It all started when I decided to get rid of iTunes and get aTunes from SoftPedia. Immediately, the same day my daily Avast Full scan revealed 7 AddLyrics viruses. Two of which were not captured and sent to the chest.
C:\Program Files\LyricsPal\125.crx|>contentscript.js JS:AddLyrics-E [Adw] Error the system cannot find the file specified
C:\Program Files\LyricsPal\125.crx|>manifest.json JS:AddLyrics-B [Adw] Error the system cannot find the file specified
So I did a boot scan and came up empty. Then my mouse started freezing on the Y-axis and I thought it was dirty but it was happening after every couple of hours of use.
I tried changing the pointers on the mouse when I noticed the drivers MOUCLASS.SYS & MOUHID.SYS “Not digitally signed”. I uninstalled the drivers and rebooted my XPSp3 32bit system with a boot scan and went to work.
When I came home my system would not boot up into Windows and left me a message that the copy of windows xp was not valid. So I went to the library after a couple of days trying to fix things in safe mode. I contacted MS and had to input about 50 numbers to validate Windows and get past the windows boot.
I tried the Recovery Console Expand and Extract commands to overwrite these files when I noticed they are SP2 versions and I have SP3 versions on my system. However, these commands would not work and I used the Copy command without any change. I’ve had passwords on my CMOS and Avast and changed the CMOS user access and password when it looked like settings had been changed when I could not boot up.
I started researching the y-axis freeze but mostly found game forum troubles. Lately I noticed that four of my security updates will not work for windows. So I guessed this bug is stopping the updates. Yesterday I did a search and found an MS page, “You cannot install some updates or programs” on http://support.microsoft.com/kb/822798.
There are 11 separate “Manual methods” listed to fix the update program and I did Method 1 to Method 6 and skipped Method 7 & 8 because I got lost in it’s referral to other MS pages and went to Method 9 with no success with the command “ren %systemroot%\System32\Catroot2 oldcatroot2”
In Method 9 I was given a message that the file is being used by another process.
[i]Method 9: Clear the temporary file and restart the hotfix installation or the service pack installation
To clear the temporary file and restart the hotfix installation or the service pack installation, follow these steps:
Click Start, click Run, type cmd, and then click OK.
At the command prompt, type the following commands. Press Enter after each command.
net stop cryptsvc
ren %systemroot%\System32\Catroot2 oldcatroot2
net start cryptsvc
exit[/i]
Yesterday I lost all access to the internet with my browsers and Avast even though the connection was active. Before this happened I set Avast to put mouclass.sys and mouhid.sys as virtual processes and restrict their access from the internet. However, next my access was restricted until I released control of those settings. I restricted that access because I come home to find the six tabs open but FireFox using 1,000,000 kbs in “Task Manager”. I only see that much memory being used if I have 30 or more tabs open.
When my mouse looses the Y-axis control I fix it temporarily by unplugging the dual mouse keyboard ps/2 usb adapter and after I hear the system usb sound I plug it back in five or ten times waiting for the sound again and the keyboard to light up to get back mouse control.
I wanted to take my computer to the shop but they would just wipe the drives. I’ve got a TB USB external drive that I sent all of my documents over. Except for about 20gb of documents most of the files are movies, music, and pictures. My usb has 903gb of used space and 28.3 free space.
I can’t assume that the usb is not also infected. On top of all this I have to move tomorrow.
I need a silver bullet before I go to work tonight.
SOS ASAP