Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

Keyboard stops working

This is a discussion on Keyboard stops working within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. I have a thread here, https://www.techsupportforum.com/foru...ng-842041.html about the keyboard stops working. Was advised to run the DDS and GMER tools.


Closed Thread
 
Thread Tools Search this Thread
Old 06-04-2014, 04:15 PM   #1
Registered Member
 
Join Date: Jan 2014
Posts: 67
OS: Win 7 Pro 64 bit



I have a thread here, https://www.techsupportforum.com/foru...ng-842041.html about the keyboard stops working. Was advised to run the DDS and GMER tools.

Here are the logs.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041 BrowserJavaVersion: 10.55.2
Run by Niks at 15:07:46 on 2014-06-04
Microsoft Windows 7 Professional 6.1.7601...... [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
D:\Program Files (x86)\DU Meter\DUMeterSvc.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.hyundaitechinfo.com/
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe,
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - D:\Program Files (x86)\LastPass\LPToolbar.dll
BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - D:\Program Files (x86)\LastPass\LPToolbar.dll
uRun: [DU Meter] D:\Program Files (x86)\DU Meter\DUMeter.exe
uRun: [KcastWin7] "C:\Program Files (x86)\Kitco\KcastWin7.exe"
uRun: [PeerBlock] D:\Program Files\PeerBlock\peerblock.exe
uRun: [EPSON1335E7 (Epson Stylus NX420)] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIGCA.EXE /FU "C:\Users\Niks\AppData\Local\Temp\E_S1955.tmp" /EF "HKCU"
uRun: [GUDelayStartup] "d:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
dRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~2.LNK - C:\Program Files (x86)\Common Files\lpuninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\lpuninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WEATHE~1.LNK - D:\WeatherLink\WeatherLink 6.0.3.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoWinKeys = dword:1
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - D:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: LastPass - C:\Users\Niks\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: LastPass Fill Forms - C:\Users\Niks\AppData\LocalLow\LastPass\context.html?cmd=fillforms
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - D:\Program Files (x86)\LastPass\LPToolbar.dll
TCP: NameServer = 68.22.214.155 68.22.214.156 192.168.1.1
TCP: Interfaces\{EC7280A1-141C-46B2-844E-01C1881D739E} : DHCPNameServer = 68.22.214.155 68.22.214.156 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - D:\Program Files (x86)\Intuit\QuickBooks 2012_3\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -
SSODL: WebCheck - <orphaned>
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - D:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - D:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - D:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - <orphaned>
x64-Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Niks\AppData\Roaming\Mozilla\Firefox\Profiles\q6lt28k7.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Ixquick
FF - prefs.js: browser.startup.homepage - hxxps://mail.google.com/mail/u/0/?shva=1#inbox|CoCoRaHS - Community Collaborative Rain, Hail & Snow Network
FF - prefs.js: keyword.URL -
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Users\Niks\AppData\Roaming\Mozilla\Firefox\Profiles\q6lt28k7.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
FF - plugin: D:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: D:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: D:\Program Files (x86)\LastPass\nplastpass.dll
FF - plugin: D:\Program Files (x86)\LastPass\nplastpass64.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.autoDisableScopes - 0
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-3-13 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-3-13 208416]
R0 GUBootStartup;GUBootStartup;C:\Windows\System32\drivers\GUBootStartup.sys [2014-6-1 20672]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2014-3-13 1039096]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2014-3-13 423240]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-4-20 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-3-13 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-3-14 85328]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-4-20 50344]
R2 DUMeterSvc;DU Meter Service;D:\Program Files (x86)\DU Meter\DUMeterSvc.exe [2014-2-28 1412488]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2014-4-29 166400]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2014-4-29 128512]
R2 QBVSS;QBIDPService;C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2011-12-6 1248256]
R3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver;D:\Program Files (x86)\DU Meter\DUMetr64.sys [2014-2-28 20112]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2014-3-15 169752]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-11-6 342528]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;C:\Windows\System32\drivers\silabenm.sys [2013-10-24 27336]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;C:\Windows\System32\drivers\silabser.sys [2013-10-24 73216]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2013-7-10 14464]
R3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-4-23 436056]
S3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2014-3-13 245760]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-1-22 108800]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-11 111616]
S3 pbfilter;pbfilter;D:\Program Files\PeerBlock\pbfilter.sys [2014-3-23 22600]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-3-21 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-1-22 206080]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-3-21 56832]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-3-14 1255736]
.
=============== Created Last 30 ================
.
2014-06-01 17:54:05 20672 ----a-w- C:\Windows\System32\drivers\GUBootStartup.sys
2014-06-01 17:42:02 -------- d-----w- C:\Users\Niks\AppData\Roaming\DiskDefrag
2014-06-01 17:39:25 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-06-01 17:39:10 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-06-01 17:39:10 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-06-01 17:39:10 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-06-01 12:28:43 -------- d-----w- C:\Program Files\CCleaner
2014-05-24 14:45:08 -------- d-----w- C:\Program Files (x86)\Auslogics
2014-05-24 14:44:48 -------- d-----w- C:\Users\Niks\AppData\Local\Programs
2014-05-22 10:10:09 -------- d-----w- C:\Users\Niks\AppData\Roaming\Local
2014-05-18 22:54:45 -------- d-----w- C:\ProgramData\Hagel Technologies
2014-05-18 16:44:52 -------- d-----w- C:\Users\Niks\AppData\Local\Macromedia
2014-05-18 13:52:05 -------- d-----w- C:\Program Files\V-bates
2014-05-18 13:51:14 -------- d-----w- C:\Users\Niks\AppData\Roaming\FlvtoConverter
2014-05-18 13:51:14 -------- d-----w- C:\Users\Niks\AppData\Local\FlvtoYoutubeDownloader
2014-05-18 13:45:48 -------- d-----w- C:\Program Files (x86)\Flvto Youtube Downloader
2014-05-15 12:54:32 59904 ----a-w- C:\Windows\SysWow64\roppdfm.dll
2014-05-15 03:46:12 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-15 03:46:12 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-14 18:46:43 477184 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-14 18:46:43 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-05-14 18:35:00 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-05-10 11:37:10 53248 ----a-r- C:\Users\Niks\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2014-05-07 21:39:02 24352 ----a-w- C:\Windows\System32\RegBootDefrag.exe
.
==================== Find3M ====================
.
2014-05-25 17:47:04 14936064 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-05-15 11:51:13 85328 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2014-05-15 11:51:13 1039096 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2014-05-14 14:13:23 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 14:13:23 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-04-20 12:35:57 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-04-20 12:35:57 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-04-20 12:35:57 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-04-20 12:35:57 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-04-20 12:35:57 208416 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-04-20 12:35:56 43152 ----a-w- C:\Windows\avastSS.scr
2014-04-15 07:34:10 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2014-04-15 01:13:43 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-04-09 09:25:36 279024 ----a-w- C:\Windows\SysWow64\IntelCpHeciSvc.exe
2014-04-09 09:25:36 172016 ----a-w- C:\Windows\System32\igfxtray.exe
2014-04-09 09:25:34 515568 ----a-w- C:\Windows\System32\igfxsrvc.exe
2014-04-09 09:25:34 442352 ----a-w- C:\Windows\System32\igfxpers.exe
2014-04-09 09:25:34 254960 ----a-w- C:\Windows\System32\igfxext.exe
2014-04-09 09:25:32 5904880 ----a-w- C:\Windows\System32\GfxUI.exe
2014-04-09 09:25:32 399856 ----a-w- C:\Windows\System32\hkcmd.ex
2014-04-09 09:25:32 185840 ----a-w- C:\Windows\System32\difx64.exe
2014-03-26 15:04:14 116224 ----a-w- C:\Windows\System32\igfxCoIn_v3517.dll
2014-03-20 13:43:44 12859392 ----a-w- C:\Windows\System32\igd10umd64.dll
2014-03-20 13:41:10 11176448 ----a-w- C:\Windows\SysWow64\igd10umd32.dll
2014-03-20 13:39:28 330752 ----a-w- C:\Windows\SysWow64\igfxdv32.dll
2014-03-20 13:39:26 25088 ----a-w- C:\Windows\SysWow64\igfxexps32.dll
2014-03-20 13:37:12 13031424 ----a-w- C:\Windows\System32\ig4icd64.dll
2014-03-20 13:37:04 10812928 ----a-w- C:\Windows\SysWow64\ig4icd32.dll
2014-03-19 20:27:44 76496 ----a-w- C:\Windows\System32\drivers\dc3d.sys
2014-03-14 19:08:25 68608 ----a-w- C:\Windows\System32\taskhost.exe
2014-03-14 19:05:51 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2014-03-14 19:05:51 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2014-03-14 00:02:19 724992 ----a-w- C:\Windows\iun6002.exe
2014-03-13 20:53:12 175616 ----a-w- C:\Windows\System32\msclmd.dll
2014-03-13 20:53:12 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2014-03-12 20:16:13 403256 ----a-w- C:\Windows\System32\PROUnstl.exe
2014-03-12 18:09:54 306408 ----a-w- C:\Windows\System32\Ncs2Setp.dll
2014-03-11 21:34:46 854744 ----a-w- C:\Windows\System32\ncs2dmix.dll
2014-03-11 21:34:44 724696 ----a-w- C:\Windows\System32\accesor.dll
2014-03-11 21:25:00 260312 ----a-w- C:\Windows\System32\ncs2instutility.dll
2014-03-11 21:21:54 3655384 ----a-w- C:\Windows\System32\ncscolib.dll
.
============= FINISH: 15:08:01.06 ===============
Attached Files
File Type: txt dds.txt (18.0 KB, 45 views)
File Type: txt gmer.txt (4.2 KB, 42 views)
Red Raspberry is offline  
Sponsored Links
Advertisement
 
Old 06-15-2014, 12:41 PM   #2
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

I see no sign of infection in your logs. We'll see what turns up.

Please attach the second DDS log, Attach.txt, to your next reply.

It should be on your desktop. If not...

Press the Windows "logo" key and "R" key then copy/paste the following into the Run box and click OK:

%temp%\attach.txt

A text file should open. Save it to your desktop then attach that file to your next reply.

------------------------------------------------------

Please download AdwCleaner from here and save it to your desktop.
  • Do NOT click the green 'Download' button(if visible).
  • Click the blue 'Download now @bleepingcomputer' button.
  • Run AdwCleaner and select Scan
  • Once the Scan is done, select Clean
  • Once done it will ask to reboot, please allow the reboot.
  • On reboot, a log will be produced. It can also be found at C:\AdwCleaner\AdwCleaner[S#].txt
  • Please copy/paste the contents of the log in your next reply.
------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 06-16-2014, 02:52 PM   #3
Registered Member
 
Join Date: Jan 2014
Posts: 67
OS: Win 7 Pro 64 bit



Here's the two txt files. I ran adwclearner again.

Keyboard is still messing up. A reboot usually fixes it though.
Attached Files
File Type: txt AdwCleaner[R0].txt (1.7 KB, 30 views)
File Type: txt AdwCleaner[R1].txt (960 Bytes, 39 views)
Red Raspberry is offline  
Sponsored Links
Advertisement
 
Old 06-16-2014, 06:13 PM   #4
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello Red Raspberry. It appears you still didn't attach the second DDS log, Attach.txt, to your last reply.

Please attach it to your next reply.

It should be on your desktop. If not...

Press the Windows "logo" key and "R" key then copy/paste the following into the Run box and click OK:

%temp%\attach.txt

A text file should open. Save it to your desktop then attach that file to your next reply.

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 06-17-2014, 10:09 AM   #5
Registered Member
 
Join Date: Jan 2014
Posts: 67
OS: Win 7 Pro 64 bit



Sorry here is it the file
Attached Files
File Type: zip Attach_txt.zip (4.0 KB, 33 views)
Red Raspberry is offline  
Old 06-17-2014, 03:24 PM   #6
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello again, Red Raspberry.

------------------------------------------------------

Please run this online scan to help look for remnants.

In Microsoft Windows Vista/Win7, you must open the Web browser via a right-click using the Run as Administrator command.

Go here and click 'ESET Online Scanner'.
  • If you are not using Internet Explorer, double-click esetsmartinstaller_enu.exe to install it, then click 'Run'.
  • Turn off the real-time scanner of any existing antivirus program while performing the online scan.
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • If using Internet Explorer, allow the ActiveX control to install when asked.
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Start
  • Wait for the scan to finish.
  • When the scan is done, if it shows a screen that says "Threats found!", click "List of found threats", and then click "Export to text file..."
  • Save that text file to your desktop, and then copy/paste the contents in your next reply.
------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 06-18-2014, 05:52 PM   #7
Registered Member
 
Join Date: Jan 2014
Posts: 67
OS: Win 7 Pro 64 bit



Good grief it found 114 files. Most are on archive drives. C and D are the only two drives normally used. Took most of the day to run. No keyboard all day either.
Attached Files
File Type: txt threats.txt (16.7 KB, 40 views)
Red Raspberry is offline  
Old 06-18-2014, 07:57 PM   #8
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



None of those finds would be causing your keyboard problem.

Most are flagged due to third-party toolbars. Up to you whether to delete those files or not.

I suggest you go back to your original thread and let them know you were cleared of malware.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
keyboard lights flickering, mouse stops working
Sorry for grammar,writing on on screen keyboard. For a few days now my keyboard will randomly stop working, and the key... lights would go crazy, blinking a 1000 times. After some time the mouse will also stop working,but so far its good since i unpluged the keyboard. Also whenever i move...
BAN_KAI Windows 7 , Windows Vista Support 8 02-26-2014 02:58 AM
Motherboard stops booting after 2-3 hrs of working
Hi I have a ssembbeld desktop computer with following config:- "i5-2400, 3.10 Ghz Intel DH67BL M/B 8GB RAM (4GB module of kingston -2nos) WD - 1TB HDD Cooler Master 460 W PS Logitech wireless KDB & Mouse Cooler master Cabinet Samsung 18.5" LED
suteekshna Motherboards, Bios & CPU 14 12-31-2012 07:51 AM
lenovo 3000 n100 bad xp install - keyboard not working, 9 device drivers missing
Hi. I was just given a Lenovo 3000 n100 (prod. i.d.# - 97684JU) laptop that had crashed. If I can fix it, it's mine. Yay! Problem: Keyboard does not work. It has a fresh install of XP with Service pack 2 - which I believe was taken off a disk labelled XP Pro Svc pk 2, w/sata drivers for...
fyrestarre Windows XP Support 2 10-19-2011 01:23 AM
Compaq Presario V4000 Keyboard not working
Hello, Our Compaq Presario v4000US is a decent computer we have had for a while. But all of a sudden the Keyboard stopped working. We don't know why or how. No water or liquid has come in contact with it. We replaced the Keyboard and still nothing working. If you press as many keys as you can...
redx350 Laptop Support 4 08-10-2011 01:57 PM
Keyboard Not Working When Booting Windows
Logitech K120 Keyboard Is Not Recognised Upon Windows XP Startup Recently my PS/2 keyboard had lost a couple of its pins rendering me without access to my computer as I require a keyboard to enter my account password. So I purchased a Logitech K120 keyboard to replace the broken one. However,...
Somebodyelse Other Hardware Support 1 04-05-2011 06:33 AM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 06:42 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2019, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts