Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Board index Malware Removal ForumsInfected? Virus, malware, adware, ransomware, oh my!

c:\recycler error and explorer error

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.
Topic locked

c:\recycler error and explorer error

Unread postby rkrules » July 27th, 2009, 9:06 pm

Logfile of HijackThis v1.99.1
Scan saved at 6:34:52 AM, on 7/28/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\zabkat\xplorer2_lite\xplorer2_lite.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://blr.mail.cognizant.com/exchange/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Tools\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\Tools\FlashGet\jccatch.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (file missing)
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: EWPBrowseObject Class - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Tools\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\Tools\FlashGet\getflash.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\Tools\STARDO~1\SDIEInt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\Tools\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\Tools\FlashGet\jc_link.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Tools\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Tools\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Tools\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Tools\Free Download Manager\dllink.htm
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\Tools\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\Tools\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: HiDownload - {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\Program Files\HiDownload\hidownload.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Tools\Free Download Manager\FUM\fumiebtn.dll
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {3BA494B1-D507-4C11-9BDA-D47E1A65DFCF} (Confidence Online for Web Applications) - https://neovpn.wellington.com/llclient/ ... AXXPEE.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microso ... 6659398910
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6659352019
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupControlXP Class) - https://neovpn.wellington.com/dana-cach ... tupSP1.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{23D59B39-4EF0-41F5-866B-99FBE0FFDDD9}: NameServer = 218.248.240.23,218.248.240.135
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,avgrsstx.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate1c9028544f1aae) (gupdate1c9028544f1aae) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
rkrules
Active Member
 
Posts: 7
Joined: July 7th, 2009, 8:32 pm
Top
Advertisement
Register to Remove

DDS

Unread postby rkrules » July 27th, 2009, 9:09 pm

I had posted this earlier and I was asked to post DDS and Attach.txt (Then I could not access machine for 3 days and topic got closed viewtopic.php?f=11&t=44155) So posting DDS and Attach this time.

DDS (Ver_09-06-26.01) - NTFSx86
Run by Shashikiran at 6:46:46.46 on Sat 07/18/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_10
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.447.159 [GMT 5.5:30]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\cidaemon.exe
D:\Work\Shashikiran\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = https://blr.mail.cognizant.com/exchange/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - c:\program files\tools\orbitdownloader\orbitcth.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - c:\program files\tools\flashget\jccatch.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: EWPBrowseObject Class: {68f9551e-0411-48e4-9aaf-4bc42a6a46be} - c:\program files\canon\easy-webprint\EWPBrowseLoader.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\program files\tools\free download manager\iefdm2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.29.0\gears.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - c:\program files\tools\flashget\getflash.dll
BHO: : {fffffef0-5b30-21d4-945d-000000000000} - c:\progra~1\tools\stardo~1\SDIEInt.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
TB: Veoh Browser Plug-in: {d0943516-5076-4020-a3b5-aefaf26ab263} - c:\program files\veoh networks\veoh\plugins\reg\VeohToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
IE: &Download All with FlashGet - c:\program files\tools\flashget\jc_all.htm
IE: &Download with FlashGet - c:\program files\tools\flashget\jc_link.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download all with Free Download Manager - file://c:\program files\tools\free download manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\tools\free download manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\tools\free download manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\tools\free download manager\dllink.htm
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\program files\tools\flashget\FlashGet.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - c:\program files\hidownload\hidownload.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.29.0\gears.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - d:\progra~1\micros~1\office11\REFIEBAR.DLL
IE: {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - c:\program files\tools\free download manager\fum\fumiebtn.dll
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {3BA494B1-D507-4C11-9BDA-D47E1A65DFCF} - hxxps://neovpn.wellington.com/llclient/ ... AXXPEE.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microso ... 6659398910
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microso ... 6659352019
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} - hxxps://neovpn.wellington.com/dana-cach ... tupSP1.cab
TCP: {23D59B39-4EF0-41F5-866B-99FBE0FFDDD9} = 218.248.240.23,218.248.240.135
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
AppInit_DLLs: c:\progra~1\google\google~1\goec62~1.dll,avgrsstx.dll c:\progra~1\google\google~1\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
STS: IE Component Categories cache daemon: {553858a7-4922-4e7e-b1c1-97140c1c16ef} - c:\windows\system32\ieframe.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\shashi~1\applic~1\mozilla\firefox\profiles\u2b0tgvr.default\
FF - component: c:\documents and settings\shashikiran\application data\mozilla\firefox\profiles\u2b0tgvr.default\extensions\piclens@cooliris.com\components\piclensstub.dll
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\google\google gears\firefox\lib\ff30\gears.dll
FF - component: c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\documents and settings\shashikiran\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\shashikiran\local settings\application data\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.2.131.11\npGoogleOneClick5.dll
FF - plugin: c:\program files\google\update\1.2.133.33\npGoogleOneClick7.dll
FF - plugin: c:\program files\google\update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\google\update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF - plugin: c:\program files\photosynth\npPhotosynthMozilla.dll
FF - plugin: c:\program files\veoh networks\veoh\plugins\noreg\NPVeohVersion.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-5-27 335752]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2007-12-7 27784]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-5-27 108552]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-6-27 907032]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-5-27 298776]
S2 gupdate1c9028544f1aae;Google Update Service (gupdate1c9028544f1aae);c:\program files\google\update\GoogleUpdate.exe [2008-8-20 133104]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2008-3-17 16512]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\google\google desktop search\GoogleDesktop.exe [2007-12-4 29744]
S3 IKFileSec;File Security Driver;c:\windows\system32\drivers\ikfilesec.sys [2007-12-8 42376]
S3 IKSysFlt;System Filter Driver;c:\windows\system32\drivers\iksysflt.sys [2007-12-8 66952]
S3 IKSysSec;System Security Driver;c:\windows\system32\drivers\iksyssec.sys [2007-12-8 81288]
S3 s125bus;Sony Ericsson Device 125 driver (WDM);c:\windows\system32\drivers\s125bus.sys [2007-12-19 83336]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter;c:\windows\system32\drivers\s125mdfl.sys [2007-12-19 15112]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver;c:\windows\system32\drivers\s125mdm.sys [2007-12-19 108680]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s125mgmt.sys [2007-12-19 100488]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface;c:\windows\system32\drivers\s125obex.sys [2007-12-19 98696]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2008-3-13 747912]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2008-3-13 948616]
S3 ultradfg;ultradfg;c:\windows\system32\drivers\ultradfg.sys [2009-5-13 33792]

=============== Created Last 30 ================

2009-07-16 05:20 <DIR> --d-h--- c:\windows\system32\GroupPolicy
2009-07-13 05:48 42 a------- c:\windows\system32\DuplicateFileCleaner.lie
2009-07-13 05:48 <DIR> --d----- c:\program files\Duplicate File Cleaner
2009-07-12 22:33 <DIR> --d----- c:\program files\Moleskinsoft Directory Size 2.4
2009-07-12 22:00 <DIR> --d----- c:\program files\Fast Duplicate File Finder
2009-07-12 05:54 50,116 a---h--- c:\windows\system32\mlfcache.dat
2009-07-05 23:35 <DIR> a-dshr-- C:\autorun.inf
2009-07-05 08:08 <DIR> --d----- c:\program files\QuickMediaConverter
2009-07-01 11:40 3,532 a------- C:\drmHeader.bin

==================== Find3M ====================

2009-07-05 09:02 335,752 a------- c:\windows\system32\drivers\avgldx86.sys
2009-06-27 09:48 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-05-13 20:07 7,680 a------- c:\windows\system32\bootexctrl.exe
2009-05-13 20:07 47,616 a------- c:\windows\system32\udefrag-gui-config.exe
2009-05-13 20:07 9,216 a------- c:\windows\system32\defrag_native.exe
2009-05-13 20:07 47,104 a------- c:\windows\system32\ultradefrag.exe
2009-05-13 20:07 7,680 a------- c:\windows\system32\udefrag-gui.exe
2009-05-13 20:07 6,144 a------- c:\windows\system32\wgx.dll
2009-05-13 20:07 14,848 a------- c:\windows\system32\lua5.1a_gui.exe
2009-05-13 20:07 10,752 a------- c:\windows\system32\lua5.1a.exe
2009-05-13 20:07 8,704 a------- c:\windows\system32\udefrag.exe
2009-05-13 20:07 91,648 a------- c:\windows\system32\lua5.1a.dll
2009-05-13 20:07 10,752 a------- c:\windows\system32\udefrag.dll
2009-05-13 20:07 18,944 a------- c:\windows\system32\zenwinx.dll
2009-05-02 00:00 3,366,912 a------- c:\windows\system32\GPhotos.scr
2009-04-29 10:26 827,392 a------- c:\windows\system32\wininet.dll
2009-04-29 10:25 78,336 a------- c:\windows\system32\ieencode.dll
2008-06-10 14:52 11,809,792 ac------ c:\program files\ica32web.msi
2006-05-03 15:36 163,328 ---shr-- c:\windows\system32\flvDX.dll
2007-02-21 17:17 31,232 ---shr-- c:\windows\system32\msfDX.dll
2008-03-16 19:00 216,064 ---shr-- c:\windows\system32\nbDX.dll

============= FINISH: 6:48:12.73 ===============
rkrules
Active Member
 
Posts: 7
Joined: July 7th, 2009, 8:32 pm
Top

Attach

Unread postby rkrules » July 27th, 2009, 9:11 pm

I had posted this earlier and I was asked to post DDS and Attach.txt (Then I could not access machine for 3 days and topic got closed viewtopic.php?f=11&t=44155) So posting DDS (previous post) and Attach(this post) this time.


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-06-26.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 8/15/2008 7:25:01 PM
System Uptime: 7/18/2009 6:37:41 AM (0 hours ago)

Motherboard: MSI | | MS-6741
Processor: AMD Athlon(tm) 64 Processor 2800+ | Socket-754 | 1800/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 20 GiB total, 2.127 GiB free.
D: is FIXED (FAT32) - 101 GiB total, 10.611 GiB free.
E: is CDROM ()
F: is FIXED (FAT32) - 2 GiB total, 0.117 GiB free.
G: is FIXED (NTFS) - 75 GiB total, 9.033 GiB free.
H: is FIXED (FAT32) - 20 GiB total, 10.005 GiB free.
I: is FIXED (FAT32) - 9 GiB total, 1.497 GiB free.
R: is FIXED (NTFS) - 58 GiB total, 6.277 GiB free.
S: is FIXED (FAT32) - 101 GiB total, 12.838 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP266: 7/11/2009 5:33:56 PM - System Checkpoint
RP267: 7/13/2009 6:00:11 PM - System Checkpoint
RP268: 7/15/2009 6:23:17 PM - System Checkpoint
RP269: 7/16/2009 4:17:24 AM - Removed Google Gears
RP270: 7/17/2009 10:38:00 PM - System Checkpoint

==== Installed Programs ======================

µTorrent
7-Zip 4.42
AAC Decoder
Acrobat.com
Adobe Acrobat 5.0
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Reader 8.1.2
Adobe Reader 9
Adobe Shockwave Player 11
Audacity 1.2.6
authorPOINT Lite
AutoUpdate
AVG Free 8.5
Avidemux 2.4
Azureus Vuze
Beyond Compare Version 3.1.2
BitTyrant
Canon MP Navigator 3.0
Canon MP160
Canon Utilities Easy-PhotoPrint
Compatibility Pack for the 2007 Office system
Confidence Online(tm) for Web Applications
Convert Image To PDF
CuteFTP 8 Home
CutePDF Writer 2.7
Digsby
Disc2Phone
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Version Checker
DivX Web Player
Duplicate File Cleaner v2.4
DVD Flick 1.3.0.6
DVDx
Easy-WebPrint
Easy Video Splitter 1.28
Fast Duplicate File Finder 1.1.0.0
FileZilla Client 3.1.2
Find+Run Robot 2.30.01
FlashGet 1.9.6.1073
floAt's Mobile Agent
FLV Player 1.3.3
Free Download Manager 2.5
Free DVD Ripper Version 2.25
Free RM to MP3 Converter 1.12
Freez DVD Ripper v1.5
Glary Undelete 1.3
GMATPrep(TM)
Google Chrome
Google Desktop
Google Earth
Google Gears
Google Photos Screensaver
Google Talk (remove only)
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
GTK+ Runtime 2.12.1 rev b (remove only)
H.264 Decoder
HiDownload
Hijackthis 1.99.1
Horoscope Explorer Pro 3.6
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB952287)
IrfanView (remove only)
Java(TM) 6 Update 10
Java(TM) 6 Update 7
Juniper Networks Host Checker
Juniper Networks Network Connect 6.0.0
Juniper Networks Network Connect 6.3.0
K-Lite Mega Codec Pack 4.7.5
Magic Video Converter Trial Version (English) 8.0.1.18
Metalogic Finance Explorer 3.1.3
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Office Word Viewer 2003
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft Visual C++ 2005 Redistributable
Microsoft XML Parser and SDK
MKV Splitter
Moleskinsoft Directory Size 2.4
Mozilla Firefox (3.0.11)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MyPhoneExplorer
Naturpic Video Cutter 5.0
Nero Suite
Norton PC Checkup
Norton Security Scan
Notepad++
NTFS Undelete v0.93
Orbit Downloader
PasswordTools
Pdf995
Photo to Sketch Pro 3.51
Photosynth 2.0.1519.16
Picasa 3
Pidgin
PixiePack Codec Pack
PowerDVD
Real Alternative 1.60 Lite
RM Audio Converter 3.00
S3 S3Display
S3 S3Gamma2
S3 S3Info2
S3 S3Overlay
SAMSUNG Mobile USB Modem Software
ScanSoft OmniPage SE 4.0
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB917537)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB968537)
Skype™ 4.0
Sony Ericsson Device Data
Sony Ericsson Drivers
Sony Ericsson PC Suite
Spyware Doctor 5.5
Star Downloader Free
StarOffice 8
SUPER © Version 2009.bld.35 (Jan 5, 2009)
TickerTape 1.3
TOEFL Sample Questions
Ultra Defragmenter
UniChromeII Graphics Driver and Utilities
Unlocker 1.8.7
Update for Windows XP (KB904942)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update Service
VC80CRTRedist - 8.0.50727.762
VeohTV BETA
VIA Rhine-Family Fast Ethernet Adapter
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 11
WinZip 12.1
WinZip E-Mail Companion
xplorer² lite
Xteq Systems X-Setup 6.0
Yahoo! Messenger

==== Event Viewer Messages From Past Week ========

7/16/2009 5:13:02 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the avg8wd service.
7/14/2009 5:34:28 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
7/13/2009 7:00:15 PM, error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\D.

==== End Of File ===========================
rkrules
Active Member
 
Posts: 7
Joined: July 7th, 2009, 8:32 pm
Top

Re: c:\recycler error and explorer error GMER

Unread postby rkrules » July 27th, 2009, 11:00 pm

I had posted this earlier and I was asked to post DDS and Attach.txt and Gmer (Then I could not access machine for 3 days and topic got closed viewtopic.php?f=11&t=44155)
Gmer output here.


GMER 1.0.15.14972 - http://www.gmer.net
Rootkit scan 2009-07-28 08:29:20
Windows 5.1.2600 Service Pack 2


---- User code sections - GMER 1.0.15 ----

.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2816] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3732] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3896] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Files - GMER 1.0.15 ----

File C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000427 16807 bytes
File C:\Documents and Settings\Shashikiran\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000428 49792 bytes

---- EOF - GMER 1.0.15 ----
rkrules
Active Member
 
Posts: 7
Joined: July 7th, 2009, 8:32 pm
Top

Re: c:\recycler error and explorer error

Unread postby Gary R » August 1st, 2009, 2:44 am

We're sorry, but it is necessary to close your topic because you have replied to it prior to receiving a response from a helper.

Due to adding on to your topic with your second post it is highly unlikely that you would have received a response. Our helpers are looking for topics with zero responses. When you post replies to your own topic, it no longer has zero responses, and so it appears that you have received help when in fact, you have not.

If you still require help, please open a new thread in the Malware Removal forum and wait for assistance. Please do not run additional programs and/or post additional logs. Just your HijackThis log to start with is adequate. Your helper will ask for additional logs as needed. DO NOT reply to your own topic until you have received a response from a helper. Be patient. There are others who have been waiting longer than you, so do not expect an immediate reply.

Thank you for your cooperation.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Top
Advertisement
Register to Remove
Topic locked
  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 106 guests

The teamDelete all board cookiesAll times are UTC - 5 hours [ DST ]

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware

Board index