Hello Gringo, many thanks for getting back to me, before I post the requested logs may I ask advice about COMBOFIX, its installed on the computer ( see OP) but not on the desktop, its not listed in the ADD/REMOVE list so I don't know how to uninstall it.
As requested,
DDS (Ver_10-03-17.01) - NTFSx86
Run by aaaaaaaaa at 17:06:55.09 on 22/09/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.959.426 [GMT 1:00]
AV: AVG Internet Security 3-pack *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *disabled* {8decf618-9569-4340-b34a-d78d28969b66}
============== Running Processes ===============
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
svchost.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
svchost.exe
C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\avgfws9.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\aaaaaaaaa\Desktop\dds.scr
============== Pseudo HJT Report ===============
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://my.ebay.co.uk/ws/eBayISAPI.dll?MyeBay
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=hxxp://www-cache.freeserve.com:8080;ftp=http://www-cache.freeserve.com:8080
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.3.3.2.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: EWPBrowseObject Class: {68f9551e-0411-48e4-9aaf-4bc42a6a46be} - c:\program files\canon\easy-webprint\EWPBrowseLoader.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: {4E7BD74F-2B8D-469E-A3F1-F068B59BBB2A} - No File
uRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
mRun: [BJCFD] c:\program files\broadjump\client foundation\CFD.exe
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [WMAAD] c:\program files\sony\walkman launcher\WMAAD.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [QuickTime Task] "c:\program files\mpcstar\codecs\quicktime\qtsystem\qttask.exe" -atboottime
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [NPSStartup]
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.3.3.2.dll/206
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F}
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {9732FB42-C321-11D1-836F-00A0C993F125} - hxxp://www.pcpitstop.com/mhLbl.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game06.zylom.com/activex/zylomgamesplayer.cab
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.popcap.com/webgames/popcaploader_v10.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
============= SERVICES / DRIVERS ===============
R0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [2009-11-10 25168]
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2008-10-4 52872]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-10-4 216400]
R1 AvgMfx86;AVG Minifilter x86 Resident Driver;c:\windows\system32\drivers\avgmfx86.sys [2008-9-7 29584]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-10-4 243024]
R2 avg9emc;AVG E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-6-22 921952]
R2 avg9wd;AVG WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-6-22 308136]
R2 avgfws9;AVG Firewall;c:\program files\avg\avg9\avgfws9.exe [2010-6-22 2331544]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-5-20 233472]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2010-6-24 92008]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2008-10-4 30104]
R3 AVGIDSDriverxpx;AVG9IDSDriver;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSDriver.sys [2009-11-10 122448]
R3 AVGIDSFilterxpx;AVG9IDSFilter;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSFilter.sys [2009-11-10 30288]
R3 AVGIDSShimxpx;AVG9IDSShim;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSShim.sys [2009-11-10 26192]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-5-20 36608]
S2 gupdate1c9b12b228a4c6e;Google Update Service (gupdate1c9b12b228a4c6e);c:\program files\google\update\GoogleUpdate.exe [2009-3-30 133104]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2008-10-4 30104]
S3 AVGIDSAgent;AVG9IDSAgent;c:\program files\avg\avg9\identity protection\agent\bin\AVGIDSAgent.exe [2010-6-22 5897808]
S3 ICScsiSV;Image Converter SCSI Service;c:\program files\sony\image converter 3\ICScsiSV.exe [2008-10-4 75952]
S3 IcVzMonLauncher;IcVzMonLauncher;c:\program files\sony\image converter 3\IcVzMonLauncher.exe [2008-10-4 67760]
S3 License Management Service SON;License Management Service SON;c:\program files\common files\esonopress shared\service\Licence Manager SON.exe [2009-7-11 69632]
S3 RegVacService;RegVac Registry Service;c:\program files\regvac registry cleaner\RegVserv.exe [2008-9-8 447488]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2010-5-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2010-5-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2010-5-20 121856]
============== File Associations ===============
regfile\shell\edit\command=%SystemRoot%\system32\NOTEPAD.EXE %1
=============== Created Last 30 ================
2010-09-22 16:04:15 0 ----a-w- c:\documents and settings\aaaaaaaaa\defogger_reenable
2010-09-13 16:10:13 0 d-----w- C:\ComboFix
2010-09-12 18:30:21 0 d-sha-r- C:\cmdcons
2010-09-12 18:13:30 77312 ----a-w- c:\windows\MBR.exe
2010-09-12 18:13:30 256512 ----a-w- c:\windows\PEV.exe
2010-09-12 18:13:30 161792 ----a-w- c:\windows\SWREG.exe
2010-09-12 18:13:29 98816 ----a-w- c:\windows\sed.exe
2010-08-29 09:11:47 0 d-----w- c:\program files\RSPCA_Cyberpet
2010-08-28 10:30:36 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-28 10:30:35 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-28 10:30:35 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
==================== Find3M ====================
2010-01-17 19:26:57 2776 --sha-w- c:\windows\system32\KGyGaAvL.sys
============= FINISH: 17:07:14.92 ===============
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 07/06/2008 01:36:40
System Uptime: 22/09/2010 16:45:11 (1 hours ago)
Motherboard: MSI | | MS-7366
Processor: Intel® Celeron® CPU E1200 @ 1.60GHz | CPU 1 | 1600/200mhz
Processor: Intel® Celeron® CPU E1200 @ 1.60GHz | CPU 1 | 1600/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 233 GiB total, 64.518 GiB free.
D: is CDROM ()
E: is CDROM (CDFS)
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP262: 10/09/2010 20:19:58 - System Checkpoint
RP263: 11/09/2010 20:53:43 - System Checkpoint
RP264: 14/09/2010 18:17:00 - System Checkpoint
RP265: 15/09/2010 21:32:43 - System Checkpoint
RP266: 16/09/2010 21:40:39 - System Checkpoint
RP267: 18/09/2010 10:34:01 - System Checkpoint
RP268: 19/09/2010 11:28:56 - System Checkpoint
RP269: 20/09/2010 13:41:39 - System Checkpoint
RP270: 21/09/2010 09:10:43 - Avg Update
RP271: 21/09/2010 09:12:07 - Avg Update
RP272: 22/09/2010 13:52:58 - System Checkpoint
==== Installed Programs ======================
"Nero SoundTrax Help
Acrobat.com
Active Undelete 5.1.005
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Photoshop CS4
Adobe Reader 9.3.4
Adobe Shockwave Player 11.5
Advertising Center
AnyDVD
ArcSoft PhotoStudio 5.5
µTorrent
Audio Editor Gold v7.4.2.10
Avanquest update
AVG 9.0
AviSynth 2.5
BBC iPlayer Desktop
BitComet 1.13
BroadJump Client Foundation
Calendar Wizard for CorelDRAW X3
Canon MP Navigator 3.0
Canon MP460
Canon MP460 User Registration
Canon Utilities Easy-PhotoPrint
CDBurnerXP
Celestron's TheSky (Remove only)
Chuzzle Deluxe 1.0
CloneCD
CloneDVD2
CorelDRAW Graphics Suite X3
Crayon Physics Deluxe - release 51
Crazy Machines New Challenges (Shared Components)
DolbyFiles
Driver Detective
Easy-WebPrint
EN
ExtractNow
FontNav
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB935448)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB981793)
Image Converter 3
ImagXpress
Java 6 Update 3
Java 6 Update 7
Magic DVD Rip Studio v7.2.4.16
Malwarebytes' Anti-Malware
Menu Templates - Starter Kit
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Motorola Phone Tools
Movie Templates - Starter Kit
Mp3tag v2.43
MpcStar 4.5
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
Nero BurningROM
Nero BurnRights
Nero ControlCenter
Nero CoverDesigner
Nero CoverDesigner Help
Nero Disc Copy Gadget
Nero Disc Copy Gadget Help
Nero DiscSpeed
Nero DriveSpeed
Nero Express
Nero InfoTool
Nero Live
Nero Live Help
Nero PhotoSnap
Nero PhotoSnap Help
Nero Recode
Nero Recode Help
Nero Rescue Agent
Nero RescueAgent Help
Nero ShowTime
Nero StartSmart
Nero StartSmart Help
Nero Vision
Nero WaveEditor
Nero WaveEditor Help
NeroBurningROM
NeroExpress
Next Generation Visualisations
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA nView Desktop Manager
OpenMG Limited Patch 4.7-07-14-05-01
OpenMG Secure Module 4.7.00
OpenOffice.org 2.3
PC Connectivity Solution
PDF Manual NW-A800 Series
Peggle Deluxe 1.0
Peggle Nights Deluxe
Realtek High Definition Audio Driver
RegVac Registry Cleaner 4.02 (Registered Version)
RSDownloader 2.3
SAMSUNG Mobile Composite Device Software
Samsung Mobile Modem Device Software
SAMSUNG Mobile Modem Driver Set
SAMSUNG Mobile Modem V2 Software
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Download Driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung New PC Studio
SAMSUNG SYMBIAN USB Download Driver
SAMSUNG USB Mobile Device Software
SamsungConnectivityCableDriver
ScanSoft OmniPage SE 4.0
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971032)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980232)
Sibelius Scorch Plugin
Simple Port Forwarding
SonicStage 4.3
Sony Video Shared Library
SoundTrax
Spybot - Search & Destroy
TomTom HOME 2.7.5.2014
TomTom HOME Visual Studio Merge Modules
Turbo Lister 2
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Internet Explorer 8 (KB982632)
Update for Windows XP (KB898461)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Manager
VBA
Video Downloader
VobSub v2.23 (Remove Only)
WALKMAN Launcher
WebFldrs XP
Windows Driver Package - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0)
Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
WinRAR archiver
Wireless Manager
XviD MPEG4 Video Codec (remove only)
==== Event Viewer Messages From Past Week ========
21/09/2010 09:13:26, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the service.
21/09/2010 09:12:56, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the avgfws9 service.
16/09/2010 21:00:46, error: Print [6161] - The document
https://ibdswebp3-ext.pb.com/TranResponse/B...elGlobal.aspx?P owned by jane failed to print on printer Canon MP460 Printer. Data type: NT EMF 1.008. Size of the spool file in bytes: 4325376. Number of bytes printed: 4282908. Total number of pages in the document: 2. Number of pages printed: 0. Client machine: \\COMPUTER. Win32 error code returned by the print processor: 13 (0xd).
16/09/2010 17:53:19, error: Service Control Manager [7000] - The Remote Packet Capture Protocol v.0 (experimental) service failed to start due to the following error: The system cannot find the path specified.
16/09/2010 07:47:30, error: Dhcp [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 001D92B40A95 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
==== End Of File ===========================
RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 2)
Number of processors #2
==============================================
>Drivers
==============================================
0xF5FB9000 C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 10235904 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Miniport Driver, Version 197.45 )
0xBD012000 C:\WINDOWS\System32\nv4_disp.dll 6434816 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Display driver, Version 197.45 )
0xF2FD2000 C:\WINDOWS\system32\drivers\RtkHDAud.sys 4755456 bytes (Realtek Semiconductor Corp., Realtek® High Definition Audio Function Driver)
0x804D7000 C:\WINDOWS\system32\ntoskrnl.exe 2252800 bytes (Microsoft Corporation, NT Kernel & System)
0x804D7000 PnpManager 2252800 bytes
0x804D7000 RAW 2252800 bytes
0x804D7000 WMIxWDM 2252800 bytes
0xBF800000 Win32k 1851392 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1851392 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xF697C000 C:\WINDOWS\system32\DRIVERS\NVNRM.SYS 888832 bytes (NVIDIA Corporation, NVIDIA Network Resource Manager.)
0xF72E2000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xF2D95000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 454656 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xF2EFD000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 360448 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xB7A7F000 C:\WINDOWS\system32\DRIVERS\srv.sys 356352 bytes (Microsoft Corporation, Server driver)
0xBFFA0000 C:\WINDOWS\System32\ATMFD.DLL 286720 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xB7BEE000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xF2EA2000 C:\WINDOWS\System32\Drivers\avgtdix.sys 237568 bytes (AVG Technologies CZ, s.r.o., AVG Network connection watcher)
0xF2D61000 C:\WINDOWS\System32\Drivers\avgldx86.sys 212992 bytes (AVG Technologies CZ, s.r.o., AVG AVI Loader Driver)
0xF5EF0000 C:\WINDOWS\system32\DRIVERS\update.sys 212992 bytes (Microsoft Corporation, Update Driver)
0xF5F4C000 C:\WINDOWS\system32\DRIVERS\rdpdr.sys 200704 bytes (Microsoft Corporation, Microsoft RDP Device redirector)
0xF7438000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xB7D6F000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xF72B5000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xF2E04000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 180224 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xB702B000 C:\WINDOWS\system32\drivers\kmixer.sys 172032 bytes (Microsoft Corporation, Kernel Mode Audio Mixer)
0xB83C8000 C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys 163840 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Driver.)
0xF2E52000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xF73E2000 dmio.sys 155648 bytes (Microsoft Corp., Veritas Software, NT Disk Manager I/O Driver)
0xF6A55000 C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 151552 bytes (Windows ® Server 2003 DDK provider, High Definition Audio Bus Driver v1.0a)
0xF6A7A000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xF6AB5000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 143360 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xF2E30000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0xF2FB0000 C:\WINDOWS\system32\drivers\portcls.sys 139264 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xF2EDC000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 135168 bytes (Microsoft Corporation, IP Network Address Translator)
0x806FD000 ACPI_HAL 134400 bytes
0x806FD000 C:\WINDOWS\system32\hal.dll 134400 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xF73AB000 fltMgr.sys 126976 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xF7408000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xF729A000 Mup.sys 110592 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xF6A9D000 C:\WINDOWS\System32\Drivers\AnyDVD.sys 98304 bytes (SlySoft, Inc., AnyDVD Filter Driver)
0xF73CA000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xF2CA9000 C:\WINDOWS\System32\Drivers\dump_atapi.sys 98304 bytes
0xF7382000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xF5F8E000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xB7F53000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xF5FA5000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xF2F55000 C:\WINDOWS\system32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xF736F000 WudfPf.sys 77824 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
0xBD000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xF7399000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
0xF7427000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xF5F7D000 C:\WINDOWS\system32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xF7697000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xF6AD8000 C:\WINDOWS\system32\DRIVERS\serial.sys 65536 bytes (Microsoft Corporation, Serial Device Driver)
0xF7627000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xF7567000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xB81B0000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xF75F7000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xF7607000 C:\WINDOWS\system32\DRIVERS\NVENETFD.sys 57344 bytes (NVIDIA Corporation, NVIDIA Networking Function Driver.)
0xF7557000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 53248 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xF74C7000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xF7537000 C:\WINDOWS\system32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, i8042 Port Driver)
0xF7587000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xF74A7000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xF74E7000 avgrkx86.sys 49152 bytes (AVG Technologies CZ, s.r.o., AVG Anti-Rootkit Driver)
0xF75A7000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xF7547000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xF7497000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xF7597000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xB8568000 C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys 40960 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Filter Driver.)
0xF7677000 C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys 40960 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Loader Driver.)
0xF75E7000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xF7577000 C:\WINDOWS\system32\DRIVERS\nvnetbus.sys 40960 bytes (NVIDIA Corporation, NVIDIA Networking Bus Driver.)
0xF75C7000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xF74F7000 AVGIDSxx.sys 36864 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Helper Driver.)
0xF74B7000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xF7667000 C:\WINDOWS\System32\Drivers\Fips.SYS 36864 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xB778F000 C:\WINDOWS\system32\FsUsbExDisk.SYS 36864 bytes
0xF6AE8000 C:\WINDOWS\system32\DRIVERS\intelppm.sys 36864 bytes (Microsoft Corporation, Processor Device Driver)
0xF7487000 isapnp.sys 36864 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xF75B7000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xF7657000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xB8258000 C:\WINDOWS\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0xF74D7000 PxHelp20.sys 36864 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xF7637000 C:\WINDOWS\system32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xF7807000 C:\WINDOWS\System32\Drivers\Modem.SYS 32768 bytes (Microsoft Corporation, Modem Device Driver)
0xF785F000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xF77FF000 C:\WINDOWS\system32\DRIVERS\avgfwdx.sys 28672 bytes (AVG Technologies CZ, s.r.o., AVG Firewall intermediate miniport driver)
0xF77F7000 C:\WINDOWS\System32\Drivers\ElbyCDFL.sys 28672 bytes (SlySoft, Inc., ElbyCDIO Filter Driver)
0xF7707000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xF77EF000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 28672 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xF7877000 C:\WINDOWS\System32\Drivers\avgmfx86.sys 24576 bytes (AVG Technologies CZ, s.r.o., AVG Resident Shield Minifilter Driver)
0xF77D7000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xF77DF000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xF784F000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xF786F000 C:\WINDOWS\System32\Drivers\ElbyCDIO.sys 20480 bytes (Elaborate Bytes AG, ElbyCD Windows NT/2000/XP I/O driver)
0xF7857000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xF770F000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xF7817000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xF781F000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel® mini-port/call-manager driver)
0xF780F000 C:\WINDOWS\system32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xF77E7000 C:\WINDOWS\system32\DRIVERS\usbohci.sys 20480 bytes (Microsoft Corporation, OHCI USB Miniport Driver)
0xF788F000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xF797F000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xB86DC000 C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xF7953000 C:\WINDOWS\system32\DRIVERS\serenum.sys 16384 bytes (Microsoft Corporation, Serial Port Enumerator)
0xF7897000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xF2FA4000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xF7967000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xF7957000 C:\WINDOWS\system32\DRIVERS\nvsmu.sys 12288 bytes (NVIDIA Corporation, NVIDIA® nForce SMU Microcontroller Driver)
0xF7947000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xF79DD000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xF798B000 dmload.sys 8192 bytes (Microsoft Corp., Veritas Software., NT Disk Manager Startup Driver)
0xF7A0B000 C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS 8192 bytes
0xF79DB000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xF7987000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xF79DF000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xF79E1000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xF79C9000 C:\WINDOWS\System32\Drivers\RootMdm.sys 8192 bytes (Microsoft Corporation, Legacy Non-Pnp Modem Device Driver)
0xF79CB000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xF79D3000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xF7989000 C:\WINDOWS\system32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xF7A5F000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xF7A69000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xF7A76000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xF7A4F000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
==============================================
>Stealth
==============================================
0x80561500 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x85A3FDA8 ] TID: 128
0x80561500 Faked ServiceTable-->avgtray.exe [ ETHREAD 0x84A15DA8 ] TID: 152
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x847CC9B8 ] TID: 156
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x846D2380 ] TID: 164
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x849EF7A0 ] TID: 180
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x85D94DA8 ] TID: 184
0x80561500 Faked ServiceTable-->avgtray.exe [ ETHREAD 0x84970640 ] TID: 188
0x80561500 Faked ServiceTable-->avgtray.exe [ ETHREAD 0x84A1A628 ] TID: 204
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x848FADA8 ] TID: 212
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x848F2B30 ] TID: 216
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x848F2DA8 ] TID: 220
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x848D6DA8 ] TID: 224
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x848D6B30 ] TID: 228, 6619182 bytes
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x848D7DA8 ] TID: 232
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x848D7B30 ] TID: 236
0x80561500 Faked ServiceTable-->avgtray.exe [ ETHREAD 0x85BD9A90 ] TID: 240
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8472EDA8 ] TID: 244
0x80561500 Faked ServiceTable-->avgtray.exe [ ETHREAD 0x84AB55B8 ] TID: 252
0x80561500 Faked ServiceTable-->avgtray.exe [ ETHREAD 0x85BD7BE0 ] TID: 256
0x80561500 Faked ServiceTable-->avgtray.exe [ ETHREAD 0x85BDB830 ] TID: 260
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x848DBDA8 ] TID: 264
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85D83020 ] TID: 280
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x848FBDA8 ] TID: 284
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x848D3DA8 ] TID: 292
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x849A0BC8 ] TID: 296
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x84A06BC8 ] TID: 300
0x80561500 Faked ServiceTable-->spoolsv.exe [ ETHREAD 0x848D8DA8 ] TID: 328
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x847EAB30 ] TID: 332
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x85D57740 ] TID: 336
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x849426B0 ] TID: 348
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x848E1A88 ] TID: 360
0x80561500 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x848CADA8 ] TID: 384
0x80561500 Faked ServiceTable-->avgtray.exe [ ETHREAD 0x849DD7C0 ] TID: 388
0x80561500 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x848CAB30 ] TID: 396, 5374020 bytes
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85CB69A0 ] TID: 412
0x80561500 Faked ServiceTable-->avgtray.exe [ ETHREAD 0x8489F828 ] TID: 420, 7864400 bytes
0x80561500 Faked ServiceTable-->avgtray.exe [ ETHREAD 0x8496C648 ] TID: 432
0x80561500 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x848CEB30 ] TID: 440, 3801155 bytes
0x80561500 Faked ServiceTable-->avgtray.exe [ ETHREAD 0x84973DA8 ] TID: 444
0x80561500 Faked ServiceTable-->avgtray.exe [ ETHREAD 0x8496CBE8 ] TID: 448, 5374020 bytes
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x84909380 ] TID: 452
0x80561500 Faked ServiceTable-->avgtray.exe [ ETHREAD 0x848A1A08 ] TID: 456, 196611 bytes
0x80561500 Faked ServiceTable-->AVGIDSMonitor.exe [ ETHREAD 0x8489FBE8 ] TID: 464
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84800730 ] TID: 472
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x846F18E8 ] TID: 488
0x80561500 Faked ServiceTable-->RTHDCPL.exe [ ETHREAD 0x84765770 ] TID: 492
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x849C2BE0 ] TID: 564
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8472E7A8 ] TID: 596
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x8478A020 ] TID: 604
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8492EDA8 ] TID: 616
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x847FFAC0 ] TID: 620
0x80561500 Faked ServiceTable-->GoogleToolbarNotifier.exe [ ETHREAD 0x85D7B020 ] TID: 624
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x846D2020 ] TID: 668
0x80561500 Faked ServiceTable-->services.exe [ ETHREAD 0x8474BDA8 ] TID: 676
0x80561500 Faked ServiceTable-->services.exe [ ETHREAD 0x849AC020 ] TID: 680
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85D89020 ] TID: 692
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x847BC020 ] TID: 696
0x80561500 Faked ServiceTable-->avgnsx.exe [ ETHREAD 0x847A7408 ] TID: 700
0x80561500 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x8487BBA0 ] TID: 704
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x848009A8 ] TID: 708
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x84792370 ] TID: 724
0x80561500 Faked ServiceTable-->explorer.exe [ ETHREAD 0x849CBDA8 ] TID: 752
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84715640 ] TID: 768
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84BF0020 ] TID: 776
0x80561500 Faked ServiceTable-->explorer.exe [ ETHREAD 0x8499F4A8 ] TID: 784
0x80561500 Faked ServiceTable-->explorer.exe [ ETHREAD 0x848F3B30 ] TID: 792
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x847EADA8 ] TID: 800
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84734AE0 ] TID: 820
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84732BA0 ] TID: 840
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x849404D0 ] TID: 852
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x849162C8 ] TID: 860
0x80561500 Faked ServiceTable-->smss.exe [ ETHREAD 0x85D29B18 ] TID: 872
0x80561500 Faked ServiceTable-->smss.exe [ ETHREAD 0x85B88DA8 ] TID: 892
0x80561500 Faked ServiceTable-->smss.exe [ ETHREAD 0x85D24280 ] TID: 896, 565000 bytes
0x80561500 Faked ServiceTable-->services.exe [ ETHREAD 0x847F17A0 ] TID: 908
0x80561500 Faked ServiceTable-->services.exe [ ETHREAD 0x847F1528 ] TID: 916
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8471BB30 ] TID: 928, 458771 bytes
0x80561500 Faked ServiceTable-->csrss.exe [ ETHREAD 0x85C59130 ] TID: 952, 998464 bytes
0x80561500 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x85C80078 ] TID: 984
0x80561500 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x85C83BA0 ] TID: 988, 7536751 bytes
0x80561500 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x85B84870 ] TID: 996, 6619182 bytes
0x80561500 Faked ServiceTable-->services.exe [ ETHREAD 0x85B93BF8 ] TID: 1028
0x80561500 Faked ServiceTable-->services.exe [ ETHREAD 0x85B88518 ] TID: 1032
0x80561500 Faked ServiceTable-->services.exe [ ETHREAD 0x85C71280 ] TID: 1036
0x80561500 Faked ServiceTable-->lsass.exe [ ETHREAD 0x85D246E0 ] TID: 1040
0x80561500 Faked ServiceTable-->lsass.exe [ ETHREAD 0x85B5E7C8 ] TID: 1044
0x80561500 Faked ServiceTable-->lsass.exe [ ETHREAD 0x85BFE898 ] TID: 1048
0x80561500 Faked ServiceTable-->lsass.exe [ ETHREAD 0x85A41A58 ] TID: 1052
0x80561500 Faked ServiceTable-->lsass.exe [ ETHREAD 0x85B821B8 ] TID: 1056
0x80561500 Faked ServiceTable-->lsass.exe [ ETHREAD 0x85C872A0 ] TID: 1060
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8492ADA8 ] TID: 1068
0x80561500 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x8475ADA8 ] TID: 1084
0x80561500 Faked ServiceTable-->lsass.exe [ ETHREAD 0x85B59280 ] TID: 1096
0x80561500 Faked ServiceTable-->lsass.exe [ ETHREAD 0x85B68510 ] TID: 1100
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x8487F020 ] TID: 1104
0x80561500 Faked ServiceTable-->lsass.exe [ ETHREAD 0x85E0F1B0 ] TID: 1108
0x80561500 Faked ServiceTable-->lsass.exe [ ETHREAD 0x85D3C608 ] TID: 1112
0x80561500 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x85C68588 ] TID: 1120
0x80561500 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x85BC4DA8 ] TID: 1124
0x80561500 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x84ABA6F0 ] TID: 1128
0x80561500 Faked ServiceTable-->services.exe [ ETHREAD 0x85B9E538 ] TID: 1132
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84740DA8 ] TID: 1140
0x80561500 Faked ServiceTable-->lsass.exe [ ETHREAD 0x85D4BDA8 ] TID: 1144
0x80561500 Faked ServiceTable-->avgam.exe [ ETHREAD 0x847B87A8 ] TID: 1148
0x80561500 Faked ServiceTable-->services.exe [ ETHREAD 0x85B67DA8 ] TID: 1152
0x80561500 Faked ServiceTable-->avgnsx.exe [ ETHREAD 0x85D7F6B0 ] TID: 1164
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x84751360 ] TID: 1168
0x80561500 Faked ServiceTable-->services.exe [ ETHREAD 0x85D24CB0 ] TID: 1172
0x80561500 Faked ServiceTable-->services.exe [ ETHREAD 0x85B50968 ] TID: 1180
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8475C720 ] TID: 1212
0x80561500 Faked ServiceTable-->services.exe [ ETHREAD 0x85C5B860 ] TID: 1232
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85A36A68 ] TID: 1236
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85C57A30 ] TID: 1244
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85D3CA68 ] TID: 1248
0x80561500 Faked ServiceTable-->services.exe [ ETHREAD 0x85D3A538 ] TID: 1256
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x849FD798 ] TID: 1260
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85C6ABF0 ] TID: 1280, 8781832 bytes
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85C68DA8 ] TID: 1284
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85C615E0 ] TID: 1288, 8781826 bytes
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84CFA5D8 ] TID: 1292
0x80561500 Faked ServiceTable-->CFD.exe [ ETHREAD 0x84A8C6D8 ] TID: 1312
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85C7FD80 ] TID: 1316
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85C74720 ] TID: 1320
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x847B35D8 ] TID: 1344
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x847DB020 ] TID: 1348
0x80561500 Faked ServiceTable-->avgnsx.exe [ ETHREAD 0x84798A00 ] TID: 1352
0x80561500 Faked ServiceTable-->CFD.exe [ ETHREAD 0x846EBB30 ] TID: 1376
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85C80CA8 ] TID: 1424, 3211296 bytes
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85CEB020 ] TID: 1428
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85C5E388 ] TID: 1440, 3801155 bytes
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x8490F7A0 ] TID: 1448
0x80561500 Faked ServiceTable-->services.exe [ ETHREAD 0x847BC9F0 ] TID: 1472
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x847E0790 ] TID: 1476
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x849A3BC8 ] TID: 1492, 3014764 bytes
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x846B97A0 ] TID: 1508, 196611 bytes
0x80561500 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x85D4DDA8 ] TID: 1512
0x80561500 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x85B505F0 ] TID: 1516
0x80561500 Faked ServiceTable-->CFD.exe [ ETHREAD 0x84A8CB30 ] TID: 1524, 12845068 bytes
0x80561500 Faked ServiceTable-->avgnsx.exe [ ETHREAD 0x84905798 ] TID: 1528
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x849A4B30 ] TID: 1536
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85BDD9D0 ] TID: 1540
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85B5EDA8 ] TID: 1544, 328256 bytes
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85C5A688 ] TID: 1548, 5505056 bytes
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85D23DA8 ] TID: 1552, 7864368 bytes
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84A67628 ] TID: 1568, 20158248 bytes
0x80561500 Faked ServiceTable-->avgemc.exe [ ETHREAD 0x849FA720 ] TID: 1576, 7733362 bytes
0x80561500 Faked ServiceTable-->RTHDCPL.exe [ ETHREAD 0x84762DA8 ] TID: 1580
0x80561500 Faked ServiceTable-->avgemc.exe [ ETHREAD 0x849FADA8 ] TID: 1608, 3670071 bytes
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85D80BA0 ] TID: 1636
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8493EDA8 ] TID: 1652, 328344 bytes
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8493EB30 ] TID: 1656, 2147450879 bytes
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85D39588 ] TID: 1660
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85C7AAA8 ] TID: 1668
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8481FDA8 ] TID: 1688
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x848F9BE0 ] TID: 1696
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x85D7EB30 ] TID: 1704
0x80561500 Faked ServiceTable-->AffinegyService.exe [ ETHREAD 0x84821DA8 ] TID: 1720
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x84AAF810 ] TID: 1736
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x85A3CB30 ] TID: 1740
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x85BBC7F8 ] TID: 1764
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x85C5DDA8 ] TID: 1768
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x85C1E660 ] TID: 1772
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x85A35948 ] TID: 1776
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x84A786B0 ] TID: 1780
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x85B92DA8 ] TID: 1784
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85B92B30 ] TID: 1788
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8493CDA8 ] TID: 1808
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x8493CB30 ] TID: 1812
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x85CEAC00 ] TID: 1816
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x84922DA8 ] TID: 1824
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x84922B30 ] TID: 1832
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x84940DA8 ] TID: 1836
0x80561500 Faked ServiceTable-->lsass.exe [ ETHREAD 0x85BBB370 ] TID: 1840
0x80561500 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x85C9D8D0 ] TID: 1852
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x849114A0 ] TID: 1860
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84AAA020 ] TID: 1864
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84925BC8 ] TID: 1880
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85C81548 ] TID: 1884
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x8499EB30 ] TID: 1888
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x849A1DA8 ] TID: 1892
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x84941DA8 ] TID: 1896
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x8491FDA8 ] TID: 1900, 2097252 bytes
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x85C805F8 ] TID: 1904, 2147450879 bytes
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x8493DDA8 ] TID: 1908, 998992 bytes
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x8493DB30 ] TID: 1912
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x84916DA8 ] TID: 1916
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x8491EDA8 ] TID: 1920
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x8491EB30 ] TID: 1924
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x848ECDA8 ] TID: 1928, 2097252 bytes
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x848ECB30 ] TID: 1932
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x848EDDA8 ] TID: 1936
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x848EDB30 ] TID: 1940, 12845117 bytes
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x848EFDA8 ] TID: 1944
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x84940B30 ] TID: 1948
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x84916B30 ] TID: 1952
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x85C812D0 ] TID: 1956
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x848EFB30 ] TID: 1960
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x85C86DA8 ] TID: 1964
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x84945DA8 ] TID: 1968
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x85C0D7A0 ] TID: 1972, 1104640 bytes
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x84923DA8 ] TID: 1976
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x8493FDA8 ] TID: 1980, 34209795 bytes
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x8493FB30 ] TID: 1984
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x84914DA8 ] TID: 1988
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x84918BC8 ] TID: 1992
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x8491ADA8 ] TID: 1996
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x8491CBC8 ] TID: 2000
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x8491AB30 ] TID: 2008
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x85C41968 ] TID: 2016
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x84926DA8 ] TID: 2020
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x849A6DA8 ] TID: 2024
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x84924DA8 ] TID: 2028
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8492C660 ] TID: 2040
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x847595E0 ] TID: 2060, 6357054 bytes
0x80561500 Faked ServiceTable-->RTHDCPL.exe [ ETHREAD 0x84A8B568 ] TID: 2072
0x80561500 Faked ServiceTable-->lsass.exe [ ETHREAD 0x8483E020 ] TID: 2076, 19203996 bytes
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x847E4C90 ] TID: 2080
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x847039F8 ] TID: 2084, 925584 bytes
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x85C20790 ] TID: 2088
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x85DF14B0 ] TID: 2092
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x85DF1238 ] TID: 2096
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84A38DA8 ] TID: 2112
0x80561500 Faked ServiceTable-->FsUsbExService.Exe [ ETHREAD 0x84824020 ] TID: 2128
0x80561500 Faked ServiceTable-->avgnsx.exe [ ETHREAD 0x84712DA8 ] TID: 2136
0x80561500 Faked ServiceTable-->avgnsx.exe [ ETHREAD 0x84848DA8 ] TID: 2140
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x8479DB30 ] TID: 2144, 5505125 bytes
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x8479DDA8 ] TID: 2148
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x85D92B30 ] TID: 2152, 6357054 bytes
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x8479D8B8 ] TID: 2156
0x80561500 Faked ServiceTable-->avgnsx.exe [ ETHREAD 0x848BADA8 ] TID: 2160, 1298416 bytes
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x847D5BE0 ] TID: 2176
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x847A1C18 ] TID: 2180
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x84A8FB60 ] TID: 2184
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x85D609B8 ] TID: 2188, 328472 bytes
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x85DC8BA0 ] TID: 2192
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x85C8A4B8 ] TID: 2196, 6357054 bytes
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x8479D640 ] TID: 2200
0x80561500 Faked ServiceTable-->spoolsv.exe [ ETHREAD 0x849284C0 ] TID: 2204, 7536702 bytes
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x84760B30 ] TID: 2208
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x85CF7790 ] TID: 2212
0x80561500 Faked ServiceTable-->csrss.exe [ ETHREAD 0x84864810 ] TID: 2216
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x84D00BA8 ] TID: 2220
0x80561500 Faked ServiceTable-->avgnsx.exe [ ETHREAD 0x8484BDA8 ] TID: 2228
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x849BE998 ] TID: 2236
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x849BE720 ] TID: 2240
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x84D03338 ] TID: 2244, 5505125 bytes
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x84B5E770 ] TID: 2252
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x85C1EBD8 ] TID: 2256
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x84A8F7A0 ] TID: 2260
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x84D03020 ] TID: 2264, 5505125 bytes
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x85C89B30 ] TID: 2268
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x84D01020 ] TID: 2272
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x849BEDA8 ] TID: 2276
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x85CF6BA8 ] TID: 2280
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x85C153B0 ] TID: 2284
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x847B05A0 ] TID: 2288
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84708370 ] TID: 2292
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84715928 ] TID: 2296, 19207548 bytes
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8497E5C0 ] TID: 2300
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x849F9528 ] TID: 2304, 33947659 bytes
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x849EADA8 ] TID: 2340
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x847AC818 ] TID: 2352, 19204524 bytes
0x80561500 Faked ServiceTable-->avgnsx.exe [ ETHREAD 0x8483EDA8 ] TID: 2356
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x84AB1BA0 ] TID: 2364
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x84A6ABA0 ] TID: 2376
0x80561500 Faked ServiceTable-->avgnsx.exe [ ETHREAD 0x84794370 ] TID: 2384
0x80561500 Faked ServiceTable-->NMSAccessU.exe [ ETHREAD 0x84D039A0 ] TID: 2388, 3407924 bytes
0x80561500 Faked ServiceTable-->lsass.exe [ ETHREAD 0x84A69890 ] TID: 2392, 6357054 bytes
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x847117E0 ] TID: 2396, 4456513 bytes
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x85C72C40 ] TID: 2404
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x84726A50 ] TID: 2412, 7471215 bytes
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84977678 ] TID: 2416
0x80561500 Faked ServiceTable-->avgnsx.exe [ ETHREAD 0x847CC1F8 ] TID: 2420
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x85D466B8 ] TID: 2424
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84728BA0 ] TID: 2436
0x80561500 Faked ServiceTable-->avgnsx.exe [ ETHREAD 0x8479A930 ] TID: 2448
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x846F9CE0 ] TID: 2460
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85CE4928 ] TID: 2472
0x80561500 Faked ServiceTable-->avgam.exe [ ETHREAD 0x849AF428 ] TID: 2492, 3997757 bytes
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x85C9C590 ] TID: 2496, 2097196 bytes
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84891718 ] TID: 2516, 3145784 bytes
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84A25B10 ] TID: 2520
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x848AD630 ] TID: 2524
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84A25DA8 ] TID: 2528
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84905DA8 ] TID: 2532
0x80561500 Faked ServiceTable-->spoolsv.exe [ ETHREAD 0x84904DA8 ] TID: 2536
0x80561500 Faked ServiceTable-->lsass.exe [ ETHREAD 0x84741750 ] TID: 2568, 6029362 bytes
0x80561500 Faked ServiceTable-->lsass.exe [ ETHREAD 0x84978A70 ] TID: 2572
0x80561500 Faked ServiceTable-->lsass.exe [ ETHREAD 0x85C128A8 ] TID: 2576
0x80561500 Faked ServiceTable-->lsass.exe [ ETHREAD 0x848AE7F8 ] TID: 2580
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x84719BA8 ] TID: 2592, 6619256 bytes
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x84794DA8 ] TID: 2608
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x847497A8 ] TID: 2612
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85CE4DA8 ] TID: 2624
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84A6BBD0 ] TID: 2648
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x849F3598 ] TID: 2652
0x80561500 Faked ServiceTable-->spoolsv.exe [ ETHREAD 0x848639B0 ] TID: 2656
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x84723928 ] TID: 2660
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84761020 ] TID: 2668
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84862450 ] TID: 2676
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x847265C0 ] TID: 2680
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x84A2F2E8 ] TID: 2708
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x85CBC668 ] TID: 2712
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x84934020 ] TID: 2716
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x84934DA8 ] TID: 2720
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x84934B30 ] TID: 2724
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x849348B8 ] TID: 2728
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x846FFB40 ] TID: 2732
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85CE5888 ] TID: 2736
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x847B55D8 ] TID: 2740
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x85DA2B60 ] TID: 2744
0x80561500 Faked ServiceTable-->TomTomHOMEService.exe [ ETHREAD 0x849EF020 ] TID: 2756
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x849F6AB0 ] TID: 2760
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84736020 ] TID: 2768
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84728518 ] TID: 2776
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85DA5DA8 ] TID: 2784
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85DA5B30 ] TID: 2788
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84862A40 ] TID: 2792
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x84A03020 ] TID: 2796
0x80561500 Faked ServiceTable-->avgrsx.exe [ ETHREAD 0x849F0DA8 ] TID: 2800
0x80561500 Faked ServiceTable-->spoolsv.exe [ ETHREAD 0x85C14800 ] TID: 2808
0x80561500 Faked ServiceTable-->spoolsv.exe [ ETHREAD 0x84A24DA8 ] TID: 2812
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84713928 ] TID: 2816
0x80561500 Faked ServiceTable-->spoolsv.exe [ ETHREAD 0x85CE6B30 ] TID: 2832
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x847D2678 ] TID: 2852
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x849E5258 ] TID: 2856
0x80561500 Faked ServiceTable-->TomTomHOMEService.exe [ ETHREAD 0x849EFDA8 ] TID: 2876
0x80561500 Faked ServiceTable-->TomTomHOMEService.exe [ ETHREAD 0x8473C020 ] TID: 2880
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x84A1D858 ] TID: 2888
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85CBC020 ] TID: 2900
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x847009E8 ] TID: 2912
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x848B3B40 ] TID: 2920
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84751BA0 ] TID: 2932
0x80561500 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x84734020 ] TID: 2944
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84997DA8 ] TID: 2960
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84997B30 ] TID: 2964
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x849C6518 ] TID: 2984
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x84A07DA8 ] TID: 2988
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x849C5618 ] TID: 2992
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x84976DA8 ] TID: 2996
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84756DA8 ] TID: 3000
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84A034A0 ] TID: 3004
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x85BED3B0 ] TID: 3012
0x80561500 Faked ServiceTable-->CFD.exe [ ETHREAD 0x84811DA8 ] TID: 3024
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x847FDB30 ] TID: 3028
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85D8D360 ] TID: 3032, 7864421 bytes
0x80561500 Faked ServiceTable-->avgnsx.exe [ ETHREAD 0x846D97C8 ] TID: 3044, 7340129 bytes
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x847E9DA8 ] TID: 3068
0x80561500 Faked ServiceTable-->avgnsx.exe [ ETHREAD 0x8484B4B8 ] TID: 3072
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x84A19DA8 ] TID: 3084, 3997757 bytes
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x8478EDA8 ] TID: 3088, 2097196 bytes
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x85D8D020 ] TID: 3116, 10 bytes
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x8473BDA8 ] TID: 3120
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x84A2FB08 ] TID: 3124
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x8472F7B8 ] TID: 3128
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x85BEE790 ] TID: 3132
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x84715DA8 ] TID: 3144
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x848676F0 ] TID: 3152, 7536702 bytes
0x80561500 Faked ServiceTable-->avgemc.exe [ ETHREAD 0x84A03DA8 ] TID: 3160, 6357054 bytes
0x80561500 Faked ServiceTable-->avgemc.exe [ ETHREAD 0x84A03B30 ] TID: 3164
0x80561500 Faked ServiceTable-->avgemc.exe [ ETHREAD 0x84A05868 ] TID: 3172
0x80561500 Faked ServiceTable-->avgemc.exe [ ETHREAD 0x847565D0 ] TID: 3176, 7274600 bytes
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x8472F2C8 ] TID: 3180, 1013192 bytes
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x846D09A0 ] TID: 3184, 446 bytes
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x847B5360 ] TID: 3204
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x84A038B8 ] TID: 3212
0x80561500 Faked ServiceTable-->avgam.exe [ ETHREAD 0x85CDCDA8 ] TID: 3216
0x80561500 Faked ServiceTable-->avgam.exe [ ETHREAD 0x85CDCB30 ] TID: 3220
0x80561500 Faked ServiceTable-->avgam.exe [ ETHREAD 0x849ED620 ] TID: 3228
0x80561500 Faked ServiceTable-->avgam.exe [ ETHREAD 0x85CB6720 ] TID: 3232, 7077993 bytes
0x80561500 Faked ServiceTable-->avgam.exe [ ETHREAD 0x85CA15B8 ] TID: 3236
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x849EDA30 ] TID: 3240
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8471D020 ] TID: 3244
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x85BD4818 ] TID: 3248
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x8473EDA8 ] TID: 3252
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x847569F8 ] TID: 3256, 7864421 bytes
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x84818DA8 ] TID: 3260, 7340129 bytes
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x8489ADA8 ] TID: 3264, 7340146 bytes
0x80561500 Faked ServiceTable-->avgnsx.exe [ ETHREAD 0x84A089F8 ] TID: 3272, 7274612 bytes
0x80561500 Faked ServiceTable-->avgnsx.exe [ ETHREAD 0x849ED020 ] TID: 3276
0x80561500 Faked ServiceTable-->avgnsx.exe [ ETHREAD 0x85BF9DA8 ] TID: 3284
0x80561500 Faked ServiceTable-->avgnsx.exe [ ETHREAD 0x8474F020 ] TID: 3288
0x80561500 Faked ServiceTable-->CFD.exe [ ETHREAD 0x84885920 ] TID: 3292, 38184 bytes
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x846FC020 ] TID: 3296
0x80561500 Faked ServiceTable-->avgnsx.exe [ ETHREAD 0x8489AB30 ] TID: 3304
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84A2EDA8 ] TID: 3316
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84932DA8 ] TID: 3320
0x80561500 Faked ServiceTable-->CFD.exe [ ETHREAD 0x84765BA8 ] TID: 3336
0x80561500 Faked ServiceTable-->avgam.exe [ ETHREAD 0x85BEDDA8 ] TID: 3348, 6881396 bytes
0x80561500 Faked ServiceTable-->avgam.exe [ ETHREAD 0x85CDFDA8 ] TID: 3352, 6881357 bytes
0x80561500 Faked ServiceTable-->avgam.exe [ ETHREAD 0x84908DA8 ] TID: 3356, 7864421 bytes
0x80561500 Faked ServiceTable-->avgam.exe [ ETHREAD 0x84908B30 ] TID: 3360, 7340129 bytes
0x80561500 Faked ServiceTable-->avgam.exe [ ETHREAD 0x849086B0 ] TID: 3364
0x80561500 Faked ServiceTable-->avgam.exe [ ETHREAD 0x849FBDA8 ] TID: 3368, 3997757 bytes
0x80561500 Faked ServiceTable-->avgam.exe [ ETHREAD 0x85BEDB30 ] TID: 3376, 2097196 bytes
0x80561500 Faked ServiceTable-->avgam.exe [ ETHREAD 0x85BED8B8 ] TID: 3380, 6225993 bytes
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84A29020 ] TID: 3384, 4456526 bytes
0x80561500 Faked ServiceTable-->avgam.exe [ ETHREAD 0x84807678 ] TID: 3388, 6881388 bytes
0x80561500 Faked ServiceTable-->avgemc.exe [ ETHREAD 0x85CFFDA8 ] TID: 3392
0x80561500 Faked ServiceTable-->avgemc.exe [ ETHREAD 0x85CFFB30 ] TID: 3396
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x849FBA18 ] TID: 3404, 4587640 bytes
0x80561500 Faked ServiceTable-->avgemc.exe [ ETHREAD 0x849BFDA8 ] TID: 3416, 6357111 bytes
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x84990DA8 ] TID: 3420
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x85CDBDA8 ] TID: 3424
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x84A29DA8 ] TID: 3428
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x84806588 ] TID: 3432
0x80561500 Faked ServiceTable-->avgemc.exe [ ETHREAD 0x84993588 ] TID: 3436
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x85BE0DA8 ] TID: 3440
0x80561500 Faked ServiceTable-->avgemc.exe [ ETHREAD 0x84A27BD8 ] TID: 3444
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x84993DA8 ] TID: 3448
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x84931DA8 ] TID: 3452
0x80561500 Faked ServiceTable-->avgemc.exe [ ETHREAD 0x85CFF8B8 ] TID: 3456
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x85CFF640 ] TID: 3460
0x80561500 Faked ServiceTable-->avgemc.exe [ ETHREAD 0x85C467C0 ] TID: 3464
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x85C46548 ] TID: 3468
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x84A28DA8 ] TID: 3472
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84902DA8 ] TID: 3480
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84931898 ] TID: 3512
0x80561500 Faked ServiceTable-->wuauclt.exe [ ETHREAD 0x847AE760 ] TID: 3536
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x84782020 ] TID: 3544
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x84730BA0 ] TID: 3564
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x848BB9B0 ] TID: 3592
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x849EB6A8 ] TID: 3596
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x85C9B950 ] TID: 3600
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x848FE5A8 ] TID: 3604
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x849EB2C8 ] TID: 3612
0x80561500 Faked ServiceTable-->avgemc.exe [ ETHREAD 0x8497DB68 ] TID: 3616
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x8497B020 ] TID: 3648
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x8490CDA8 ] TID: 3652
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x847389A0 ] TID: 3660
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x846CB020 ] TID: 3664
0x80561500 Faked ServiceTable-->avgemc.exe [ ETHREAD 0x8497CDA8 ] TID: 3676
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8472FBC8 ] TID: 3680
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84714450 ] TID: 3688
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x848FF720 ] TID: 3696
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x847E0DA8 ] TID: 3704
0x80561500 Faked ServiceTable-->WMAAD.exe [ ETHREAD 0x84813878 ] TID: 3712
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x849C0B40 ] TID: 3720
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8471C5B8 ] TID: 3744
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8472D020 ] TID: 3748
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x847F3AD0 ] TID: 3752
0x80561500 Faked ServiceTable-->avgemc.exe [ ETHREAD 0x85A43928 ] TID: 3756
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x84805DA8 ] TID: 3760
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x8490CB30 ] TID: 3768
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x8474D998 ] TID: 3788
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x84A22DA8 ] TID: 3792
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x8486D798 ] TID: 3796
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x84782660 ] TID: 3804
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x84803020 ] TID: 3808
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x8474DDA8 ] TID: 3812
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x8492F5B8 ] TID: 3816
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x8474C600 ] TID: 3824
0x80561500 Faked ServiceTable-->alg.exe [ ETHREAD 0x847DCBA0 ] TID: 3828
0x80561500 Faked ServiceTable-->alg.exe [ ETHREAD 0x847DC020 ] TID: 3832
0x80561500 Faked ServiceTable-->alg.exe [ ETHREAD 0x847E0020 ] TID: 3836
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8472EB18 ] TID: 3840
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x846D19A0 ] TID: 3856
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x84798788 ] TID: 3864
0x80561500 Faked ServiceTable-->services.exe [ ETHREAD 0x84953DA8 ] TID: 3872
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x84A225B0 ] TID: 3876
0x80561500 Faked ServiceTable-->avgnsx.exe [ ETHREAD 0x84795020 ] TID: 3896
0x80561500 Faked ServiceTable-->avgnsx.exe [ ETHREAD 0x846E64B0 ] TID: 3900
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x847E6DA8 ] TID: 3908
0x80561500 Faked ServiceTable-->lsass.exe [ ETHREAD 0x84686908 ] TID: 3912
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x847E17B8 ] TID: 3916
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x85BE3020 ] TID: 3920
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x85D7E4D8 ] TID: 3932
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x847B8020 ] TID: 3936
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x848C3BA8 ] TID: 3940
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x848C3930 ] TID: 3944
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x84A23DA8 ] TID: 3948
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x847197A8 ] TID: 3952
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x847CDDA8 ] TID: 3956
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x846E5790 ] TID: 3960
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x846E5518 ] TID: 3964
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x8483F020 ] TID: 3968
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x846D2B38 ] TID: 3972
0x80561500 Faked ServiceTable-->lsass.exe [ ETHREAD 0x84995798 ] TID: 3988
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x848BAB30 ] TID: 3992
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x8486C588 ] TID: 3996
0x80561500 Faked ServiceTable-->avgfws9.exe [ ETHREAD 0x85D7D020 ] TID: 4000
0x80561500 Faked ServiceTable-->avgnsx.exe [ ETHREAD 0x8486C020 ] TID: 4004
0x80561500 Faked ServiceTable-->avgcsrvx.exe [ ETHREAD 0x847698B8 ] TID: 4008
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x847CDB30 ] TID: 4012
0x80561500 Faked ServiceTable-->avgwdsvc.exe [ ETHREAD 0x849F7DA8 ] TID: 4028
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x84768698 ] TID: 4048
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x847BC3B8 ] TID: 4052
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x84769B30 ] TID: 4060
0x80561500 Faked ServiceTable-->avgchsvx.exe [ ETHREAD 0x84798510 ] TID: 4064
0x80561500 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8475E020 ] TID: 4076
0x80561500 Faked ServiceTable-->iexplore.exe [ ETHREAD 0x85D9D948 ] TID: 4088
Apart from slow boot up and running I also get the "Found new hardware" window popping up which I just cancel because there is no new hardware.
Thankyou very much Gringo I greatly appreciate help with this. Kind regards Jim.
Edited by abaddon.abyss, 22 September 2010 - 11:35 AM.