utemia

Members
  • Content count

    14
  • Joined

  • Last visited

About utemia

  • Rank
    New Member
  • Birthday July 4

Contact Methods

  • ICQ
    0

Profile Information

  • Location
    Germany
  1. Yep, I had done it as instructed. The folder and that file was the only thing left, I dunno why it didn't completely uninstall like the rest. In any case, I've manually deleted it. Again, thank you for your patience and great help. I had been sort of desperate beceause everybody I asked just shrugged or said "get a computer tech to take a look". This forum is awesome and I will promote it to anyone I know. Regards, Ruth
  2. I've got one last question, in the folder C:/Combofix is an exe file called NirCmd left. Can I delete that?
  3. Thank you so much! It's a great relief. I'll save your suggestions to prevent another infections.
  4. Eset log: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AOL Downloads\SUD4131\setup.exe probably a variant of Win32/Agent.HZHBURL trojan cleaned by deleting - quarantined C:\System Volume Information\_restore{85C4417B-F93E-46AB-94AD-9B662956CEAD}\RP675\A0099646.exe probably a variant of Win32/Agent.HZHBURL trojan cleaned by deleting - quarantined
  5. Hello, here is the Mbam log. What sort of infection did I have? Can you also advise as to how to prevent the same thing from happening again? Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4410 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 09.08.2010 15:59:26 mbam-log-2010-08-09 (15-59-26).txt Art des Suchlaufs: Vollst
  6. And my hibernation works again as well.
  7. I ran combofix again. I didn't get any popups yet, but I haven't yet tried wether hibernation is working or not. You guys rule for helping out like this. ComboFix 10-08-08.02 - Ruth_2 09.08.2010 14:14:26.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.495.286 [GMT 2:00] ausgef
  8. Hello Elise! That is the complete log. I had run combofix in safemode as instructed; it rebooted into normal after it was finished and that was the only combofix.txt file that I found in the folder. I had reformatted my harddrive before installing Windows, but the OS that was installed on it beforehand was Suse Linux 10.0. I still have the Suse Linux installation package, it as with the computer when I bought it. I don't know what Grub is though.
  9. ComboFix 10-08-07.02 - Ruth_2 08.08.2010 21:11:49.1.1 - x86 MINIMAL Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.495.305 [GMT 2:00] ausgef
  10. So I tried to instally the MS recovery suite from my XP installation CD with the instructions from http://www.bleepingcomputer.com/tutorials/tutorial117.html but it didn't work. It didn't find the C /boot.ini or something like that. I bought this computer and it had Linux preinstalled. I installed XP on it later - and when I boot my computer it says cant find boot.ini after which it boots C:windows. The exact lettering my be off but that's the gist.
  11. I tried to run combofix again. But when it tries to install the MS recovery console I get the error message "Can't enumerate bootpartition". It prompts if it should scan anyway, I said yes - and then it started to scan but took ages to finish. I couldn't kill the process either so I forcibly cut the power to my computer after an hour and rebooted. Is there a way to instally the recovery suite in a different way? I also reinstalled the 32W driver. thank you so much for your help and patience!
  12. I don't know. I am fairly computer illiterate. Where would I check that? also, not sure if that matters, I reinstalled some drivers for my motherboard after my onboard soundcard had a hicup. I didn't think anything of it, but now that I checked it the file reads C-Media_XP64_XP_2K_ME_98(AC97Integrate003).
  13. Thank you! I tried to run combofix, but I had trouble disabling AntiVir. I opted for temporarily deleting it, but combofix is still detecting active real time Avira Antivir PersonalEdition classic. I also got an error message that it would only run for Windows32. Evidently I have 64. Should I run it anyways?
  14. Last time I tried this somehow my post was shredded and it has been 48hours since, so I'm gonna try my luck again! I have pretty much a similar problem than others here, I have google search directs, my hibernation doesn't work, and recently my svchost.exe process by user system is prone to go to 100% CPU and freeze my computer.