Jump to content

loransue

Honorary Members
  • Posts

    39
  • Joined

  • Last visited

Everything posted by loransue

  1. i read it easily enough but then.. i can read my own handwriteing tooo lol
  2. i want to thank gringo for all help and patience while he walked me through this nasty stuff he knows what im refering too i got extremely lucky when i found this site. and i will be looking at this daily all kinds of good info even a amature can appreiate. anyway thanks thank you tytyty.
  3. ok my friend its all good here i did what you suggested and it seems to be good i want to thank you for your time and patience...
  4. I downloaded the chrome and all is well. the whole page looks different now before i coundnt see why anyone would use it but after reinstalling the coloors came back ect. it looked like a skeleton of the google chrome site pretty strange. everything seems to be going great startup is good not choppy like before . its almost like new (i did say almost)i dont know what else. unless you can think of something else i should do. thank you and i really learned alot. oh the anti virus thing is all i need to uninstall the avg right and do that right before i down load the malware?
  5. i dont think we have a crome acc.. hubby says no he dont and i dont remember if ever but i kniow we have no bookmarks or anyyhing.shall i do it the same way cause theres nothing on crome that i need or want so let me know and im on it... ty
  6. hi gringo i ran the tweaker bundle mirosoft reair? it still didnt get the installer in but however im not worried for that right now. i was just reading some of the suggested safety articles you had said to read very informing ty. then just surfing around useing it so to let you know how its doing as requested. all seemed good but the longer on here i started noticeing the pause it seemed go thru before we started this i define it like its thinking before it brings any thing up. so when i signed off i noticed that we have two chromme icons where if any we should only be one. i know we do ar have used google earth and that icons been on here forever. the problem is that i clicked on to the chrome and when it came up in the search i guess it says delta 100000000 something and it wont go away... so i googled it and it came up delta searh virus i dont know what the heck been done on here to bring something else????? sorry i hope weve cleared that off too after all of that could it be still there from before or have i done something ?
  7. hi gringo, just fyi i removed the combo fixer ? also ran the oldtimer program and as far as i can tell they are all gone. vanished just as you said . do i need to keep and of the reports that i sent you.. i have quite a few well you know. they are pretty much gibberish to me. altho i know what they are and not likely to forget anytime soon. still gibberish... my windows installer/unistaller? seems to have vanished also im not sure when that happened i am only concerned because the backup and restore hasnt been able to do its thing for some time also my windows updates have been unable to be installed.??? ichecked with microsofts support and found others with the same thing but these where forums 2011 no answers then and i am hoping you may be able to send me in the right direction? the Message was
  8. i am so glad you are still with me here.. i will take care of the tools. i truely think that is a great idea as i dont need someone thinking they may be helping me out and even know that these tools you are tuff and they worked on the here and now.. tomarrow whole nother enchilada. so i will have that back to you moring time. i have some questions cant seem to think of them now but will get them together by tomarroow. i think im going to have withdrawals? ty tyt ty Yes I am Going to buy the malware bytes protection ialso tomarrow so i will be asking how i get this faker avg off of here!!!! grins
  9. it is clean for sure as i ran it again just in case i could send you the report if you neeeded it. all seems well except i have no java or at least i cant find it. also the updatyes windows printer ect my husbands games cant find it i get this error message that the windows installer ? is messed up or not installed properly. do you know what i should do? of course you know .. but after all of the removal stuff seems a trivial question ..
  10. did i just read that right this time that if there were none to tell you that did you need me to send a copy if its clean i am doing it anyway god im so duh sometimes
  11. you know it didnt huh? grins im doing it again...ty again for your patience not to mention your know how i am grateful....
  12. dang dude i hate this i have run this dang eset scan 4 times im ashamed to say it. i cant seem to figure out how tooget this to text and onto desktop. i know im loseing its got to be that easy but dang if i can do it right now.. just wanted you to know.
  13. <meta http-equiv="refresh" content="5; url=http://downloads.sourceforge.net/project/hjt/2.0.4/HijackThis.exe?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fhjt%2F%3Fsource%3Ddlp&ts=1363467729&use_mirror=hivelocity"> Download HiJackThis from SourceForge.net /*global unescape, window, console, jQuery, $, net, SF, COMSCORE, DD_belatedPNG */ // Setup our namespace if (!window.SF) { window.SF = {}; } if (!window.net) { window.net = {}; } if (!window.net.sf) { window.net.sf = {}; } SF.cdn = 'http://a.fsdn.com/con'; SF.deploy_time = '1363217993'; SF.adblock = true; var immersion_adcode = ""; var _gaq = _gaq || []; _gaq.push(['1._setAccount', 'UA-32013-6']); _gaq.push(['2._setAccount', 'UA-36130941-1']); _gaq.push(['_setAccount', 'UA-36130941-1']); _gaq.push(['1._trackPageview']); _gaq.push(['2._trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' === document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); if ('p77_immersion'.indexOf('immersion') > 0) { document.write('<div id="p77_immersion" class="ad immersion"><script type="text/javascript" src="http://ad.doubleclick.net/adj/ostg.sourceforge/sf_bookend_right;pg=/project/downloading.php;psrch=0;logged_in=0;tile=3;sz=150x1060;u=e%3Ac41be5dc-8e7c-11e2-9ce0-0200ac1d1d8c;ord=321168813646615?"></'+'script></div>'); } else if (!immersion_adcode) { document.write('<iframe id="bookend_right" height="0" class="ad " src="/static/ads/iframe_ad.html?position=bookend_right&ad=http%3A%2F%2Fad.doubleclick.net%2Fadj%2Fostg.sourceforge%2Fsf_bookend_right%3Bpg%3D%2Fproject%2Fdownloading.php%3Bpsrch%3D0%3Blogged_in%3D0%3Btile%3D3%3Bsz%3D150x1060%3Bu%3De%253Ac41be5dc-8e7c-11e2-9ce0-0200ac1d1d8c%3Bord%3D321168813646615%3F&class="e seamless frameborder="0" scrolling="no"></iframe>'); } if ('p83_medrec'.indexOf('immersion') > 0) { document.write('<div id="p83_medrec" class="ad medrec"><script type="text/javascript" src="http://ad.doubleclick.net/adj/ostg.sourceforge/cons_pg_dwnld_none_p86_featureddl;pg=/project/downloading.php;psrch=0;logged_in=0;tpc=hjt;tile=6;sz=300x150,300x250;u=e%3Ac41be5dc-8e7c-11e2-9ce0-0200ac1d1d8c;ord=321168813646615?"></'+'script></div>');o } else if (!immersion_adcode) { document.write('<iframe id="p86_featureddl" height="250" class="ad medrec" src="/static/ads/iframe_ad.html?position=p86_featureddl&ad=http%3A%2F%2Fad.doubleclick.net%2Fadj%2Fostg.sourceforge%2Fcons_pg_dwnld_none_p86_featureddl%3Bpg%3D%2Fproject%2Fdownloading.php%3Bpsrch%3D0%3Blogged_in%3D0%3Btpc%3Dhjt%3Btile%3D6%3Bsz%3D300x150%2C300x250%3Bu%3De%253Ac41be5dc-8e7c-11e2-9ce0-0200ac1d1d8c%3Bord%3D321168813646615%3F&class=medrec"d seamless frameborder="0" scrolling="no"></iframe>'); }<p><em>if ('p71_text'.indexOf('immersion') > 0) { document.write('<div id="p71_text" class="ad text"><script type="text/javascript" src="
  14. ]i am confused i know i do it to myself as you make it easy to follow should i start at beginning 1. unistall programs [revo uninstaller] 2.update adobe reader 3.clear temporeary files 4. run scan with malware [mbam] 5 hijack this. and send copies of the last twos results... so what do i do now .. sorry did i say you great hero?
  15. these are copys of last two i see the difference but please dont ask where or how this i would not of known the difference i am still trying to get highjack this onto to desktop so i can run this as as administrater ...
  16. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 2:39:50 PM, on 3/16/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16470) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\AVG\AVG2013\avgui.exe C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\SWE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2IZFFOAO\HijackThis.exe C:\Users\SWE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KNWNL6I9\HijackThis (1).exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Jewelry%20Secret%20-%20Mystery%20Stones/Images/stg_drm.ocx O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://mail111a.urscorp.com/iNotes6W.cab O16 - DPF: {7758D9E1-B6E9-451A-A1DE-621F81940FB9} (Pspwctl Control) - https://thesourse.urscorp.com/domcfg.nsf/pspwctl.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- End of file - 6050 bytes
  17. Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Database version: v2013.03.14.04 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 SWE :: SWE-PC [administrator] 3/16/2013 2:07:59 PM mbam-log-2013-03-16 (14-07-59).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 245317 Time elapsed: 7 minute(s), 22 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  18. i thought it was what you asked for i have no clue i may have screwed up its sooooo possible but i thought it was what you asked for . should I follow the last set of instuctions and try again??? sorry man i do really really appreciate you. also every thing seemed on the right track 2 days ago since its slow starting very slow.. shut itself down and would not restart until it was ready [i swear] and i thought it was the battery as it happened before but i know for fact now it wasnt. its weired like its thinking before it goes to a site. im weird i know. let me know
  19. L À Fß þÎ]™[þÆ +%kþÆ qj¢cþÆ N ) PàOÐ ê:i¢Ø +00 /D:\ N 1 b5ˆf Windows 8 ï¾b5RZb5ˆf& {& W i n d o w s R 1 b5µf System32 : ï¾b5SZb5µf& ±' S y s t e m 3 2 Z 2 N b5°M notepad.exe @ ï¾b5 Fb5ÝT& CW n o t e p a d . e x e T 3 S ”×€ TestOS D:\Windows\System32\notepad.exe ) @ % S y s t e m R o o t % \ s y s t e m 3 2 \ S h e l l 3 2 . d l l , - 2 2 5 6 3 7 . . \ . . \ . . \ . . \ . . \ . . \ . . \ . . \ . . \ W i n d o w s \ S y s t e m 3 2 \ n o t e p a d . e x e % H O M E D R I V E % % H O M E P A T H % ! % S y s t e m R o o t % \ s y s t e m 3 2 \ n o t e p a d . e x e %SystemRoot%\system32\notepad.exe % S y s t e m R o o t % \ s y s t e m 3 2 \ n o t e p a d . e x e % Í wNÁç]N·D.±®Q˜·Í ` X lh-orda1q92i4v4 ¾5‰Ÿ¸D›þ´'-<Ì ˜S:pjÛˆ| "¾5‰Ÿ¸D›þ´'-<Ì ˜S:pjÛˆ| " all going alot smoother runs faster clearer unistaller didnt find the java but seems like nothing is wrong or ever was...?????
  20. L À Fß þÎ]™[þÆ +%kþÆ qj¢cþÆ N ) PàOÐ ê:i¢Ø +00 /D:\ N 1 b5ˆf Windows 8 ï¾b5RZb5ˆf& {& W i n d o w s R 1 b5µf System32 : ï¾b5SZb5µf& ±' S y s t e m 3 2 Z 2 N b5°M notepad.exe @ ï¾b5 Fb5ÝT& CW n o t e p a d . e x e T 3 S ”×€ TestOS D:\Windows\System32\notepad.exe ) @ % S y s t e m R o o t % \ s y s t e m 3 2 \ S h e l l 3 2 . d l l , - 2 2 5 6 3 7 . . \ . . \ . . \ . . \ . . \ . . \ . . \ . . \ . . \ W i n d o w s \ S y s t e m 3 2 \ n o t e p a d . e x e % H O M E D R I V E % % H O M E P A T H % ! % S y s t e m R o o t % \ s y s t e m 3 2 \ n o t e p a d . e x e %SystemRoot%\system32\notepad.exe % S y s t e m R o o t % \ s y s t e m 3 2 \ n o t e p a d . e x e % Í wNÁç]N·D.±®Q˜·Í ` X lh-orda1q92i4v4 ¾5‰Ÿ¸D›þ´'-<Ì ˜S:pjÛˆ| "¾5‰Ÿ¸D›þ´'-<Ì ˜S:pjÛˆ| "
  21. first chance ive had to be on here other than am i dont leave this site any more and try keeping all off computer i am takeing no chances unless you tell me specificially. so as far as it goes sharp screen fast coming on and thats after i ran the last instructions and i did get error illegal operation register key to be deleted thing fyi
  22. is this even what you wanted if i need to resend let me know im on it ty ty ty
  23. i hope this got ran and its right, my computer i have forgotten how clear the screen should be it stared up so fast today bam bam on..it startled me no joke either really cooL À Fß þÎ]™[þÆ +%kþÆ qj¢cþÆ N ) PàOÐ ê:i¢Ø +00 /D:\ N 1 b5ˆf Windows 8 ï¾b5RZb5ˆf& {& W i n d o w s R 1 b5µf System32 : ï¾b5SZb5µf& ±' S y s t e m 3 2 Z 2 N b5°M notepad.exe @ ï¾b5 Fb5ÝT& CW n o t e p a d . e x e T 3 S ”×€ TestOS D:\Windows\System32\notepad.exe ) @ % S y s t e m R o o t % \ s y s t e m 3 2 \ S h e l l 3 2 . d l l , - 2 2 5 6 3 7 . . \ . . \ . . \ . . \ . . \ . . \ . . \ . . \ . . \ W i n d o w s \ S y s t e m 3 2 \ n o t e p a d . e x e % H O M E D R I V E % % H O M E P A T H % ! % S y s t e m R o o t % \ s y s t e m 3 2 \ n o t e p a d . e x e %SystemRoot%\system32\notepad.exe % S y s t e m R o o t % \ s y s t e m 3 2 \ n o t e p a d . e x e % Í wNÁç]N·D.±®Q˜·Í ` X lh-orda1q92i4v4 ¾5‰Ÿ¸D›þ´'-<Ì ˜S:pjÛˆ| "¾5‰Ÿ¸D›þ´'-<Ì ˜S:pjÛˆ| "
  24. grigo just got on here thing came alive so fast surprised me however when i got to this site it said user blocked? you there?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.