mouse out of control

My mouse is out of control as though someone has taken over the computer - the mouse is clicking ramdomly closing and opening programmes.

I have done all the steps you mentioned from the basic instructions for removing spyware but still doesn't work.

My online scans were not done in safe mode - my USB broadband is not accessible in safe mode.

The problem starts since I received error message - "missing c:\\program files\surfbuddy\sbuddy.dll" - I have deleted this using regedit - the error message stops but the mouse is still out of control !

what can I do now ?

 

• Download HijackThis 1.99.1

• Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

• Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the ZIP file.

• Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

• Run HijackThis and save your log file.

• Post your log as an ATTACHMENT to your next post. (Do NOT copy/paste the log into your post).

• Need help with HJT? See this thread: NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

 

hijackthis log attached - need to post it fast before I got bombed out by the mouse !

 

You didnt attach anything?

 

did you get the hijackthis log file - resned just in case.

 

Your not attaching anything?

 

I've uploaded it twice - I don't know what happened.

I am trying it a third time! I just noticed that there is an upload errod but does not say why !

What can I do ?

 

Paste the log inline and I will have it converted for you.

 

ok - here it is!

Edit by chaslang: Inline, safe mode log removed

 

sorry - should I send you the log file in normal mode ? - the previous one is in safe mode: Here i paster the one in normal mode


Edit by chaslang: Inline log attached

 

Yes, normal mode! I will have this converted into an attachment and the log from Safe Mode removed as its no good.

Allow me a moment to check your log!

 

Scan with HijackThis and Check the Boxes for the following:

Make sure All Browser Windows are Closed when you Click FIX.

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.seekerbar.com/ie.aspx?tb_id=50154
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\about.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - Default URLSearchHook is missing

O1 - Hosts: 64.91.255.87 www.dcsresearch.com

O3 - Toolbar: (no name) - {5AA06644-BC46-4220-A460-47A6EB47C96D} - (no file)

O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk

O16 - DPF: BPHOnl - https://e-bank.bphpbk.pl/bph/portal/starts.nsf/econline/$File/BPHOnl.cab
O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball...tgameloader.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://ppupdates.ca.com/downloads/scanner/axscanner.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/18642a078247ed...ip/RdxIE601.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/...all/xscan53.cab
O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} (SignActivX Control) - https://www.bph.pl/pi/components/SignActivX.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/so...tiveXPlugin.cab

Again, make sure All Browser Windows are Closed when you Click FIX.

NOW:
Navigate to and delete the following file, if it exist:

C:\WINDOWS\about.htm

NEXT:
Run CCleaner and Spybot S&D and have Spybot fix what it finds.
Note: Dont forget to update Spybot S&D by selecting "Search For Updates"

Then, as an added precaution, Go to Start > Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.


Reboot!

FINAL STEP

Reset Web Settings & Default Security Settings:


To Reset Web Settings:
Right click on your desktop Internet Explorer icon and select Properties. Then click the Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK.

If you do not have an Internet Explorer icon on your Desktop, click Start, Control Panel (for some systems it may be Start, Settings, Control Panel), Internet Options, Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK


To Default Security Settings:
Right click on your desktop Internet Explorer icon and select Properties. Then click the Security Tab and click Default Level for Internet, Local Intranet, Trusted Sites, and Restricted Sites.


After doing ALL of the above, Scan with HijackThis and attach the new log.

 

done everything you asked. Here is the log:

also incidentally I also seem to have an error message "Dr Watson Postmortem Debugger Problems" in the last couple of days - are they related to the mouse out of control problems ?

 

Your log is clean!

What problems are you having at the moment? About the error your getting, do you use Yahoo! Messenger?

The mouse, what type mouse are you using, USB or Regular? If USB, have you tried reinstalling any drivers?

 

the mouse is a regular PS2 mouse. I still have problems with unpredictable mouse actions and the error message "Dr Watson Postmortem Debugger problems".

Also starting up seems to take ages and sometimes I need to switch users and then switch back in order to log on.

I don't use Yahoo messenger - I only use Yahoo mail.

Should I de-plug my mouse and plug it in again ?

 

Just to be sure, lets try the following:


Please download "StartDreck", from here: http://www.niksoft.at/_data/startdreck.zip

Unzip to its own folder and start the program,
Press 'Config'
Press 'Unmark All'
Check the following boxes only:
Registry -> Run Keys
System/drivers> Running processes
Press 'Ok'
Press 'Save' and select the location to save the log file
(default is the same folder as the application)

Please attach the log in this thread.

 

here is the stardreck log run as instructed

 

Thanks Halo!


chris t,

I dont see anything bad in that log either. Are you having any further problems from Malware? If not, I would post this problem in the Software/Hardware forum for best results.

Good Luck!

 

what about the "Dr Watson Postmortem Debugger Problems" error message - is it not a spyware/malware problem?

 

No, this is a software issue.