Totally Baffled

#1 AggonyGrudge


  Members
  • 2 posts
  Local time:06:06 AM

Posted 14 December 2010 - 02:00 AM

Hi, I have windows vista home basic. For some reason, the 6 key doesn't work. All the other keys on keyboard work fine. I checked numlock and still doesn't work. I cleaned the laptop keyboard and still doesnt work. Also, when i boot up my laptop, on the user account log on page, in the section where i enter my password, It always automatically fills till nothing else can be entered. I have to click in the box and highlight all the stuff that was automatically entered and use backspace repeatedly just so that i can enter my password so that i can log on to my account. Also, i can hear a beep sound as if i was holding down a key till it repeats and it makes that sound frequently but i'm not pressing a key. Avast claims that my system is secure. CC cleaner was performed. I dont know if this is a virus. I've already examined underneath the keyboard for crumbs or debris. Please help.

here is the log from dds.

DDS (Ver_10-12-12.02) - NTFSx86
Run by norma at 1:40:46.52 on Tue 12/14/2010
Internet Explorer: 8.0.6001.18975
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.984.235 [GMT -5:00]

AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\LENOVO\HOTKEY\FNF5SVC.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Lenovo\PMDriver\PMSveH.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
c:\Program Files\Lenovo\System Update\SUService.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Lenovo\PMDriver\PMHandler.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
C:\Program Files\CONEXANT\SmartAudio\SmAudio.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Lenovo\LenovoCare\LPMGR.EXE
C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\ThinkVantage\AMSG\Amsg.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Lenovo\Camera Center\bin\LenovoCameraCenter.exe
D:\my stuff\downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: 1 (0x1) - No File
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\4.0.0401.0\npwinext.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\4.0.0401.0\npwinext.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [PMHandler] c:\progra~1\lenovo\pmdriver\PMHandler.exe
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [TPFNF7] c:\program files\lenovo\npdirect\TPFNF7SP.exe /r
mRun: [TPWAUDAP] c:\program files\lenovo\hotkey\TpWAudAp.exe
mRun: [SmartAudio] c:\program files\conexant\smartaudio\SMAUDIO.EXE /c
mRun: [TVT Scheduler Proxy] c:\program files\common files\lenovo\scheduler\scheduler_proxy.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [LPManager] c:\progra~1\lenovo\lenovo~2\LPMGR.exe
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\10.0\sharedcom\RoxWatchTray10.exe"
mRun: [RoxioDragToDisc] "c:\program files\lenovo\drag-to-disc\DrgToDsc.exe"
mRun: [CameraApplicationLauncher] c:\program files\lenovo\camera center\bin\CameraApplicationLaunchpadLauncher.exe
mRun: [AMSG] c:\program files\thinkvantage\amsg\Amsg.exe /startup
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ACTray] c:\program files\thinkpad\connectutilities\ACTray.exe
mRun: [ACWlIcon] c:\program files\thinkpad\connectutilities\ACWlIcon.exe
mRun: [MSN Toolbar] "c:\program files\msn toolbar\platform\4.0.0401.0\mswinext.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Notify: igfxcui - igfxdev.dll

============= SERVICES / DRIVERS ===============

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-12-12 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-12-12 17744]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-12-12 50768]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2008-1-24 183808]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-2-10 112128]

=============== Created Last 30 ================

2010-12-14 06:31:05 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{4c8bcc47-35c0-4ce0-abf1-363c6359c429}\mpengine.dll
2010-12-14 06:01:27 -------- d-sh--w- C:\$RECYCLE.BIN
2010-12-14 05:50:49 -------- d-----w- c:\users\norma\appdata\local\temp
2010-12-14 05:42:00 98816 ----a-w- c:\windows\sed.exe
2010-12-14 05:42:00 89088 ----a-w- c:\windows\MBR.exe
2010-12-14 05:42:00 256512 ----a-w- c:\windows\PEV.exe
2010-12-14 05:42:00 161792 ----a-w- c:\windows\SWREG.exe
2010-12-14 05:40:44 318976 ----a-w- c:\windows\system32\CF22528.exe
2010-12-14 05:39:53 318976 ----a-w- c:\windows\system32\cmd.execf
2010-12-13 14:19:32 -------- d-----w- c:\program files\Windows Portable Devices
2010-12-13 14:06:12 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2010-12-13 14:06:11 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2010-12-13 14:06:10 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2010-12-13 14:04:43 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2010-12-13 14:03:41 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-12-13 14:03:40 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-12-13 14:03:40 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-12-13 13:59:59 252416 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2010-12-13 13:59:59 246272 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2010-12-13 13:59:59 241152 ----a-w- c:\windows\system32\winrscmd.dll
2010-12-13 13:59:59 214016 ----a-w- c:\windows\system32\WsmWmiPl.dll
2010-12-13 13:59:59 145408 ----a-w- c:\windows\system32\WsmAuto.dll
2010-12-13 13:59:58 1181696 ----a-w- c:\windows\system32\WsmSvc.dll
2010-12-13 13:58:02 -------- d-----w- c:\windows\system32\x64
2010-12-13 13:54:09 13312 ----a-w- c:\program files\internet explorer\iecompat.dll
2010-12-13 13:52:17 72704 ----a-w- c:\windows\system32\admparse.dll
2010-12-13 13:51:58 521216 ----a-w- c:\program files\internet explorer\jsdbgui.dll
2010-12-13 13:51:57 256000 ----a-w- c:\program files\internet explorer\ieinstal.exe
2010-12-13 13:51:57 115712 ----a-w- c:\program files\internet explorer\ielowutil.exe
2010-12-13 03:20:54 -------- d-----w- c:\windows\system32\eu-ES
2010-12-13 03:20:54 -------- d-----w- c:\windows\system32\ca-ES
2010-12-13 03:20:53 -------- d-----w- c:\windows\system32\vi-VN
2010-12-13 02:30:28 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-12-13 02:29:54 38848 ----a-w- c:\windows\avastSS.scr
2010-12-13 02:29:49 -------- d-----w- c:\progra~2\Alwil Software
2010-12-13 02:16:03 -------- d-----w- c:\users\norma\appdata\roaming\Malwarebytes
2010-12-13 02:15:23 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-13 02:15:22 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-13 02:15:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-13 02:15:22 -------- d-----w- c:\progra~2\Malwarebytes
2010-12-13 02:08:12 -------- d-----w- c:\program files\CCleaner

==================== Find3M ====================

2010-10-19 15:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-09-15 08:50:37 472808 ------w- c:\windows\system32\deployJava1.dll

============= FINISH: 1:42:25.37 ===============

Sincerely stressed.

#2 AggonyGrudge

  Topic Starter

  Members
  • 2 posts
  Local time:06:06 AM

Posted 14 December 2010 - 02:39 AM

Sorry, I forgot to include this log file.

I can't post the log file for gmer cus it is long. i will send as an attachment.

Attached Files

  • Attached File  ark.txt   219.46KB   2 downloads

#3 Shannon2012


  Security Colleague
  • 3,657 posts
  • Gender:Male
  • Location:North Carolina, USA
  Local time:07:06 AM

Posted 23 December 2010 - 09:09 AM

Message Removed

Edited by Shannon2012, 23 December 2010 - 09:45 AM.


#4 kahdah


  Security Colleague
  • 11,138 posts
  • Gender:Male
  • Location:Florida
  Local time:07:06 AM

Posted 23 December 2010 - 09:11 AM

Hello AggonyGrudge

Welcome to BleepingComputer :)
The issue with the keyboard is that it needs to be replaced.
If it is a laptop then you will have to physically replace the keyboard if desktop just swap it out for another one.
Then the symptoms will stop.

Also please tell me what is inside of this folder:
