WiredWX Hobby Weather ToolsLog in

 


Searching blocked by Google

2 posters

descriptionSearching blocked by Google - Page 4 EmptyRe: Searching blocked by Google14th May 2012, 10:09 pm

more_horiz
I would have to check our IP addresses, but her computer and mine are both receiving a wireless signal from the same router. I will check our IPs tomorrow.

descriptionSearching blocked by Google - Page 4 EmptyRe: Searching blocked by Google15th May 2012, 8:38 am

more_horiz
ok

descriptionSearching blocked by Google - Page 4 EmptyRe: Searching blocked by Google15th May 2012, 9:15 am

more_horiz
we both have the same IP address. She also just told me that she is having trouble with Google, but different from mine. She navigates to a site, either from selecting a hit on the Google SERPs page, or from typing it in, and gets the 404 error, then if she hits the back arrow, the site will show up. I just verified this because it took me about 6 tries to get a site to come up on her computer that could tell me her IP, and then only by using the back arrow. I am only using Bing now, and have not tested Google since you and I started trying to sort this out.

descriptionSearching blocked by Google - Page 4 EmptyRe: Searching blocked by Google15th May 2012, 7:44 pm

more_horiz
Okay...well you know what to do, if it's even possible to work.

descriptionSearching blocked by Google - Page 4 EmptyRe: Searching blocked by Google15th June 2012, 6:27 pm

more_horiz
Hey there DM Jay,
I am now in Romania. At the end of your very dedicated attempt to help me sort out this Google blockage, you concluded that I needed to get a new IP assigned, but I declined because I was about to leave Turkey and that provider. Since arriving in Romania I am on a totally new, completely unrelated(to Turkey) provider, Romtelecom. I have been using Bing exclusively. Yesterday I tried using Google again and instantly received the notice of automated activity and had to use a captcha. So I backed off of Google and went back to Bing. A few min. ago I tried Google again and got this message:
We're sorry...
... but your computer or network may be sending automated queries. To protect our users, we can't process your request right now.

Here I am in Romania, used Google a total of about 5 times and this. I was using Chrome, I have AVG installed and I ran Malwarebytes on full scan today and got 0 hits. I am truly baffled and I do not have a clue what to do. Is it possible there is some deep hidden program buried in my OS? The thought of reinstalling XP gives me the heebie jeebies.

descriptionSearching blocked by Google - Page 4 EmptyRe: Searching blocked by Google15th June 2012, 7:39 pm

more_horiz
Let's take a look if you like!

Download Farbar Recovery Scan Tool and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

On the System Recovery Options menu you will get the following options:

      Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt

  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to the disclaimer.
  • Place a check next to List Drivers MD5 as well as the default check marks that are already there
  • Press Scan button.
  • type exit and reboot the computer normally
  • FRST will make a log (FRST.txt) on the flash drive, please copy and paste the log in your reply.

descriptionSearching blocked by Google - Page 4 EmptyRe: Searching blocked by Google15th June 2012, 8:49 pm

more_horiz
Thanks a gazillion for being willing to continue with this. It's become a quest with me now to find the gremlin. I will get on this tomorrow...being hours later than the US, it's already midnight here.

descriptionSearching blocked by Google - Page 4 EmptyRe: Searching blocked by Google15th June 2012, 10:32 pm

more_horiz
Okie dokie. See you on the other side of the moon. Hooray!

descriptionSearching blocked by Google - Page 4 EmptyRe: Searching blocked by Google17th June 2012, 9:47 am

more_horiz
I tried this and when I hit F8, I do not see any choice for Repair Your Computer. There is a line that says something..didn't write it down but I can if you need it...about debugger installed and do not select this.
So what do we do now?

descriptionSearching blocked by Google - Page 4 EmptyRe: Searching blocked by Google17th June 2012, 9:53 am

more_horiz
Let's work with a similar tool, please:

Please download FarbarServiceScanner and run it on the computer with the issue.
http://download.bleepingcomputer.com/farbar/FSS.exe


Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

descriptionSearching blocked by Google - Page 4 EmptyRe: Searching blocked by Google17th June 2012, 10:20 am

more_horiz
Farbar Service Scanner Version: 09-06-2012
Ran by Carolyn Blake (administrator) on 17-06-2012 at 13:20:28
Running from "C:\Documents and Settings\Carolyn Blake\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit


**** End of log ****

descriptionSearching blocked by Google - Page 4 EmptyRe: Searching blocked by Google17th June 2012, 6:19 pm

more_horiz
Please download aswMBR from here


  • Save aswMBR.exe to your Desktop
  • Double click aswMBR.exe to run it
  • Click the Scan button to start the scan as illustrated below


Searching blocked by Google - Page 4 AswMBR_Scan

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives


  • Once the scan finishes click Save log to save the log to your Desktop
    Searching blocked by Google - Page 4 AswMBR_SaveLog

  • Copy and paste the contents of aswMBR.txt back here for review



AND


Please test your DNS Resolution by visiting here: http://www.dns-ok.us/

Tell me if that is green or not...

Also for this site: http://www.confickerworkinggroup.org/infection_test/cfeyechart.html

Tell me if you see all six images at the top...

descriptionSearching blocked by Google - Page 4 EmptyRe: Searching blocked by Google17th June 2012, 8:28 pm

more_horiz
DNS Resolution: GREEN
All 6 images visible


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-17 22:34:36
-----------------------------
22:34:36.859 OS Version: Windows 5.1.2600 Service Pack 3
22:34:36.859 Number of processors: 2 586 0x170A
22:34:36.859 ComputerName: PRISS UserName:
22:34:37.953 Initialize success
22:40:34.359 AVAST engine defs: 12061700
22:40:46.390 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
22:40:46.406 Disk 0 Vendor: ST9250315AS 0002SDM1 Size: 238475MB BusType: 3
22:40:46.421 Disk 0 MBR read successfully
22:40:46.421 Disk 0 MBR scan
22:40:46.453 Disk 0 Windows XP default MBR code
22:40:46.468 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 49999 MB offset 63
22:40:46.484 Disk 0 Partition - 00 0F Extended LBA 188465 MB offset 102398310
22:40:46.500 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 188465 MB offset 102398373
22:40:46.515 Disk 0 scanning sectors +488376000
22:40:46.625 Disk 0 scanning C:\WINDOWS\system32\drivers
22:40:58.937 Service scanning
22:41:12.078 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
22:41:15.687 Modules scanning
22:41:21.640 Disk 0 trace - called modules:
22:41:21.671 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys pciide.sys PCIIDEX.SYS
22:41:21.687 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ad7fab8]
22:41:21.703 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\00000088[0x8ad529e8]
22:41:21.718 5 ACPI.sys[b9e54620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8ad52d98]
22:41:22.265 AVAST engine scan C:\WINDOWS
22:41:33.546 AVAST engine scan C:\WINDOWS\system32
22:44:19.078 AVAST engine scan C:\WINDOWS\system32\drivers
22:44:35.703 AVAST engine scan C:\Documents and Settings\Carolyn Blake
23:11:32.781 AVAST engine scan C:\Documents and Settings\All Users
23:21:23.015 Scan finished successfully



descriptionSearching blocked by Google - Page 4 EmptyRe: Searching blocked by Google18th June 2012, 2:57 pm

more_horiz
GMER

Note about this tool:
  • This program may freeze. Do not reboot the computer, unless it has been frozen for over 30 minutes.
  • This program may cause a blue screen of death. If it does, do not scan, and then reply to let me know.
  • No matter what is in the log, please post all the information/contents of the log.
  • These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT"


Please download the GMER Rootkit Scanner. Unzip it to your Desktop.

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

Double-click gmer.exe. The program will begin to run.

If possible rootkit activity is found, you will be asked if you would like to perform a full scan.

  • Click NO
  • In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and ensure the Show all box is un-checked.
  • Now click the Scan button.
    Once the scan is complete, you may receive another notice about rootkit activity.
  • Click OK.
  • GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt"
  • Save it where you can easily find it, such as your desktop.

Post the contents of GMER.txt in your next reply.

descriptionSearching blocked by Google - Page 4 EmptyRe: Searching blocked by Google18th June 2012, 6:19 pm

more_horiz
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-06-18 21:18:50
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST9250315AS rev.0002SDM1
Running: gmer.exe; Driver: C:\DOCUME~1\CAROLY~1\LOCALS~1\Temp\kxtdapog.sys


---- System - GMER 1.0.15 ----

SSDT sptd.sys ZwCreateKey [0xB9ECFA50]
SSDT sptd.sys ZwEnumerateKey [0xB9F03FFE]
SSDT sptd.sys ZwEnumerateValueKey [0xB9F0438C]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeKey [0xA65C5004]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeMultipleKeys [0xA65C50D4]
SSDT sptd.sys ZwOpenKey [0xB9ECFA30]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xA65C4D76]
SSDT sptd.sys ZwQueryKey [0xB9F04464]
SSDT sptd.sys ZwQueryValueKey [0xB9F042E4]
SSDT sptd.sys ZwSetValueKey [0xB9F044F6]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xA65C4E1E]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xA65C4EBA]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xA65C4F56]

INT 0x63 ? 8AE10CC8
INT 0x63 ? 8AE10CC8
INT 0x63 ? 8AE10CC8
INT 0x63 ? 8AE10CC8
INT 0x63 ? 8ABFBCC8
INT 0x63 ? 8ABFBCC8
INT 0x63 ? 8AE10CC8
INT 0x94 ? 8ABFBCC8
INT 0xA4 ? 8ABFBCC8
INT 0xB4 ? 8ABFBCC8

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 2DAC 80504648 2 Bytes [76, 4D] {JBE 0x4f}
.text sptd.sys B9E95000 4 Bytes [A6, BB, 6E, 80]
.text sptd.sys B9E95005 27 Bytes [69, 6E, 80, 30, 68, 6E, 80, ...]
.text sptd.sys B9E95024 4 Bytes [74, 7F, E8, B9]
.text sptd.sys B9E9502C 88 Bytes [B4, 1A, 5E, 80, 76, 86, 5E, ...]
.text sptd.sys B9E95085 156 Bytes [57, 53, 80, 44, A2, 4F, 80, ...]
.text ...
.sptd2 C:\WINDOWS\system32\drivers\sptd.sys entry point in ".sptd2" section [0xB9F8CD38]
? C:\WINDOWS\system32\drivers\sptd.sys The process cannot access the file because it is being used by another process.
.text USBPORT.SYS!DllUnload B8CC18AC 5 Bytes JMP 8ABFB1D8
.text a1qr7h9i.SYS B8A95306 50 Bytes [00, 00, 00, 48, 03, 00, F0, ...]
.text a1qr7h9i.SYS B8A95339 23 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text a1qr7h9i.SYS B8A95351 87 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text a1qr7h9i.SYS B8A953A9 10 Bytes [00, 00, 00, 00, 00, 00, 00, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL}
.text a1qr7h9i.SYS B8A953B4 12 Bytes [40, 00, 00, C8, 50, 41, 47, ...] {INC EAX; ADD [EAX], AL; ENTER 0x4150, 0x47; INC EBP; ADD [EAX], AL; ADD [EAX], AL}
.text ...
init C:\WINDOWS\system32\drivers\monfilt.sys entry point in "init" section [0xA84D8280]

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_ULONG] [B9E96574] sptd.sys
IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!READ_PORT_UCHAR] [B9E960C0] sptd.sys
IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_UCHAR] [B9E96FE0] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B9E960C0] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B9E96362] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B9E962A4] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B9E971BC] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B9E96FE0] sptd.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [B9EAB312] sptd.sys
IAT \SystemRoot\System32\Drivers\a1qr7h9i.SYS[HAL.dll!KeGetCurrentIrql] 5E0001F4
IAT \SystemRoot\System32\Drivers\a1qr7h9i.SYS[HAL.dll!KfAcquireSpinLock] C2C95B5F
IAT \SystemRoot\System32\Drivers\a1qr7h9i.SYS[HAL.dll!KfReleaseSpinLock] 5F380008
IAT \SystemRoot\System32\Drivers\a1qr7h9i.SYS[HAL.dll!KfRaiseIrql] 56227411
IAT \SystemRoot\System32\Drivers\a1qr7h9i.SYS[HAL.dll!KfLowerIrql] A9763A68
IAT \SystemRoot\System32\Drivers\a1qr7h9i.SYS[USBD.SYS!USBD_CreateConfigurationRequestEx] F7C31352

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8AE0F1F8

AttachedDevice \FileSystem\Ntfs \Ntfs avgidsfilterx.sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \FileSystem\Ntfs \Ntfs AsDsm.sys (Data Security Manager Driver/ASUSTek Computer Inc)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\usbuhci \Device\USBPDO-0 8ABFA1F8
Device \Driver\usbehci \Device\USBPDO-1 8ABD81F8
Device \Driver\usbuhci \Device\USBPDO-2 8ABFA1F8
Device \Driver\usbuhci \Device\USBPDO-3 8ABFA1F8
Device \Driver\usbuhci \Device\USBPDO-4 8ABFA1F8

AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\usbuhci \Device\USBPDO-5 8ABFA1F8
Device \Driver\usbehci \Device\USBPDO-6 8ABD81F8
Device \Driver\usbuhci \Device\USBPDO-7 8ABFA1F8
Device \Driver\Cdrom \Device\CdRom0 8AB303A0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [B9DE9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [B9DE9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [B9DE9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort2 [B9DE9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort3 [B9DE9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [B9DE9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\Cdrom \Device\CdRom1 8AB303A0
Device \Driver\NetBT \Device\NetBt_Wins_Export 8A5031F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{E9444515-56BF-446C-8E1D-97E9ED9B937B} 8A5031F8
Device \Driver\NetBT \Device\NetbiosSmb 8A5031F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{9C8FE2C6-5E15-43BE-B1A7-20162ABF33FA} 8A5031F8

AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\PCI_PNP8472 \Device\0000005d sptd.sys
Device \Driver\PCI_PNP8472 \Device\0000005d sptd.sys

AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\usbuhci \Device\USBFDO-0 8ABFA1F8
Device \Driver\usbuhci \Device\USBFDO-1 8ABFA1F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 896AF1F8
Device \Driver\usbuhci \Device\USBFDO-2 8ABFA1F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 896AF1F8
Device \Driver\usbehci \Device\USBFDO-3 8ABD81F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{6C1DE315-5661-4764-8FB9-ED7F722BD42A} 8A5031F8
Device \Driver\usbuhci \Device\USBFDO-4 8ABFA1F8
Device \Driver\usbuhci \Device\USBFDO-5 8ABFA1F8
Device \Driver\usbuhci \Device\USBFDO-6 8ABFA1F8
Device \Driver\usbehci \Device\USBFDO-7 8ABD81F8
Device \Driver\a1qr7h9i \Device\Scsi\a1qr7h9i1Port4Path0Target0Lun0 8AAFD1F8
Device \Driver\a1qr7h9i \Device\Scsi\a1qr7h9i1 8AAFD1F8
Device \FileSystem\Cdfs \Cdfs 8A5311F8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xB9 0x78 0x43 0xDE ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x0E 0xF9 0xCB 0x1B ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x63 0x2A 0xFD 0x58 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xB9 0x78 0x43 0xDE ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x0E 0xF9 0xCB 0x1B ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x63 0x2A 0xFD 0x58 ...

---- Files - GMER 1.0.15 ----

File C:\ADSM_PData_0150 0 bytes
File C:\ADSM_PData_0150\DB 0 bytes
File C:\ADSM_PData_0150\DB\SI.db 624 bytes
File C:\ADSM_PData_0150\DB\UL.db 16 bytes
File C:\ADSM_PData_0150\DB\VL.db 16 bytes
File C:\ADSM_PData_0150\DB\WAL.db 2048 bytes
File C:\ADSM_PData_0150\DragWait.exe 315392 bytes executable
File C:\ADSM_PData_0150\_avt 512 bytes

---- EOF - GMER 1.0.15 ----

descriptionSearching blocked by Google - Page 4 EmptyRe: Searching blocked by Google

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum