Searching blocked by Google

Page 3 of 4 Previous  1, 2, 3, 4  Next

View previous topic View next topic Go down

Searching blocked by Google

Post by rx7chick on Fri 04 May 2012, 12:02 am

First topic message reminder :

Over the last week I have been getting repeated requests from Google for captchas to verify I am not a robot. Today, for the first time Google blocked me, with this message:
We're sorry...but your computer or network may be sending automated queries. To protect our users, we can't process your request right now.
Yesterday I downloaded the new version of Malwarebytes, updated and scanned my entire computer. It found nothing. I regularly update daily my Avira. I am stumped and I have no idea what to do next. Any suggestions?

rx7chick

Newbie Surfer
Newbie Surfer

Posts : 43
Joined : 2012-05-03
Operating System : Windows XP

View user profile

Back to top Go down


Re: Searching blocked by Google

Post by rx7chick on Tue 15 May 2012, 9:09 am

I would have to check our IP addresses, but her computer and mine are both receiving a wireless signal from the same router. I will check our IPs tomorrow.

rx7chick

Newbie Surfer
Newbie Surfer

Posts : 43
Joined : 2012-05-03
Operating System : Windows XP

View user profile

Back to top Go down

Re: Searching blocked by Google

Post by DragonMaster Jay on Tue 15 May 2012, 7:38 pm

ok


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Searching blocked by Google

Post by rx7chick on Tue 15 May 2012, 8:15 pm

we both have the same IP address. She also just told me that she is having trouble with Google, but different from mine. She navigates to a site, either from selecting a hit on the Google SERPs page, or from typing it in, and gets the 404 error, then if she hits the back arrow, the site will show up. I just verified this because it took me about 6 tries to get a site to come up on her computer that could tell me her IP, and then only by using the back arrow. I am only using Bing now, and have not tested Google since you and I started trying to sort this out.

rx7chick

Newbie Surfer
Newbie Surfer

Posts : 43
Joined : 2012-05-03
Operating System : Windows XP

View user profile

Back to top Go down

Re: Searching blocked by Google

Post by DragonMaster Jay on Wed 16 May 2012, 6:44 am

Okay...well you know what to do, if it's even possible to work.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Searching blocked by Google

Post by rx7chick on Sat 16 Jun 2012, 5:27 am

Hey there DM Jay,
I am now in Romania. At the end of your very dedicated attempt to help me sort out this Google blockage, you concluded that I needed to get a new IP assigned, but I declined because I was about to leave Turkey and that provider. Since arriving in Romania I am on a totally new, completely unrelated(to Turkey) provider, Romtelecom. I have been using Bing exclusively. Yesterday I tried using Google again and instantly received the notice of automated activity and had to use a captcha. So I backed off of Google and went back to Bing. A few min. ago I tried Google again and got this message:
We're sorry...
... but your computer or network may be sending automated queries. To protect our users, we can't process your request right now.

Here I am in Romania, used Google a total of about 5 times and this. I was using Chrome, I have AVG installed and I ran Malwarebytes on full scan today and got 0 hits. I am truly baffled and I do not have a clue what to do. Is it possible there is some deep hidden program buried in my OS? The thought of reinstalling XP gives me the heebie jeebies.

rx7chick

Newbie Surfer
Newbie Surfer

Posts : 43
Joined : 2012-05-03
Operating System : Windows XP

View user profile

Back to top Go down

Re: Searching blocked by Google

Post by DragonMaster Jay on Sat 16 Jun 2012, 6:39 am

Let's take a look if you like!

Download Farbar Recovery Scan Tool and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

On the System Recovery Options menu you will get the following options:

      Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt


  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to the disclaimer.
  • Place a check next to List Drivers MD5 as well as the default check marks that are already there
  • Press Scan button.
  • type exit and reboot the computer normally
  • FRST will make a log (FRST.txt) on the flash drive, please copy and paste the log in your reply.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Searching blocked by Google

Post by rx7chick on Sat 16 Jun 2012, 7:49 am

Thanks a gazillion for being willing to continue with this. It's become a quest with me now to find the gremlin. I will get on this tomorrow...being hours later than the US, it's already midnight here.

rx7chick

Newbie Surfer
Newbie Surfer

Posts : 43
Joined : 2012-05-03
Operating System : Windows XP

View user profile

Back to top Go down

Re: Searching blocked by Google

Post by DragonMaster Jay on Sat 16 Jun 2012, 9:32 am

Okie dokie. See you on the other side of the moon.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Searching blocked by Google

Post by rx7chick on Sun 17 Jun 2012, 8:47 pm

I tried this and when I hit F8, I do not see any choice for Repair Your Computer. There is a line that says something..didn't write it down but I can if you need it...about debugger installed and do not select this.
So what do we do now?

rx7chick

Newbie Surfer
Newbie Surfer

Posts : 43
Joined : 2012-05-03
Operating System : Windows XP

View user profile

Back to top Go down

Re: Searching blocked by Google

Post by DragonMaster Jay on Sun 17 Jun 2012, 8:53 pm

Let's work with a similar tool, please:

Please download FarbarServiceScanner and run it on the computer with the issue.
[You must be registered and logged in to see this link.]


Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Searching blocked by Google

Post by rx7chick on Sun 17 Jun 2012, 9:20 pm

Farbar Service Scanner Version: 09-06-2012
Ran by Carolyn Blake (administrator) on 17-06-2012 at 13:20:28
Running from "C:\Documents and Settings\Carolyn Blake\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit


**** End of log ****

rx7chick

Newbie Surfer
Newbie Surfer

Posts : 43
Joined : 2012-05-03
Operating System : Windows XP

View user profile

Back to top Go down

Re: Searching blocked by Google

Post by DragonMaster Jay on Mon 18 Jun 2012, 5:19 am

Please download aswMBR from here


  • Save aswMBR.exe to your Desktop
  • Double click aswMBR.exe to run it
  • Click the Scan button to start the scan as illustrated below




Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives


  • Once the scan finishes click Save log to save the log to your Desktop


  • Copy and paste the contents of aswMBR.txt back here for review



AND


Please test your DNS Resolution by visiting here: [You must be registered and logged in to see this link.]

Tell me if that is green or not...

Also for this site: [You must be registered and logged in to see this link.]

Tell me if you see all six images at the top...


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Searching blocked by Google

Post by rx7chick on Mon 18 Jun 2012, 7:28 am

DNS Resolution: GREEN
All 6 images visible


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-17 22:34:36
-----------------------------
22:34:36.859 OS Version: Windows 5.1.2600 Service Pack 3
22:34:36.859 Number of processors: 2 586 0x170A
22:34:36.859 ComputerName: PRISS UserName:
22:34:37.953 Initialize success
22:40:34.359 AVAST engine defs: 12061700
22:40:46.390 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
22:40:46.406 Disk 0 Vendor: ST9250315AS 0002SDM1 Size: 238475MB BusType: 3
22:40:46.421 Disk 0 MBR read successfully
22:40:46.421 Disk 0 MBR scan
22:40:46.453 Disk 0 Windows XP default MBR code
22:40:46.468 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 49999 MB offset 63
22:40:46.484 Disk 0 Partition - 00 0F Extended LBA 188465 MB offset 102398310
22:40:46.500 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 188465 MB offset 102398373
22:40:46.515 Disk 0 scanning sectors +488376000
22:40:46.625 Disk 0 scanning C:\WINDOWS\system32\drivers
22:40:58.937 Service scanning
22:41:12.078 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
22:41:15.687 Modules scanning
22:41:21.640 Disk 0 trace - called modules:
22:41:21.671 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys pciide.sys PCIIDEX.SYS
22:41:21.687 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ad7fab8]
22:41:21.703 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\00000088[0x8ad529e8]
22:41:21.718 5 ACPI.sys[b9e54620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8ad52d98]
22:41:22.265 AVAST engine scan C:\WINDOWS
22:41:33.546 AVAST engine scan C:\WINDOWS\system32
22:44:19.078 AVAST engine scan C:\WINDOWS\system32\drivers
22:44:35.703 AVAST engine scan C:\Documents and Settings\Carolyn Blake
23:11:32.781 AVAST engine scan C:\Documents and Settings\All Users
23:21:23.015 Scan finished successfully




rx7chick

Newbie Surfer
Newbie Surfer

Posts : 43
Joined : 2012-05-03
Operating System : Windows XP

View user profile

Back to top Go down

Re: Searching blocked by Google

Post by DragonMaster Jay on Tue 19 Jun 2012, 1:57 am

GMER

Note about this tool:
  • This program may freeze. Do not reboot the computer, unless it has been frozen for over 30 minutes.
  • This program may cause a blue screen of death. If it does, do not scan, and then reply to let me know.
  • No matter what is in the log, please post all the information/contents of the log.
  • These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT"


Please download the GMER Rootkit Scanner. Unzip it to your Desktop.

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

Double-click gmer.exe. The program will begin to run.

If possible rootkit activity is found, you will be asked if you would like to perform a full scan.

  • Click NO
  • In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and ensure the Show all box is un-checked.
  • Now click the Scan button.
    Once the scan is complete, you may receive another notice about rootkit activity.
  • Click OK.
  • GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt"
  • Save it where you can easily find it, such as your desktop.

Post the contents of GMER.txt in your next reply.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Searching blocked by Google

Post by rx7chick on Tue 19 Jun 2012, 5:19 am

GMER 1.0.15.15641 - [You must be registered and logged in to see this link.]
Rootkit scan 2012-06-18 21:18:50
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST9250315AS rev.0002SDM1
Running: gmer.exe; Driver: C:\DOCUME~1\CAROLY~1\LOCALS~1\Temp\kxtdapog.sys


---- System - GMER 1.0.15 ----

SSDT sptd.sys ZwCreateKey [0xB9ECFA50]
SSDT sptd.sys ZwEnumerateKey [0xB9F03FFE]
SSDT sptd.sys ZwEnumerateValueKey [0xB9F0438C]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeKey [0xA65C5004]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeMultipleKeys [0xA65C50D4]
SSDT sptd.sys ZwOpenKey [0xB9ECFA30]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xA65C4D76]
SSDT sptd.sys ZwQueryKey [0xB9F04464]
SSDT sptd.sys ZwQueryValueKey [0xB9F042E4]
SSDT sptd.sys ZwSetValueKey [0xB9F044F6]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xA65C4E1E]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xA65C4EBA]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xA65C4F56]

INT 0x63 ? 8AE10CC8
INT 0x63 ? 8AE10CC8
INT 0x63 ? 8AE10CC8
INT 0x63 ? 8AE10CC8
INT 0x63 ? 8ABFBCC8
INT 0x63 ? 8ABFBCC8
INT 0x63 ? 8AE10CC8
INT 0x94 ? 8ABFBCC8
INT 0xA4 ? 8ABFBCC8
INT 0xB4 ? 8ABFBCC8

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 2DAC 80504648 2 Bytes [76, 4D] {JBE 0x4f}
.text sptd.sys B9E95000 4 Bytes [A6, BB, 6E, 80]
.text sptd.sys B9E95005 27 Bytes [69, 6E, 80, 30, 68, 6E, 80, ...]
.text sptd.sys B9E95024 4 Bytes [74, 7F, E8, B9]
.text sptd.sys B9E9502C 88 Bytes [B4, 1A, 5E, 80, 76, 86, 5E, ...]
.text sptd.sys B9E95085 156 Bytes [57, 53, 80, 44, A2, 4F, 80, ...]
.text ...
.sptd2 C:\WINDOWS\system32\drivers\sptd.sys entry point in ".sptd2" section [0xB9F8CD38]
? C:\WINDOWS\system32\drivers\sptd.sys The process cannot access the file because it is being used by another process.
.text USBPORT.SYS!DllUnload B8CC18AC 5 Bytes JMP 8ABFB1D8
.text a1qr7h9i.SYS B8A95306 50 Bytes [00, 00, 00, 48, 03, 00, F0, ...]
.text a1qr7h9i.SYS B8A95339 23 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text a1qr7h9i.SYS B8A95351 87 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text a1qr7h9i.SYS B8A953A9 10 Bytes [00, 00, 00, 00, 00, 00, 00, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL}
.text a1qr7h9i.SYS B8A953B4 12 Bytes [40, 00, 00, C8, 50, 41, 47, ...] {INC EAX; ADD [EAX], AL; ENTER 0x4150, 0x47; INC EBP; ADD [EAX], AL; ADD [EAX], AL}
.text ...
init C:\WINDOWS\system32\drivers\monfilt.sys entry point in "init" section [0xA84D8280]

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_ULONG] [B9E96574] sptd.sys
IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!READ_PORT_UCHAR] [B9E960C0] sptd.sys
IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_UCHAR] [B9E96FE0] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B9E960C0] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B9E96362] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B9E962A4] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B9E971BC] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B9E96FE0] sptd.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [B9EAB312] sptd.sys
IAT \SystemRoot\System32\Drivers\a1qr7h9i.SYS[HAL.dll!KeGetCurrentIrql] 5E0001F4
IAT \SystemRoot\System32\Drivers\a1qr7h9i.SYS[HAL.dll!KfAcquireSpinLock] C2C95B5F
IAT \SystemRoot\System32\Drivers\a1qr7h9i.SYS[HAL.dll!KfReleaseSpinLock] 5F380008
IAT \SystemRoot\System32\Drivers\a1qr7h9i.SYS[HAL.dll!KfRaiseIrql] 56227411
IAT \SystemRoot\System32\Drivers\a1qr7h9i.SYS[HAL.dll!KfLowerIrql] A9763A68
IAT \SystemRoot\System32\Drivers\a1qr7h9i.SYS[USBD.SYS!USBD_CreateConfigurationRequestEx] F7C31352

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8AE0F1F8

AttachedDevice \FileSystem\Ntfs \Ntfs avgidsfilterx.sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \FileSystem\Ntfs \Ntfs AsDsm.sys (Data Security Manager Driver/ASUSTek Computer Inc)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\usbuhci \Device\USBPDO-0 8ABFA1F8
Device \Driver\usbehci \Device\USBPDO-1 8ABD81F8
Device \Driver\usbuhci \Device\USBPDO-2 8ABFA1F8
Device \Driver\usbuhci \Device\USBPDO-3 8ABFA1F8
Device \Driver\usbuhci \Device\USBPDO-4 8ABFA1F8

AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\usbuhci \Device\USBPDO-5 8ABFA1F8
Device \Driver\usbehci \Device\USBPDO-6 8ABD81F8
Device \Driver\usbuhci \Device\USBPDO-7 8ABFA1F8
Device \Driver\Cdrom \Device\CdRom0 8AB303A0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [B9DE9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [B9DE9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [B9DE9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort2 [B9DE9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort3 [B9DE9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [B9DE9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\Cdrom \Device\CdRom1 8AB303A0
Device \Driver\NetBT \Device\NetBt_Wins_Export 8A5031F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{E9444515-56BF-446C-8E1D-97E9ED9B937B} 8A5031F8
Device \Driver\NetBT \Device\NetbiosSmb 8A5031F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{9C8FE2C6-5E15-43BE-B1A7-20162ABF33FA} 8A5031F8

AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\PCI_PNP8472 \Device\0000005d sptd.sys
Device \Driver\PCI_PNP8472 \Device\0000005d sptd.sys

AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\usbuhci \Device\USBFDO-0 8ABFA1F8
Device \Driver\usbuhci \Device\USBFDO-1 8ABFA1F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 896AF1F8
Device \Driver\usbuhci \Device\USBFDO-2 8ABFA1F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 896AF1F8
Device \Driver\usbehci \Device\USBFDO-3 8ABD81F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{6C1DE315-5661-4764-8FB9-ED7F722BD42A} 8A5031F8
Device \Driver\usbuhci \Device\USBFDO-4 8ABFA1F8
Device \Driver\usbuhci \Device\USBFDO-5 8ABFA1F8
Device \Driver\usbuhci \Device\USBFDO-6 8ABFA1F8
Device \Driver\usbehci \Device\USBFDO-7 8ABD81F8
Device \Driver\a1qr7h9i \Device\Scsi\a1qr7h9i1Port4Path0Target0Lun0 8AAFD1F8
Device \Driver\a1qr7h9i \Device\Scsi\a1qr7h9i1 8AAFD1F8
Device \FileSystem\Cdfs \Cdfs 8A5311F8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xB9 0x78 0x43 0xDE ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x0E 0xF9 0xCB 0x1B ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x63 0x2A 0xFD 0x58 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xB9 0x78 0x43 0xDE ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x0E 0xF9 0xCB 0x1B ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x63 0x2A 0xFD 0x58 ...

---- Files - GMER 1.0.15 ----

File C:\ADSM_PData_0150 0 bytes
File C:\ADSM_PData_0150\DB 0 bytes
File C:\ADSM_PData_0150\DB\SI.db 624 bytes
File C:\ADSM_PData_0150\DB\UL.db 16 bytes
File C:\ADSM_PData_0150\DB\VL.db 16 bytes
File C:\ADSM_PData_0150\DB\WAL.db 2048 bytes
File C:\ADSM_PData_0150\DragWait.exe 315392 bytes executable
File C:\ADSM_PData_0150\_avt 512 bytes

---- EOF - GMER 1.0.15 ----

rx7chick

Newbie Surfer
Newbie Surfer

Posts : 43
Joined : 2012-05-03
Operating System : Windows XP

View user profile

Back to top Go down

Re: Searching blocked by Google

Post by DragonMaster Jay on Wed 20 Jun 2012, 3:16 am

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :filefind
    a1qr7h9i.SYS

  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Searching blocked by Google

Post by rx7chick on Wed 20 Jun 2012, 4:19 am

SystemLook 30.07.11 by jpshortstuff
Log created at 20:14 on 19/06/2012 by Carolyn Blake
Administrator - Elevation successful

========== filefind ==========

Searching for "a1qr7h9i.SYS"
No files found.

-= EOF =-

rx7chick

Newbie Surfer
Newbie Surfer

Posts : 43
Joined : 2012-05-03
Operating System : Windows XP

View user profile

Back to top Go down

Re: Searching blocked by Google

Post by DragonMaster Jay on Wed 20 Jun 2012, 8:19 am

We need to use GMER to delete a service and remove the file:

  • Open the gmer folder and double click gmer.exe to run the program
  • On starting GMER will run a short scan, allow it to complete this, then click No if it asks you to run a full scan.

  • Click on the > > > tab to open the menus


  • Click on the Services tab


  • Scroll down until you find the following Service (Note: This may be highlighted in red)

    a1qr7h9i.SYS

  • Click on the Service Name to Highlight it, then right click and choose Delete...

  • Click OK at the first confirmation dialog to remove the service
  • Click OK to the second confirmation dialog to remove the file
  • Click OK to exit the program

Let me know of any problems you encountered.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Searching blocked by Google

Post by rx7chick on Wed 20 Jun 2012, 8:44 am

I searched carefully thru the "Name" fields and the Filename fields and could not find the file we need. I tried running GMER twice to be sure. I'm curious because the last program SystemLook... I ran a search for that file and it was not found.

rx7chick

Newbie Surfer
Newbie Surfer

Posts : 43
Joined : 2012-05-03
Operating System : Windows XP

View user profile

Back to top Go down

Re: Searching blocked by Google

Post by DragonMaster Jay on Thu 21 Jun 2012, 1:28 am

We'll need to use DeFogger to disable CD emulation drivers...

To disable CD Emulation programs using DeFogger please perform these steps:
  • Please download DeFogger to your desktop.
  • Once downloaded, double-click on the DeFogger icon to start the tool.
  • The application window will now appear. You should now click on the Disable button to disable your CD Emulation drivers
  • When it prompts you whether or not you want to continue, please click on the Yes button to continue
  • When the program has completed you will see a Finished! message. Click on the OK button to exit the program.
  • If CD Emulation programs are present and have been disabled, DeFogger will now ask you to reboot the machine. Please allow it to do so by clicking on the OK button.



Then, please re-run GMER and post a new log.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Searching blocked by Google

Post by rx7chick on Fri 22 Jun 2012, 1:49 am

I followed these instruction, and after the GMER scan had been running about 2 hours, not yet complete, I got the BSOD. The error message was IRQ_NOT_Less_Or_Equal. I restarted but windows would never start up past the initial screen. Finally I was able to boot it in Safe Mode with Networking but could not get on the net to message you. So I did an F8 start and chose Last Known Configuration and it started. The Defogger program is still on my desktop, but I am very reluctant to run the scan. I did get my first Bing "fail" and it said something like the search is making too many calls. It cleard up in a moment. I am wondering if this copy of windows is so corrupt I should abandon it and reinstall?

rx7chick

Newbie Surfer
Newbie Surfer

Posts : 43
Joined : 2012-05-03
Operating System : Windows XP

View user profile

Back to top Go down

Re: Searching blocked by Google

Post by DragonMaster Jay on Fri 22 Jun 2012, 7:11 am

If you think it's corrupt, let's run a couple of scans to prove that...

Do this first, please:
  1. Please download MGADiag and save it to your desktop.
  2. Double click the icon on your desktop.
  3. Push
  4. Push
  5. Go to Start -> Run and type in "Notepad"
  6. Go to Edit -> Paste in notepad.
  7. x out all of the numbers and letters in the line beginning with "Windows Product Key:"
  8. Copy and paste that log here.



[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Searching blocked by Google

Post by DragonMaster Jay on Sun 01 Jul 2012, 7:01 am

Are you still with us? Please update us on your situation.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Searching blocked by Google

Post by rx7chick on Sun 01 Jul 2012, 7:25 am

Hi DM Jay,
I was going to post in a day or two. I finally did a complete Windows fresh install...wiped the C drive. I had other problems with my USB ports shutting off and auto play and plug and play not working. As always a fresh install is a painful procedure and I still do not have Windows set up completely. But, I have been using Google search for the last 5 days since the new install and so far I have not encountered any problems. A program I was using that I have not reinstalled was SEO Quake, which gathers a lot of stats on SERP's and sites. I am wondering now if Google doesn't like SEO Quake. I will do some research on their forum and if I find anything significant I will let you know. thank you so so much for all the time you gave me.


Last edited by rx7chick on Sun 01 Jul 2012, 7:27 am; edited 1 time in total (Reason for editing : accidentally sent before complete)

rx7chick

Newbie Surfer
Newbie Surfer

Posts : 43
Joined : 2012-05-03
Operating System : Windows XP

View user profile

Back to top Go down

Re: Searching blocked by Google

Post by DragonMaster Jay on Mon 02 Jul 2012, 4:08 am

Not a problem here. Let me know of any more issues, otherwise I will close this topic. You'd be free to open any new topics in the future.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Searching blocked by Google

Post by Sponsored content Today at 6:22 am


Sponsored content


Back to top Go down

Page 3 of 4 Previous  1, 2, 3, 4  Next

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum