Help, no control over mouse, opens up programs

**bionicblond** · September 7th, 2006, 17:38 PM

Im at wits end, tried everything I know. Can one of you professionals take a look at this and tell me what I need to do? I can't attend my online classes right now because of this. I would sure appreciate it. Thanks in advance.

Logfile of HijackThis v1.99.1
Scan saved at 12:27:20 PM, on 9/7/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CCleaner\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by SBC Yahoo! DSL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {576EB0AD-6980-11D5-A9CD-0001032FEE17} - (no file)
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: Yahoo! Backgammon - http://yog5.yahoo.com/yog/y/ak0_x.cab
O16 - DPF: Yahoo! Blackjack - http://yog15.yahoo.com/yog/y/jk1_x.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com.../c381/chat.cab
O16 - DPF: Yahoo! Chat (Voice) - http://cs1.chat.yahoo.com/cv/chat.cab
O16 - DPF: Yahoo! Chat 1.3 - http://cs4.chat.yahoo.com/c159/chat.cab
O16 - DPF: Yahoo! Checkers - http://yog3.yahoo.com/yog/y/kk0_x.cab
O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/game...s/y/dot4_x.cab
O16 - DPF: Yahoo! Freecell Solitaire - http://yog2.games.snv.yahoo.com/yog/y/fs9_x.cab
O16 - DPF: Yahoo! PagerLite - http://jpager.yahoo.com/jpager/y/pg5_x.cab
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - http://site.ebrary.com/support/plugins/ebraryRdr.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1100204680728
O16 - DPF: {B495C654-5860-45D4-8EAA-5663B9393F33} (OVA Class) - http://go.microsoft.com/fwlink/?linkid=49480
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/tech...a/SymAData.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/tech...ActiveData.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D7D9DA6E-562B-433E-AAAF-69C88D21AA5B}: NameServer = 68.94.156.1,68.94.157.1
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe

**phishhead** · September 7th, 2006, 18:43 PM

reboot into safe mode and del the mouse driver from add/remove programs and re-install the software.

**bionicblond** · September 8th, 2006, 17:37 PM

Phishead you are awesome. Thank you so very very much!!!

**phishhead** · September 8th, 2006, 17:58 PM

thats what we do here at TZ....more important were you able to get to class on time

**FastGame** · September 8th, 2006, 18:08 PM

Originally Posted by phishhead

more important were you able to get to class on time

yep, a smarter blond is a bionicblond

**bionicblond** · September 8th, 2006, 21:35 PM

First of all, Congrats at Fast: you are the first person to figure that out. I ususally get questions like does yours have a cape, etc?
Whatever it is it keeps coming back.
I disable sys restore about a week ago. Don't laugh yes I have been at this for about a week before I decided to ask for help. (My daughter reminded me about techzones, BB is her online hero since he saved her Korn cd)
In order to get here, I had to disable my mouse, so until I figure out what is causing this, its keystrokes for me.
I keep trying to run trend micro but this thing starts to really go crazy close to the end of the scan. It keeps opening the c default programs start menu. But I dont see it do anything and so I close the window. I look in task manager all the time, and I don't see any oddball programs running. As soon as I finish running trend micro I am going to post another hijack. If you could look at the hijack I would be very grateful.

**bionicblond** · September 8th, 2006, 21:40 PM

Whatever it is, it won't let me run trend micro in Firefox anymore, it spoofs in that one. Unfortunately this is forcing me to use IE (I think its up to date 6 maybe, I am going to check that) Yuck!

**FastGame** · September 8th, 2006, 22:24 PM

Your Hijack log doesn't look bad, couple little minor things. Have you tried another mouse ?

Go here and do whats listed http://www.techzonez.com/forums/showthread.php?t=20523

**Big Booger** · September 9th, 2006, 04:12 AM

You can also use this site:
http://www.hijackthis.de/#anl

To analyze your highjack this log! It's very useful.

**bionicblond** · September 10th, 2006, 10:41 AM

Ok guys, I guess the simplest things are the ones that are always overlooked. It was my mouse, I have had it for 5 years and I guess it just died. I didn't know that they could do that. Installed an optical mouse and problem sovled, while I was at it, I decided to take back sound on my computer, but very soon I must get another hard drive.

Fast game is the winner!!!

Thanks, I really would have checked everything but the actual mouse.