Have already been through "Read & Run Me," still having issues

Hey, do you guys mind taking a look at my HJT log?





I kid, I kid....... :-D

Anyhow, I haven't been using my personal desktop for the last 4-5 months, ever since I picked up this really sweet laptop from work. But I started using it again this week in order to use some progs I have installed on it that aren't on my laptop, and think I've picked something up.

Symptoms seem to be predominately mouse-related. My two wireless mice seem to have lost their mind. For instance, in some types of windows (including the software set-up windows for installing all of the progs mentioned in "Read & Run This"), just moving my mouse (at all) will result in the window closing, as if I had used the mouse to click the "x" button ("close window") at the top-right.

I ended up having to exclusively use keyboard commands (e.g. Tab, Shift+Tab, Enter) to install and run everything in "Read & Run This." Other, more system-based windows (e.g. "Start> Run> Browse") are not affected at all. I have been able to blunt a lot of these mouse effects by pulling out my travel wheel mouse and using it instead.

But even switching mice doesn't solve everything. Most of the Programs listed in "Start> Programs" are now unavailable via that route, as whatever virus/malware I have contracted seems to have disabled most of my shortcuts. For example, Start> Programs> Mozilla Firefox> Mozilla Firefox (and even MSPaint and Notepad, as well). When I click on it, I get the error msg "Unable to run this command."

I get the same error msg whether I click on it with my mouse, or whether I nav to it with the keyboard and use the Enter key. I *can* get it to run via the "Start> Run" command, however. I went back and checked the "Target" for a lot of my shortcuts, and they are all still correct. So I'm not sure why they don't work.

When I nav to my Control Panel ("Start> Settings> Control Panel"), some things I can use, and some I cannot. For example, the "Internet Options," "Keyboard" and "Mouse" settings icons. I get a new/different error msg than above. "Access to the specified device, path, or file is denied." But "Add/Remove Programs" and "Folder Options" work just fine.

Thanks in advance.


P.S. Other mouse functions affected were my ability to double-click a file to get it to open and my ability to right-click a file to access things like "Properties" and "Open With". I have *not* regained the "double-click to open" functionality, but I have regained the "right click" functionality since switching to the wheel mouse.

 

Sorry, this is not a bump. 10-min edit window expired and I still needed to attach the log files.

 

Wow, talk about bolloxing this one all to hell......

 

Hi shooter!
Welcome to the Malware Forum!

I don't think this is a malware problem.

You need to disable Spybot's Teatimer. Each time you try to make a settings change, Teatimer will change it back.

Is your Symantec brand new? Is there other software you installed before this problem started?

Have you unplugged everything and plugged it back in after waiting a couple of minutes?

Did you run the trouble-shooting diagnostic tool in Start / Control Panel / Mouse / Hardware

Do any of the mice use a different kind of connection? i.e. ps/2 rather than usb?

Have you checked your device manager for yellow warning signs? To do that, go to Start / right click on My Computer and select Hardware. Then click on the button for Device Manager and see if there are any yellow warnings in there anywhere.

If that comes up okay, then try this: Go to start / run and copy/paste in sfc /scannow and have your Windows cd handy in case it finds files which need fixing.

If that doesn't help, go to Start / My Computer. After you open My Computer right-click on the C:\ drive and select Tools. Have it do a physical check of the disk. I don't expect it to find physical errors, but if it does it will attempt to correct them.

Try some of the above and let me know if anything useful happens?
abri

 

I apologize in advance if this turns out to be the case. It just seemed like a malware issue to me because it seemed like something was trying to "take over my computer."

Did one of my logs suggest that I had Teatimer installed/running? Because I was *very* specific during the Spybot S&D installation process of de-selecting it as an option. I would be pretty peeved to find it had installed anyway.

Yes, the Symantec is brand new, but it's newer than the problem, if that makes sense. When I though I might be infected, the first thing I did was make sure I had all updates (I did) and then deep/full scan the entire system. I had a couple of tracking cookies, but no viruses, etc. I then downloaded the new version of Symantec from the software download site of the uni that I work for, installed it, and then ran updates. Once I had downloaded all of them, I did another deep/full scan, and it did find some stuff. I can't remember what they were, but I looked them up on Symantec's site and they were all pretty low-grade stuff.

I was running SAV 10.2, and the one I have now is the equivalent of 11, I think.

I hadn't at the time, but I have now and no change.

I haven't done this yet because I'm not able to access Start / Control Panel / Mouse at all (see first post for error msg I'm getting).

No, they are all USB mice. The two wireless mice I referred to as developing a "mind of their own" are both Logitech wireless optical mice (one is part of a wireless keyboard/mouse combo). The one I'm using now out of my PCI card's internal USB port is a wired optical travel mouse (no wireless) that I picked up from a vendor (IEEE) a couple years ago. I mistakenly referred to it as a trackball mouse in my first post, because that was what I'm tearing the house apart looking for to test with.

Earlier I was unable to do that. It is one of the few things I forgot to try once I reclaimed some functionality with the IEEE mouse. I will try again when I get back from dr and report back.

Will do, thanks!

 

Hi shooter,

It snuck in on you:

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

Here are two different ways to disable it:

First:

• Right-click the Spybot Icon in the System Tray (looks like a blue/white calendar with a padlock symbol)
• If you have the new version 1.5, Click once on Resident Protection, then Right click the Spybot icon again and make sure Resident Protection is now Unchecked. The Spybot icon in the System tray should now be now colorless.
• If you have Version 1.4, Click on Exit Spybot S&D Resident

or Second, For Either Version :

• Open Spybot S&D
• Click Mode, choose Advanced Mode
• Go To the bottom of the Vertical Panel on the Left, Click Tools
• then, also in left panel, click Resident shows a red/white shield.
• If your firewall raises a question, say OK
• In the Resident protection status frame, Uncheck the box labeled Resident "Tea-Timer"(Protection of over-all system settings) active
• OK any prompts.
• Use File, Exit to terminate Spybot

2) Go to add/remove programs and uninstall the below:

- Java (TM) 6 Update 6

3) Reboot after uninstalling the above.

4) Install the current version of Sun Java from: Sun Java Runtime Environment


So, all that said, when someone comes to the Malware Forum and attaches their logs and I don't find anything on a first look through, I tend to look at them again more carefully, because I don't want to have missed something. I've done this with your logs now twice, and I still think this is not a malware problem. I think it's a problem created by something to do with the mouse. However, it could also be a problem with permissions. It could be that Teatimer got in the way of any changes you might have tried to make. It could be defective hardware. It could be a software conflict from something which you installed just before you quit using the computer. It could be a problem with the usb port. It could be many things.

You said you can't get some of your programs to work start via start / all programs. Can you get them to start directly from Explorer if you go to the .exe file and double click on it? Paint for instance?

The reason I asked about Nortons is because Nortons produces strange problems in computers, so I wondered if you'd installed it before or after these problems started.

The reason I wondered if you'd installed any other software prior to these problems, is because sometimes the easiest solution to some problems is to uninstall a piece of recently installed software. In your case where the computer sat unused for awhile, it's possible that the most recently installed software could be a ways back. You might just take a glance through your add/remove programs to see what's been installed just before these problems started.

I will still ask chaslang or TimW to have a look at your thread, because they may see something I missed, but for the moment, I still think it would be worth it to try and get ahold of a ps/2 port mouse - old-fashioned standard .. and see if at least the mouse part of your problems are still there. Most problems we've seen like you're describing are related to problems of the mouse and the software. In your particular case, there may be different issues rather than just one.

Also, please turn on your pms.
Thanks.
abri