I was using AVG anti virus and mb3-setup-consumer-18.104.22.1683.exe Mouse behaviour If left untouched for a period, my mouse needed a button click in order to function. It seemed to be moving slowly, and would drift upwards, when hovering over a link. Modded the setup to max speed, but it still wasn't right. (In all my decades of computing, I've never experienced this mouse behaviour) I had watched F1 via a stream - many such streams launch an advert new window if the stream page is clicked. This would be a good way of forcing the user to click the page. Opening a new firefox tab : unknown software exception (0xc0000409) occurred in the application at location 0x00406b64 Malwarebytes scan Tried to run a Malwarebytes scan, but it wouldn't run. Spybot found nothing threatening. Installed super antispyware - it found no threats. Chameleon Ran chameleon - option 2 worked - it suggested that I upgrade, which I did to 3.5.1 However, 3.5 wouldn't launch. Uninstalled it and reinstalled 3.1 Option 2 no longer worked ... I think it was option 8 that worked ... I ran a scan ... zero threats. Note: each time an option wouldn't work, it would stop at 'enabling driver' requiring a reboot every time. Testing the 13 options took a long time. 3.5.1 Reinstalled 3.5.1 - it wouldn't launch, but it did launch the following day (maybe it needed a reboot). Ran a scan - zero threats. ------------------------ I finally finished a big report last night. Today, booted the PC ... Malwarebytes blocked 22.214.171.124 (outbound) - I hadn't launched a connection to that site. I am alerted at regular intervals of this site being blocked. -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Unspecified Domain: IP Address: 126.96.36.199 Port:  Type: Outbound File: Loaded scanurl.net in Firefox - https crossed out, and the url input box did not display. Loaded scanurl.net in Chrome - https displayed - the url input boxes appeared momentarily, then disappeared, and were inaccessible. Checked the site in google transparency and phishtank - result : clean I noticed that the mouse was now functioning correctly!!! ------------ What to do? Is it possible that malware can be switched on and off? Does anybody recognise this strange mouse behaviour? Might the mouse be working correctly because 188.8.131.52 is now being blocked? Could this be simple suppression - general time-wasting aspect of a varied package of measures?