So i am in the middle of a game and suddenly i lose control of my keyboard and assume i am getting hacked because buttons are being pushed without me pushing them. I turn off my computer and restart without internet. I check my firewall and it says that an application was accessing my computer to i guess hack me. So i click block and terminate and all is well. A week later it happens again except that instead of losing control of my keyboard, the buttons dont register as what they should. i press "f" and it types "sfd" i press "b" and it shows up as " b" etc... I tried restarting, replugging in the keyboard, reinstalling keyboard drivers and other things but nothing works. I plugged in another keyboard and thats how im making this post but i like the other one better and i dont want to ruin this one to the same problem. here are the logs that are supposed to go with this post.
DDS: Log
DDS (Ver_09-06-26.01) - NTFSx86
Run by Nolan at 16:43:31.90 on Sat 07/11/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2814.2085 [GMT -4:00]
AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Sygate Personal Firewall *enabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Sygate\SPF\smc.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Verizon\McciTrayApp.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\GWHotKey.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Nolan\Desktop\dds.scr
============== Pseudo HJT Report ===============
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\16.5.0.135\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\16.5.0.135\IPSBHO.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\16.5.0.135\coIEPlg.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [Steam] "c:\program files\steam\steam.exe" -silent
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [RivaTunerStartupDaemon] "c:\program files\rivatuner v2.23\RivaTuner.exe" /S
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Verizon_McciTrayApp] "c:\program files\verizon\McciTrayApp.exe"
mRun: [SmcService] c:\progra~1\sygate\spf\smc.exe -startgui
mRun: [Multi-function Keyboard] GWHotKey.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partygaming\partypoker\RunApp.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1234130203154
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton internet security\engine\16.5.0.135\CoIEPlg.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\nolan\applic~1\mozilla\firefox\profiles\87o2kcq9.default\
FF - prefs.js: browser.search.selectedEngine - Ask
FF - prefs.js: browser.startup.homepage -
www.google.com
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=20008&gct=&gc=1&q=
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\coffplgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\ipsffplgn\components\IPSFFPl.dll
FF - plugin: c:\documents and settings\all users\application data\id software\quakelive\npquakezero.dll
FF - plugin: c:\documents and settings\nolan\application data\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-7-5 130936]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1005000.087\SymEFA.sys [2009-3-20 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\nis\1005000.087\BHDrvx86.sys [2009-3-20 258608]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1005000.087\cchpx86.sys [2009-3-20 482352]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20090709.001\IDSXpx86.sys [2009-7-10 276344]
R2 GEST Service;GEST Service for program management.;c:\program files\gigabyte\energysaver\GSvr.exe [2009-2-8 80392]
R2 Norton Internet Security;Norton Internet Security;c:\program files\norton internet security\engine\16.5.0.135\ccSvcHst.exe [2009-3-20 115560]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2009-2-8 24652]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-2-25 101936]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090711.006\NAVENG.SYS [2009-7-11 89104]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090711.006\NAVEX15.SYS [2009-7-11 876144]
S3 dump_wmimmc;dump_wmimmc;\??\c:\aeriagames\shaiya\gameguard\dump_wmimmc.sys --> c:\aeriagames\shaiya\gameguard\dump_wmimmc.sys [?]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-7-5 348752]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2009-7-5 1095560]
S4 vsdatant;vsdatant; [x]
=============== Created Last 30 ================
2009-07-11 05:26 135,168 a------- c:\windows\system32\gwhotkey.cpl
2009-07-11 05:26 98,361 a------- c:\windows\GWHotKey.exe
2009-07-11 05:26 47,104 a------- c:\windows\_ISREG32.DLL
2009-07-11 05:26 147 a------- c:\windows\_DEISREG.ISR
2009-07-11 05:26 299,520 a------- c:\windows\uninst.exe
2009-07-11 05:25 <DIR> --d----- c:\documents and settings\nolan\WINDOWS
2009-07-11 05:16 21,504 ac------ c:\windows\system32\dllcache\hidserv.dll
2009-07-11 05:16 21,504 a------- c:\windows\system32\hidserv.dll
2009-07-11 05:16 14,848 ac------ c:\windows\system32\dllcache\kbdhid.sys
2009-07-11 05:16 14,848 a------- c:\windows\system32\drivers\kbdhid.sys
2009-07-11 05:02 <DIR> --d----- c:\program files\Trend Micro
2009-07-05 19:44 159,600 a------- c:\windows\system32\drivers\pctgntdi.sys
2009-07-05 19:44 130,936 a------- c:\windows\system32\drivers\PCTCore.sys
2009-07-05 19:44 73,840 a------- c:\windows\system32\drivers\PCTAppEvent.sys
2009-07-05 19:43 <DIR> --d----- c:\program files\common files\PC Tools
2009-07-05 19:43 64,392 a------- c:\windows\system32\drivers\pctplsg.sys
2009-07-05 19:43 <DIR> --d----- c:\program files\Spyware Doctor
2009-07-05 19:43 <DIR> --d----- c:\docume~1\nolan\applic~1\PC Tools
2009-07-05 19:43 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Tools
2009-07-05 03:33 <DIR> --d----- c:\docume~1\nolan\applic~1\Acreon
2009-07-04 03:52 189,784 a------- c:\windows\system32\PnkBstrB.xtr
2009-07-04 03:33 <DIR> --d----- c:\docume~1\nolan\applic~1\id Software
2009-07-04 03:32 <DIR> --d----- c:\docume~1\alluse~1\applic~1\id Software
2009-07-02 23:36 <DIR> --d----- c:\program files\World of Warcraft
2009-07-02 21:54 <DIR> --d----- c:\program files\World of Warcraft.a1317915.temp
2009-07-02 20:39 <DIR> --d----- C:\Fraps
2009-07-02 19:25 <DIR> --d----- c:\program files\World of Warcraft.temp
2009-07-02 19:25 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Blizzard
2009-06-22 22:37 14,568 a------- c:\windows\system32\drivers\wg6n.sys
2009-06-22 22:37 14,568 a------- c:\windows\system32\drivers\wg5n.sys
2009-06-22 22:37 14,568 a------- c:\windows\system32\drivers\wg4n.sys
2009-06-22 22:37 14,568 a------- c:\windows\system32\drivers\wg3n.sys
2009-06-22 22:37 60,496 a------- c:\windows\system32\drivers\Teefer.sys
2009-06-22 22:37 21,075 a------- c:\windows\system32\drivers\wpsdrvnt.sys
2009-06-22 22:37 83,096 a------- c:\windows\system32\SSSensor.dll
2009-06-22 22:37 <DIR> --d----- c:\program files\Sygate
2009-06-22 11:07 <DIR> --d----- c:\program files\MindArk
2009-06-11 18:29 41,808 a------- c:\windows\system32\xfcodec.dll
==================== Find3M ====================
2009-07-11 04:59 16,608 a------- c:\windows\gdrv.sys
2009-07-04 18:45 138,944 a------- c:\windows\system32\drivers\PnkBstrK.sys
2009-07-04 18:45 189,784 a------- c:\windows\system32\PnkBstrB.exe
2009-07-04 03:51 75,064 a------- c:\windows\system32\PnkBstrA.exe
2009-07-04 03:32 22,328 a------- c:\docume~1\nolan\applic~1\PnkBstrK.sys
2009-07-04 03:32 2,246,144 a------- c:\windows\system32\pbsvc.exe
2009-05-28 15:02 131,072 a------- c:\windows\system32\SpoonUninstall.exe
2009-05-28 15:02 36,104 a------- c:\windows\system32\SpoonUninstall-dBpowerAMP Music Converter.dat
2009-05-22 20:47 410,984 a------- c:\windows\system32\deploytk.dll
2009-05-07 11:44 344,064 a------- c:\windows\system32\localspl.dll
2009-04-29 00:52 659,456 a------- c:\windows\system32\wininet.dll
2009-04-29 00:52 81,920 -------- c:\windows\system32\ieencode.dll
2009-04-17 05:58 1,846,656 a------- c:\windows\system32\win32k.sys
2009-04-16 16:37 19,024 a------- c:\docume~1\nolan\applic~1\GDIPFONTCACHEV1.DAT
2009-04-15 11:11 584,192 a------- c:\windows\system32\rpcrt4.dll
============= FINISH: 16:43:50.71 ===============
Chevy Camaro Forum
Ford Mustang Forum
Jeep Wrangler Forum
Volkswagen Touareg Forum
Land Rover Defender Forum
