Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

BoardShop

[Arquivado] Problemas com AntiVirus

Por , em Tópicos Arquivados (Seguranca & Malwares)

Recommended Posts

BoardShop    0

BoardShop
Postado

Oii ! Pessoall =X

 

Como Que Fassoo ! para colokar aanti virus no meu pc =/

 

tipo eu baixooo ! e quando eu vou instalar ! ele fecha Sozinn !!

 

Hellpp Vlw pela Atenção =D

Compartilhar este post

Link para o post
Compartilhar em outros sites

DaniieL™    0

DaniieL™
Postado

Olá! BoardShop

 

Para que os Analistas possam lhe auxiliar com seu problema

primeiramente poste um Log do HiJackThis conforme este tópico:

 

Regra'>http://forum.imasters.com.br/index.php?/topic/165906-regra-n-02-utilizando-o-hijackthis/"]Regra Nº 02 - Utilizando O Hijackthis.

 

OBS.: Seu pc está infectado por um tipo de virus que bloqueia a instalação de antivirus podendo assim

se manifestar e infectar seu sistema avontade ...

Compartilhar este post

Link para o post
Compartilhar em outros sites

BoardShop    0

BoardShop
Postado

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:53:56, on 16/10/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\Nero\Nero 7\InCD\NBHGui.exe

C:\Arquivos de programas\Nero\Nero 7\InCD\InCD.exe

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\SEC\Natural Color\NaturalColorLoad.exe

C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2.exe

C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe

C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\System32\svchost.exe

C:\DOCUME~1\Francis\CONFIG~1\Temp\gmed.exe

C:\DOCUME~1\Francis\CONFIG~1\Temp\bwms.exe

C:\DOCUME~1\Francis\CONFIG~1\Temp\wnmd.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Francis\Desktop\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2233703

R3 - URLSearchHook: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Arquivos de programas\4shared.com\tb4sha.dll

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll

O2 - BHO: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Arquivos de programas\4shared.com\tb4sha.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Arquivos de programas\4shared.com\tb4sha.dll

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Arquivos de programas\Arquivos comuns\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Arquivos de programas\CyberLink\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [LGODDFU] "C:\Arquivos de programas\lg_fwupdate\fwupdate.exe" blrun

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [securDisc] C:\Arquivos de programas\Nero\Nero 7\InCD\NBHGui.exe

O4 - HKLM\..\Run: [inCD] C:\Arquivos de programas\Nero\Nero 7\InCD\InCD.exe

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [startCCC] "C:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [4shared Update] "C:\Arquivos de programas\4shared Desktop\checkUpdate.exe"

O4 - HKLM\..\Run: [Part browse safe hold] C:\Documents and Settings\All Users.WINDOWS\Dados de aplicativos\Audio 4 part browse\Gpl Idol.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [dog that] C:\DOCUME~1\Francis\DADOSD~1\FILEAM~1\bend vga pile.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [4shared Desktop] "C:\Arquivos de programas\4shared Desktop\desktop.exe" "startup"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Reboot.exe

O4 - Global Startup: NaturalColorLoad.lnk = ?

O4 - Global Startup: Orbit.lnk = C:\Arquivos de programas\Orbitdownloader\orbitdm.exe

O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

O8 - Extra context menu item: &Download all 4shared files - C:\Arquivos de programas\4shared Desktop\down_all.htm

O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Download using 4shared Desktop - C:\Arquivos de programas\4shared Desktop\down_link.htm

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O17 - HKLM\System\CCS\Services\Tcpip\..\{C0B595BC-DAD2-44F5-9622-47E0C7542947}: NameServer = 200.204.0.10 200.204.0.138

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe

O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

 

--

End of file - 7004 bytes

Compartilhar este post

Link para o post
Compartilhar em outros sites

wings    22

wings
Postado

Boa noite BoardShop

 

Há duas contaminações no seu PC. Uma pode ser Sality a outra é simples de resolver. O Sality muitas vezes vem através do uso de cracks, keygens, etc...e acaba contaminando todos os arquivos .exe do seu PC.

 

O arquivo que possa ter contaminado seu PC pode estar no Pendrive ou num CD. Portanto, recomendo que antes de tentar algo, você faça um backup dos seus arquivos pessoais (.doc, .jpeg, etc...) exceto arquivos .exe e salve-os no Pendrive. Recomendo que faça antes uma formatação do seu Pendrive.

 

Informe quando terminar o backup.

Compartilhar este post

Link para o post
Compartilhar em outros sites

BoardShop    0

BoardShop
Postado

Temm Como Resolver !?

 

a Vou relatar erros !

 

Eu nao consigo utilizar o modo de Segurança .

e Quando reinicioo o pc . Depois de 15 Minutos

consigo ligar DENOVO !

 

Tem como me ajudarr PLS !?

 

aaa.. E Meu Gerenciador de tarefas.. eoo Meo REGEDIT . taoo desabilitadoo !

 

Mais eu reabiliteii por um programa ! mais aiii ele blokeiiaa sozinn dinovo =D

 

Por isso Quero Anti Virus ! VLW

Compartilhar este post

Link para o post
Compartilhar em outros sites

wings    22

wings
Postado

Temm Como Resolver !?

 

Eu nao consigo utilizar o modo de Segurança .

e Quando reinicioo o pc . Depois de 15 Minutos

consigo ligar DENOVO !

 

Tem como me ajudarr PLS !?

 

aaa.. E Meu Gerenciador de tarefas.. eoo Meo REGEDIT . taoo desabilitadoo !

 

Mais eu reabiliteii por um programa ! mais aiii ele blokeiiaa sozinn dinovo =D

 

Por isso Quero Anti Virus ! VLW

 

Vamos tentar resolver...dependendo da versão do Sality a solução pode ser simples, porém há versões que eu "jogo a toalha". Aí, a solução mais rápida seria a formatação...

 

Fez o backup?

 

Caso positivo, vamos lá!..como ele não deve deixar você acessar sites de segurança, eu acabei hospedando o arquivo num site.

 

1.

*Baixe o SalityKiller e salve-o no desktop

*Extraia o seu conteúdo para C:\

*Desative a Restauração do Sistema

 

Clique com o botão direito do mouse em Meu Computador > Propriedades > Restauração do Sistema > Desativar Restauração do Sistema > OK > Sim

*Este programa irá rodar em 2 janelas distintas ao mesmo tempo!!

 

*A primeira janela:

*Clique em [iniciar] > [Executar] > copie e cole: C:\salitykiller.exe -m

*Clique [OK]

*Mantenha a janela rodando. Não feche-a!! Se desejar, minimize-a.

 

*A segunda janela:

*Clique em [iniciar] > [Executar] > copie e cole: C:\salitykiller.exe -y -x -j -l sality.txt -v

*Clique [OK]

*Ao término, a janela 2 será fechada automaticamente. Feche, então, a janela 1.

*Cole o resumo localizado no final do arquivo C:\sality.txt conforme o texto em destaque:

 

Infected files: 6382

19:59:42 Infected processes: 0

19:59:42 Infected threads: 0

19:59:42 Cured files: 5808

19:59:42 Executed registry scripts: 1

Compartilhar este post

Link para o post
Compartilhar em outros sites

wings    22

wings
Postado

Eu nao entendii !?

 

tipoo !

 

eu abro aparece scanigg e fexa =X

 

Você está seguindo as orientações corretamente?

 

*A primeira janela:

*Clique em [iniciar] > [Executar] > digite: C:\salitykiller.exe -m

*Clique [OK]

*Mantenha a janela rodando. Não feche-a!! Se desejar, minimize-a.

Observe que há um espaço entre salitykiller.exe e -m

 

*A segunda janela:

*Clique em [iniciar] > [Executar] > digite: C:\salitykiller.exe -y -x -j -l sality.txt -v

*Clique [OK]

*Ao término, a janela 2 será fechada automaticamente. Feche, então, a janela 1.

Observe que há espaços C:\salitykiller.exe <espaço> -y <espaço> -x <espaço> -j <espaço> -l <espaço> sality.txt <espaço> -v

Compartilhar este post

Link para o post
Compartilhar em outros sites

wings    22

wings
Postado

OK...vamos lá!!

 

 

1.

*Acesse o link abaixo:

http://securityresponse.symantec.com/avcenter/UnHookExec.inf

*Clique com o botão direito do mouse na página e selecione "Salvar como"...

*Salve no desktop

*Dê um clique com o botão direito do mouse no arquivo UnHookExec.inf e selecione "Instalar".

 

2.

*Baixe o Norman Malware Cleaner e salve-o no desktop

 

*Renomei o arquivo para Norman_Malware_Cleaner.cmd

*Duplo clique em Norman_Malware_Cleaner.cmd

*Instale o programa

*Para adicionar unidades fixas (C:\, D:\) de seu computador clique em [Add]

*Clique em [start Scan] e aguarde o término

*Cole o relatório criado no desktop

Compartilhar este post

Link para o post
Compartilhar em outros sites

BoardShop    0

BoardShop
Postado

mano burrisse minha =/

 

Vou fazer isso

Você está seguindo as orientações corretamente?

 

*A primeira janela:

*Clique em [iniciar] > [Executar] > digite: C:\salitykiller.exe -m

*Clique [OK]

*Mantenha a janela rodando. Não feche-a!! Se desejar, minimize-a.

Observe que há um espaço entre salitykiller.exe e -m

 

*A segunda janela:

*Clique em [iniciar] > [Executar] > digite: C:\salitykiller.exe -y -x -j -l sality.txt -v

*Clique [OK]

*Ao término, a janela 2 será fechada automaticamente. Feche, então, a janela 1.

Observe que há espaços C:\salitykiller.exe <espaço> -y <espaço> -x <espaço> -j <espaço> -l <espaço> sality.txt <espaço> -v

Compartilhar este post

Link para o post
Compartilhar em outros sites

BoardShop    0

BoardShop
Postado

vou mandar o o logg .. do Salty

 

 

Nome do host: JO-0540A0E7CA8E

Nome do sistema operacional: Microsoft Windows XP Professional

VersÆo do sistema operacional: 5.1.2600 Service Pack 2 compila‡Æo 2600

Fabricante do sistema operacional: Microsoft Corporation

Configura‡Æo do SO: Esta‡Æo de trabalho aut“noma

Tipo de compila‡Æo do sistema operacional: Uniprocessor Free

Propriet rio registrado: JoÆo Victor

Organiza‡Æo registrada:

Identifica‡Æo do produto: 55274-640-0187892-23042

Data da instala‡Æo original: 15/9/2009, 15:54:03

Tempo de ativa‡Æo do sistema: 0 dia(s), 7 hora(s0, 54 minuto(s), 3 segundo(s)

Fabricante do sistema: PCCHIPS

Modelo do sistema: P25G

Tipo de sistema: X86-based PC

Processador(es): 1 processador(es) instalado(s).

[01]: x86 Family 15 Model 4 Stepping 1 GenuineIntel ~2660 Mhz

VersÆo do BIOS: P4M800 - 42302e31

Pasta do Windows: C:\WINDOWS

Pasta do sistema: C:\WINDOWS\system32

Inicializar dispositivo: \Device\HarddiskVolume1

Localidade do sistema: pt-br;Portuguˆs (Brasil)

Localidade de entrada: pt-br;Portuguˆs (Brasil)

Fuso hor rio: N/A

Mem¢ria f¡sica total: 1.022 MB

Mem¢ria f¡sica dispon¡vel: 442 MB

Mem¢ria virtual: tamanho m ximo: 2.048 MB

Mem¢ria virtual: dispon¡vel: 2.008 MB

Mem¢ria virtual: em uso: 40 MB

Local(is) de arquivo de pagina‡Æo: C:\pagefile.sys

Dom¡nio: GRUPO

Servidor de logon: \\JO-0540A0E7CA8E

Hotfix(es): 108 hotfix(es) instalado(s).

[01]: File 1

[02]: File 1

[03]: File 1

[04]: File 1

[05]: File 1

[06]: File 1

[07]: File 1

[08]: File 1

[09]: File 1

[10]: File 1

[11]: File 1

[12]: File 1

[13]: File 1

[14]: File 1

[15]: File 1

[16]: File 1

[17]: File 1

[18]: File 1

[19]: File 1

[20]: File 1

[21]: File 1

[22]: File 1

[23]: File 1

[24]: File 1

[25]: File 1

[26]: File 1

[27]: File 1

[28]: File 1

[29]: File 1

[30]: File 1

[31]: File 1

[32]: File 1

[33]: File 1

[34]: File 1

[35]: File 1

[36]: File 1

[37]: File 1

[38]: File 1

[39]: File 1

[40]: File 1

[41]: File 1

[42]: File 1

[43]: File 1

[44]: File 1

[45]: File 1

[46]: File 1

[47]: File 1

[48]: File 1

[49]: File 1

[50]: File 1

[51]: Q147222

[52]: Q954430

[53]: KB952069_WM9

[54]: KB954155_WM9

[55]: KB968816_WM9

[56]: KB973540_WM9L

[57]: KB941569

[58]: KB893803v2 - Update

[59]: KB898461 - Update

[60]: KB944338-v2 - Update

[61]: KB958470 - Update

[62]: KB971032 - Update

[63]: KB971961 - Update

[64]: KB923561 - Update

[65]: KB946648 - Update

[66]: KB950762 - Update

[67]: KB950974 - Update

[68]: KB951066 - Update

[69]: KB951376-v2 - Update

[70]: KB951748 - Update

[71]: KB952004 - Update

[72]: KB952287 - Update

[73]: KB952954 - Update

[74]: KB955069 - Update

[75]: KB956572 - Update

[76]: KB956802 - Update

[77]: KB956803 - Update

[78]: KB956844 - Update

[79]: KB957097 - Update

[80]: KB958644 - Update

[81]: KB958687 - Update

[82]: KB958869 - Update

[83]: KB959426 - Update

[84]: KB960803 - Update

[85]: KB960859 - Update

[86]: KB961371-v2 - Update

[87]: KB961501 - Update

[88]: KB967715 - Update

[89]: KB968389 - Update

[90]: KB968537 - Update

[91]: KB969059 - Update

[92]: KB970238 - Update

[93]: KB970653-v3 - Update

[94]: KB971486 - Update

[95]: KB971557 - Update

[96]: KB971633 - Update

[97]: KB971657 - Update

[98]: KB973354 - Update

[99]: KB973507 - Update

[100]: KB973525 - Update

[101]: KB973815 - Update

[102]: KB973869 - Update

[103]: KB974112 - Update

[104]: KB974455 - Update

[105]: KB974571 - Update

[106]: KB975025 - Update

[107]: KB975467 - Update

[108]: XpsEPSC

placa(s) de rede: 2 NIC(s) instalado(s).

[01]: VIA PCI 10/100Mb Fast Ethernet Adapter

Nome da conexÆo: ConexÆo local

DHCP ativado: Sim

Servidor DHCP: 10.0.0.138

Endere‡o(es) IP

[01]: 10.0.0.1

[02]: Hamachi Network Interface

Nome da conexÆo: Hamachi

DHCP ativado: Sim

Servidor DHCP: 5.0.0.1

Endere‡o(es) IP

[01]: 5.146.176.126

19:26:58:656 4540 scanning threads ...

19:26:58:671 4540 KillThreads: Scan process PID: 656 Name "smss.exe" ThreadCount 3

19:26:58:671 4540 ScanThread: Thread 660 base addr: 4858A4C8

19:26:58:671 4540 ScanThread: Thread 664 base addr: 485893B2

19:26:58:671 4540 ScanThread: Thread 668 base addr: 2E2

19:26:58:671 4540 KillThreads: Scan process PID: 724 Name "csrss.exe" ThreadCount 14

19:26:58:671 4540 ScanThread: Thread 732 base addr: F708DF49

19:26:58:671 4540 ScanThread: VirtualQueryEx error 87

19:26:58:671 4540 ScanThread: Thread 760 base addr: 75B3B329

19:26:58:671 4540 ScanThread: Thread 764 base addr: 75B354A4

19:26:58:671 4540 ScanThread: Thread 768 base addr: 75B14616

19:26:58:671 4540 ScanThread: Thread 772 base addr: 75B13B3A

19:26:58:671 4540 ScanThread: Thread 784 base addr: 75B14616

19:26:58:671 4540 ScanThread: Thread 788 base addr: 75B3B0F7

19:26:58:671 4540 ScanThread: Thread 792 base addr: 75B3B0F7

19:26:58:671 4540 ScanThread: Thread 840 base addr: 75B3B0F7

19:26:58:671 4540 ScanThread: Thread 1916 base addr: 75B3B59C

19:26:58:671 4540 ScanThread: Thread 1984 base addr: 75B14616

19:26:58:671 4540 ScanThread: Thread 1236 base addr: 75B32272

19:26:58:687 4540 ScanThread: Thread 220 base addr: 75B14616

19:26:58:687 4540 ScanThread: Thread 192 base addr: 75B14616

19:26:58:687 4540 KillThreads: Scan process PID: 776 Name "winlogon.exe" ThreadCount 24

19:26:58:687 4540 ScanThread: Thread 780 base addr: 103D353

19:26:58:687 4540 ScanThread: Thread 804 base addr: 77DB6BF9

19:26:58:687 4540 ScanThread: Thread 808 base addr: 7C927125

19:26:58:687 4540 ScanThread: Thread 812 base addr: 7C910250

19:26:58:687 4540 ScanThread: Thread 816 base addr: 77DB6BF9

19:26:58:703 4540 ScanThread: Thread 828 base addr: 7C928C87

19:26:58:703 4540 ScanThread: Thread 1624 base addr: 10002B30

19:26:58:703 4540 ScanThread: Thread 1628 base addr: 100016A0

19:26:58:718 4540 ScanThread: Thread 1644 base addr: 1039156

19:26:58:718 4540 ScanThread: Thread 1648 base addr: 765D2DC9

19:26:58:718 4540 ScanThread: Thread 1380 base addr: 72CD30E8

19:26:58:718 4540 ScanThread: Thread 1488 base addr: 76B24DD6

19:26:58:718 4540 ScanThread: Thread 1264 base addr: 769A8831

19:26:58:718 4540 ScanThread: Thread 2584 base addr: 769B3CF1

19:26:58:734 4540 ScanThread: Thread 2588 base addr: 769B3CF1

19:26:58:734 4540 ScanThread: Thread 2624 base addr: 76C4C86B

19:26:58:734 4540 ScanThread: Thread 2628 base addr: 76C4C5AE

19:26:58:734 4540 ScanThread: Thread 2632 base addr: 76C4C5AE

19:26:58:734 4540 ScanThread: Thread 3220 base addr: 7C810669

19:26:58:750 4540 ScanThread: Thread 3940 base addr: 7C810669

19:26:58:750 4540 ScanThread: Thread 2524 base addr: 77DB6BF9

19:26:58:750 4540 ScanThread: Thread 5324 base addr: 77DB6BF9

19:26:58:750 4540 ScanThread: Thread 4312 base addr: 77DB6BF9

19:26:58:765 4540 ScanThread: Thread 1840 base addr: 77DB6BF9

19:26:58:765 4540 KillThreads: Scan process PID: 820 Name "services.exe" ThreadCount 16

19:26:58:765 4540 ScanThread: Thread 884 base addr: 7C927125

19:26:58:765 4540 ScanThread: Thread 892 base addr: 7C9105BA

19:26:58:765 4540 ScanThread: Thread 896 base addr: 7C928C87

19:26:58:781 4540 ScanThread: Thread 964 base addr: 7C910250

19:26:58:781 4540 ScanThread: Thread 972 base addr: 7C810669

19:26:58:781 4540 ScanThread: Thread 980 base addr: 776A39C0

19:26:58:781 4540 ScanThread: Thread 1036 base addr: 100A4D2

19:26:58:796 4540 ScanThread: Thread 1080 base addr: 64DAC

19:26:58:796 4540 ScanThread: Thread 1508 base addr: 7589349F

19:26:58:796 4540 ScanThread: Thread 1512 base addr: 75895DF7

19:26:58:796 4540 ScanThread: Thread 1288 base addr: 7C810669

19:26:58:796 4540 ScanThread: Thread 3284 base addr: 7C810669

19:26:58:812 4540 ScanThread: Thread 2596 base addr: 5FBF3E24

19:26:58:812 4540 ScanThread: Thread 2600 base addr: 5FBF1D97

19:26:58:812 4540 ScanThread: Thread 2096 base addr: 77DB6BF9

19:26:58:812 4540 ScanThread: Thread 5624 base addr: 77DB6BF9

19:26:58:812 4540 KillThreads: Scan process PID: 832 Name "lsass.exe" ThreadCount 21

19:26:58:812 4540 ScanThread: Thread 844 base addr: 75427F94

19:26:58:828 4540 ScanThread: Thread 848 base addr: 7C927125

19:26:58:828 4540 ScanThread: Thread 852 base addr: 7C910250

19:26:58:828 4540 ScanThread: Thread 856 base addr: 7C928C87

19:26:58:828 4540 ScanThread: Thread 860 base addr: 6D0D8

19:26:58:828 4540 ScanThread: Thread 876 base addr: 7C9105BA

19:26:58:843 4540 ScanThread: Thread 908 base addr: 77DB6BF9

19:26:58:843 4540 ScanThread: Thread 916 base addr: 72E5D

19:26:58:843 4540 ScanThread: Thread 928 base addr: 75418C7B

19:26:58:843 4540 ScanThread: Thread 956 base addr: 75418C7B

19:26:58:859 4540 ScanThread: Thread 2760 base addr: 77F6DE99

19:26:58:859 4540 ScanThread: Thread 3012 base addr: 77C1A341

19:26:58:859 4540 ScanThread: Thread 3016 base addr: 77C1A341

19:26:58:859 4540 ScanThread: Thread 3020 base addr: 77C1A341

19:26:58:875 4540 ScanThread: Thread 872 base addr: 769A8831

19:26:58:875 4540 ScanThread: Thread 2568 base addr: 7C810669

19:26:58:875 4540 ScanThread: Thread 5188 base addr: 7C810669

19:26:58:890 4540 ScanThread: Thread 5660 base addr: 67B52

19:26:58:890 4540 ScanThread: Thread 976 base addr: 75418C7B

19:26:58:890 4540 ScanThread: Thread 4912 base addr: 75418C7B

19:26:58:890 4540 ScanThread: Thread 3788 base addr: 77DB6BF9

19:26:58:890 4540 KillThreads: Scan process PID: 1004 Name "ati2evxx.exe" ThreadCount 4

19:26:58:890 4540 ScanThread: Thread 1008 base addr: 45FD6E

19:26:58:906 4540 ScanThread: Thread 1012 base addr: 77F6DE99

19:26:58:906 4540 ScanThread: Thread 1028 base addr: 42B4B0

19:26:58:921 4540 ScanThread: Thread 1120 base addr: 40B7C0

19:26:58:921 4540 KillThreads: Scan process PID: 1020 Name "svchost.exe" ThreadCount 17

19:26:58:921 4540 ScanThread: Thread 1024 base addr: 1002509

19:26:58:921 4540 ScanThread: Thread 1060 base addr: 7C927125

19:26:58:921 4540 ScanThread: Thread 1072 base addr: 7C928C87

19:26:58:937 4540 ScanThread: Thread 1868 base addr: 766FFE60

19:26:58:937 4540 ScanThread: Thread 1876 base addr: 320

19:26:58:937 4540 ScanThread: Thread 1880 base addr: 314

19:26:58:937 4540 ScanThread: Thread 1884 base addr: 766EE99C

19:26:58:937 4540 ScanThread: Thread 1888 base addr: 766EE894

19:26:58:937 4540 ScanThread: Thread 1892 base addr: 766EA72E

19:26:58:937 4540 ScanThread: Thread 1900 base addr: 769A8831

19:26:58:953 4540 ScanThread: Thread 1904 base addr: 7C810669

19:26:58:953 4540 ScanThread: Thread 2120 base addr: 7C910250

19:26:58:953 4540 ScanThread: Thread 2900 base addr: 7C810669

19:26:58:968 4540 ScanThread: Thread 5212 base addr: 7C810669

19:26:58:968 4540 ScanThread: Thread 4596 base addr: 7C810669

19:26:58:968 4540 ScanThread: Thread 5820 base addr: 7C810669

19:26:58:984 4540 ScanThread: Thread 4916 base addr: 77DB6BF9

19:26:58:984 4540 KillThreads: Scan process PID: 1088 Name "svchost.exe" ThreadCount 10

19:26:58:984 4540 ScanThread: Thread 1092 base addr: 1002509

19:26:58:984 4540 ScanThread: Thread 1100 base addr: 77F6DE99

19:26:58:984 4540 ScanThread: Thread 1104 base addr: 7C927125

19:26:59:0 4540 ScanThread: Thread 1108 base addr: 7C910250

19:26:59:0 4540 ScanThread: Thread 1112 base addr: 7C928C87

19:26:59:0 4540 ScanThread: Thread 1128 base addr: 7C810669

19:26:59:15 4540 ScanThread: Thread 3412 base addr: 72E7A

19:26:59:15 4540 ScanThread: Thread 4708 base addr: 7C810669

19:26:59:15 4540 ScanThread: Thread 4404 base addr: 77DB6BF9

19:26:59:15 4540 ScanThread: Thread 836 base addr: 76A7E2B0

19:26:59:31 4540 KillThreads: Scan process PID: 1448 Name "svchost.exe" ThreadCount 190

19:26:59:31 4540 ScanThread: Thread 1452 base addr: 1002509

19:26:59:31 4540 ScanThread: Thread 1456 base addr: 72E77

19:26:59:31 4540 ScanThread: Thread 1460 base addr: 7C927125

19:26:59:31 4540 ScanThread: Thread 1484 base addr: 77F6DE99

19:26:59:31 4540 ScanThread: Thread 1516 base addr: 62C01

19:26:59:31 4540 ScanThread: Thread 1560 base addr: 76D6AE19

19:26:59:31 4540 ScanThread: Thread 1752 base addr: 7C910250

19:26:59:46 4540 ScanThread: Thread 1872 base addr: 77F6DE99

19:26:59:46 4540 ScanThread: Thread 2028 base addr: 66421AAC

19:26:59:46 4540 ScanThread: Thread 356 base addr: 77DB6BF9

19:26:59:62 4540 ScanThread: Thread 360 base addr: 77646BB2

19:26:59:62 4540 ScanThread: Thread 364 base addr: 77F6DE99

19:26:59:62 4540 ScanThread: Thread 376 base addr: 77F6DE99

19:26:59:62 4540 ScanThread: Thread 456 base addr: 7C810669

19:26:59:78 4540 ScanThread: Thread 464 base addr: 7C810669

19:26:59:78 4540 ScanThread: Thread 472 base addr: 76B5B153

19:26:59:78 4540 ScanThread: Thread 476 base addr: 76B5A89A

19:26:59:78 4540 ScanThread: Thread 492 base addr: 76B5A597

19:26:59:93 4540 ScanThread: Thread 496 base addr: 71A38

19:26:59:93 4540 ScanThread: Thread 1548 base addr: 7C9105BA

19:26:59:93 4540 ScanThread: Thread 2448 base addr: 5696

19:26:59:93 4540 ScanThread: Thread 2592 base addr: D97779

19:26:59:93 4540 ScanThread: Thread 2640 base addr: 77F6DE99

19:26:59:93 4540 ScanThread: Thread 2728 base addr: 1AF8

19:26:59:93 4540 ScanThread: Thread 3112 base addr: 77DB6BF9

19:26:59:109 4540 ScanThread: Thread 3664 base addr: 769A8831

19:26:59:109 4540 ScanThread: Thread 3668 base addr: 77F6DE99

19:26:59:109 4540 ScanThread: Thread 3676 base addr: 767A28DE

19:26:59:109 4540 ScanThread: Thread 3800 base addr: 77F6DE99

19:26:59:125 4540 ScanThread: Thread 3860 base addr: 776A39C0

19:26:59:125 4540 ScanThread: Thread 3864 base addr: 774D319A

19:26:59:125 4540 ScanThread: Thread 3912 base addr: 77F6DE99

19:26:59:140 4540 ScanThread: Thread 3984 base addr: 3B2E7

19:26:59:140 4540 ScanThread: Thread 3988 base addr: 776D6207

19:26:59:140 4540 ScanThread: Thread 4020 base addr: 7C810669

19:26:59:140 4540 ScanThread: Thread 1232 base addr: 5E2B73AE

19:26:59:156 4540 ScanThread: Thread 1864 base addr: 5E2B73AE

19:26:59:156 4540 ScanThread: Thread 1980 base addr: 5E2B73AE

19:26:59:171 4540 ScanThread: Thread 416 base addr: 5E2B73AE

19:26:59:171 4540 ScanThread: Thread 1524 base addr: 7C810669

19:26:59:187 4540 ScanThread: Thread 316 base addr: 733B5033

19:26:59:187 4540 ScanThread: Thread 1808 base addr: 77F6DE99

19:26:59:187 4540 ScanThread: Thread 2540 base addr: 75F17B5E

19:26:59:187 4540 ScanThread: Thread 3796 base addr: 7C810669

19:26:59:203 4540 ScanThread: Thread 3828 base addr: 7C810669

19:26:59:203 4540 ScanThread: Thread 1924 base addr: 580DE2A8

19:26:59:203 4540 ScanThread: Thread 1220 base addr: 71FD1A18

19:26:59:203 4540 ScanThread: Thread 544 base addr: 58146DD4

19:26:59:203 4540 ScanThread: Thread 268 base addr: 58129BC0

19:26:59:203 4540 ScanThread: Thread 2488 base addr: 58191F91

19:26:59:203 4540 ScanThread: Thread 2508 base addr: 58163F47

19:26:59:203 4540 ScanThread: Thread 2512 base addr: 76E9E104

19:26:59:203 4540 ScanThread: Thread 2544 base addr: 5FBC3C44

19:26:59:203 4540 ScanThread: Thread 2552 base addr: 5FBF1C49

19:26:59:218 4540 ScanThread: Thread 1612 base addr: 5FBF1C49

19:26:59:218 4540 ScanThread: Thread 2644 base addr: 7222BB4D

19:26:59:218 4540 ScanThread: Thread 3032 base addr: 77C1A341

19:26:59:218 4540 ScanThread: Thread 3096 base addr: 74EC2555

19:26:59:218 4540 ScanThread: Thread 256 base addr: 71A1D2C6

19:26:59:218 4540 ScanThread: Thread 2920 base addr: D9EAE7

19:26:59:218 4540 ScanThread: Thread 2984 base addr: D989AC

19:26:59:218 4540 ScanThread: Thread 2992 base addr: D9CA40

19:26:59:218 4540 ScanThread: Thread 2124 base addr: D9CAAE

19:26:59:218 4540 ScanThread: Thread 2996 base addr: D9B093

19:26:59:218 4540 ScanThread: Thread 3808 base addr: D9C779

19:26:59:218 4540 ScanThread: Thread 3420 base addr: D9C779

19:26:59:218 4540 ScanThread: Thread 3520 base addr: D9C6EE

19:26:59:218 4540 ScanThread: Thread 2804 base addr: 7C910250

19:26:59:234 4540 ScanThread: Thread 3704 base addr: D9C5AB

19:26:59:234 4540 ScanThread: Thread 3708 base addr: D9C5AB

19:26:59:234 4540 ScanThread: Thread 3712 base addr: D9C5AB

19:26:59:234 4540 ScanThread: Thread 1712 base addr: D9C5AB

19:26:59:234 4540 ScanThread: Thread 3604 base addr: D9C5AB

19:26:59:234 4540 ScanThread: Thread 3724 base addr: D9C5AB

19:26:59:234 4540 ScanThread: Thread 3632 base addr: D9C5AB

19:26:59:234 4540 ScanThread: Thread 1720 base addr: D9C5AB

19:26:59:234 4540 ScanThread: Thread 460 base addr: D9C5AB

19:26:59:234 4540 ScanThread: Thread 3736 base addr: D9C5AB

19:26:59:234 4540 ScanThread: Thread 3740 base addr: D9C5AB

19:26:59:234 4540 ScanThread: Thread 3744 base addr: D9C5AB

19:26:59:234 4540 ScanThread: Thread 3748 base addr: D9C5AB

19:26:59:250 4540 ScanThread: Thread 3752 base addr: D9C5AB

19:26:59:250 4540 ScanThread: Thread 2832 base addr: D9C5AB

19:26:59:250 4540 ScanThread: Thread 1276 base addr: D9C5AB

19:26:59:250 4540 ScanThread: Thread 3456 base addr: D9C5AB

19:26:59:250 4540 ScanThread: Thread 3576 base addr: D9C5AB

19:26:59:250 4540 ScanThread: Thread 3756 base addr: D9C5AB

19:26:59:250 4540 ScanThread: Thread 3768 base addr: D9C5AB

19:26:59:250 4540 ScanThread: Thread 3772 base addr: D9C5AB

19:26:59:250 4540 ScanThread: Thread 3560 base addr: D9C5AB

19:26:59:250 4540 ScanThread: Thread 3584 base addr: D9C5AB

19:26:59:250 4540 ScanThread: Thread 1856 base addr: D9C5AB

19:26:59:250 4540 ScanThread: Thread 3776 base addr: D9C5AB

19:26:59:250 4540 ScanThread: Thread 3732 base addr: D9C5AB

19:26:59:250 4540 ScanThread: Thread 3848 base addr: D9C5AB

19:26:59:250 4540 ScanThread: Thread 3816 base addr: D9C5AB

19:26:59:250 4540 ScanThread: Thread 3820 base addr: D9C5AB

19:26:59:250 4540 ScanThread: Thread 3824 base addr: D9C5AB

19:26:59:250 4540 ScanThread: Thread 588 base addr: D9C5AB

19:26:59:265 4540 ScanThread: Thread 3844 base addr: D9C5AB

19:26:59:265 4540 ScanThread: Thread 384 base addr: D9C5AB

19:26:59:265 4540 ScanThread: Thread 548 base addr: D9C5AB

19:26:59:265 4540 ScanThread: Thread 2024 base addr: D9C5AB

19:26:59:265 4540 ScanThread: Thread 3792 base addr: D9C5AB

19:26:59:265 4540 ScanThread: Thread 1240 base addr: D9C5AB

19:26:59:265 4540 ScanThread: Thread 3000 base addr: D9C5AB

19:26:59:265 4540 ScanThread: Thread 252 base addr: D9C5AB

19:26:59:265 4540 ScanThread: Thread 3416 base addr: D9C5AB

19:26:59:265 4540 ScanThread: Thread 3720 base addr: D9C5AB

19:26:59:265 4540 ScanThread: Thread 3680 base addr: D9C5AB

19:26:59:265 4540 ScanThread: Thread 3852 base addr: D9C5AB

19:26:59:265 4540 ScanThread: Thread 2732 base addr: D9C5AB

19:26:59:265 4540 ScanThread: Thread 3688 base addr: D9C5AB

19:26:59:265 4540 ScanThread: Thread 3656 base addr: D9C5AB

19:26:59:265 4540 ScanThread: Thread 3872 base addr: D9C5AB

19:26:59:265 4540 ScanThread: Thread 3876 base addr: D9C5AB

19:26:59:265 4540 ScanThread: Thread 3900 base addr: D9C5AB

19:26:59:265 4540 ScanThread: Thread 3880 base addr: D9C5AB

19:26:59:265 4540 ScanThread: Thread 3868 base addr: D9C5AB

19:26:59:281 4540 ScanThread: Thread 2008 base addr: D9C5AB

19:26:59:281 4540 ScanThread: Thread 3920 base addr: D9C5AB

19:26:59:281 4540 ScanThread: Thread 2848 base addr: D9C5AB

19:26:59:281 4540 ScanThread: Thread 3924 base addr: D9C5AB

19:26:59:281 4540 ScanThread: Thread 3928 base addr: D9C5AB

19:26:59:281 4540 ScanThread: Thread 3932 base addr: D9C5AB

19:26:59:281 4540 ScanThread: Thread 3944 base addr: D9C5AB

19:26:59:281 4540 ScanThread: Thread 3948 base addr: D9C5AB

19:26:59:281 4540 ScanThread: Thread 3952 base addr: D9C5AB

19:26:59:281 4540 ScanThread: Thread 3956 base addr: D9C5AB

19:26:59:281 4540 ScanThread: Thread 3960 base addr: D9C5AB

19:26:59:281 4540 ScanThread: Thread 3968 base addr: D9C5AB

19:26:59:281 4540 ScanThread: Thread 728 base addr: D9C5AB

19:26:59:281 4540 ScanThread: Thread 824 base addr: D9C5AB

19:26:59:281 4540 ScanThread: Thread 3904 base addr: D9C5AB

19:26:59:281 4540 ScanThread: Thread 3888 base addr: D9C5AB

19:26:59:281 4540 ScanThread: Thread 3908 base addr: D9C5AB

19:26:59:281 4540 ScanThread: Thread 3832 base addr: D9C5AB

19:26:59:281 4540 ScanThread: Thread 3856 base addr: D9C5AB

19:26:59:281 4540 ScanThread: Thread 2468 base addr: D9C5AB

19:26:59:281 4540 ScanThread: Thread 2792 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 1952 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 4028 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 184 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 4036 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 4040 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 4044 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 4048 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 4056 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 4072 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 4076 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 2412 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 2408 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 2604 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 208 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 1144 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 3024 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 3608 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 4000 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 272 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 248 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 236 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 300 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 944 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 1588 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 1596 base addr: D9C5AB

19:26:59:296 4540 ScanThread: Thread 528 base addr: D9C5AB

19:26:59:312 4540 ScanThread: Thread 564 base addr: D9C5AB

19:26:59:312 4540 ScanThread: Thread 592 base addr: D9C5AB

19:26:59:312 4540 ScanThread: Thread 3388 base addr: 7C910250

19:26:59:312 4540 ScanThread: Thread 3444 base addr: 7C910250

19:26:59:312 4540 ScanThread: Thread 1632 base addr: DE68

19:26:59:312 4540 ScanThread: Thread 3700 base addr: 74EC742E

19:26:59:312 4540 ScanThread: Thread 260 base addr: D9C779

19:26:59:312 4540 ScanThread: Thread 5604 base addr: 7C810669

19:26:59:328 4540 ScanThread: Thread 4852 base addr: 71A44

19:26:59:328 4540 ScanThread: Thread 5544 base addr: 7C810669

19:26:59:328 4540 ScanThread: Thread 6016 base addr: 76B6709D

19:26:59:343 4540 ScanThread: Thread 4092 base addr: 7C810669

19:26:59:343 4540 ScanThread: Thread 1472 base addr: 751D9A1E

19:26:59:343 4540 ScanThread: Thread 5264 base addr: 72E70

19:26:59:343 4540 ScanThread: Thread 4368 base addr: 774D319A

19:26:59:359 4540 ScanThread: Thread 6132 base addr: 7C928C87

19:26:59:359 4540 ScanThread: Thread 5344 base addr: 7665F010

19:26:59:437 4540 ScanThread: Thread 4472 base addr: 7665F0A3

19:26:59:437 4540 ScanThread: Thread 5308 base addr: 7665F0A3

19:26:59:437 4540 ScanThread: Thread 2852 base addr: 7665F0A3

19:26:59:453 4540 ScanThread: Thread 3120 base addr: 71A3E

19:26:59:453 4540 ScanThread: Thread 5772 base addr: 7C810669

19:26:59:453 4540 ScanThread: Thread 4296 base addr: 72E79

19:26:59:453 4540 ScanThread: Thread 4636 base addr: 72E6E

19:26:59:453 4540 KillThreads: Scan process PID: 1520 Name "svchost.exe" ThreadCount 6

19:26:59:453 4540 ScanThread: Thread 1536 base addr: 1002509

19:26:59:453 4540 ScanThread: Thread 1728 base addr: 767556A3

19:26:59:453 4540 ScanThread: Thread 1732 base addr: 7675464B

19:26:59:453 4540 ScanThread: Thread 4168 base addr: 71080

19:26:59:453 4540 ScanThread: Thread 5764 base addr: 7108F

19:26:59:453 4540 ScanThread: Thread 4440 base addr: 7C810669

19:26:59:468 4540 KillThreads: Scan process PID: 1636 Name "ati2evxx.exe" ThreadCount 6

19:26:59:468 4540 ScanThread: Thread 1640 base addr: 45FD6E

19:26:59:468 4540 ScanThread: Thread 240 base addr: 42C450

19:26:59:468 4540 ScanThread: Thread 264 base addr: 42C070

19:26:59:468 4540 ScanThread: Thread 1416 base addr: CA2B30

19:26:59:468 4540 ScanThread: Thread 1420 base addr: CA16A0

19:26:59:468 4540 ScanThread: Thread 3784 base addr: 40BC90

19:26:59:484 4540 KillThreads: Scan process PID: 1692 Name "svchost.exe" ThreadCount 13

19:26:59:484 4540 ScanThread: Thread 1696 base addr: 1002509

19:26:59:484 4540 ScanThread: Thread 1820 base addr: 77F6DE99

19:26:59:484 4540 ScanThread: Thread 1860 base addr: 74C01B04

19:26:59:484 4540 ScanThread: Thread 2876 base addr: 77DB6BF9

19:26:59:484 4540 ScanThread: Thread 2100 base addr: 77F6DE99

19:26:59:484 4540 ScanThread: Thread 2064 base addr: 7C927125

19:26:59:500 4540 ScanThread: Thread 2472 base addr: 7C928C87

19:26:59:500 4540 ScanThread: Thread 3176 base addr: 604C

19:26:59:500 4540 ScanThread: Thread 3180 base addr: 7694721F

19:26:59:500 4540 ScanThread: Thread 1304 base addr: 7C810669

19:26:59:500 4540 ScanThread: Thread 2972 base addr: 7C910250

19:26:59:515 4540 ScanThread: Thread 940 base addr: 77DB6BF9

19:26:59:515 4540 ScanThread: Thread 2516 base addr: 7C910250

19:26:59:515 4540 KillThreads: Scan process PID: 304 Name "explorer.exe" ThreadCount 28

19:26:59:515 4540 ScanThread: Thread 308 base addr: 101E24E

19:26:59:515 4540 ScanThread: Thread 352 base addr: 77EB4243

19:26:59:531 4540 ScanThread: Thread 380 base addr: 7C927125

19:26:59:531 4540 ScanThread: Thread 388 base addr: 7C928C87

19:26:59:531 4540 ScanThread: Thread 536 base addr: 77EB4243

19:26:59:531 4540 ScanThread: Thread 1056 base addr: 1890000

19:26:59:531 4540 ScanThread: Thread 1284 base addr: 765836F7

19:26:59:531 4540 ScanThread: Thread 1568 base addr: 72CD30E8

19:26:59:546 4540 ScanThread: Thread 2532 base addr: 76B24DD6

19:26:59:546 4540 ScanThread: Thread 2868 base addr: 27394F6

19:26:59:546 4540 ScanThread: Thread 2924 base addr: 27394F6

19:26:59:546 4540 ScanThread: Thread 3616 base addr: 27394F6

19:26:59:546 4540 ScanThread: Thread 2320 base addr: 27394F6

19:26:59:546 4540 ScanThread: Thread 3148 base addr: 27394F6

19:26:59:546 4540 ScanThread: Thread 3156 base addr: 27394F6

19:26:59:546 4540 ScanThread: Thread 5184 base addr: 27394F6

19:26:59:546 4540 ScanThread: Thread 512 base addr: 27394F6

19:26:59:546 4540 ScanThread: Thread 5836 base addr: 27394F6

19:26:59:562 4540 ScanThread: Thread 5348 base addr: 27394F6

19:26:59:562 4540 ScanThread: Thread 5752 base addr: 7C810669

19:26:59:562 4540 ScanThread: Thread 1564 base addr: 710FE

19:26:59:562 4540 ScanThread: Thread 4712 base addr: 75F75325

19:26:59:562 4540 ScanThread: Thread 5944 base addr: 77C1A341

19:26:59:609 4540 ScanThread: Thread 4156 base addr: 774D319A

19:26:59:640 4540 ScanThread: Thread 1852 base addr: 70927

19:26:59:640 4540 ScanThread: Thread 4668 base addr: 77EB4243

19:26:59:656 4540 ScanThread: Thread 288 base addr: 7C910250

19:26:59:656 4540 ScanThread: Thread 196 base addr: 7C910250

19:26:59:656 4540 KillThreads: Scan process PID: 480 Name "spoolsv.exe" ThreadCount 11

19:26:59:656 4540 ScanThread: Thread 484 base addr: 100637A

19:26:59:656 4540 ScanThread: Thread 504 base addr: 77F6DE99

19:26:59:671 4540 ScanThread: Thread 524 base addr: 10051DC

19:26:59:671 4540 ScanThread: Thread 1248 base addr: 10051DC

19:26:59:671 4540 ScanThread: Thread 1316 base addr: 100569C

19:26:59:671 4540 ScanThread: Thread 1780 base addr: 723C17D7

19:26:59:671 4540 ScanThread: Thread 1792 base addr: 762029DB

19:26:59:671 4540 ScanThread: Thread 1824 base addr: 76205C46

19:26:59:671 4540 ScanThread: Thread 1976 base addr: 77DB6BF9

19:26:59:671 4540 ScanThread: Thread 4672 base addr: 77DB6BF9

19:26:59:687 4540 ScanThread: Thread 6128 base addr: 6646F

19:26:59:687 4540 KillThreads: Scan process PID: 556 Name "sched.exe" ThreadCount 7

19:26:59:687 4540 ScanThread: Thread 560 base addr: 407B8E

19:26:59:687 4540 ScanThread: Thread 604 base addr: 77F6DE99

19:26:59:687 4540 ScanThread: Thread 692 base addr: 7854345E

19:26:59:687 4540 ScanThread: Thread 712 base addr: 7C927125

19:26:59:703 4540 ScanThread: Thread 112 base addr: 7C928C87

19:26:59:703 4540 ScanThread: Thread 1312 base addr: 769A8831

19:26:59:703 4540 ScanThread: Thread 2696 base addr: 7854345E

19:26:59:718 4540 KillThreads: Scan process PID: 632 Name "PDVDServ.exe" ThreadCount 14

19:26:59:718 4540 ScanThread: Thread 636 base addr: 403E75

19:26:59:718 4540 ScanThread: Thread 648 base addr: 4137D4

19:26:59:718 4540 ScanThread: Thread 796 base addr: A21F7A

19:26:59:781 4540 ScanThread: Thread 1064 base addr: A13FA7

Compartilhar este post

Link para o post
Compartilhar em outros sites

Mário Monteiro    179

Mário Monteiro
Postado

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Arquivados (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito