Caps reversed

I think I have a virus or spyware but can't find any info on how to get rid of it. My caps lock will reverse at random times and stay that way until my computer is restarted. My mouse also highlights everything when I try to select an item. I have switched keyboards and the mouse but the problem still persists.  How do I get rid of this?
jcm26003Asked:
Who is Participating?
 
warturtleConnect With a Mentor Commented:
Hmm.. analysis is complete for ComboFix log. You had a rogue computer security program (its a malware actually that calls itself anti-spyware program) called WinAntiSpyware 2007. This was installed on your PC along with some other malware, which ComboFix got rid of. More information about this is here:

http://www.spywareremove.com/removeWinAntiSpyware2007.html


The only strange entry still left in the ComboFix log that is evident is: c:\windows\system32\yybeg.tmp

Can you upload it on www.virustotal.com for a virus check or scan the c:\windows\system32 folder with AVG to make sure that its not a malicious file? Make sure to update AVG to have the latest definitions.
0
 
BrianHeckCommented:
Could it be related to sticky-keys?  You could try disabling all the special functions for type-aiding.  Press the shift key 5 times in repetition and then click the Settings button.  Uncheck all the boxes and maybe drill down to make sure sub-level boxes are also cleared.
0
 
jcm26003Author Commented:
Already tried that. Nothing will disable the sticky-keys.
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
jcm26003Author Commented:
Here is a link to someone else's description of the same problem. It's identical to what's happening on mine.

http://forums.techguy.org/general-security/793177-reverse-caps-lock-clicking-links.html
0
 
warturtleCommented:
Could you please tell us what antivirus and antispyware solutions do you use on your PC? Do you use Spybot with TeaTimer enabled??
0
 
warturtleCommented:
Also, do you have any Windows Customization software installed?? with addins for MS Office?
0
 
jcm26003Author Commented:
No customized software or addins.  I use AVG anti-virus and Spyware Terminator.
0
 
warturtleCommented:
Can you scan with SuperAntiSpyware (www.superantispyware.com) and let us know what you find on your PC?

0
 
jcm26003Author Commented:
Scanning now. I'll let you know.
0
 
skywalker39Commented:
What happens if you go into Safe Mode? Same results?
0
 
jcm26003Author Commented:
I quarantined/removed 247 threats using "superantispyware." For the time being everything is working fine. I don't know though if it's because of the reboot or if I actually got rid of it. I'll keep you posted.  If it happens again I'll start up in safe mode and see if it has the same problem.
0
 
warturtleCommented:
Thats good! Keep us posted.
0
 
jcm26003Author Commented:
I AM NOW BACK TO ALL CAPS> I WAS ON MY COMPUTER ALL DAY> IT TOOK ABOUT SIX OR SEVEN HOURS AND NOW IT"S BACK AT IT> GRRRR>  NOW WHAT?
0
 
warturtleCommented:
I see.... I suggest that you download ComboFix from: http://www.bleepingcomputer.com/combofix/how-to-use-combofix and save it with a different name like jabba.exe, then disable your existing antivirus and anti-spyware programs and run it. After ComboFix creates a log, then send us that log, reenable your antivirus and anti-spyware protection and run a full SuperAntiSpyware scan again.
0
 
jcm26003Author Commented:
Here's the ComboFix log.

ComboFix 09-05-20.A1 - John ****** 05/21/2009 15:04.1 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.511.266 [GMT -4:00]
Running from: c:\documents and settings\John ******\Desktop\jabba.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\check_LSA7.txt
c:\docume~1\JOHN**~1\LOCALS~1\Temp\tmp1.tmp
c:\docume~1\JOHN**~1\LOCALS~1\Temp\tmp2.tmp
c:\documents and settings\All Users\Application Data\SalesMonitor
c:\documents and settings\All Users\Application Data\WinAntiSpyware 2007
c:\documents and settings\All Users\Application Data\WinAntiSpyware 2007\Data\Abbr
c:\documents and settings\All Users\Application Data\WinAntiSpyware 2007\Data\ProductCode
c:\program files\Insider
c:\program files\Words
c:\program files\Words\list.txt
c:\program files\Words\script.txt
c:\temp\fse
c:\temp\sanR24
c:\windows\cookies.ini
c:\windows\IE4 Error Log.txt
c:\windows\system32\axyxtnlk.ini
c:\windows\system32\bqphgbwi.ini
c:\windows\system32\cccdd.ini
c:\windows\system32\cccdd.ini2
c:\windows\system32\dccdd.bak1
c:\windows\system32\dccdd.bak2
c:\windows\system32\dccdd.ini
c:\windows\system32\dccdd.ini2
c:\windows\system32\dccdd.tmp
c:\windows\system32\ddeeg.bak1
c:\windows\system32\ddeeg.bak2
c:\windows\system32\ddeeg.ini
c:\windows\system32\dgyhxdex.ini
c:\windows\system32\f10WtR
c:\windows\system32\guehfdfw.ini
c:\windows\system32\iDlo01
c:\windows\system32\idqdqwcw.ini
c:\windows\system32\mcrh.tmp
c:\windows\system32\pac.txt
c:\windows\system32\qxkxgdfs.ini
c:\windows\system32\tmp.reg
c:\windows\system32\tstwa.bak2
c:\windows\system32\tstwa.ini2
c:\windows\system32\tstwa.tmp
c:\windows\system32\uepunsbr.ini
c:\windows\system32\Ultra.dll
c:\windows\system32\vtddpqqg.ini
c:\windows\system32\vvvwa.ini
c:\windows\system32\wknngotu.ini
c:\windows\system32\xskhafwd.ini

.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_DOMAINSERVICE
-------\Legacy_FOPN


(((((((((((((((((((((((((   Files Created from 2009-04-21 to 2009-05-21  )))))))))))))))))))))))))))))))
.

2009-05-19 18:36 . 2009-05-19 18:36      --------      d-----w      c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-05-19 18:34 . 2009-05-19 18:35      --------      d-----w      c:\program files\SUPERAntiSpyware
2009-05-19 18:34 . 2009-05-19 18:34      --------      d-----w      c:\documents and settings\John ******\Application Data\SUPERAntiSpyware.com
2009-05-19 18:34 . 2009-05-19 18:34      --------      d-----w      c:\program files\Common Files\Wise Installation Wizard
2009-05-14 13:30 . 2009-05-14 13:31      --------      d-----w      c:\program files\WinClamAVShield
2009-05-14 12:33 . 2009-05-14 12:33      --------      d-----w      c:\program files\Crawler
2009-05-13 15:32 . 2009-05-13 15:32      --------      d-----w      c:\documents and settings\NetworkService\Local Settings\Application Data\Softonic_English
2009-05-12 20:08 . 2009-05-20 19:10      --------      d-----w      c:\documents and settings\John ******\.gimp-2.6
2009-05-12 20:06 . 2009-05-12 20:08      --------      d-----w      c:\documents and settings\John ******\.gegl-0.0
2009-05-12 20:06 . 2009-05-12 20:06      --------      d-----w      c:\documents and settings\John ******\Local Settings\Application Data\Conduit
2009-05-12 20:06 . 2009-05-12 20:06      --------      d-----w      c:\program files\Conduit
2009-05-12 20:06 . 2009-05-12 20:08      --------      d-----w      c:\documents and settings\John ******\Local Settings\Application Data\Softonic_English
2009-05-12 20:06 . 2009-05-12 20:06      --------      d-----w      c:\program files\Softonic_English
2009-05-12 20:01 . 2009-05-12 20:02      --------      d-----w      c:\program files\GIMP-2.0
2009-04-28 16:05 . 2009-04-28 16:05      286720      ----a-w      c:\windows\system32\swb_uninst.exe
2009-04-28 16:05 . 2009-04-28 16:05      --------      d-----w      c:\program files\Instant Pre-Marital Inventory
2009-04-28 14:35 . 2009-04-28 19:43      --------      d-----w      c:\documents and settings\All Users\Application Data\Yahoo! Companion

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-21 18:47 . 2005-08-07 04:01      --------      d--h--w      c:\program files\InstallShield Installation Information
2009-05-21 13:45 . 2007-11-07 19:04      --------      d-----w      c:\program files\Spyware Terminator
2009-05-19 17:07 . 2009-03-26 13:46      11952      ----a-w      c:\windows\system32\avgrsstx.dll
2009-05-19 17:07 . 2009-03-26 13:46      325896      ----a-w      c:\windows\system32\drivers\avgldx86.sys
2009-05-19 17:05 . 2009-03-26 13:46      108552      ----a-w      c:\windows\system32\drivers\avgtdix.sys
2009-05-14 12:24 . 2005-08-07 03:59      --------      d-----w      c:\program files\Java
2009-05-14 12:17 . 2006-11-03 22:48      --------      d-----w      c:\program files\PCBugDoctor
2009-05-06 18:43 . 2005-08-30 18:15      114176      ----a-w      c:\documents and settings\John ******\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-28 14:35 . 2005-08-17 16:43      --------      d-----w      c:\program files\Yahoo!
2009-04-02 15:10 . 2006-06-18 19:21      --------      d-----w      c:\program files\iTunes
2009-04-02 15:10 . 2005-09-21 15:26      --------      d-----w      c:\program files\Google
2009-04-02 14:04 . 2009-04-02 14:04      --------      d-----w      c:\program files\iPod
2009-04-02 13:48 . 2005-08-07 04:12      --------      d-----w      c:\program files\QuickTime
2009-04-02 13:40 . 2009-04-02 13:39      --------      d-----w      c:\program files\Apple Software Update
2009-04-02 13:38 . 2009-04-02 13:38      --------      d-----w      c:\program files\Common Files\Apple
2009-03-26 13:45 . 2009-03-26 13:45      --------      d-----w      c:\program files\AVG
2009-03-09 09:19 . 2008-12-10 20:46      410984      ----a-w      c:\windows\system32\deploytk.dll
2009-03-06 14:22 . 2004-08-10 17:51      284160      ----a-w      c:\windows\system32\pdh.dll
2009-03-03 00:18 . 2004-08-10 17:51      826368      ----a-w      c:\windows\system32\wininet.dll
2007-11-14 21:29 . 2007-11-14 21:28      6872      --sha-w      c:\windows\system32\yybeg.tmp
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{930f1200-f5f1-4870-bac6-e233ec8e7023}]
2009-03-10 15:47      2079256      ----a-w      c:\program files\Softonic_English\tbSoft.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-25 68856]
"Search Protection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-05-14 1830128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Motive SmartBridge"="c:\progra~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe" [2003-12-10 380928]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2005-09-21 180269]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-19 1947928]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-03-13 342312]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2007-11-07 2834432]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2007-08-14 5562368]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 16:05      356352      ----a-w      c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-05-19 17:07      11952      ----a-w      c:\windows\system32\avgrsstx.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Verizon Online Help & Support.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Verizon Support Service.lnk]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IS CfgWiz
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\1141843405\\ee\\aolsoftware.exe"=
"c:\\Program Files\\Common Files\\AOL\\1141843405\\ee\\aim6.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [3/26/2009 09:46 AM 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [3/26/2009 09:46 AM 108552]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [5/14/2009 02:22 PM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/14/2009 02:22 PM 72944]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [9/14/2007 09:40 PM 138752]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [3/26/2009 09:45 AM 298776]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [5/2/2007 04:12 PM 24652]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [5/14/2009 02:22 PM 7408]
S3 VQ630;VQ630 Dual Mode Digital Camera;c:\windows\system32\drivers\vqppcam.sys [7/15/2002 10:20 AM 468384]
S3 VQ630BLK;VQ630 Dual Mode Digital Camera(Bulk);c:\windows\system32\drivers\vqbulk.sys [11/29/2001 08:11 AM 28536]
S4 WinDefend;Windows Defender Service;c:\program files\Windows Defender\MsMpEng.exe [4/3/2006 06:12 PM 14032]
.
Contents of the 'Scheduled Tasks' folder

2009-05-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2009-05-21 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-26 13:45]

2009-05-20 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-04-03 22:12]
.
- - - - ORPHANS REMOVED - - - -

BHO-{53b2c80b-1f9b-4348-81ce-ff6cf5f2ace1} - (no file)
BHO-{59AA5B93-4140-4081-B1EC-8B0E58EA90AC} - (no file)
BHO-{6C1C4556-E2C4-4F2D-9979-F8118AA09375} - (no file)
BHO-{7FE56D3C-1F30-4978-996F-0A6E81648996} - (no file)
BHO-{ADCF7E27-F13D-45FA-B867-E0609B51EC58} - (no file)
BHO-{C28A3379-3901-4DA0-8406-4FF9B9F57F75} - (no file)
HKCU-Run-Aim6 - (no file)
HKLM-Run-RegistryMechanic - (no file)
Notify-ddccyww - ddccyww.dll
Notify-xxyvsts - xxyvsts.dll


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.christ4today.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: &AOL Toolbar Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {051D0E35-F4E3-4C8D-B411-AB0875F4C683} - hxxp://install.anark.com/client/version4/windows-ie/en/AMClient.cab
DPF: {52A5CD24-64C6-4BAF-A4EC-4D13F451763F} - hxxps://www.cuworld.com/PIC/inner_pic/packages/CUworld.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-21 15:12
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ...

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(676)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2468)
c:\progra~1\VERIZO~1\HELPSU~1\SMARTB~1\SBHook.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\Dell\NicConfigSvc\NicConfigSvc.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe
c:\windows\system32\wscntfy.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2009-05-21 15:20 - machine was rebooted
ComboFix-quarantined-files.txt  2009-05-21 19:20

Pre-Run: 854,228,992 bytes free
Post-Run: 1,967,407,104 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

263      --- E O F ---      2009-05-13 07:22
0
 
warturtleCommented:
Thanks for sending the log. Its best to do a SuperAntiSpyware scan now, I will analyse the ComboFix log in the meanwhile.
0
 
jcm26003Author Commented:
This seemed to do the trick. I left my computer running for several days while out of town.  So far so good.  I'll be back if there is any more trouble.
0
 
jcm26003Author Commented:
Oh. And thank you!
0
 
warturtleCommented:
Thanks for the feedback, glad I could be of help :).

You can uninstall ComboFix as follows >

Start > Run > then type "ComboFix /u" (with no quotes, and space between x and / )
Then hit enter.  This will uninstall ComboFix, reset your clock settings, re-hide system hidden files, re-hide the file extensions and reset System Restore.

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.