My cursor has taken over my computer, opening windows and doing things

[Dragon's Girl]

Lately, my cursor seems to have taken over my Windows computer windows.

While I'm web surfing, every once in a while, the cursor seems to open its
own windows and move around the screen at high speed (like about ten
windows get opened in about five seconds or so).

After about fifteen or twenty seconds of this, I just hold down the power
key to reboot as there is nothing I can do while the cursor is going
freescale on me. Then, the problem goes away until the next time it occurs
again a day or two later.

Does anyone else have this cursor take over problem on Windows XP?
Do you know what the fix?
Even though I have a firewall, could it be a virus or spyware doing this?
How can I tell?

[Gabriele Neukam]

On this special day, Dragon's Girl wrote :

> While I'm web surfing, every once in a while, the cursor seems to open its
> own windows and move around the screen at high speed (like about ten
> windows get opened in about five seconds or so).

change the battery in your radio operated device.


Gabriele Neukam

Gabriele.Spamfighter.Neukam@t-online.de

--
No I am not a troll. Just a beginner and lazy!!!!!!!!!!!
(leepeach in alt.comp.virus, asked why (s)he was repeatedly asking the
same question)

[cbgerry]

On Apr 4, 10:47 am, Dragon's Girl <dragonsg...@sbcglobal.net> wrote:
> Lately, my cursor seems to have taken over my Windows computer windows.
>
> While I'm web surfing, every once in a while, the cursor seems to open its
> own windows and move around the screen at high speed (like about ten
> windows get opened in about five seconds or so).
>
> After about fifteen or twenty seconds of this, I just hold down the power
> key to reboot as there is nothing I can do while the cursor is going
> freescale on me. Then, the problem goes away until the next time it occurs
> again a day or two later.
>
> Does anyone else have this cursor take over problem on Windows XP?
> Do you know what the fix?
> Even though I have a firewall, could it be a virus or spyware doing this?
> How can I tell?


You will need to run Windows Updates immediately and install the
following emergency Critical Update released yesterday:

Windows Critical Update Released - Apply Immediately, Information
http://tech.groups.yahoo.com/group/b...ws/message/260

US-CERT Cyber Security Alert SA07-093A -- Microsoft Update for Windows
Animated Cursor Vulnerability
http://tech.groups.yahoo.com/group/b...ws/message/278

US-CERT Technical Cyber Security Alert TA07-093A -- Microsoft Update
for
Windows Animated Cursor Vulnerability
http://tech.groups.yahoo.com/group/b...ws/message/280

Microsoft issuing animated cursor security patch (Reuters)
http://tech.groups.yahoo.com/group/b...ws/message/271

Attacks Escalate As Microsoft Announces Emergency .ANI Patch
http://tech.groups.yahoo.com/group/b...ws/message/272

FWSLabs, Email Lures for ANI Zero-Day
http://tech.groups.yahoo.com/group/b...ws/message/256

Animated cursor worm proactively stopped by Sophos
http://tech.groups.yahoo.com/group/b...ws/message/265

Repost: Microsoft: Attacks on Windows flaw rise (AP) 3/30/07
http://tech.groups.yahoo.com/group/b...ws/message/274


It is strongly recommended you purchase one of the top three
antispyware programs - CounterSpy, Webroot Spysweeper, Trend Micro
Antispyware. Once you have applied the Critical Update patch which
will plug the exploit hole and keep cybercriminals from pumping and
dumping more malware into your computer - it is recommended to reboot
into Safe Mode and do a full system scan with both antivirus and
antispyware software programs - one at a time not together.

Restarting the computer in Safe Mode stops all running processes and
enables security software to remove the threats. It it is the same
with valid software - if it is currently running you must stop the
program first and then uninstall it. Most times it is not neccessary
to reboot into Safe Mode with antivirus and antispyware programs.
However in tricky and severe threats this is many times the result
after a full scan - the antivirus or antispyware program will explain
it cannot remove the threat until you do indeed reboot into Safe Mode
and do a full scan. With a severe threat it just saves the time of a
double full scan by just booting into Safe Mode from the get.

Of course do not forget to first Update your antivirus and antispyware
programs before submerging into Safe Mode to perform the full scan.
You will need the latest up to date definitions released.

If for some reason yo cannot purchase antispyware right now then use
the free versions of Lavasoft Ad-Aware and SuperAntispyware which are
both very good but not the best. See more utilities listed here at my
site:

http://www.bluecollarpc.net/pcsafety.html

Also install, register for free updates, and update and run this free
one (very well knwon and used) - it finds a lot of other crap that may
be associated here with your particular infection(s):

a-squared trojan remover (Free Working Version for life and Proactive
Premium Version)
http://www.emsisoft.com/en/software/free/
a-squared (a-squared) is a complementary product to antivirus software
and desktop firewalls on MS Windows computers. Antivirus software
specializes in detecting classic viruses. Many available products have
weaknesses in detecting other malicious software (Malware) like
Trojans, Dialers, Worms and Spyware (Adware). a-squared fills the gap
that malware writers exploit. Automatic updates: In a-squared Free the
updater must be run manually. The auto-update feature of a-squared
Personal checks hourly for new available updates and installs them
automatically. a-squared Free is freeware! You can download and use it
completely for free. You are also allowed to distribute it to third
parties. To be able to use it, you only must set up a free a-squared
Account, to get access to the update server. (Note you register by
simple sign up to activate definitions downloads free).

If you do not purchase antispyware at this time it is strongly
recommended to install the free Microsoft Windows Defender which has
real time protection and Active Shields - and is the only freeware
protection security with real time protection. Normally this can only
be activated by paid subscription. As well Windows Defender has the
active shileds that act like a firewall and blocks adware and spyware
and other malware from installing in real time 24/7. Only the top
selling antispyware programs have protective shields - as mentioned.
To see a screenshot of these shields and what they protect in real
time 24/7

SEE:
Shields Screenshot:
http://bluecollarpc.net/coppermine-p...apshotCopy.jpg
_________________
*****Administrator, BlueCollarPCNet Forums*****

[FredW]

cbgerry was thinking very hard :
> On Apr 4, 10:47 am, Dragon's Girl <dragonsg...@sbcglobal.net> wrote:
>> Lately, my cursor seems to have taken over my Windows computer windows.
>>
>> While I'm web surfing, every once in a while, the cursor seems to open its
>> own windows and move around the screen at high speed (like about ten
>> windows get opened in about five seconds or so).
>>
>> After about fifteen or twenty seconds of this, I just hold down the power
>> key to reboot as there is nothing I can do while the cursor is going
>> freescale on me. Then, the problem goes away until the next time it occurs
>> again a day or two later.
>>
>> Does anyone else have this cursor take over problem on Windows XP?
>> Do you know what the fix?
>> Even though I have a firewall, could it be a virus or spyware doing this?
>> How can I tell?
>
>
> You will need to run Windows Updates immediately and install the
> following emergency Critical Update released yesterday:

< SNIP>

Pfft, a very long list of "messages" all pointing to
the one and only update of Microsoft of yesterday:
http://www.microsoft.com/technet/sec.../MS07-017.mspx

Only if this update causes troubles, see also:
http://support.microsoft.com/kb/925902
http://support.microsoft.com/kb/935448/


> It is strongly recommended you purchase one of the top three
> antispyware programs - CounterSpy, Webroot Spysweeper, Trend Micro
> Antispyware. Once you have applied the Critical Update patch which

Why purchase?
Why not first try the top three antispyware programs:

A. AdAware
http://www.majorgeeks.com/Ad-Aware_S...onal_d506.html
http://www.lavasoft.de/

B. Spybot
http://www.majorgeeks.com/SpyBot-Sea...ols_d2471.html
http://www.safer-networking.org/en/

C. SuperAntiSpyware
http://www.majorgeeks.com/SUPERAntiSpyware_d5116.html
http://www.superantispyware.com/download.html

all above programs are free

and additionally (also free)

D. a-squared Free
http://www.majorgeeks.com/a-squared_...ion_d4281.html
http://www.emsisoft.com/en/software/download/
N.B. no registration required (not anymore)!

Download, install, update and run (scan) these programs.

>
> http://www.bluecollarpc.net/pcsafety.html

A very confusing site, far too much information.


> If you do not purchase antispyware at this time it is strongly
> recommended to install the free Microsoft Windows Defender which has

I hate Microsoft security products.
Bottom of the list in many tests.
Even make mailboxes in OE disappear.

--
Fred Wening (NL)

[cmsix]

"FredW" <fredw@ninmule.invalid> wrote in message
news:mn.25817d746996ae15.57381@ninmule.invalid...
> cbgerry was thinking very hard :
>> On Apr 4, 10:47 am, Dragon's Girl <dragonsg...@sbcglobal.net> wrote:
>>> Lately, my cursor seems to have taken over my Windows computer windows.
>>>
>>> While I'm web surfing, every once in a while, the cursor seems to open
>>> its
>>> own windows and move around the screen at high speed (like about ten
>>> windows get opened in about five seconds or so).
>>>
>>> After about fifteen or twenty seconds of this, I just hold down the
>>> power
>>> key to reboot as there is nothing I can do while the cursor is going
>>> freescale on me. Then, the problem goes away until the next time it
>>> occurs
>>> again a day or two later.
>>>
>>> Does anyone else have this cursor take over problem on Windows XP?
>>> Do you know what the fix?
>>> Even though I have a firewall, could it be a virus or spyware doing
>>> this?
>>> How can I tell?
>>
>>
>> You will need to run Windows Updates immediately and install the
>> following emergency Critical Update released yesterday:
>
> < SNIP>
>
> Pfft, a very long list of "messages" all pointing to
> the one and only update of Microsoft of yesterday:
> http://www.microsoft.com/technet/sec.../MS07-017.mspx
>
> Only if this update causes troubles, see also:
> http://support.microsoft.com/kb/925902
> http://support.microsoft.com/kb/935448/
>
>
>> It is strongly recommended you purchase one of the top three
>> antispyware programs - CounterSpy, Webroot Spysweeper, Trend Micro
>> Antispyware. Once you have applied the Critical Update patch which
>
> Why purchase?
> Why not first try the top three antispyware programs:
>
> A. AdAware
> http://www.majorgeeks.com/Ad-Aware_S...onal_d506.html
> http://www.lavasoft.de/
>
> B. Spybot
> http://www.majorgeeks.com/SpyBot-Sea...ols_d2471.html
> http://www.safer-networking.org/en/
>
> C. SuperAntiSpyware
> http://www.majorgeeks.com/SUPERAntiSpyware_d5116.html
> http://www.superantispyware.com/download.html
>
> all above programs are free
>
> and additionally (also free)
>
> D. a-squared Free
> http://www.majorgeeks.com/a-squared_...ion_d4281.html
> http://www.emsisoft.com/en/software/download/
> N.B. no registration required (not anymore)!
>
> Download, install, update and run (scan) these programs.
>
>>
>> http://www.bluecollarpc.net/pcsafety.html
>
> A very confusing site, far too much information.
>
>
>> If you do not purchase antispyware at this time it is strongly
>> recommended to install the free Microsoft Windows Defender which has
>
> I hate Microsoft security products.
> Bottom of the list in many tests.
> Even make mailboxes in OE disappear.

I have to say that I also think it is a little odd to use a microsoft
security program, since they're the ones that left the holes in the first
place. Maybe it's just me.

cmsix

>
> --
> Fred Wening (NL)
>
>

[Gerald309]

On Apr 4, 5:29 pm, FredW <f...@ninmule.invalid> wrote:
> cbgerry was thinking very hard :
>
>
>
>
>
> > On Apr 4, 10:47 am, Dragon's Girl <dragonsg...@sbcglobal.net> wrote:
> >> Lately, my cursor seems to have taken over my Windows computer windows.
>
> >> While I'm web surfing, every once in a while, the cursor seems to open its
> >> own windows and move around the screen at high speed (like about ten
> >> windows get opened in about five seconds or so).
>
> >> After about fifteen or twenty seconds of this, I just hold down the power
> >> key to reboot as there is nothing I can do while the cursor is going
> >> freescale on me. Then, the problem goes away until the next time it occurs
> >> again a day or two later.
>
> >> Does anyone else have this cursor take over problem on Windows XP?
> >> Do you know what the fix?
> >> Even though I have a firewall, could it be a virus or spyware doing this?
> >> How can I tell?
>
> > You will need to run Windows Updates immediately and install the
> > following emergency Critical Update released yesterday:
>
> < SNIP>
>
> Pfft, a very long list of "messages" all pointing to
> the one and only update of Microsoft of yesterday:http://www.microsoft.com/technet/sec.../MS07-017.mspx
>
> Only if this update causes troubles, see also:http://support.microsoft.com/kb/9259...com/kb/935448/
>
> > It is strongly recommended you purchase one of the top three
> > antispyware programs - CounterSpy, Webroot Spysweeper, Trend Micro
> > Antispyware. Once you have applied the Critical Update patch which
>
> Why purchase?
> Why not first try the top three antispyware programs:
>
> A. AdAwarehttp://www.majorgeeks.com/Ad-Aware_SE_Personal_d506.htmlhttp://www.lavasoft.de/
>
> B. Spybothttp://www.majorgeeks.com/SpyBot-Search_&_Destroy_Tools_d2471.htmlhttp://www.safer-networking.org/en/
>
> C. SuperAntiSpywarehttp://www.majorgeeks.com/SUPERAntiSpyware_d5116.htmlhttp://www.superantispyware.com/download.html
>
> all above programs are free
>
> and additionally (also free)
>
> D. a-squared Freehttp://www.majorgeeks.com/a-squared_a%B2_Free_edition_d4281.htmlhttp://www.emsisoft.com/en/software/download/
> N.B. no registration required (not anymore)!
>
> Download, install, update and run (scan) these programs.
>
>
>
> >http://www.bluecollarpc.net/pcsafety.html
>
> A very confusing site, far too much information.
>
> > If you do not purchase antispyware at this time it is strongly
> > recommended to install the free Microsoft Windows Defender which has
>
> I hate Microsoft security products.
> Bottom of the list in many tests.
> Even make mailboxes in OE disappear.
>
> --
> Fred Wening (NL)- Hide quoted text -
>
> - Show quoted text -

-------------- >


WELL SINCE WE ARE INTO CRITIQUES HERE....

Allow me to critique your critique....

""QUOTE"" Pfft, a very long list of "messages" all pointing to
the one and only update of Microsoft of yesterday:
http://www.microsoft.com/technet/sec.../MS07-017.mspx
""UNQUOTE""

Apparently you did not perceive this person may not possibly be that
savvy concerning malware and is the reason for posting for help. There
are two reasons for the news links. One, anyone can kind of read
between the lines - but several sources are neccessary to do that
generally with computers. Two, this is a "ZERO DAY EXPLOIT" and if you
are a moron and don't know better (are you?) - everyone and their kid
brother are scrambling in the security industry to identify threats
and create definitions for their removal. There is no busier time in
the industries - both antispyware and antivirus - when there is a
"Zero Day Threat" which means there is an exploit hole and no idea of
what is going to hit it. This is about the third zero day threat in a
little over a year. The first of that time was the WMFmetafile exploit
zero day which spawned bogus ransomware applications lkike SpyAxe,
SpyFalcon, and SpyuwareQuake - all giving false security warnings and
hijacking the computer for $30 to remove the fake threats. This
escalated. There was the VML zero day not too long ago. And now this.
When these occur, the symptoms of the apparent infections are going to
obviously vary somewhat from user to user depending obviously on the
cybercriminal exploits developed. That means a little extra shopping
around for symptoms even as the Labs are preparing defintions - or in
shorter terms the first wave is going to be sketchy. And there you
are... a handful of links to read around and see if there is a similar
symptom going on. A way to look into the profession from their news
desks to see what they are saying or seeing as going on with this zero
day. It may be that the speciffic threat involved for this person has
nothing to do with this at all. It is too much of a coincidence
however to be ignored. If the person had already installed the latest
patch and did scans - then it is most likely they even ignored my
response altogether as invalid to their problem. I am aware of that.
This post, my replies, were a starting place to the most obvious.
SO... if the list was long to you why did you add to it ? You only
reiterated what was posted already. If it is something personal with
me then it is personal and nothing to do with the content. Or perhaps
you are a troll that just likes to hit on people at public forums.
Perhaps you just wanted your own recognition. Well hint, just post
your information and forget badmouthing someone else if you really
wish a person to look to you for help.

""QUOTE""Only if this update causes troubles, see also:
http://support.microsoft.com/kb/925902
http://support.microsoft.com/kb/935448/ ""UNQUOTE""

This is kind of going where many many people have seen this many many
times. You just want to crank-yank about Microsoft. Quite the wining
and get an Apple or get out altogether. Next comes all the winings
about Microsoft Updates. We've seen it all before. Worn out and tired
record. And you add this at the bottom:...

""QUOTE"" I hate Microsoft security products. Bottom of the list in
many tests. Even make mailboxes in OE disappear. ""UNQUOTE""


There you are.... it just goes on and on how you hate Microsoft. Point
is to get every nickle out of the investment. Use it or loose it.


And here comes your bad advice about "free crap"...

""QUOTE"" Why purchase? Why not first try the top three antispyware
programs: ""UNQUOTE""

Do you really believe in a multi-billion dollar industry of
antispyware products that anything free is going to protect you? You
are an idiot - or purposely giving bad advice to further ignorance and
infection for gain. The free products do not protect anything. The
paid ones do. What did you miss ?

""QUOTE"" A very confusing site, far too much information.
""UNQUOTE""

My website is soooo easy even you could understand it. Why don't you ?
Well Fred the Winer from the NL , I hope you liked my critique of your
critique of my post since it seems to be "Crtique Day" as well as
Spring. I personally thing your sucked... BAD.


By the way I forgot to add your post was too long to just say
Microsoft sucks. Cut it short heh?

[Gerald309]

On Apr 4, 5:54 pm, "cmsix" <c...@hotmail.com> wrote:
> "FredW" <f...@ninmule.invalid> wrote in message
>
> news:mn.25817d746996ae15.57381@ninmule.invalid...
>
>
>
>
>
> > cbgerry was thinking very hard :
> >> On Apr 4, 10:47 am, Dragon's Girl <dragonsg...@sbcglobal.net> wrote:
> >>> Lately, my cursor seems to have taken over my Windows computer windows.
>
> >>> While I'm web surfing, every once in a while, the cursor seems to open
> >>> its
> >>> own windows and move around the screen at high speed (like about ten
> >>> windows get opened in about five seconds or so).
>
> >>> After about fifteen or twenty seconds of this, I just hold down the
> >>> power
> >>> key to reboot as there is nothing I can do while the cursor is going
> >>> freescale on me. Then, the problem goes away until the next time it
> >>> occurs
> >>> again a day or two later.
>
> >>> Does anyone else have this cursor take over problem on Windows XP?
> >>> Do you know what the fix?
> >>> Even though I have a firewall, could it be a virus or spyware doing
> >>> this?
> >>> How can I tell?
>
> >> You will need to run Windows Updates immediately and install the
> >> following emergency Critical Update released yesterday:
>
> > < SNIP>
>
> > Pfft, a very long list of "messages" all pointing to
> > the one and only update of Microsoft of yesterday:
> >http://www.microsoft.com/technet/sec.../MS07-017.mspx
>
> > Only if this update causes troubles, see also:
> >http://support.microsoft.com/kb/925902
> >http://support.microsoft.com/kb/935448/
>
> >> It is strongly recommended you purchase one of the top three
> >> antispyware programs - CounterSpy, Webroot Spysweeper, Trend Micro
> >> Antispyware. Once you have applied the Critical Update patch which
>
> > Why purchase?
> > Why not first try the top three antispyware programs:
>
> > A. AdAware
> >http://www.majorgeeks.com/Ad-Aware_S...onal_d506.html
> >http://www.lavasoft.de/
>
> > B. Spybot
> >http://www.majorgeeks.com/SpyBot-Sea...ols_d2471.html
> >http://www.safer-networking.org/en/
>
> > C. SuperAntiSpyware
> >http://www.majorgeeks.com/SUPERAntiSpyware_d5116.html
> >http://www.superantispyware.com/download.html
>
> > all above programs are free
>
> > and additionally (also free)
>
> > D. a-squared Free
> >http://www.majorgeeks.com/a-squared_...ion_d4281.html
> >http://www.emsisoft.com/en/software/download/
> > N.B. no registration required (not anymore)!
>
> > Download, install, update and run (scan) these programs.
>
> >>http://www.bluecollarpc.net/pcsafety.html
>
> > A very confusing site, far too much information.
>
> >> If you do not purchase antispyware at this time it is strongly
> >> recommended to install the free Microsoft Windows Defender which has
>
> > I hate Microsoft security products.
> > Bottom of the list in many tests.
> > Even make mailboxes in OE disappear.
>
> I have to say that I also think it is a little odd to use a microsoft
> security program, since they're the ones that left the holes in the first
> place. Maybe it's just me.
>
> cmsix
>
>
>
>
>
> > --
> > Fred Wening (NL)- Hide quoted text -
>
> - Show quoted text -- Hide quoted text -
>
> - Show quoted text -
------------->


Get an Apple and get a life then.

[cmsix]

"Gerald309" <gerald309@gmail.com> wrote in message
news:1175733174.660022.154950@b75g2000hsg.googlegr oups.com...
> On Apr 4, 5:54 pm, "cmsix" <c...@hotmail.com> wrote:
>> "FredW" <f...@ninmule.invalid> wrote in message
>>
>> news:mn.25817d746996ae15.57381@ninmule.invalid...
>>
>>
>>
>>
>>
>> > cbgerry was thinking very hard :
>> >> On Apr 4, 10:47 am, Dragon's Girl <dragonsg...@sbcglobal.net> wrote:
>> >>> Lately, my cursor seems to have taken over my Windows computer
>> >>> windows.
>>
>> >>> While I'm web surfing, every once in a while, the cursor seems to
>> >>> open
>> >>> its
>> >>> own windows and move around the screen at high speed (like about ten
>> >>> windows get opened in about five seconds or so).
>>
>> >>> After about fifteen or twenty seconds of this, I just hold down the
>> >>> power
>> >>> key to reboot as there is nothing I can do while the cursor is going
>> >>> freescale on me. Then, the problem goes away until the next time it
>> >>> occurs
>> >>> again a day or two later.
>>
>> >>> Does anyone else have this cursor take over problem on Windows XP?
>> >>> Do you know what the fix?
>> >>> Even though I have a firewall, could it be a virus or spyware doing
>> >>> this?
>> >>> How can I tell?
>>
>> >> You will need to run Windows Updates immediately and install the
>> >> following emergency Critical Update released yesterday:
>>
>> > < SNIP>
>>
>> > Pfft, a very long list of "messages" all pointing to
>> > the one and only update of Microsoft of yesterday:
>> >http://www.microsoft.com/technet/sec.../MS07-017.mspx
>>
>> > Only if this update causes troubles, see also:
>> >http://support.microsoft.com/kb/925902
>> >http://support.microsoft.com/kb/935448/
>>
>> >> It is strongly recommended you purchase one of the top three
>> >> antispyware programs - CounterSpy, Webroot Spysweeper, Trend Micro
>> >> Antispyware. Once you have applied the Critical Update patch which
>>
>> > Why purchase?
>> > Why not first try the top three antispyware programs:
>>
>> > A. AdAware
>> >http://www.majorgeeks.com/Ad-Aware_S...onal_d506.html
>> >http://www.lavasoft.de/
>>
>> > B. Spybot
>> >http://www.majorgeeks.com/SpyBot-Sea...ols_d2471.html
>> >http://www.safer-networking.org/en/
>>
>> > C. SuperAntiSpyware
>> >http://www.majorgeeks.com/SUPERAntiSpyware_d5116.html
>> >http://www.superantispyware.com/download.html
>>
>> > all above programs are free
>>
>> > and additionally (also free)
>>
>> > D. a-squared Free
>> >http://www.majorgeeks.com/a-squared_...ion_d4281.html
>> >http://www.emsisoft.com/en/software/download/
>> > N.B. no registration required (not anymore)!
>>
>> > Download, install, update and run (scan) these programs.
>>
>> >>http://www.bluecollarpc.net/pcsafety.html
>>
>> > A very confusing site, far too much information.
>>
>> >> If you do not purchase antispyware at this time it is strongly
>> >> recommended to install the free Microsoft Windows Defender which has
>>
>> > I hate Microsoft security products.
>> > Bottom of the list in many tests.
>> > Even make mailboxes in OE disappear.
>>
>> I have to say that I also think it is a little odd to use a microsoft
>> security program, since they're the ones that left the holes in the first
>> place. Maybe it's just me.
>>
>> cmsix
>>
>>
>>
>>
>>
>> > --
>> > Fred Wening (NL)- Hide quoted text -
>>
>> - Show quoted text -- Hide quoted text -
>>
>> - Show quoted text -
> ------------->
>
>
> Get an Apple and get a life then.

I eat Apples all the time. I also have a Macintosh on the bench behind me,
right where it belongs. Currently it's playing pong by itself, and believe
it or not the Hyperdrive still works fine.

cmsix

>

[Gerald309]

On Apr 4, 10:47 am, Dragon's Girl <dragonsg...@sbcglobal.net> wrote:
> Lately, my cursor seems to have taken over my Windows computer windows.
>
> While I'm web surfing, every once in a while, the cursor seems to open its
> own windows and move around the screen at high speed (like about ten
> windows get opened in about five seconds or so).
>
> After about fifteen or twenty seconds of this, I just hold down the power
> key to reboot as there is nothing I can do while the cursor is going
> freescale on me. Then, the problem goes away until the next time it occurs
> again a day or two later.
>
> Does anyone else have this cursor take over problem on Windows XP?
> Do you know what the fix?
> Even though I have a firewall, could it be a virus or spyware doing this?
> How can I tell?


============================> For the Wise Guys:
SCOPE OF THE CURRENT PROBLEM:

Spammers feast on ANI vulnerability
http://news.yahoo.com/s/infoworld/20...oworld/87423_1


San Francisco (InfoWorld) - Microsoft moved to fix the critical .ANI
vulnerability that affects roughly a dozen of its most popular
products, including Vista, but spammers and malware brokers are
already tapping into the flaw to infect unprotected machines.

Most enterprises should already be aware of the problem, and IT
departments are likely scrambling to get Microsoft's security update
in place, but attackers have likely been hammering away at the
widespread vulnerability for months, according to security experts.

The IT community became aware of the .ANI glitch -- which affects the
manner in which roughly a dozen Microsoft Windows products handle
malformed animated cursor files -- as a wave of spam and malware
attacks hit the Internet after April 1.

However, experts say the problem -- which was first reported to
Redmond, Wash.-based Microsoft in Dec. 2006 -- has likely been
assailed for some time by attackers seeking to maintain a much lower
profile.

Rated by Secunia as an extremely critical flaw -- the Copenhagen-based
security software maker's most severe vulnerability ranking -- experts
say that the .ANI glitch is currently being exploited in a wide
variety of formats that are likely to ensnare a large number of PCs
worldwide with malware, adware, and botnet programs.

Microsoft also issued fixes for seven other security vulnerabilities
in addition to the .ANI problem in an ahead-of-schedule patch
delivered on April 3.

Researchers at San Diego-based Websense reported the discovery of over
450 unique sites hosting .ANI-based spyware threats, adding up to tens
of thousands of URLs infected with the malware. Unprotected end users
visiting those sites will be redirected and hit with a password-
stealing spyware program labeled as "ad.exe" which most anti-virus
programs cannot catch, Websense reported.

Experts have also highlighted the rapid emergence of a new wave of
attacks that are infecting end users who merely open e-mails or
attachments laced with the viruses.

In one of the most popular iterations of the e-mail-based threats,
users are being sent spam messages that advertise links to URLs
hosting lurid images of embattled pop singer Britney Spears.

Users targeted in the campaign receive e-mail with the subject line
"Hot Pictures of Britiney Speers" that has been written in HTML to
help avoid filtering tools. After opening the infected spam e-mail,
people who then click on the links are redirected to malware sites
that host JavaScript code believed to be controlled by servers used by
Russian cyber-criminals.

Roger Thompson, chief technology officer at Exploit Prevention Labs,
based in Marietta, Georgia, said that the attacks being served up by
that group run the full gamut of threats, from botnet software to
sophisticated root kits.

The expert said that the root kit, dubbed 200.exe, eventually calls
out to an account on Microsoft's Hotmail servers to announce itself
and seek out additional malware to download onto infected machines.
Thompson said the spam attacks started in earnest on April 1.

"This spam ring has a nasty set of encrypted exploits, and it is
clearly all Russian in origin, as the sites that are being used are
written in Russian," he said. "They're also using a new [malware]
encryption style that we only first saw about a month ago; they're
rapidly adding new exploits to these encrypted attacks, and the .ANI-
based stuff is just the latest."

Thompson said that many machines have already been infected using the
attack, and that he believes many more will come under control of the
malware before systems can be patched, including many corporate users.

"With the embedded HTML they will catch people; there's no need to
download anything. These are thoughtful attackers and they are gaining
command and control right over port 80, and straight through the
firewall," he said. "If there's a patch that you've missed they're
going to get you, and we believe this is all still gathering steam."

The expert said that the .ANI threats may have actually first been
created by Chinese hackers attempting to steal people's passwords to
the World of Warcraft online video game, with other attackers
subsequently modifying the code for their own means.

Other experts said the attacks will likely result in new hordes of
widespread botnets, which will allow attackers to piggyback even more
spam and malware campaigns onto their existing threats.

Since the .ANI flaw is present on so many relevant Microsoft products,
botnet herders will likely flock to take advantage of the flaw, said
Max Cacares, director of product management at penetration testing
specialists Core Security, based in Boston.

"One reason why spammers are interested is because a lot of the
underground community takes advantage of botnets to relay their work,
and this is great for building huge bontets since it works on every
version of Windows that you care about," Cacares said. "With the
potential to exploit it directly from Outlook, this is great for
compromising a huge variety of users, and once it's made part of
botnet, it also becomes a huge asset for all kinds of spammers."

Some researchers said they were surprised that there have not been
more widespread attacks since the vulnerability was first made public
so long ago.

"We actually haven't seen a huge proliferation yet," said David
Frazer, director of technology services for anti-virus specialists F-
Secure, based in Helsinki. "But with four patches issued from
Microsoft between the original announcement and the release of all
this code, one could say it might have been fixed sooner;
fortuitously, we haven't seen as many infections as might have
happened."

Matt Sergeant, senior anti-spam technologist at security software
maker MessageLabs, based in Gloucester, U.K., said that Russian
hackers are known to have been seeking new flaws that would allow them
to deliver massive amounts of malware code in short periods of time.

"We're very much aware that Russian guys have been on the lookout for
a new attack, their botnets have actually been diminishing since
October 2006 since the Warezov virus," he said. "They're looking for
anew angle to get in and with the security improvements in Vista,
they're worried that they can't crack into stuff as easy as in past,
but this proves that might not be the case."

The expert contends that the hackers are working furiously to find new
avenues for attack, and predicted that many have shifted their efforts
to the .ANI vulnerability over the last several days.

"These guys have teams of programmers working on this 24 hours a day,
trying to find some way in, and when a major software vendors releases
a patch, they move quickly," said Sergeant. "Especially on a Tuesday
morning, most businesses are not ready to get a patch immediately
installed; this is likely creating a huge opportunity for these guys
to get stuff installed on people's computers and increase the size of
their botnets."

=============/.

[FredW]

Gerald309 pretended :
> On Apr 4, 5:29 pm, FredW <f...@ninmule.invalid> wrote:
>> cbgerry was thinking very hard :
>
> Apparently you did not perceive .....
>
> ..... and if you
> are a moron and don't know better (are you?)
> ..... Well hint, just post
> your information and forget badmouthing someone else if you really
> wish a person to look to you for help.
>
> ..... You just want to crank-yank about Microsoft .....
>
> There you are.... it just goes on and on how you hate Microsoft. Point
> is to get every nickle out of the investment....
>
> ..... You
> are an idiot - or purposely giving bad advice to further ignorance and
> infection for gain .....
>
> My website is soooo easy even you could understand it.....
> Well Fred the Winer from the NL .....

I understand you are clearvoyant.
From one message of me, you can do an indepth psycholigical
analysis, how nice for you.
It looks like Gerald309 (aka cbgerry) hates to be contradicted.

Forgive me, split person, but I will not spend further time
to explore your "informative" and "so easy" webiste.

Are you pcbutts ... ???

--
Fred Wening (NL)