benefit to using them and possible wasting the system resource on them. They also impact boot up time.
    O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

    If you like using BootVis and are happy with the features it provides you for faster bootup, then by all means use it.
     
    Last edited: Aug 10, 2006
    chaslang, Aug 10, 2006
    #7
  8. swalsh19

    swalsh19 Private First Class

    Ya I will uninstall EWido, I just installed it as I find it works alot better then Windows Defender. I don't really find that program to be all that effective. I think th Giant AntiSpware app Microsoft bought was better really...

    OK, well is that all you can see? Am I ready to do the System Restore thing now? I have to go read up on that again.
     
    swalsh19, Aug 10, 2006
    #8
  9. swalsh19

    swalsh19 Private First Class

    Ok I'm using the system today and again the mouse has frozen. However I did notice today that I can move the mouse around and select things, the icon just doesn't move...

    Super Wierd...


    I'm going to try and install the VIA All-In-One update as I don't think it has been done to this unit.


    Steve
     
    swalsh19, Aug 10, 2006
    #9
  10. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    A doubt that the problem with your mouse cursor freezing is malware related.

    If you are not having any other malware problems, it is time to go back to step 1 of the READ & RUN ME to Disable System Restore which will flush your Restore Points. Then reboot and enable System Restore to create a new clean Restore Point.

    After that, you should work thru the below link:

    How to Protect yourself from malware!
     
    chaslang, Aug 10, 2006
    #10

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds