Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 17 usuários online :: 0 registrados, 0 invisíveis e 17 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
Power Max | ||||
joram | ||||
Wings [In Memoriam] | ||||
caedurodrigues | ||||
Amigo Brasileiro | ||||
luizvilarinho | ||||
Danii | ||||
Admin | ||||
Danilo Marsaro | ||||
Andreata |
Avira está dizendo que Spyware Doctor tem trojan
4 participantes
Página 1 de 1
Avira está dizendo que Spyware Doctor tem trojan
Virus or unwanted program 'TR/Unpacked.Gen [trojan]'
detected in file 'C:\Arquivos de programas\Spyware Doctor\avdb\temp\4ED84944.vbt.
Action performed: Deny access
Será falso positivo ou é um trojan mesmo.
detected in file 'C:\Arquivos de programas\Spyware Doctor\avdb\temp\4ED84944.vbt.
Action performed: Deny access
Será falso positivo ou é um trojan mesmo.
omlet- Membro
- Mensagens : 54
Reputação : 0
Data de inscrição : 02/01/2009
Idade : 52
Re: Avira está dizendo que Spyware Doctor tem trojan
Acesse os links abaixo e configure ihual ao tutorial para ver se para este falso Positivo
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Re: Avira está dizendo que Spyware Doctor tem trojan
Está configurado conforme lá, pois segui o tutorial do Antonio.
omlet- Membro
- Mensagens : 54
Reputação : 0
Data de inscrição : 02/01/2009
Idade : 52
Re: Avira está dizendo que Spyware Doctor tem trojan
Olá Omlet!
Vamos analizar o seu PC para ver se há algo de errado nele:
1) Crie uma pasta própria (como por exemplo C:\Arquivos de Programas\HijackThis).
Faça o download do [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e no momento de salvá-lo escolha a opção de salvá-lo nesta pasta que você acabou de criar e descompacte o hijackthis.zip dentro dela.
Dê um duplo clique no instalador do Hijackthis > clique na opção I Accept.
Clique no botão: Do a system scan and save a logfile. Depois será aberta uma tela com o log, então é só selecionar este Log (Clique no menu: Editar » Selecionar Tudo), depois disso volte novamente no menu: Editar » e clique na opção: Copiar).
Depois disso é só voltar aqui no fórum e postar este log do Hijackthis para que ele possa ser analizado.
Ficamos no aguardo de sua resposta.
Vamos analizar o seu PC para ver se há algo de errado nele:
1) Crie uma pasta própria (como por exemplo C:\Arquivos de Programas\HijackThis).
Faça o download do [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e no momento de salvá-lo escolha a opção de salvá-lo nesta pasta que você acabou de criar e descompacte o hijackthis.zip dentro dela.
Dê um duplo clique no instalador do Hijackthis > clique na opção I Accept.
Clique no botão: Do a system scan and save a logfile. Depois será aberta uma tela com o log, então é só selecionar este Log (Clique no menu: Editar » Selecionar Tudo), depois disso volte novamente no menu: Editar » e clique na opção: Copiar).
Depois disso é só voltar aqui no fórum e postar este log do Hijackthis para que ele possa ser analizado.
Ficamos no aguardo de sua resposta.
Amigo Brasileiro- Membro Pleno
- Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008
Re: Avira está dizendo que Spyware Doctor tem trojan
Ai vai o log.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:45:14, on 14/2/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Arquivos de programas\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe
C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe
C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Arquivos de programas\Google\Google Talk\googletalk.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Spyware Doctor\pctsTray.exe
C:\Arquivos de programas\PC Tools Firewall Plus\FirewallGUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe
C:\Arquivos de programas\Mozilla Firefox 3.1 Beta 1\firefox.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Administrador\Meus documentos\CArquivos de ProgramasHijackThis\HiJackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [googletalk] C:\Arquivos de programas\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [ISTray] "C:\Arquivos de programas\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [00PCTFW] "C:\Arquivos de programas\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O20 - Winlogon Notify: !SASWinLogon - C:\Arquivos de programas\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Update Service (gupdate1c98e2e92cb7c3e) (gupdate1c98e2e92cb7c3e) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Arquivos de programas\CDBurnerXP\NMSAccessU.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Arquivos de programas\PC Tools Firewall Plus\FWService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 8074 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:45:14, on 14/2/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Arquivos de programas\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe
C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe
C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Arquivos de programas\Google\Google Talk\googletalk.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Spyware Doctor\pctsTray.exe
C:\Arquivos de programas\PC Tools Firewall Plus\FirewallGUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe
C:\Arquivos de programas\Mozilla Firefox 3.1 Beta 1\firefox.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Administrador\Meus documentos\CArquivos de ProgramasHijackThis\HiJackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [googletalk] C:\Arquivos de programas\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [ISTray] "C:\Arquivos de programas\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [00PCTFW] "C:\Arquivos de programas\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O20 - Winlogon Notify: !SASWinLogon - C:\Arquivos de programas\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Update Service (gupdate1c98e2e92cb7c3e) (gupdate1c98e2e92cb7c3e) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Arquivos de programas\CDBurnerXP\NMSAccessU.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Arquivos de programas\PC Tools Firewall Plus\FWService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 8074 bytes
omlet- Membro
- Mensagens : 54
Reputação : 0
Data de inscrição : 02/01/2009
Idade : 52
Re: Avira está dizendo que Spyware Doctor tem trojan
Abra o HijackThis, clique em Do a system scan only, marque a entrada abaixo e clique em Fix checked:
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
_______________________________________________________________________________________
Siga também as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Poste o log do Kaspersky Virus Removal Tool em sua próxima resposta juntamente com um novo log do Hijackthis e nos diga como está o seu PC depois destes procedimentos.
* Ficamos no aguardo.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
_______________________________________________________________________________________
Siga também as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Poste o log do Kaspersky Virus Removal Tool em sua próxima resposta juntamente com um novo log do Hijackthis e nos diga como está o seu PC depois destes procedimentos.
* Ficamos no aguardo.
Amigo Brasileiro- Membro Pleno
- Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008
Re: Avira está dizendo que Spyware Doctor tem trojan
Ai vai log:Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:13:11, on 15/2/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\CDBurnerXP\NMSAccessU.exe
C:\Arquivos de programas\PC Tools Firewall Plus\FWService.exe
C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Arquivos de programas\Google\Google Talk\googletalk.exe
C:\Arquivos de programas\Spyware Doctor\pctsTray.exe
C:\Arquivos de programas\PC Tools Firewall Plus\FirewallGUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe
C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Administrador\Meus documentos\CArquivos de ProgramasHijackThis\HiJackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [googletalk] C:\Arquivos de programas\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [ISTray] "C:\Arquivos de programas\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [00PCTFW] "C:\Arquivos de programas\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O20 - Winlogon Notify: !SASWinLogon - C:\Arquivos de programas\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Update Service (gupdate1c98e2e92cb7c3e) (gupdate1c98e2e92cb7c3e) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Arquivos de programas\CDBurnerXP\NMSAccessU.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Arquivos de programas\PC Tools Firewall Plus\FWService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 7748 bytes
Log do kaspersky
Scan
----
Scanned: 528420
Detected: 0
Untreated: 0
Start time: 14/2/2009 21:04:34
Duration: 02:48:26
Finish time: 14/2/2009 23:53:00
Detected
--------
Status Object
------ ------
Events
------
Time Name Status Reason
---- ---- ------ ------
Statistics
----------
Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted
------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------
Settings
--------
Parameter Value
--------- -----
Security Level Recommended
Action Prompt for action when the scan is complete
Run mode Manually
File types Scan all files
Scan only new and changed files No
Scan archives All
Scan embedded OLE objects All
Skip if object is larger than No
Skip if scan takes longer than No
Parse email formats No
Scan password-protected archives No
Enable iChecker technology No
Enable iSwift technology No
Show detected threats on "Detected" tab Yes
Rootkits search Yes
Deep rootkits search No
Use heuristic analyzer Yes
Quarantine
----------
Status Object Size Added
------ ------ ---- -----
Backup
------
Status Object Size
------ ------ ----
Scan saved at 00:13:11, on 15/2/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\CDBurnerXP\NMSAccessU.exe
C:\Arquivos de programas\PC Tools Firewall Plus\FWService.exe
C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Arquivos de programas\Google\Google Talk\googletalk.exe
C:\Arquivos de programas\Spyware Doctor\pctsTray.exe
C:\Arquivos de programas\PC Tools Firewall Plus\FirewallGUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe
C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Administrador\Meus documentos\CArquivos de ProgramasHijackThis\HiJackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [googletalk] C:\Arquivos de programas\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [ISTray] "C:\Arquivos de programas\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [00PCTFW] "C:\Arquivos de programas\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O20 - Winlogon Notify: !SASWinLogon - C:\Arquivos de programas\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Update Service (gupdate1c98e2e92cb7c3e) (gupdate1c98e2e92cb7c3e) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Arquivos de programas\CDBurnerXP\NMSAccessU.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Arquivos de programas\PC Tools Firewall Plus\FWService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 7748 bytes
Log do kaspersky
Scan
----
Scanned: 528420
Detected: 0
Untreated: 0
Start time: 14/2/2009 21:04:34
Duration: 02:48:26
Finish time: 14/2/2009 23:53:00
Detected
--------
Status Object
------ ------
Events
------
Time Name Status Reason
---- ---- ------ ------
Statistics
----------
Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted
------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------
Settings
--------
Parameter Value
--------- -----
Security Level Recommended
Action Prompt for action when the scan is complete
Run mode Manually
File types Scan all files
Scan only new and changed files No
Scan archives All
Scan embedded OLE objects All
Skip if object is larger than No
Skip if scan takes longer than No
Parse email formats No
Scan password-protected archives No
Enable iChecker technology No
Enable iSwift technology No
Show detected threats on "Detected" tab Yes
Rootkits search Yes
Deep rootkits search No
Use heuristic analyzer Yes
Quarantine
----------
Status Object Size Added
------ ------ ---- -----
Backup
------
Status Object Size
------ ------ ----
omlet- Membro
- Mensagens : 54
Reputação : 0
Data de inscrição : 02/01/2009
Idade : 52
Re: Avira está dizendo que Spyware Doctor tem trojan
O Kaspersky não achou nada de errado em seu PC.
Vá no site Virus Total e envie este arquivo que o Avira está detectando para ser analizado:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Poste a URL do escaneamento aqui para a gente analizar, por gentileza.
Ficamos no aguardo.
Vá no site Virus Total e envie este arquivo que o Avira está detectando para ser analizado:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Poste a URL do escaneamento aqui para a gente analizar, por gentileza.
Ficamos no aguardo.
Amigo Brasileiro- Membro Pleno
- Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008
Re: Avira está dizendo que Spyware Doctor tem trojan
Informações adicionais
File size: 2873224 bytes
MD5...: 584e44e8af7809de1acaa09614affdff
SHA1..: 259eb9239d2ed1f3b777d71e03e6be291337b8da
SHA256: 193918a866bf9dbeacad3cea8434640c47e32f518c3f97f4da8769256a6d6ce5
SHA512: 799d335a9140a4b7c55f3758edda9100f93ea0bc050e80797782e79974b4e52f
4f9d9216162092d7e79cab6a389b303a3d2d63cd2c3d1cc753ed6e71d1c12674
ssdeep: 49152:bhkb8iSg3fY77wRu0GdO4YFM5Go85/oM3:bhkbMs8a3mnwoE
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (58.3%)
Win16/32 Executable Delphi generic (14.1%)
Generic Win/DOS Executable (13.7%)
DOS Executable Generic (13.6%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x1632b8
timedatestamp.....: 0x48eeaf8b (Fri Oct 10 01:27:39 2008)
machinetype.......: 0x14c (I386)
( 10 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x160928 0x160a00 6.54 0631cb00ca017207a1b3e9375709cd52
.itext 0x162000 0x15d0 0x1600 6.37 a5b4829728a7c8ea04a6240d64f452db
.data 0x164000 0x8600 0x8600 6.38 2f29dc541713c4d71e67c8e60538b76b
.bss 0x16d000 0x1a28 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x16f000 0x1d6b8 0x1d800 5.47 0442ab601c2a4119d27e05543895b28e
.edata 0x18d000 0x4e 0x200 0.84 fda5bcc717614f7da420ed3064b327db
.tls 0x18e000 0xf0 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x18f000 0x18 0x200 0.19 0672c1d239c97ae50fb5549d9ff980e9
.reloc 0x190000 0x15714 0x15800 6.71 29215178f4fb3b983d87c8b0e3e6d6f4
.rsrc 0x1a6000 0x11e144 0x11e200 7.51 28657c383adb39a9c1a1bfe437c3dd0b
( 95 imports )
> rtl100.bpl: @System@initialization$qqrv, @System@Finalization$qqrv, @System@LoadResString$qqrp20System@TResStringRec, @System@UTF8Decode$qqrx17System@AnsiString, @System@UTF8Encode$qqrx17System@WideString, @System@FreeMemory$qpv, @System@@CheckAutoResult$qqrl, @System@TInterfacedObject@_Release$qqsv, @System@TInterfacedObject@_AddRef$qqsv, @System@TInterfacedObject@QueryInterface$qqsrx5_GUIDpv, @System@TInterfacedObject@NewInstance$qqrp17System@TMetaClass, @System@TInterfacedObject@BeforeDestruction$qqrv, @System@TInterfacedObject@AfterConstruction$qqrv, @System@@IntfAddRef$qqrx45System@_DelphiInterface$t17System@IInterface_, @System@@IntfCast$qqrr45System@_DelphiInterface$t17System@IInterface_x45System@_DelphiInterface$t17System@IInterface_rx5_GUID, @System@@IntfCopy$qqrr45System@_DelphiInterface$t17System@IInterface_x45System@_DelphiInterface$t17System@IInterface_, @System@@IntfClear$qqrr45System@_DelphiInterface$t17System@IInterface_, @System@RegisterModule$qqrp17System@TLibModule, @System@RemoveModuleUnloadProc$qqrpqqri$v, @System@AddModuleUnloadProc$qqrpqqri$v, @System@FindResourceHInstance$qqrui, @System@FindClassHInstance$qqrp17System@TMetaClass, @System@@DynArrayAddRef$qqrv, @System@@DynArrayAsg$qqrv, @System@@DynArrayClear$qqrrpvpv, @System@@DynArrayCopyRange$qqrpvt1iirpv, @System@@DynArrayCopy$qqrpvt1rpv, @System@@DynArraySetLength$qqrv, @System@@DynArrayHigh$qqrv, @System@@DynArrayLength$qqrv, @System@@_llshl$qqrv, @System@@_llmod$qqrv, @System@@_lldiv$qqrv, @System@@_llmul$qqrv, @System@@Dispose$qqrpvt1, @System@@New$qqripv, @System@@CopyRecord$qqrv, @System@@Finalize$qqrpvt1, @System@@FinalizeArray$qqrpvt1ui, @System@@FinalizeRecord$qqrpvt1, @System@@InitializeRecord$qqrpvt1, @System@@WStrAddRef$qqrr17System@WideString, @System@@WStrSetLength$qqrr17System@WideStringi, @System@Pos$qqrx17System@WideStringt1, @System@@WStrInsert$qqrx17System@WideStringr17System@WideStringi, @System@@WStrDelete$qqrr17System@WideStringii, @System@@WStrCopy$qqrx17System@WideStringii, @System@@WStrCmp$qqrv, @System@@WStrCatN$qqrv, @System@@WStrCat3$qqrr17System@WideStringx17System@WideStringt2, @System@@WStrCat$qqrr17System@WideStringx17System@WideString, @System@@WStrLen$qqrx17System@WideString, @System@@WStrToPWChar$qqrx17System@WideString, @System@@WStrFromLStr$qqrr17System@WideStringx17System@AnsiString, @System@@WStrFromWArray$qqrr17System@WideStringpbi, @System@@WStrFromArray$qqrr17System@WideStringpci, @System@@WStrFromString$qqrr17System@WideStringrx28System@_SmallString$iuc$255_, @System@@WStrFromPWChar$qqrr17System@WideStringpb, @System@@WStrFromPChar$qqrr17System@WideStringpc, @System@@WStrFromWChar$qqrr17System@WideStringb, @System@@WStrFromPWCharLen$qqrr17System@WideStringpbi, @System@@WStrFromPCharLen$qqrr17System@WideStringpci, @System@@WStrLAsg$qqrr17System@WideStringx17System@WideString, @System@@WStrAsg$qqrr17System@WideStringx17System@WideString, @System@@WStrArrayClr$qqrpvi, @System@@WStrClr$qqrpv, @System@@NewWideString$qqri, @System@@Write0LString$qqrr15System@TTextRecx17System@AnsiString, @System@@LStrSetLength$qqrv, @System@Pos$qqrx17System@AnsiStringt1, @System@@LStrInsert$qqrv, @System@@LStrDelete$qqrv, @System@@LStrCopy$qqrv, @System@@UniqueStringA$qqrr17System@AnsiString, @System@UniqueString$qqrr17System@AnsiString, @System@@LStrToPChar$qqrx17System@AnsiString, @System@@LStrAddRef$qqrpv, @System@@LStrCmp$qqrv, @System@@LStrCatN$qqrv, @System@@LStrCat3$qqrv, @System@@LStrCat$qqrv, @System@@LStrLen$qqrx17System@AnsiString, @System@@LStrToString$qqrv, @System@@LStrFromWStr$qqrr17System@AnsiStringx17System@WideString, @System@@LStrFromWArray$qqrr17System@AnsiStringpbi, @System@@LStrFromArray$qqrr17System@AnsiStringpci, @System@@LStrFromString$qqrr17System@AnsiStringrx28System@_SmallString$iuc$255_, @System@@LStrFromPWChar$qqrr17System@AnsiStringpb, @System@@LStrFromPChar$qqrr17System@AnsiStringpc, @System@@LStrFromWChar$qqrr17System@AnsiStringb, @System@@LStrFromChar$qqrr17System@AnsiStringc, @System@@LStrFromPCharLen$qqrr17System@AnsiStringpci, @System@@LStrLAsg$qqrpvpxv, @System@@LStrAsg$qqrpvpxv, @System@@LStrArrayClr$qqrpvi, @System@@LStrClr$qqrpv, @System@EndThread$qqri, @System@BeginThread$qqrpvuipqqrpv$it1uirui, @System@@RunError$qqruc, @System@@Halt0$qqrv, @System@@InitWideStrings$qqrv, @System@@InitResStringImports$qqrv, @System@@StartExe$qqrp23System@PackageInfoTablep17System@TLibModule, @System@@TryFinallyExit$qqrv, @System@@DoneExcept$qqrv, @System@@RaiseAgain$qqrv, @System@@RaiseExcept$qqrv, @System@@HandleAutoException$qqrv, @System@@HandleFinally$qqrv, @System@@HandleOnException$qqrv, @System@@HandleAnyException$qqrv, @System@@BeforeDestruction$qqrp14System@TObjectzc, @System@@AfterConstruction$qqrp14System@TObject, @System@@ClassDestroy$qqrp14System@TObject, @System@@ClassCreate$qqrp17System@TMetaClasso, @System@TObject@Dispatch$qqrpv, @System@TObject@BeforeDestruction$qqrv, @System@TObject@AfterConstruction$qqrv, @System@TObject@DefaultHandler$qqrpv, @System@TObject@SafeCallException$qqrp14System@TObjectpv, @System@TObject@ClassInfo$qqrp17System@TMetaClass, @System@TObject@InheritsFrom$qqrp17System@TMetaClasst1, @System@@CallDynaInst$qqrv, @System@@AsClass$qqrp14System@TObjectp17System@TMetaClass, @System@@IsClass$qqrp14System@TObjectp17System@TMetaClass, @System@TObject@GetInterface$qqrrx5_GUIDpv, @System@TObject@Free$qqrv, @System@TObject@$bdtr$qqrv, @System@TObject@$bctr$qqrv, @System@TObject@FreeInstance$qqrv, @System@TObject@NewInstance$qqrp17System@TMetaClass, @System@TObject@ClassParent$qqrp17System@TMetaClass, @System@TObject@ClassName$qqrp17System@TMetaClass, @System@TObject@ClassType$qqrv, @System@@IntOver$qqrv, @System@@BoundErr$qqrv, @System@@SetExpand$qqrv, @System@@SetSub$qqrv, @System@@SetUnion$qqrv, @System@@SetIntersect$qqrv, @System@@SetEq$qqrv, @System@@SetElem$qqrv, @System@@_CToPasStr$qqrp28System@_SmallString$iuc$255_pxc, @System@@WriteLn$qqrr15System@TTextRec, @System@@FillChar$qqrpvic, @System@@AStrCmp$qqrv, @System@@PStrCpy$qqrp28System@_SmallString$iuc$255_t1, @System@@PStrNCat$qqrv, @System@@AbstractError$qqrv, @System@@TRUNC$qqrv, @System@@ROUND$qqrv, @System@Sqrt$qqrxg, @System@Exp$qqrxg, @System@Frac$qqrxg, @System@Get8087CW$qqrv, @System@Set8087CW$qqrus, @System@UpCase$qqrc, @System@Random$qqrxi, @System@ParamStr$qqri, @System@ParamCount$qqrv, @System@Move$qqrpxvpvi, @System@@Copy$qqrv, @System@@_IOTest$qqrv, @System@RaiseList$qqrv, @System@AcquireExceptionObject$qqrv, @System@ExceptAddr$qqrv, @System@ExceptObject$qqrv, @System@SetMemoryManager$qqrrx21System@TMemoryManager, @System@GetMemoryManager$qqrr21System@TMemoryManager, @System@@ReallocMem$qqrrpvi, @System@@FreeMem$qqrpv, @System@@GetMem$qqri, @System@AllocMem$qqrui, @System@ReportMemoryLeaksOnShutdown, @System@AllocMemSize, @System@AllocMemCount, @System@DebugHook, @System@HeapAllocFlags, @System@Output, @System@IsMultiThread, @System@IsConsole, @System@ErrorAddr, @System@CmdLine, @System@MainThreadID, @System@ExceptionClass, @System@ExceptObjProc, @$xp$16System@TDateTime, @System@TInterfacedObject@, @$xp$17System@IInterface, @$xp$14System@TObject, @System@TObject@, @$xp$7HRESULT, @$xp$17System@OleVariant, @$xp$17System@WideString, @$xp$13System@string, @$xp$15System@Cardinal, @$xp$11System@Word, @$xp$11System@Byte, @$xp$14System@Integer, @$xp$15System@Smallint, @$xp$14System@Boolean
> kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA
> user32.dll: CreateWindowExW, CreateWindowExA, WindowFromPoint, WaitMessage, WaitForInputIdle, ValidateRect, UpdateWindow, UnregisterClassW, UnregisterClassA, UnionRect, UnhookWindowsHookEx, TranslateMessage, ToAscii, SystemParametersInfoA, SubtractRect, ShowWindow, ShowScrollBar, ShowOwnedPopups, ShowCaret, SetWindowRgn, SetWindowsHookExW, SetWindowsHookExA, SetWindowTextW, SetWindowTextA, SetWindowPos, SetWindowPlacement, SetWindowLongW, SetWindowLongA, SetTimer, SetScrollInfo, SetRect, SetPropA, SetParent, SetMenuItemInfoW, SetForegroundWindow, SetFocus, SetCursor, SetClipboardData, SetClassLongA, SetCapture, SetActiveWindow, SendMessageTimeoutA, SendMessageCallbackA, SendMessageW, SendMessageA, ScrollWindow, ScrollDC, ScreenToClient, RemovePropA, RemoveMenu, ReleaseDC, ReleaseCapture, RegisterWindowMessageA, RegisterClipboardFormatA, RegisterClassW, RegisterClassA, RedrawWindow, PtInRect, PostThreadMessageA, PostQuitMessage, PostMessageW, PostMessageA, PeekMessageW, PeekMessageA, OpenClipboard, OffsetRect, OemToCharBuffA, NotifyWinEvent, MsgWaitForMultipleObjects, MoveWindow, MessageBoxA, MessageBeep, MapWindowPoints, MapVirtualKeyW, LockWindowUpdate, LoadStringA, LoadImageA, LoadIconA, LoadCursorA, LoadBitmapA, KillTimer, IsZoomed, IsWindowVisible, IsWindowUnicode, IsWindowEnabled, IsWindow, IsRectEmpty, IsIconic, IsDialogMessageW, IsDialogMessageA, InvalidateRect, IntersectRect, InflateRect, HideCaret, GetWindowThreadProcessId, GetWindowTextLengthW, GetWindowTextW, GetWindowTextA, GetWindowRect, GetWindowPlacement, GetWindowLongW, GetWindowLongA, GetWindowDC, GetUpdateRect, GetTopWindow, GetSystemMetrics, GetSystemMenu, GetSysColorBrush, GetSysColor, GetSubMenu, GetScrollPos, GetScrollInfo, GetPropA, GetParent, GetWindow, GetMessagePos, GetMessageW, GetMessageA, GetMenuStringW, GetMenuItemInfoW, GetMenu, GetKeyboardState, GetKeyboardLayout, GetKeyState, GetKeyNameTextW, GetIconInfo, GetForegroundWindow, GetFocus, GetDesktopWindow, GetDCEx, GetDC, GetCursorPos, GetCursor, GetClipboardFormatNameA, GetClientRect, GetClassNameW, GetClassNameA, GetClassLongA, GetClassInfoW, GetClassInfoA, GetCapture, GetAsyncKeyState, FrameRect, FindWindowExA, FindWindowA, FillRect, ExitWindowsEx, EnumWindows, EnumThreadWindows, EndPaint, EndDeferWindowPos, EnableWindow, EmptyClipboard, DrawTextW, DrawTextA, DrawStateA, DrawMenuBar, DrawIconEx, DrawFrameControl, DrawFocusRect, DrawEdge, DispatchMessageW, DispatchMessageA, DestroyWindow, DestroyIcon, DeleteMenu, DeferWindowPos, DefWindowProcW, DefWindowProcA, CopyImage, CloseClipboard, ClientToScreen, ChildWindowFromPointEx, CharNextW, CallWindowProcW, CallWindowProcA, CallNextHookEx, BringWindowToTop, BeginPaint, BeginDeferWindowPos, AttachThreadInput, CharLowerA, CharUpperA, AdjustWindowRectEx
> gdi32.dll: TextOutA, StartPage, StartDocA, SetWindowOrgEx, SetTextColor, SetTextAlign, SetMapMode, SetBrushOrgEx, SetBkMode, SetBkColor, SelectObject, SelectClipRgn, SaveDC, RestoreDC, PatBlt, OffsetRgn, MoveToEx, MaskBlt, LineTo, LPtoDP, IntersectClipRect, GetTextMetricsA, GetTextFaceA, GetTextExtentPoint32W, GetTextExtentPoint32A, GetTextColor, GetTextAlign, GetStockObject, GetRgnBox, GetPaletteEntries, GetObjectA, GetMapMode, GetDeviceCaps, GetCurrentObject, GetClipRgn, GetBkColor, GdiFlush, ExtTextOutW, ExcludeClipRect, EndPage, EndDoc, DeleteObject, DeleteDC, CreateSolidBrush, CreateRoundRectRgn, CreateRectRgnIndirect, CreateRectRgn, CreatePen, CreatePatternBrush, CreatePalette, CreateHalftonePalette, CreateFontA, CreateDIBSection, CreateDCA, CreateCompatibleDC, CreateBitmap, CombineRgn, BitBlt
> version.dll: VerQueryValueW, VerQueryValueA, GetFileVersionInfoSizeW, GetFileVersionInfoSizeA, GetFileVersionInfoW, GetFileVersionInfoA
> mpr.dll: WNetGetUniversalNameW
File size: 2873224 bytes
MD5...: 584e44e8af7809de1acaa09614affdff
SHA1..: 259eb9239d2ed1f3b777d71e03e6be291337b8da
SHA256: 193918a866bf9dbeacad3cea8434640c47e32f518c3f97f4da8769256a6d6ce5
SHA512: 799d335a9140a4b7c55f3758edda9100f93ea0bc050e80797782e79974b4e52f
4f9d9216162092d7e79cab6a389b303a3d2d63cd2c3d1cc753ed6e71d1c12674
ssdeep: 49152:bhkb8iSg3fY77wRu0GdO4YFM5Go85/oM3:bhkbMs8a3mnwoE
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (58.3%)
Win16/32 Executable Delphi generic (14.1%)
Generic Win/DOS Executable (13.7%)
DOS Executable Generic (13.6%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x1632b8
timedatestamp.....: 0x48eeaf8b (Fri Oct 10 01:27:39 2008)
machinetype.......: 0x14c (I386)
( 10 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x160928 0x160a00 6.54 0631cb00ca017207a1b3e9375709cd52
.itext 0x162000 0x15d0 0x1600 6.37 a5b4829728a7c8ea04a6240d64f452db
.data 0x164000 0x8600 0x8600 6.38 2f29dc541713c4d71e67c8e60538b76b
.bss 0x16d000 0x1a28 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x16f000 0x1d6b8 0x1d800 5.47 0442ab601c2a4119d27e05543895b28e
.edata 0x18d000 0x4e 0x200 0.84 fda5bcc717614f7da420ed3064b327db
.tls 0x18e000 0xf0 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x18f000 0x18 0x200 0.19 0672c1d239c97ae50fb5549d9ff980e9
.reloc 0x190000 0x15714 0x15800 6.71 29215178f4fb3b983d87c8b0e3e6d6f4
.rsrc 0x1a6000 0x11e144 0x11e200 7.51 28657c383adb39a9c1a1bfe437c3dd0b
( 95 imports )
> rtl100.bpl: @System@initialization$qqrv, @System@Finalization$qqrv, @System@LoadResString$qqrp20System@TResStringRec, @System@UTF8Decode$qqrx17System@AnsiString, @System@UTF8Encode$qqrx17System@WideString, @System@FreeMemory$qpv, @System@@CheckAutoResult$qqrl, @System@TInterfacedObject@_Release$qqsv, @System@TInterfacedObject@_AddRef$qqsv, @System@TInterfacedObject@QueryInterface$qqsrx5_GUIDpv, @System@TInterfacedObject@NewInstance$qqrp17System@TMetaClass, @System@TInterfacedObject@BeforeDestruction$qqrv, @System@TInterfacedObject@AfterConstruction$qqrv, @System@@IntfAddRef$qqrx45System@_DelphiInterface$t17System@IInterface_, @System@@IntfCast$qqrr45System@_DelphiInterface$t17System@IInterface_x45System@_DelphiInterface$t17System@IInterface_rx5_GUID, @System@@IntfCopy$qqrr45System@_DelphiInterface$t17System@IInterface_x45System@_DelphiInterface$t17System@IInterface_, @System@@IntfClear$qqrr45System@_DelphiInterface$t17System@IInterface_, @System@RegisterModule$qqrp17System@TLibModule, @System@RemoveModuleUnloadProc$qqrpqqri$v, @System@AddModuleUnloadProc$qqrpqqri$v, @System@FindResourceHInstance$qqrui, @System@FindClassHInstance$qqrp17System@TMetaClass, @System@@DynArrayAddRef$qqrv, @System@@DynArrayAsg$qqrv, @System@@DynArrayClear$qqrrpvpv, @System@@DynArrayCopyRange$qqrpvt1iirpv, @System@@DynArrayCopy$qqrpvt1rpv, @System@@DynArraySetLength$qqrv, @System@@DynArrayHigh$qqrv, @System@@DynArrayLength$qqrv, @System@@_llshl$qqrv, @System@@_llmod$qqrv, @System@@_lldiv$qqrv, @System@@_llmul$qqrv, @System@@Dispose$qqrpvt1, @System@@New$qqripv, @System@@CopyRecord$qqrv, @System@@Finalize$qqrpvt1, @System@@FinalizeArray$qqrpvt1ui, @System@@FinalizeRecord$qqrpvt1, @System@@InitializeRecord$qqrpvt1, @System@@WStrAddRef$qqrr17System@WideString, @System@@WStrSetLength$qqrr17System@WideStringi, @System@Pos$qqrx17System@WideStringt1, @System@@WStrInsert$qqrx17System@WideStringr17System@WideStringi, @System@@WStrDelete$qqrr17System@WideStringii, @System@@WStrCopy$qqrx17System@WideStringii, @System@@WStrCmp$qqrv, @System@@WStrCatN$qqrv, @System@@WStrCat3$qqrr17System@WideStringx17System@WideStringt2, @System@@WStrCat$qqrr17System@WideStringx17System@WideString, @System@@WStrLen$qqrx17System@WideString, @System@@WStrToPWChar$qqrx17System@WideString, @System@@WStrFromLStr$qqrr17System@WideStringx17System@AnsiString, @System@@WStrFromWArray$qqrr17System@WideStringpbi, @System@@WStrFromArray$qqrr17System@WideStringpci, @System@@WStrFromString$qqrr17System@WideStringrx28System@_SmallString$iuc$255_, @System@@WStrFromPWChar$qqrr17System@WideStringpb, @System@@WStrFromPChar$qqrr17System@WideStringpc, @System@@WStrFromWChar$qqrr17System@WideStringb, @System@@WStrFromPWCharLen$qqrr17System@WideStringpbi, @System@@WStrFromPCharLen$qqrr17System@WideStringpci, @System@@WStrLAsg$qqrr17System@WideStringx17System@WideString, @System@@WStrAsg$qqrr17System@WideStringx17System@WideString, @System@@WStrArrayClr$qqrpvi, @System@@WStrClr$qqrpv, @System@@NewWideString$qqri, @System@@Write0LString$qqrr15System@TTextRecx17System@AnsiString, @System@@LStrSetLength$qqrv, @System@Pos$qqrx17System@AnsiStringt1, @System@@LStrInsert$qqrv, @System@@LStrDelete$qqrv, @System@@LStrCopy$qqrv, @System@@UniqueStringA$qqrr17System@AnsiString, @System@UniqueString$qqrr17System@AnsiString, @System@@LStrToPChar$qqrx17System@AnsiString, @System@@LStrAddRef$qqrpv, @System@@LStrCmp$qqrv, @System@@LStrCatN$qqrv, @System@@LStrCat3$qqrv, @System@@LStrCat$qqrv, @System@@LStrLen$qqrx17System@AnsiString, @System@@LStrToString$qqrv, @System@@LStrFromWStr$qqrr17System@AnsiStringx17System@WideString, @System@@LStrFromWArray$qqrr17System@AnsiStringpbi, @System@@LStrFromArray$qqrr17System@AnsiStringpci, @System@@LStrFromString$qqrr17System@AnsiStringrx28System@_SmallString$iuc$255_, @System@@LStrFromPWChar$qqrr17System@AnsiStringpb, @System@@LStrFromPChar$qqrr17System@AnsiStringpc, @System@@LStrFromWChar$qqrr17System@AnsiStringb, @System@@LStrFromChar$qqrr17System@AnsiStringc, @System@@LStrFromPCharLen$qqrr17System@AnsiStringpci, @System@@LStrLAsg$qqrpvpxv, @System@@LStrAsg$qqrpvpxv, @System@@LStrArrayClr$qqrpvi, @System@@LStrClr$qqrpv, @System@EndThread$qqri, @System@BeginThread$qqrpvuipqqrpv$it1uirui, @System@@RunError$qqruc, @System@@Halt0$qqrv, @System@@InitWideStrings$qqrv, @System@@InitResStringImports$qqrv, @System@@StartExe$qqrp23System@PackageInfoTablep17System@TLibModule, @System@@TryFinallyExit$qqrv, @System@@DoneExcept$qqrv, @System@@RaiseAgain$qqrv, @System@@RaiseExcept$qqrv, @System@@HandleAutoException$qqrv, @System@@HandleFinally$qqrv, @System@@HandleOnException$qqrv, @System@@HandleAnyException$qqrv, @System@@BeforeDestruction$qqrp14System@TObjectzc, @System@@AfterConstruction$qqrp14System@TObject, @System@@ClassDestroy$qqrp14System@TObject, @System@@ClassCreate$qqrp17System@TMetaClasso, @System@TObject@Dispatch$qqrpv, @System@TObject@BeforeDestruction$qqrv, @System@TObject@AfterConstruction$qqrv, @System@TObject@DefaultHandler$qqrpv, @System@TObject@SafeCallException$qqrp14System@TObjectpv, @System@TObject@ClassInfo$qqrp17System@TMetaClass, @System@TObject@InheritsFrom$qqrp17System@TMetaClasst1, @System@@CallDynaInst$qqrv, @System@@AsClass$qqrp14System@TObjectp17System@TMetaClass, @System@@IsClass$qqrp14System@TObjectp17System@TMetaClass, @System@TObject@GetInterface$qqrrx5_GUIDpv, @System@TObject@Free$qqrv, @System@TObject@$bdtr$qqrv, @System@TObject@$bctr$qqrv, @System@TObject@FreeInstance$qqrv, @System@TObject@NewInstance$qqrp17System@TMetaClass, @System@TObject@ClassParent$qqrp17System@TMetaClass, @System@TObject@ClassName$qqrp17System@TMetaClass, @System@TObject@ClassType$qqrv, @System@@IntOver$qqrv, @System@@BoundErr$qqrv, @System@@SetExpand$qqrv, @System@@SetSub$qqrv, @System@@SetUnion$qqrv, @System@@SetIntersect$qqrv, @System@@SetEq$qqrv, @System@@SetElem$qqrv, @System@@_CToPasStr$qqrp28System@_SmallString$iuc$255_pxc, @System@@WriteLn$qqrr15System@TTextRec, @System@@FillChar$qqrpvic, @System@@AStrCmp$qqrv, @System@@PStrCpy$qqrp28System@_SmallString$iuc$255_t1, @System@@PStrNCat$qqrv, @System@@AbstractError$qqrv, @System@@TRUNC$qqrv, @System@@ROUND$qqrv, @System@Sqrt$qqrxg, @System@Exp$qqrxg, @System@Frac$qqrxg, @System@Get8087CW$qqrv, @System@Set8087CW$qqrus, @System@UpCase$qqrc, @System@Random$qqrxi, @System@ParamStr$qqri, @System@ParamCount$qqrv, @System@Move$qqrpxvpvi, @System@@Copy$qqrv, @System@@_IOTest$qqrv, @System@RaiseList$qqrv, @System@AcquireExceptionObject$qqrv, @System@ExceptAddr$qqrv, @System@ExceptObject$qqrv, @System@SetMemoryManager$qqrrx21System@TMemoryManager, @System@GetMemoryManager$qqrr21System@TMemoryManager, @System@@ReallocMem$qqrrpvi, @System@@FreeMem$qqrpv, @System@@GetMem$qqri, @System@AllocMem$qqrui, @System@ReportMemoryLeaksOnShutdown, @System@AllocMemSize, @System@AllocMemCount, @System@DebugHook, @System@HeapAllocFlags, @System@Output, @System@IsMultiThread, @System@IsConsole, @System@ErrorAddr, @System@CmdLine, @System@MainThreadID, @System@ExceptionClass, @System@ExceptObjProc, @$xp$16System@TDateTime, @System@TInterfacedObject@, @$xp$17System@IInterface, @$xp$14System@TObject, @System@TObject@, @$xp$7HRESULT, @$xp$17System@OleVariant, @$xp$17System@WideString, @$xp$13System@string, @$xp$15System@Cardinal, @$xp$11System@Word, @$xp$11System@Byte, @$xp$14System@Integer, @$xp$15System@Smallint, @$xp$14System@Boolean
> kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA
> user32.dll: CreateWindowExW, CreateWindowExA, WindowFromPoint, WaitMessage, WaitForInputIdle, ValidateRect, UpdateWindow, UnregisterClassW, UnregisterClassA, UnionRect, UnhookWindowsHookEx, TranslateMessage, ToAscii, SystemParametersInfoA, SubtractRect, ShowWindow, ShowScrollBar, ShowOwnedPopups, ShowCaret, SetWindowRgn, SetWindowsHookExW, SetWindowsHookExA, SetWindowTextW, SetWindowTextA, SetWindowPos, SetWindowPlacement, SetWindowLongW, SetWindowLongA, SetTimer, SetScrollInfo, SetRect, SetPropA, SetParent, SetMenuItemInfoW, SetForegroundWindow, SetFocus, SetCursor, SetClipboardData, SetClassLongA, SetCapture, SetActiveWindow, SendMessageTimeoutA, SendMessageCallbackA, SendMessageW, SendMessageA, ScrollWindow, ScrollDC, ScreenToClient, RemovePropA, RemoveMenu, ReleaseDC, ReleaseCapture, RegisterWindowMessageA, RegisterClipboardFormatA, RegisterClassW, RegisterClassA, RedrawWindow, PtInRect, PostThreadMessageA, PostQuitMessage, PostMessageW, PostMessageA, PeekMessageW, PeekMessageA, OpenClipboard, OffsetRect, OemToCharBuffA, NotifyWinEvent, MsgWaitForMultipleObjects, MoveWindow, MessageBoxA, MessageBeep, MapWindowPoints, MapVirtualKeyW, LockWindowUpdate, LoadStringA, LoadImageA, LoadIconA, LoadCursorA, LoadBitmapA, KillTimer, IsZoomed, IsWindowVisible, IsWindowUnicode, IsWindowEnabled, IsWindow, IsRectEmpty, IsIconic, IsDialogMessageW, IsDialogMessageA, InvalidateRect, IntersectRect, InflateRect, HideCaret, GetWindowThreadProcessId, GetWindowTextLengthW, GetWindowTextW, GetWindowTextA, GetWindowRect, GetWindowPlacement, GetWindowLongW, GetWindowLongA, GetWindowDC, GetUpdateRect, GetTopWindow, GetSystemMetrics, GetSystemMenu, GetSysColorBrush, GetSysColor, GetSubMenu, GetScrollPos, GetScrollInfo, GetPropA, GetParent, GetWindow, GetMessagePos, GetMessageW, GetMessageA, GetMenuStringW, GetMenuItemInfoW, GetMenu, GetKeyboardState, GetKeyboardLayout, GetKeyState, GetKeyNameTextW, GetIconInfo, GetForegroundWindow, GetFocus, GetDesktopWindow, GetDCEx, GetDC, GetCursorPos, GetCursor, GetClipboardFormatNameA, GetClientRect, GetClassNameW, GetClassNameA, GetClassLongA, GetClassInfoW, GetClassInfoA, GetCapture, GetAsyncKeyState, FrameRect, FindWindowExA, FindWindowA, FillRect, ExitWindowsEx, EnumWindows, EnumThreadWindows, EndPaint, EndDeferWindowPos, EnableWindow, EmptyClipboard, DrawTextW, DrawTextA, DrawStateA, DrawMenuBar, DrawIconEx, DrawFrameControl, DrawFocusRect, DrawEdge, DispatchMessageW, DispatchMessageA, DestroyWindow, DestroyIcon, DeleteMenu, DeferWindowPos, DefWindowProcW, DefWindowProcA, CopyImage, CloseClipboard, ClientToScreen, ChildWindowFromPointEx, CharNextW, CallWindowProcW, CallWindowProcA, CallNextHookEx, BringWindowToTop, BeginPaint, BeginDeferWindowPos, AttachThreadInput, CharLowerA, CharUpperA, AdjustWindowRectEx
> gdi32.dll: TextOutA, StartPage, StartDocA, SetWindowOrgEx, SetTextColor, SetTextAlign, SetMapMode, SetBrushOrgEx, SetBkMode, SetBkColor, SelectObject, SelectClipRgn, SaveDC, RestoreDC, PatBlt, OffsetRgn, MoveToEx, MaskBlt, LineTo, LPtoDP, IntersectClipRect, GetTextMetricsA, GetTextFaceA, GetTextExtentPoint32W, GetTextExtentPoint32A, GetTextColor, GetTextAlign, GetStockObject, GetRgnBox, GetPaletteEntries, GetObjectA, GetMapMode, GetDeviceCaps, GetCurrentObject, GetClipRgn, GetBkColor, GdiFlush, ExtTextOutW, ExcludeClipRect, EndPage, EndDoc, DeleteObject, DeleteDC, CreateSolidBrush, CreateRoundRectRgn, CreateRectRgnIndirect, CreateRectRgn, CreatePen, CreatePatternBrush, CreatePalette, CreateHalftonePalette, CreateFontA, CreateDIBSection, CreateDCA, CreateCompatibleDC, CreateBitmap, CombineRgn, BitBlt
> version.dll: VerQueryValueW, VerQueryValueA, GetFileVersionInfoSizeW, GetFileVersionInfoSizeA, GetFileVersionInfoW, GetFileVersionInfoA
> mpr.dll: WNetGetUniversalNameW
omlet- Membro
- Mensagens : 54
Reputação : 0
Data de inscrição : 02/01/2009
Idade : 52
Re: Avira está dizendo que Spyware Doctor tem trojan
> kernel32.dll: lstrlenW, lstrcmpW, lstrcmpA, WriteProcessMemory, WriteFile, WideCharToMultiByte, WaitForSingleObject, WaitForMultipleObjectsEx, WaitForMultipleObjects, VirtualQueryEx, VirtualQuery, VirtualProtectEx, VirtualProtect, VirtualFree, VirtualAlloc, UnmapViewOfFile, TerminateThread, TerminateProcess, SystemTimeToFileTime, SuspendThread, Sleep, SizeofResource, SetWaitableTimer, SetUnhandledExceptionFilter, SetThreadPriority, SetThreadContext, SetThreadAffinityMask, SetProcessWorkingSetSize, SetPriorityClass, SetLastError, SetFilePointer, SetFileAttributesA, SetEvent, SetErrorMode, SetEndOfFile, ResumeThread, ResetEvent, RemoveDirectoryA, ReleaseMutex, ReadProcessMemory, ReadFile, RaiseException, QueryPerformanceFrequency, QueryPerformanceCounter, QueryDosDeviceW, PulseEvent, OutputDebugStringA, OpenProcess, OpenFileMappingA, OpenEventA, MultiByteToWideChar, MulDiv, MapViewOfFile, LockResource, LocalSize, LocalFree, LocalAlloc, LoadResource, LoadLibraryExA, LoadLibraryA, LeaveCriticalSection, IsBadReadPtr, InitializeCriticalSection, HeapFree, HeapAlloc, GlobalUnlock, GlobalSize, GlobalReAlloc, GlobalMemoryStatus, GlobalHandle, GlobalLock, GlobalFree, GlobalDeleteAtom, GlobalAlloc, GlobalAddAtomA, GetWindowsDirectoryA, GetVolumeInformationW, GetVersionExW, GetVersionExA, GetVersion, GetTickCount, GetThreadPriority, GetThreadLocale, GetThreadContext, GetTempPathA, GetSystemTime, GetSystemInfo, GetSystemDirectoryW, GetSystemDirectoryA, GetStartupInfoA, GetProcessVersion, GetProcessHeap, GetProcessAffinityMask, GetProcAddress, GetPriorityClass, GetModuleHandleW, GetModuleHandleA, GetModuleFileNameW, GetModuleFileNameA, GetLocaleInfoA, GetLocalTime, GetLastError, GetFullPathNameW, GetFullPathNameA, GetFileTime, GetFileSize, GetFileAttributesW, GetFileAttributesA, GetExitCodeThread, GetExitCodeProcess, GetEnvironmentVariableA, GetDriveTypeW, GetDiskFreeSpaceA, GetCurrentThreadId, GetCurrentThread, GetCurrentProcessId, GetCurrentProcess, GetComputerNameA, GetCommandLineW, GetCommandLineA, GetACP, FreeResource, InterlockedIncrement, InterlockedExchange, InterlockedDecrement, FreeLibrary, FormatMessageW, FormatMessageA, FindResourceA, FindNextFileW, FindNextFileA, FindFirstFileW, FindFirstFileA, FindClose, FileTimeToSystemTime, FileTimeToLocalFileTime, FileTimeToDosDateTime, ExpandEnvironmentStringsA, ExitThread, ExitProcess, EnterCriticalSection, DuplicateHandle, DeleteFileA, DeleteCriticalSection, CreateWaitableTimerA, CreateThread, CreateSemaphoreA, CreateRemoteThread, CreateProcessA, CreatePipe, CreateMutexA, CreateFileMappingW, CreateFileMappingA, CreateFileW, CreateFileA, CreateEventA, CreateDirectoryA, CopyFileA, CompareStringW, CompareStringA, CloseHandle, CancelWaitableTimer, Beep
> advapi32.dll: SetSecurityDescriptorSacl, SetSecurityDescriptorOwner, SetSecurityDescriptorGroup, SetSecurityDescriptorDacl, SetKernelObjectSecurity, RegSetValueExA, RegQueryValueExA, RegQueryInfoKeyA, RegOpenKeyExA, RegEnumKeyA, RegDeleteValueA, RegCreateKeyExA, RegCloseKey, OpenProcessToken, LookupAccountSidA, LookupAccountNameA, IsValidSid, IsValidAcl, InitializeSecurityDescriptor, InitializeAcl, GetUserNameA, GetTokenInformation, GetSidSubAuthorityCount, GetSidSubAuthority, GetSidIdentifierAuthority, GetSecurityDescriptorSacl, GetSecurityDescriptorOwner, GetSecurityDescriptorGroup, GetSecurityDescriptorDacl, GetLengthSid, GetKernelObjectSecurity, FreeSid, EqualSid, DuplicateTokenEx, CreateProcessAsUserW, AllocateAndInitializeSid, AddAccessDeniedAce, AddAccessAllowedAce
> rtl100.bpl: @Types@PtInRect$qqrrx11Types@TRectrx12Types@TPoint, @Types@Point$qqrii
> rtl100.bpl: @Sysutils@initialization$qqrv, @Sysutils@Finalization$qqrv, @Sysutils@Supports$qqrpx14System@TObjectrx5_GUID, @Sysutils@FreeAndNil$qqrpv, @Sysutils@Win32Check$qqri, @Sysutils@RaiseLastOSError$qqrv, @Sysutils@FindCmdLineSwitch$qqrx17System@AnsiStringo, @Sysutils@StringReplace$qqrx17System@AnsiStringt1t149System@_Set$t21Sysutils@SysUtils__94$iuc$0$iuc$1_, @Sysutils@AnsiPos$qqrx17System@AnsiStringt1, @Sysutils@IncludeTrailingPathDelimiter$qqrx17System@AnsiString, @Sysutils@Beep$qqrv, @Sysutils@CheckWin32Version$qqrii, @Sysutils@Exception@$bctr$qqrx17System@AnsiStringi, @Sysutils@Exception@$bctr$qqrp20System@TResStringRecpx14System@TVarRecxi, @Sysutils@Exception@$bctr$qqrp20System@TResStringRec, @Sysutils@Exception@$bctr$qqrx17System@AnsiStringpx14System@TVarRecxi, @Sysutils@Exception@$bctr$qqrx17System@AnsiString, @Sysutils@Abort$qqrv, @Sysutils@ShowException$qqrp14System@TObjectpv, @Sysutils@SysErrorMessage$qqri, @Sysutils@StrToDateTime$qqrx17System@AnsiString, @Sysutils@StrToTime$qqrx17System@AnsiString, @Sysutils@StrToDate$qqrx17System@AnsiString, @Sysutils@DateTimeToStr$qqrx16System@TDateTime, @Sysutils@TimeToStr$qqrx16System@TDateTime, @Sysutils@DateToStr$qqrx16System@TDateTime, @Sysutils@Now$qqrv, @Sysutils@Time$qqrv, @Sysutils@Date$qqrv, @Sysutils@SystemTimeToDateTime$qqrrx11_SYSTEMTIME, @Sysutils@DateTimeToSystemTime$qqrx16System@TDateTimer11_SYSTEMTIME, @Sysutils@DecodeDate$qqrx16System@TDateTimerust2t2, @Sysutils@IsLeapYear$qqrus, @Sysutils@DecodeTime$qqrx16System@TDateTimerust2t2t2, @Sysutils@StrToFloatDef$qqrx17System@AnsiStringxg, @Sysutils@StrToFloat$qqrx17System@AnsiString, @Sysutils@FloatToStr$qqrg, @Sysutils@WideFormat$qqrx17System@WideStringpx14System@TVarRecxi, @Sysutils@Format$qqrx17System@AnsiStringpx14System@TVarRecxi, @Sysutils@StrPLCopy$qqrpcx17System@AnsiStringui, @Sysutils@StrPCopy$qqrpcx17System@AnsiString, @Sysutils@StrLCopy$qqrpcpxcui, @Sysutils@StrCopy$qqrpcpxc, @Sysutils@StrLen$qqrpxc, @Sysutils@ExpandFileName$qqrx17System@AnsiString, @Sysutils@ExtractFileExt$qqrx17System@AnsiString, @Sysutils@ExtractFileName$qqrx17System@AnsiString, @Sysutils@ExtractFilePath$qqrx17System@AnsiString, @Sysutils@LastDelimiter$qqrx17System@AnsiStringt1, @Sysutils@FindClose$qqrr19Sysutils@TSearchRec, @Sysutils@FindNext$qqrr19Sysutils@TSearchRec, @Sysutils@FindFirst$qqrx17System@AnsiStringir19Sysutils@TSearchRec, @Sysutils@DirectoryExists$qqrx17System@AnsiString, @Sysutils@FileExists$qqrx17System@AnsiString, @Sysutils@FileClose$qqri, @Sysutils@BoolToStr$qqroo, @Sysutils@StrToBoolDef$qqrx17System@AnsiStringxo, @Sysutils@StrToBool$qqrx17System@AnsiString, @Sysutils@StrToIntDef$qqrx17System@AnsiStringi, @Sysutils@StrToInt$qqrx17System@AnsiString, @Sysutils@IntToHex$qqrji, @Sysutils@IntToStr$qqrj, @Sysutils@IntToStr$qqri, @Sysutils@AnsiQuotedStr$qqrx17System@AnsiStringc, @Sysutils@QuotedStr$qqrx17System@AnsiString, @Sysutils@Trim$qqrx17System@WideString, @Sysutils@Trim$qqrx17System@AnsiString, @Sysutils@WideSameText$qqrx17System@WideStringt1, @Sysutils@WideCompareText$qqrx17System@WideStringt1, @Sysutils@WideSameStr$qqrx17System@WideStringt1, @Sysutils@WideCompareStr$qqrx17System@WideStringt1, @Sysutils@WideUpperCase$qqrx17System@WideString, @Sysutils@AnsiCompareText$qqrx17System@AnsiStringt1, @Sysutils@AnsiCompareStr$qqrx17System@AnsiStringt1, @Sysutils@SameText$qqrx17System@AnsiStringt1, @Sysutils@CompareText$qqrx17System@AnsiStringt1, @Sysutils@CompareMem$qqrpvt1i, @Sysutils@LowerCase$qqrx17System@AnsiString, @Sysutils@UpperCase$qqrx17System@AnsiString, @Sysutils@GUIDToString$qqrrx5_GUID, @Sysutils@StringToGUID$qqrx17System@AnsiString, @Sysutils@LeadBytes, @$xp$24Sysutils@TFormatSettings, @Sysutils@ListSeparator, @Sysutils@SysLocale, @Sysutils@Win32MinorVersion, @Sysutils@Win32MajorVersion, @Sysutils@Win32Platform, @Sysutils@EmptyWideStr, @Sysutils@EConvertError@, @Sysutils@EExternal@, @Sysutils@EAbort@, @Sysutils@Exception@, @$xp$19Sysutils@TSearchRec, @$xp$18Sysutils@TFileName
>
> advapi32.dll: SetSecurityDescriptorSacl, SetSecurityDescriptorOwner, SetSecurityDescriptorGroup, SetSecurityDescriptorDacl, SetKernelObjectSecurity, RegSetValueExA, RegQueryValueExA, RegQueryInfoKeyA, RegOpenKeyExA, RegEnumKeyA, RegDeleteValueA, RegCreateKeyExA, RegCloseKey, OpenProcessToken, LookupAccountSidA, LookupAccountNameA, IsValidSid, IsValidAcl, InitializeSecurityDescriptor, InitializeAcl, GetUserNameA, GetTokenInformation, GetSidSubAuthorityCount, GetSidSubAuthority, GetSidIdentifierAuthority, GetSecurityDescriptorSacl, GetSecurityDescriptorOwner, GetSecurityDescriptorGroup, GetSecurityDescriptorDacl, GetLengthSid, GetKernelObjectSecurity, FreeSid, EqualSid, DuplicateTokenEx, CreateProcessAsUserW, AllocateAndInitializeSid, AddAccessDeniedAce, AddAccessAllowedAce
> rtl100.bpl: @Types@PtInRect$qqrrx11Types@TRectrx12Types@TPoint, @Types@Point$qqrii
> rtl100.bpl: @Sysutils@initialization$qqrv, @Sysutils@Finalization$qqrv, @Sysutils@Supports$qqrpx14System@TObjectrx5_GUID, @Sysutils@FreeAndNil$qqrpv, @Sysutils@Win32Check$qqri, @Sysutils@RaiseLastOSError$qqrv, @Sysutils@FindCmdLineSwitch$qqrx17System@AnsiStringo, @Sysutils@StringReplace$qqrx17System@AnsiStringt1t149System@_Set$t21Sysutils@SysUtils__94$iuc$0$iuc$1_, @Sysutils@AnsiPos$qqrx17System@AnsiStringt1, @Sysutils@IncludeTrailingPathDelimiter$qqrx17System@AnsiString, @Sysutils@Beep$qqrv, @Sysutils@CheckWin32Version$qqrii, @Sysutils@Exception@$bctr$qqrx17System@AnsiStringi, @Sysutils@Exception@$bctr$qqrp20System@TResStringRecpx14System@TVarRecxi, @Sysutils@Exception@$bctr$qqrp20System@TResStringRec, @Sysutils@Exception@$bctr$qqrx17System@AnsiStringpx14System@TVarRecxi, @Sysutils@Exception@$bctr$qqrx17System@AnsiString, @Sysutils@Abort$qqrv, @Sysutils@ShowException$qqrp14System@TObjectpv, @Sysutils@SysErrorMessage$qqri, @Sysutils@StrToDateTime$qqrx17System@AnsiString, @Sysutils@StrToTime$qqrx17System@AnsiString, @Sysutils@StrToDate$qqrx17System@AnsiString, @Sysutils@DateTimeToStr$qqrx16System@TDateTime, @Sysutils@TimeToStr$qqrx16System@TDateTime, @Sysutils@DateToStr$qqrx16System@TDateTime, @Sysutils@Now$qqrv, @Sysutils@Time$qqrv, @Sysutils@Date$qqrv, @Sysutils@SystemTimeToDateTime$qqrrx11_SYSTEMTIME, @Sysutils@DateTimeToSystemTime$qqrx16System@TDateTimer11_SYSTEMTIME, @Sysutils@DecodeDate$qqrx16System@TDateTimerust2t2, @Sysutils@IsLeapYear$qqrus, @Sysutils@DecodeTime$qqrx16System@TDateTimerust2t2t2, @Sysutils@StrToFloatDef$qqrx17System@AnsiStringxg, @Sysutils@StrToFloat$qqrx17System@AnsiString, @Sysutils@FloatToStr$qqrg, @Sysutils@WideFormat$qqrx17System@WideStringpx14System@TVarRecxi, @Sysutils@Format$qqrx17System@AnsiStringpx14System@TVarRecxi, @Sysutils@StrPLCopy$qqrpcx17System@AnsiStringui, @Sysutils@StrPCopy$qqrpcx17System@AnsiString, @Sysutils@StrLCopy$qqrpcpxcui, @Sysutils@StrCopy$qqrpcpxc, @Sysutils@StrLen$qqrpxc, @Sysutils@ExpandFileName$qqrx17System@AnsiString, @Sysutils@ExtractFileExt$qqrx17System@AnsiString, @Sysutils@ExtractFileName$qqrx17System@AnsiString, @Sysutils@ExtractFilePath$qqrx17System@AnsiString, @Sysutils@LastDelimiter$qqrx17System@AnsiStringt1, @Sysutils@FindClose$qqrr19Sysutils@TSearchRec, @Sysutils@FindNext$qqrr19Sysutils@TSearchRec, @Sysutils@FindFirst$qqrx17System@AnsiStringir19Sysutils@TSearchRec, @Sysutils@DirectoryExists$qqrx17System@AnsiString, @Sysutils@FileExists$qqrx17System@AnsiString, @Sysutils@FileClose$qqri, @Sysutils@BoolToStr$qqroo, @Sysutils@StrToBoolDef$qqrx17System@AnsiStringxo, @Sysutils@StrToBool$qqrx17System@AnsiString, @Sysutils@StrToIntDef$qqrx17System@AnsiStringi, @Sysutils@StrToInt$qqrx17System@AnsiString, @Sysutils@IntToHex$qqrji, @Sysutils@IntToStr$qqrj, @Sysutils@IntToStr$qqri, @Sysutils@AnsiQuotedStr$qqrx17System@AnsiStringc, @Sysutils@QuotedStr$qqrx17System@AnsiString, @Sysutils@Trim$qqrx17System@WideString, @Sysutils@Trim$qqrx17System@AnsiString, @Sysutils@WideSameText$qqrx17System@WideStringt1, @Sysutils@WideCompareText$qqrx17System@WideStringt1, @Sysutils@WideSameStr$qqrx17System@WideStringt1, @Sysutils@WideCompareStr$qqrx17System@WideStringt1, @Sysutils@WideUpperCase$qqrx17System@WideString, @Sysutils@AnsiCompareText$qqrx17System@AnsiStringt1, @Sysutils@AnsiCompareStr$qqrx17System@AnsiStringt1, @Sysutils@SameText$qqrx17System@AnsiStringt1, @Sysutils@CompareText$qqrx17System@AnsiStringt1, @Sysutils@CompareMem$qqrpvt1i, @Sysutils@LowerCase$qqrx17System@AnsiString, @Sysutils@UpperCase$qqrx17System@AnsiString, @Sysutils@GUIDToString$qqrrx5_GUID, @Sysutils@StringToGUID$qqrx17System@AnsiString, @Sysutils@LeadBytes, @$xp$24Sysutils@TFormatSettings, @Sysutils@ListSeparator, @Sysutils@SysLocale, @Sysutils@Win32MinorVersion, @Sysutils@Win32MajorVersion, @Sysutils@Win32Platform, @Sysutils@EmptyWideStr, @Sysutils@EConvertError@, @Sysutils@EExternal@, @Sysutils@EAbort@, @Sysutils@Exception@, @$xp$19Sysutils@TSearchRec, @$xp$18Sysutils@TFileName
>
omlet- Membro
- Mensagens : 54
Reputação : 0
Data de inscrição : 02/01/2009
Idade : 52
Re: Avira está dizendo que Spyware Doctor tem trojan
Na realidade não é este relatório que precisamos, é só o link (o endereço do site) que aparece quando você termina a análize do arquivo no Virus Total.
Re: Avira está dizendo que Spyware Doctor tem trojan
Desculpe espero que seja isso [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
omlet- Membro
- Mensagens : 54
Reputação : 0
Data de inscrição : 02/01/2009
Idade : 52
Re: Avira está dizendo que Spyware Doctor tem trojan
Realmente foi um falso-positivo. Veja que só o Fortinet (que não é um antivirus muito conhecido) é que apontou o arquivo como suspeito.
Nem o Avira o classificou como virus, é provável que este falso-positivo já tenha sido corrigido na última atualização do Avira, você já atualizou ele (fez o update)?
Nem o Avira o classificou como virus, é provável que este falso-positivo já tenha sido corrigido na última atualização do Avira, você já atualizou ele (fez o update)?
Amigo Brasileiro- Membro Pleno
- Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008
Re: Avira está dizendo que Spyware Doctor tem trojan
Ok Alberto/Antonio obrigado pela ajuda, não sei se tem alguma coisa a ver meu pc está demorando para carregar este site e muita vezes não carrega, preciso fechar e abrir de novo, outra coisa que aconteceu eu usava o Mv regclean apos a atualização que ouve simplesmente ele trava meu pc tendo que desliga-lo direto no botão na cpu. Já desistalei o programa. Mais uma coisa é normal o pc estár usando entre 620 a 700mb de memoria constantemente mesmo não estando usando quase nada de programas só os que iniciam junto com o pc e o mozilla. Por ora é só.
Última edição por omlet em Dom 15 Fev 2009, 12:59, editado 1 vez(es)
omlet- Membro
- Mensagens : 54
Reputação : 0
Data de inscrição : 02/01/2009
Idade : 52
Re: Avira está dizendo que Spyware Doctor tem trojan
Esta questão do carregamento das páginas tem a ver também com a velocidade da sua internet.
Amigo Brasileiro- Membro Pleno
- Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008
Re: Avira está dizendo que Spyware Doctor tem trojan
Ok eu acho que é só isso obrigado por mais essa ajuda.
omlet- Membro
- Mensagens : 54
Reputação : 0
Data de inscrição : 02/01/2009
Idade : 52
Re: Avira está dizendo que Spyware Doctor tem trojan
Caso Resolvido!
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Tópicos semelhantes
» Dúvida sobre a Central de Segurança e Anti Malware
» O que significa "Warnings" No Avira 9.0???
» se instalou um vírus no meu pc dizendo que é um programa de segurança
» Ajuda qone8
» Com o novo avira 9.
» O que significa "Warnings" No Avira 9.0???
» se instalou um vírus no meu pc dizendo que é um programa de segurança
» Ajuda qone8
» Com o novo avira 9.
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos