Undetectable Virus that disables keyboard and file opening functions?

Page 1 of 2 12 LastLast

  1. Doag
    Posts : 5
    Windows 7 Home Premium 64bit, SP1
       New #1

    Undetectable Virus that disables keyboard and file opening functions?


    Nothing is found with updated Virus/Malware scans, keyboard stops working, programs and folders don't open directly.

    The symptoms my computer is displaying are:

    *--Keyboard stops working (Mouse still works fine)
    *--Folders and Program icons lead to their "Properties" window instead of normal opening function. They can be opened by right-clicking and "open".
    *--Things seem back to normal after restart, until they happen again..
    *--Updated Virus/Malware scans don't find anything.

    Months ago my Gmail account was hacked by someone in "Vietnam" and I was able to change all of my passwords and retreive exclusive access to my account. I think a popup or malware (I'm careful about what I install) began logging my keystrokes. Around the same time my other email account started getting warnings of suspicious activity.

    Nothing has ever been found by Malwarebytes, AVG, Avast, iObit etc. I've tried all of them with the updated definition files. The physical aspects of my keyboard chord are completely fine, it's not the connection..

    I have a feeling someone gained access to my keystrokes and maybe that malware/virus is jamming my keyboard??
      My Computer
    Quote Quote

  3. Doag
    Posts : 5
    Windows 7 Home Premium 64bit, SP1
    Thread Starter
       New #2

    update


    I saw another thread which talked about Rogue Killer, I ran that and it found 2 HJ DESK registry entries..

    "[HJ DESK] [PUM] HKLM\... NewStartPanel :..."

    I used the delete option.. I don't know if these were of any significance or not.. but it's more than other programs have found in a while.
      My Computer
    Quote Quote

  4. Jacee
    Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       New #3

    Download DDS from one of these links:
    DDS.com
    DDS.pif
    • Disable any script blocking protection
    • Double click the dds icon to run the tool.
    • When done, DDS will open two (2) logs:
      1. DDS.txt
      2. Attach.txt <--- will be minimized in the task tray
    • Save both reports to your desktop.

    Include the contents of both logs in your next post.
    The scan will instruct you to post Attach.txt as an attachment.
      My Computer
    Quote Quote

  6. Doag
    Posts : 5
    Windows 7 Home Premium 64bit, SP1
    Thread Starter
       New #4

    Jacee: thanks for taking the time!! I'm sending them both as attachments because the message length was too long.. Let me know if anything stands out as wrong
    Undetectable Virus that disables keyboard and file opening functions? Attached Files
      My Computer
    Quote Quote

  7. Jacee
    Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       New #5

    First, let's see how much 'adware' is on your machine.


    Please download AdwCleaner by Xplode and save to your Desktop.
    • Double click on AdwCleaner.exe to run the tool.
      Vista/Windows 7/8 users right-click and select Run As Administrator.
    • Click on the Scan button.
    • AdwCleaner will begin...be patient as the scan may take some time to complete.
    • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
    • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
      My Computer
    Quote Quote

  8. Doag
    Posts : 5
    Windows 7 Home Premium 64bit, SP1
    Thread Starter
       New #6

    Thanks

    # AdwCleaner v3.017 - Report created 22/01/2014 at 17:26:58
    # Updated 12/01/2014 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Doag - Doag-PC
    # Running from : C:\Users\Doag\Downloads\AdwCleaner.exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    File Found : C:\Users\Doag\AppData\Roaming\Mozilla\Firefox\Profiles\vyx2wwwg.default\user.js
    Folder Found C:\Program Files (x86)\Conduit
    Folder Found C:\ProgramData\Partner
    Folder Found C:\Users\Doag\AppData\Local\Conduit
    Folder Found C:\Users\Doag\AppData\LocalLow\Conduit

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\AppDataLow\Software\Conduit
    Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Key Found : HKCU\Software\AppDataLow\Software\SmartBar
    Key Found : HKCU\Software\AVG SafeGuard toolbar
    Key Found : [x64] HKCU\Software\AVG SafeGuard toolbar
    Key Found : HKLM\Software\AVG SafeGuard toolbar
    Key Found : HKLM\Software\AVG Security Toolbar
    Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
    Key Found : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
    Key Found : HKLM\Software\Conduit
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

    ***** [ Browsers ] *****

    -\\ Internet Explorer v10.0.9200.16750


    -\\ Mozilla Firefox v25.0.1 (en-US)

    [ File : C:\Users\Doag\AppData\Roaming\Mozilla\Firefox\Profiles\vyx2wwwg.default\prefs.js ]


    -\\ Google Chrome v32.0.1700.76

    [ File : C:\Users\Doag\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Found : homepage
    Found : homepage
    Found : homepage

    *************************

    AdwCleaner[R0].txt - [1971 octets] - [22/01/2014 17:26:58]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2031 octets] ##########
      My Computer
    Quote Quote

  10. ShamrockRig
    Posts : 1,413
    Windows 7 Home Premium 64Bit
       New #7

    I see a good few entries from "Conduit" which can hijack browser home pages and replace it with their own, it can also be a suspect of slowing down systems, id advise you run this also just to be on the safer side of things.

    Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
      My Computer
    Quote Quote

  11. Doag
    Posts : 5
    Windows 7 Home Premium 64bit, SP1
    Thread Starter
       New #8

    Thank you :)

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.1.0 (01.07.2014:1)
    OS: Windows 7 Home Premium x64
    Ran by Doag on Thu 01/23/2014 at 10:02:43.52
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mconduitinstaller_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mconduitinstaller_RASMANCS
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASMANCS
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D4962FE8-6F48-4537-A563-4501367BB623}



    ~~~ Files



    ~~~ Folders



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Thu 01/23/2014 at 10:35:31.69
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      My Computer
    Quote Quote

  12. ShamrockRig
    Posts : 1,413
    Windows 7 Home Premium 64Bit
       New #9

    Another good few registry entries from conduit, il post back later on with a few more programs, I'm on my iPhone at the minute so I can't, cheers
      My Computer
    Quote Quote

  13. Jacee
    Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       New #10

    finish cleaning up with AdwCleaner:


    Using AdwCleaner v3: Scan & Clean:
    Double click on AdwCleaner.exe to run the tool again.
    Click on the Scan button.
    AdwCleaner will begin to scan your computer like it did before.
    After the scan has finished...

    This time click on the Clean button.
    Press OK when asked to close all programs and follow the onscreen prompts.
    Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
    Copy and paste the contents of that logfile in your next reply.
    A copy of that logfile will also be saved in the C:\AdwCleaner folder


    Next, download TFC by Old Timer TFC - Temp File Cleaner by OldTimer - Geeks to Go Forums and save it to your desktop.
    Save any unsaved work. TFC will close ALL open programs including your browser!
    Double-click on TFC.exe to run it. If you are using Vista/Windows 7 right-click on the file and choose Run As Administrator.
    Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
    Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
      My Computer
    Quote Quote

 
Page 1 of 2 12 LastLast

  Related Discussions
Hi everyone, thought I would run this past you, hoping there is a simple explanation which will leave me feeling silly but enlightened. We have been given a fairly old Gateway laptop running XP. We get faulty machines on their feet again and pass them on to folk who need one - it is our hobby....
Hello Everyone o/ UPDATED SEE BELOW!!! I have had a 27" ASUS monitor and 2 tv's (32" and 55") hooked up to my pc. Today I replaced the 32" tv with another 27" ASUS monitor. After the installation, there were MANY problems with my PC. Please read details below. I did not get to do much...
I have Bitdefender Total Internet Security installed. I have run MSE scan, Microsoft malware scan and Malwarebytes scan and all come back clear. BUT, my Bitdefender on-demand scanner will not turn on and my live protection is disabled. Also, when I try a deep scan, it will not complete due to...
Hey people, I just bought this keyboard (Colours IT Multimedia Office Pro Wired Keyboard with Speakers & Mic Built In PS/2 - KB-8108 - Scan.co.uk) because it's a brilliant price and has many useful buttons as i'm starting to use skype more. The problem is that some of the skype keys do not...
No touchpad or keyboard functions
in Hardware & Devices

I HAVE HP PV6000 LAPTOP AN I'VE LOST THE KEYBOARD AND TOUCHPAD USE..... TRIED MOUSE ON USB BUT NO LUCK WITH THAT EITHER....... ALSO TRIED RECOVERY REPAIR WITH NO LUCK......... HELP!!!!!!!!!:cry:
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 16:40.
Find Us