PDA

View Full Version : Keyboard Quit Working, Asks to Choose Operating System at Startup



Morpheus1967
2013-09-07, 01:49
Toshiba Satellite laptop. Windows 7 Home edition. We don't use this computer a lot, because of tablets, ipad, etc. However, my wife tried to use it this morning with some really strange results. If she went to Google, it would start typing the letter "l" over and over in the search box. So when I checked it, I found that any time you needed to type, it would type l without any keyboard interaction. Open Word, and it would start typing L. Open Excel, and it would start typing L. Any browser, it would start typing L. Hit the start button on the computer, as if to do a search, it would start typing L. So I figured the L was stuck. Nope.

Here's where it gets tricky. I restarted computer, and it's asking me to pick an operating system. The only one on this computer is Windows 7. It's the only option I have. It then boots fine. This has NEVER happened before.

The only keys that work on the laptop keyboard are 4 and 6. This also stops the L from typing, and it does not start again. No other keys work on the laptop, but I am typing this from a USB keyboard and it's fine.

So I don't know if it's a malware issue, a hardware issue, or what. Just odd to me that the keyboard issue happened at exactly the samre time as the issue with the computer asking me to pick an operating system at reboot. As requested:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16660
Run by Bilotta at 18:27:27 on 2013-09-06
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3891.2025 [GMT -4:00]
.
AV: Kaspersky Internet Security *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky Internet Security *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
C:\windows\system32\igfxext.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft Device Center\itype.exe
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.6.22\ccSvcHst.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.6.22\ccSvcHst.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\Microsoft Device Center\ipoint.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k HPService
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\system32\svchost.exe -k SDRSVC
C:\windows\system32\taskeng.exe
C:\Users\Bilotta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bilotta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bilotta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bilotta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bilotta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uWindow Title = Internet Explorer, optimized for Bing and MSN
uDefault_Page_URL = hxxp://start.toshiba.com/
uProxyOverride = <local>;*.local
mWinlogon: Userinit = userinit.exe,
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Google Update] "C:\Users\Bilotta\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
mRun: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
mRun: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
mRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTOCA~1.LNK - C:\Program Files (x86)\Common Files\Autodesk Shared\acstart16.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{7E1C8EB4-C61C-4F7B-831A-37E8624D28D9} : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{A17E74A4-10FD-45E0-9E89-AFC98C46845B} : DHCPNameServer = 209.18.47.61 209.18.47.62
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
x64-Run: [SmartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe -expressboot
x64-Run: [IntelliType Pro] "c:\Program Files\Microsoft Device Center\itype.exe"
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft Device Center\ipoint.exe"
x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\windows\System32\drivers\klim6.sys [2012-8-2 28504]
R1 kltdi;kltdi;C:\windows\System32\drivers\kltdi.sys [2012-6-8 54368]
R1 kneps;kneps;C:\windows\System32\drivers\kneps.sys [2012-8-13 178448]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2012-8-17 356376]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-7-22 219480]
R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.6.22\ccSvcHst.exe [2011-2-15 126392]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-1-10 993848]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-1-10 399416]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-8-14 3291008]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-4-6 258928]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-2-15 2320920]
R3 HECIx64;Intel(R) Management Engine Interface;C:\windows\System32\drivers\HECIx64.sys [2011-2-15 56344]
R3 Impcd;Impcd;C:\windows\System32\drivers\Impcd.sys [2010-2-27 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-6-21 287232]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\windows\System32\drivers\klkbdflt.sys [2012-10-25 29016]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\windows\System32\drivers\klmouflt.sys [2012-10-25 29528]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2011-2-15 35008]
R3 PSI;PSI;C:\windows\System32\drivers\psi_mf.sys [2010-9-1 17976]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-2-15 325152]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2011-2-15 932384]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-2-15 54136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-3 162408]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2012-11-21 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-2-15 232992]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-11-21 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-3-8 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile="C:\windows\SysWOW64\notepad.exe" "%1"
ShellExec: pi11.exe: Open="C:\Program Files (x86)\Microsoft Digital Image 2006\pi.exe" "%1"
.
=============== Created Last 30 ================
.
2013-09-06 22:15:30 -------- d-----w- C:\ProgramData\Malwarebytes
2013-09-06 22:15:29 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2013-09-06 22:15:29 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-06 22:15:13 -------- d-----w- C:\Users\Bilotta\AppData\Local\Programs
2013-09-06 21:37:13 3968960 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2013-09-06 21:37:13 3913664 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2013-09-06 21:37:12 7680 ----a-w- C:\windows\SysWow64\instnm.exe
2013-09-06 21:37:12 5550528 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-09-06 21:37:12 5120 ----a-w- C:\windows\SysWow64\wow32.dll
2013-09-06 21:37:12 25600 ----a-w- C:\windows\SysWow64\setup16.exe
2013-09-06 21:37:12 243712 ----a-w- C:\windows\System32\wow64.dll
2013-09-06 21:37:12 2048 ----a-w- C:\windows\SysWow64\user.exe
2013-09-06 21:37:12 1732032 ----a-w- C:\windows\System32\ntdll.dll
2013-09-06 21:37:12 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
2013-09-06 21:37:12 1292192 ----a-w- C:\windows\SysWow64\ntdll.dll
2013-09-06 13:54:13 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B6593D82-0BCA-47A5-991C-BBC1EBE11A08}\mpengine.dll
2013-08-30 21:19:16 -------- d-----w- C:\windows\System32\MRT
2013-08-23 08:14:39 1472512 ----a-w- C:\windows\System32\crypt32.dll
2013-08-23 08:14:38 224256 ----a-w- C:\windows\System32\wintrust.dll
2013-08-23 08:14:38 184320 ----a-w- C:\windows\System32\cryptsvc.dll
2013-08-23 08:14:38 175104 ----a-w- C:\windows\SysWow64\wintrust.dll
2013-08-23 08:14:38 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll
2013-08-23 08:14:38 139776 ----a-w- C:\windows\System32\cryptnet.dll
2013-08-23 08:14:38 1166848 ----a-w- C:\windows\SysWow64\crypt32.dll
2013-08-23 08:14:37 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll
2013-08-23 08:13:49 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2013-08-23 08:13:49 2048 ----a-w- C:\windows\System32\tzres.dll
2013-08-23 08:13:22 1888768 ----a-w- C:\windows\System32\WMVDECOD.DLL
2013-08-23 08:13:22 1620992 ----a-w- C:\windows\SysWow64\WMVDECOD.DLL
2013-08-23 08:13:02 663552 ----a-w- C:\windows\SysWow64\rpcrt4.dll
2013-08-23 08:13:02 1217024 ----a-w- C:\windows\System32\rpcrt4.dll
2013-08-23 08:12:43 39936 ----a-w- C:\windows\System32\drivers\tssecsrv.sys
2013-08-23 08:12:15 1910208 ----a-w- C:\windows\System32\drivers\tcpip.sys
2013-08-12 20:38:40 -------- d-----w- C:\Users\Bilotta\AppData\Local\{75840386-63CF-4809-B502-AB43654DC5F8}
2013-08-10 16:47:23 -------- d-----w- C:\Users\Bilotta\AppData\Local\Garmin
.
==================== Find3M ====================
.
2013-07-26 05:13:37 2241024 ----a-w- C:\windows\System32\wininet.dll
2013-07-26 05:12:08 3958784 ----a-w- C:\windows\System32\jscript9.dll
2013-07-26 05:12:04 136704 ----a-w- C:\windows\System32\iesysprep.dll
2013-07-26 05:12:03 67072 ----a-w- C:\windows\System32\iesetup.dll
2013-07-26 03:35:08 2706432 ----a-w- C:\windows\System32\mshtml.tlb
2013-07-26 03:13:24 1767936 ----a-w- C:\windows\SysWow64\wininet.dll
2013-07-26 03:12:04 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-07-26 03:12:00 61440 ----a-w- C:\windows\SysWow64\iesetup.dll
2013-07-26 03:12:00 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll
2013-07-26 02:49:14 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-07-26 02:39:38 89600 ----a-w- C:\windows\System32\RegisterIEPKEYs.exe
2013-07-26 01:59:38 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe
2013-07-09 04:45:07 44032 ----a-w- C:\windows\apppatch\acwow64.dll
2013-06-25 16:36:28 54368 ----a-w- C:\windows\System32\drivers\kltdi.sys
.
============= FINISH: 18:28:03.57 ===============

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-09-06 18:30:42
-----------------------------
18:30:42.773 OS Version: Windows x64 6.1.7601 Service Pack 1
18:30:42.774 Number of processors: 4 586 0x2505
18:30:42.774 ComputerName: BILOTTA-PC UserName: Bilotta
18:30:44.986 Initialize success
18:31:04.781 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:31:04.785 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
18:31:04.898 Disk 0 MBR read successfully
18:31:04.903 Disk 0 MBR scan
18:31:04.909 Disk 0 Windows VISTA default MBR code
18:31:04.942 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
18:31:04.960 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 463564 MB offset 3074048
18:31:04.999 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 11875 MB offset 952453120
18:31:05.121 Disk 0 scanning C:\windows\system32\drivers
18:31:12.700 Service scanning
18:31:21.244 Service kl1 C:\windows\system32\DRIVERS\kl1.sys **LOCKED** 5
18:31:21.436 Service KLIM6 C:\windows\system32\DRIVERS\klim6.sys **LOCKED** 5
18:31:21.487 Service klkbdflt C:\windows\system32\DRIVERS\klkbdflt.sys **LOCKED** 5
18:31:21.548 Service klmouflt C:\windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5
18:31:21.591 Service kltdi C:\windows\system32\DRIVERS\kltdi.sys **LOCKED** 5
18:31:21.660 Service kneps C:\windows\system32\DRIVERS\kneps.sys **LOCKED** 5
18:31:34.599 Modules scanning
18:31:34.612 Disk 0 trace - called modules:
18:31:34.644 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
18:31:34.651 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004cb3060]
18:31:34.658 3 CLASSPNP.SYS[fffff880022a543f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80049b9050]
18:31:34.664 Scan finished successfully
18:31:54.085 Disk 0 MBR has been saved successfully to "C:\Users\Bilotta\Desktop\MBR.dat"
18:31:54.090 The log file has been saved successfully to "C:\Users\Bilotta\Desktop\aswMBR.txt"

Robybel
2013-09-17, 19:15
Hi Morpheus 1967

I read your problem, you say that you've connected a keyboard via USB and worked. This explains that the problem is related to a hardware failure.
it is possible that, in your keyboard has created a bit of moisture, which creates false contacts.


For your boot problem

1.Open System by clicking the Start button , clicking Control Panel, clicking System and Maintenance, and then clicking System.

2.Click Advanced System Settings. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

3.Click the Advanced tab, and then, under Startup and Recovery, click Settings.

Please, do you a screenshoot of this window and post to me in your next reply

Morpheus1967
2013-09-17, 19:43
Robybel-

Thanks for the reply. So nothing in my logs looked amiss?

The main reasons I wasn't sure if it was hardware related or not is because:

1.) I can get it to stop typing the L, but only by typing a 4 or 6 on the laptop keyboard. No other keys will stop it.
2.) Once I do get it to stop, it will not do it again if I am on the same page. For example, if I am working on a Word document, once I get it to stop, it will not start again in that document. But if I started a new document, or tried to type something in a browser address bar, it would start again.
3.) This started happening at the same exact time that it started asking me to choose an operating system at start up.

I am at work now, and will post the picture you requested this evening. Just wanted to give you a little more info, but didn't want to post anything else until I had a reply, per forum rules. Thanks again.

Morpheus1967
2013-09-17, 23:57
Robybel:

Here is the screenshot you asked for. There is nothing under the drop down menu that says Windows 7. That is my only choice.

Robybel
2013-09-18, 05:01
Morpheus

Try to replace your keyboard and let me know if this works well. Delete your current keyboard.

Morpheus1967
2013-09-18, 15:06
I will replace the keyboard. Any idea why it would all of a sudden start asking me what operating system I want to use at start up?

Robybel
2013-09-18, 22:37
Hi Morpheus

I think that your hard drive has a problem.

Run a Scandisk

1. Click on MY COMPUTER (or COMPUTER)
2. Right click on Drive and select PROPERTIES.
3.Select TOOLS tab.
4. Under "Error - Checking", click CHECK NOW button.
If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

To automatically repair problems with files and folders that the scan detects, select Automatically fix file system errors.

Otherwise, the disk check will simply report problems but not fix them.
To perform a thorough disk check, select Scan for and attempt recovery of bad sectors. This scan attempts to find and repair physical errors on the hard disk itself, and it can take much longer to complete.

5. Click Start. It will prompt you to Schedule the CHKDSK at restart.
6. Reboot.

Morpheus1967
2013-09-18, 23:52
Robybel-

Unfortunately I cannot even run the scandisk. I did everything you said, and rebooted. When I rebooted, it again asked which operating system I wanted to use. I picked Window 7, my only option. Then a screen appeared and it said:

Scandisk scheduled
Scandisk cancelled

It happened simultaneously, and then booted up normally without running scandisk.

If you think this is just a hardware issue, I truly do not want to waste any more of your time. Just very frustrating. Thanks.

Robybel
2013-09-19, 12:16
Hi morpheus

Ok try this

Go Start > Run ...in the box type in sfc /scannow …please take note of the space between the sfc and the /.

This is the System File Checker...it will scan all the Windows® core system files to ensure that they are in their respective correct places.


One important point: While sfc is running, it is not advisable to do any other work, or have any browsers/programs running on the computer, until the scan is complete. (This process will generally take around 45-65 minutes to complete).

When SFC is finished, try running chkdsk again.

Let me know if it work now

Morpheus1967
2013-09-19, 23:54
Ok, I did what you said. Quick question How do I know if sfc /scannow is working/running? All that happened was a MS-DOS window appeared for about half a second, then went away. That's it.

Robybel
2013-09-20, 08:39
Hi Morpheus


All that happened was a MS-DOS window appeared for about half a second, then went away. Has not worked



Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

Restart the computer.
As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
Use the arrow keys to select the Repair your computer menu item.
Select US as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
Insert the installation disc.
Restart your computer.
If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
Click Repair your computer.
Select US as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

Select Startup Repair
The tool will start to run.
If a startup problem is detected, Startup Repair will start automatically and try to fix the problem
Next try to run Scandisk again

Morpheus1967
2013-09-21, 00:17
Well, that didn't work either. Startup Repair found no issues. Tried to run scandisk again, and got the same result. Scandisk sheduled, scandisk cancelled. So not sure what, if any, steps are next.

As you don't see any malware on there, might a system restore be attempted? I definitely know a date when the computer was working just fine.

Thanks for your help and patience.

Morpheus1967
2013-09-21, 00:41
I found this article:


http://www.thewindowsclub.com/check-disk-will-not-run-at-startup

Mine is different than what this article says it should be?

Robybel
2013-09-22, 09:25
Hi Morpheus ;)

Try this


System Restore 7
Set a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, your tools can not access it to delete these bad files which sometimes can reinfect your system. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:

1. Create a new Restore Point

Click your Start button
Right click My Computer and click properties
Click on the System Protection
Check to make sure that you have System Protection turned on for the listed available disk, that you want to create a restore point for
Click on the Create button
Type in a description for the restore point
When the restore point has finished being created, click on the Close button


Clear the old System Restore points Click Start, type Cleanmgr.exe and press ENTER
Select the C:\ drive from the list and click OK
Click Disk Cleanup
Click Clean up System files
Click the More Options tab
Click Clean up under System Restore and Shadow Copies.
On the confirmation screen click Delete
click OK on the Disk Cleanup Screen
On this confirmation screen and click Delete Files.
This will remove all Restore Points except the most recent one.

Morpheus1967
2013-09-23, 15:55
Hi Morpheus ;)

Try this


System Restore 7
Set a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, your tools can not access it to delete these bad files which sometimes can reinfect your system.

I am not following you. Are you saying there was malware on my computer? I only ask because we have not run any tools to remove anything. Also, the issue with not being able to run scandisk. If I delete all my old restore points, won't that keep me from trying to restore to a time when there were no issues? Or from booting to my last known good configuration?

Thanks.

Robybel
2013-09-23, 16:31
Hi morpheus

I'm sorry, I was wrong to give you instructions about the system restore :red::red::red: I'm very sorry

OK



Navigate to the Start -> All Programs -> Accessories -> System Tools program group.

Click on the System Restore program icon.

Click Next > on the Restore system files and settings window.

Choose the restore point that you want to use.
Note: Check the Show more restore points checkbox to see more than the most recent restore points.
Note: Any restore points that you created, scheduled restore points that Windows 7 created, and those created automatically during the installation of certain programs will be listed here. You can not use System Restore to undo Windows 7 changes to a date that a restore point does not exist.

Click Next >.

Click Finish on the Confirm your restore point window to begin the System Restore.
Note: Windows 7 will shut down to complete the System Restore so be sure to save any work you might have open in other programs before continuing.
Important: System Restore will not revert any of your non-system files like documents, email, music, etc. to a previous state. These types files are completely unaffected by System Restore. If your intention with this tool was to recover a deleted non-system file, try using a file recovery program instead of System Restore.

Click Yes to the Once started, System Restore cannot be interrupted. Do you want to continue? dialog box.

System Restore will now restore Windows 7 to the state that was recorded in the restore point you chose in Step 4.
Note: The System Restore process could take several minutes as you see the "Please wait while your Windows files and settings are being restored" message. Your computer will then reboot as normal when complete.

Immediately after logging in to Windows 7 after the reboot, you should see a message thatSystem Restore completed successfully.

Click Close.

Check to see if whatever Windows 7 problem you were troubleshooting has been corrected by this System Restore.
If the problem still persists, you can repeat the steps above and choose another restore point if one is available.
If this restoration caused a problem, you can always undo this particular System Restore.

Morpheus1967
2013-09-24, 11:48
Well, finally some success. I chose a restore point where I knew my computer was behaving correctly. Upon re-starting from the system restore, it said Windows could not start, and it ran the Startup Repair tool on its own. After running for about 30 minutes, my computer started successfully.

I re-updated Adobe and re-installed some Windows updates. Re-booted. It did not ask me to choose an operating system. Strangely, however, all of my account settings are now gone, and it seems now that starting up the computer and shutting it down takes an inordinate amount of time. I used to have to pick an account to log in under, but it boots straight away without giving me that option. Strange.

Anyways, at this point it seems that a new keyboard and hard drive are in order, since you did not see anything malicious in my logs. As I will have to bring it to a professional for these repairs, I believe, unless you tell me otherwise, it is safe to close this thread.

Robybel, thanks for all your help. A truly amazing site and an even more amazing set of volunteers.

Robybel
2013-09-25, 22:04
Hi Morpheus ;)

We can eliminate a bit of rubbish, in order to reduce waiting times. But since you need to replace your HD, I think we can close the topic.

Robybel
2013-09-28, 18:44
Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.