kreon Posted November 8, 2009 Report Share Posted November 8, 2009 Hi, when I try to download the latest version of Bittorrent application, Avira Antivir reports swisyn.ddx trojan.I remark the detection notification does not appear when trying to download a file or a torrent file. The detection is notified just when I try to start the download of Bittorrent application installer (I don't have Bittorrent application\program installed and I want to install it).So before downloading I'd like to ask here. Is there any issue about this?Thx.(NOTE: FAQ hasn't helped)====================================================IMPORTANT EDIT: I've retried Bittorrent program installer download again, and this time Avira Antivir hasn't reported any virus, as if the former one had been a false alarm or false positive. Don't know why. If I don't add anything else here, then the antivirus has found no virus. Link to comment Share on other sites More sharing options...
Switeck Posted November 8, 2009 Report Share Posted November 8, 2009 Process Explorer, uTorrent.exe DLL list.1st link of my signature, last post, very bottom for more details. Link to comment Share on other sites More sharing options...
kreon Posted November 9, 2009 Author Report Share Posted November 9, 2009 Thanks!--------------------------------------------------------------EDIT: ok here we go !Process: uTorrent.exe Pid: 1108Name Description Path Company Name<Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> ACTIVEDS.dll DLL de nivel de enrutado para AD C:\WINDOWS\system32\ACTIVEDS.dll Microsoft Corporationadsldpc.dll DLL de proveedor LDAP de AD C:\WINDOWS\system32\adsldpc.dll Microsoft CorporationADVAPI32.dll API base de Windows 32 avanzado C:\WINDOWS\system32\ADVAPI32.dll Microsoft CorporationATL.DLL ATL Module for Windows XP (Unicode) C:\WINDOWS\system32\ATL.DLL Microsoft CorporationCLBCATQ.DLL C:\WINDOWS\system32\CLBCATQ.DLL Microsoft Corporationcomdlg32.dll DLL de diálogos comunes C:\WINDOWS\system32\comdlg32.dll Microsoft CorporationCOMRes.dll C:\WINDOWS\system32\COMRes.dll Microsoft Corporationcredui.dll Interfaz de usuario del administrador de credenciales C:\WINDOWS\System32\credui.dll Microsoft CorporationCRYPT32.dll Crypto API32 C:\WINDOWS\System32\CRYPT32.dll Microsoft Corporationctype.nls C:\WINDOWS\system32\ctype.nls DnsApi.dll DNS Client API DLL C:\WINDOWS\system32\DnsApi.dll Microsoft Corporationdot3api.dll API de configuración automática 802.3 C:\WINDOWS\System32\dot3api.dll Microsoft Corporationdot3dlg.dll Aplicación auxiliar de la interfaz de usuario 802.3 C:\WINDOWS\System32\dot3dlg.dll Microsoft Corporationeappcfg.dll Configuración de mismo nivel EAP C:\WINDOWS\System32\eappcfg.dll Microsoft Corporationeappprxy.dll Microsoft EAPHost Peer Client DLL C:\WINDOWS\System32\eappprxy.dll Microsoft CorporationGDI32.dll GDI Client DLL C:\WINDOWS\system32\GDI32.dll Microsoft Corporationhnetcfg.dll Administrador de configuración de redes domésticas C:\WINDOWS\system32\hnetcfg.dll Microsoft CorporationIMM32.DLL Windows XP IMM32 API Client DLL C:\WINDOWS\system32\IMM32.DLL Microsoft CorporationIphlpapi.dll API auxiliar para IP C:\WINDOWS\system32\Iphlpapi.dll Microsoft Corporationkernel32.dll DLL de cliente API BASE de Windows NT C:\WINDOWS\system32\kernel32.dll Microsoft Corporationlocale.nls C:\WINDOWS\system32\locale.nls LPK.DLL Language Pack C:\WINDOWS\system32\LPK.DLL Microsoft CorporationMPRAPI.dll Windows NT MP Router Administration DLL C:\WINDOWS\system32\MPRAPI.dll Microsoft CorporationMSASN1.dll ASN.1 Runtime APIs C:\WINDOWS\System32\MSASN1.dll Microsoft CorporationMSCTF.dll DLL del servidor MSCTF C:\WINDOWS\system32\MSCTF.dll Microsoft Corporationmsctfime.ime Microsoft Text Frame Work Service IME C:\WINDOWS\system32\msctfime.ime Microsoft CorporationMSVCP60.dll Microsoft ® C++ Runtime Library C:\WINDOWS\System32\MSVCP60.dll Microsoft Corporationmsvcrt.dll Windows NT CRT DLL C:\WINDOWS\system32\msvcrt.dll Microsoft Corporationmswsock.dll Proveedor de servicios de Microsoft Windows Sockets 2.0 C:\WINDOWS\system32\mswsock.dll Microsoft Corporationnetapi32.dll Net Win32 API DLL C:\WINDOWS\system32\netapi32.dll Microsoft Corporationnetshell.dll Núcleo de conexiones de red C:\WINDOWS\System32\netshell.dll Microsoft Corporationntdll.dll DLL de la capa de Windows NT C:\WINDOWS\system32\ntdll.dll Microsoft CorporationNTMARTA.DLL Proveedor MARTA de Windows NT C:\WINDOWS\system32\NTMARTA.DLL Microsoft Corporationnview.dll NVIDIA nView Desktop and Window Manager 105.31 C:\WINDOWS\system32\nview.dll NVIDIA CorporationNVWRSES.DLL NVIDIA nView Desktop and Window Manager C:\WINDOWS\system32\NVWRSES.DLL NVIDIA Corporationole32.dll Microsoft OLE para Windows C:\WINDOWS\system32\ole32.dll Microsoft Corporationoleaut32.dll C:\WINDOWS\system32\oleaut32.dll Microsoft CorporationOneX.DLL Biblioteca de súplica IEEE 802.1X C:\WINDOWS\System32\OneX.DLL Microsoft CorporationPSAPI.DLL Process Status Helper C:\WINDOWS\system32\PSAPI.DLL Microsoft Corporationrasadhlp.dll Remote Access AutoDial Helper C:\WINDOWS\system32\rasadhlp.dll Microsoft CorporationRPCRT4.dll Remote Procedure Call Runtime C:\WINDOWS\system32\RPCRT4.dll Microsoft Corporationrsaenh.dll Microsoft Enhanced Cryptographic Provider C:\WINDOWS\system32\rsaenh.dll Microsoft Corporationrtutils.dll Routing Utilities C:\WINDOWS\system32\rtutils.dll Microsoft CorporationSAMLIB.dll SAM Library DLL C:\WINDOWS\system32\SAMLIB.dll Microsoft CorporationSecur32.dll Security Support Provider Interface C:\WINDOWS\system32\Secur32.dll Microsoft CorporationSETUPAPI.dll API de instalación de Windows C:\WINDOWS\system32\SETUPAPI.dll Microsoft CorporationSHELL32.dll DLL común del shell de Windows C:\WINDOWS\system32\SHELL32.dll Microsoft Corporationshfolder.dll Shell Folder Service C:\WINDOWS\system32\shfolder.dll Microsoft CorporationSHLWAPI.dll Biblioteca de utilidades de Shell C:\WINDOWS\system32\SHLWAPI.dll Microsoft Corporationsortkey.nls C:\WINDOWS\system32\sortkey.nls sorttbls.nls C:\WINDOWS\system32\sorttbls.nls unicode.nls C:\WINDOWS\system32\unicode.nls USER32.dll DLL de cliente USER API de Windows XP C:\WINDOWS\system32\USER32.dll Microsoft CorporationUSERENV.dll Userenv C:\WINDOWS\system32\USERENV.dll Microsoft CorporationUSP10.dll Uniscribe Unicode script processor C:\WINDOWS\system32\USP10.dll Microsoft CorporationUxTheme.dll Biblioteca UxTheme de Microsoft C:\WINDOWS\system32\UxTheme.dll Microsoft CorporationVERSION.dll Version Checking and File Installation Libraries C:\WINDOWS\system32\VERSION.dll Microsoft CorporationWINMM.dll MCI API DLL C:\WINDOWS\system32\WINMM.dll Microsoft CorporationWINSTA.dll Winstation Library C:\WINDOWS\System32\WINSTA.dll Microsoft CorporationWLDAP32.dll DLL de API de LDAP Win32 C:\WINDOWS\system32\WLDAP32.dll Microsoft CorporationWS2_32.dll Windows Socket 2.0 32-Bit DLL C:\WINDOWS\system32\WS2_32.dll Microsoft CorporationWS2HELP.dll Ayuda de Windows Socket 2.0 para Windows NT C:\WINDOWS\system32\WS2HELP.dll Microsoft Corporationwship6.dll IPv6 Helper DLL C:\WINDOWS\System32\wship6.dll Microsoft Corporationwshtcpip.dll Windows Sockets Helper DLL C:\WINDOWS\System32\wshtcpip.dll Microsoft CorporationWTSAPI32.dll Windows Terminal Server SDK APIs C:\WINDOWS\System32\WTSAPI32.dll Microsoft Corporationxpsp2res.dll Mensajes de Service Pack 2 C:\WINDOWS\system32\xpsp2res.dll Microsoft CorporationCOMCTL32.dll User Experience Controls Library C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll Microsoft CorporationAutoSizer.dll AutoSizer Dynamic Link Library E:\Programas\AutoSizer\AutoSizer.dll mdnsNSP.dll Bonjour Namespace Provider E:\Programas\Bonjour\mdnsNSP.dll Apple Inc.hook.dll E:\Programas\Direct Folders\hook.dll DM2.dll E:\Programas\DM2\DM2.dll RollWindows.dll E:\Programas\DM2\plugins\RollWindows.dll KatMouseS.dll Shell Hook E:\Programas\KatMouse\KatMouseS.dll ResizeEnable.dll E:\Programas\ResizeEnable\ResizeEnable.dll Rtv_Help.dll Rtv_Help E:\Programas\RtvReco\Rtv_Help.dll RTV SoftwareUnlockerHook.dll E:\Programas\Unlocker\UnlockerHook.dll uTorrent.exe µTorrent E:\Programas\uTorrent\uTorrent.exe BitTorrent, Inc. Link to comment Share on other sites More sharing options...
Switeck Posted November 9, 2009 Report Share Posted November 9, 2009 Ok, eliminate all the Microsoft DLLs from the list. They usually don't cause problems. Link to comment Share on other sites More sharing options...
Firon Posted November 10, 2009 Report Share Posted November 10, 2009 It was probably a false positive. Antivirus apps often get it wrong with their heuristics. Link to comment Share on other sites More sharing options...
kreon Posted November 10, 2009 Author Report Share Posted November 10, 2009 thanks a lot! A few hours later, Avira Antivir also reported the SAME virus for an old winzip installer I had. As the virus hasn't been reported again with my second Bittorrent installer download attempt, I've understood it's been a false positive.(I can't eliminate those dlls, I need them). Link to comment Share on other sites More sharing options...
Switeck Posted November 10, 2009 Report Share Posted November 10, 2009 I'm sorry, you misunderstood me because I wasn't clear enough.I only meant "eliminate" them as possible causes of your problem, not "remove from your system".In short, just list the non-Microsoft parts. Link to comment Share on other sites More sharing options...
kreon Posted November 10, 2009 Author Report Share Posted November 10, 2009 Process: uTorrent.exe Pid: 1108 Name Description Path Company Name<Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> <Pagefile Backed> mdnsNSP.dll Bonjour Namespace Provider E:\Programas\Bonjour\mdnsNSP.dll Apple Inc.uTorrent.exe µTorrent E:\Programas\uTorrent\uTorrent.exe BitTorrent, Inc.nview.dll NVIDIA nView Desktop and Window Manager 105.31 C:\WINDOWS\system32\nview.dll NVIDIA CorporationNVWRSES.DLL NVIDIA nView Desktop and Window Manager C:\WINDOWS\system32\NVWRSES.DLL NVIDIA CorporationRtv_Help.dll Rtv_Help E:\Programas\RtvReco\Rtv_Help.dll RTV Softwarectype.nls C:\WINDOWS\system32\ctype.nls locale.nls C:\WINDOWS\system32\locale.nls sortkey.nls C:\WINDOWS\system32\sortkey.nls sorttbls.nls C:\WINDOWS\system32\sorttbls.nls unicode.nls C:\WINDOWS\system32\unicode.nls AutoSizer.dll AutoSizer Dynamic Link Library E:\Programas\AutoSizer\AutoSizer.dll hook.dll E:\Programas\Direct Folders\hook.dll DM2.dll E:\Programas\DM2\DM2.dll RollWindows.dll E:\Programas\DM2\plugins\RollWindows.dll KatMouseS.dll Shell Hook E:\Programas\KatMouse\KatMouseS.dll ResizeEnable.dll E:\Programas\ResizeEnable\ResizeEnable.dll UnlockerHook.dll E:\Programas\Unlocker\UnlockerHook.dll =======================================================================(MICROSOFT DLLs, manually isolated for possible queries) (NOTE: I've isolated as "Microsoft dlls" simply according to the "Microsoft Corporation" dll field, not considering the reliability of this piece of data)SORTED BY DLL FILE NAMEACTIVEDS.dll DLL de nivel de enrutado para ADadsldpc.dll DLL de proveedor LDAP de ADADVAPI32.dll API base de Windows 32 avanzadoATL.DLL ATL Module for Windows XP (Unicode)CLBCATQ.DLL comdlg32.dll DLL de diálogos comunesCOMRes.dll credui.dll Interfaz de usuario del administrador de credencialesCRYPT32.dll Crypto API32DnsApi.dll DNS Client API DLLdot3api.dll API de configuración automática 802.3dot3dlg.dll Aplicación auxiliar de la interfaz de usuario 802.3eappcfg.dll Configuración de mismo nivel EAPeappprxy.dll Microsoft EAPHost Peer Client DLLGDI32.dll GDI Client DLLhnetcfg.dll Administrador de configuración de redes domésticasIMM32.DLL Windows XP IMM32 API Client DLLIphlpapi.dll API auxiliar para IPkernel32.dll DLL de cliente API BASE de Windows NTLPK.DLL Language PackMPRAPI.dll Windows NT MP Router Administration DLLMSASN1.dll ASN.1 Runtime APIsMSCTF.dll DLL del servidor MSCTFmsctfime.ime Microsoft Text Frame Work Service IMEMSVCP60.dll Microsoft ® C++ Runtime Librarymsvcrt.dll Windows NT CRT DLLmswsock.dll Proveedor de servicios de Microsoft Windows Sockets 2.0netapi32.dll Net Win32 API DLLnetshell.dll Núcleo de conexiones de redntdll.dll DLL de la capa de Windows NTNTMARTA.DLL Proveedor MARTA de Windows NTole32.dll Microsoft OLE para Windowsoleaut32.dll OneX.DLL Biblioteca de súplica IEEE 802.1XPSAPI.DLL Process Status Helperrasadhlp.dll Remote Access AutoDial HelperRPCRT4.dll Remote Procedure Call Runtimersaenh.dll Microsoft Enhanced Cryptographic Providerrtutils.dll Routing UtilitiesSAMLIB.dll SAM Library DLLSecur32.dll Security Support Provider InterfaceSETUPAPI.dll API de instalación de WindowsSHELL32.dll DLL común del shell de Windowsshfolder.dll Shell Folder ServiceSHLWAPI.dll Biblioteca de utilidades de ShellUSER32.dll DLL de cliente USER API de Windows XPUSERENV.dll UserenvUSP10.dll Uniscribe Unicode script processorUxTheme.dll Biblioteca UxTheme de MicrosoftVERSION.dll Version Checking and File Installation LibrariesWINMM.dll MCI API DLLWINSTA.dll Winstation LibraryWLDAP32.dll DLL de API de LDAP Win32WS2_32.dll Windows Socket 2.0 32-Bit DLLWS2HELP.dll Ayuda de Windows Socket 2.0 para Windows NTwship6.dll IPv6 Helper DLLwshtcpip.dll Windows Sockets Helper DLLWTSAPI32.dll Windows Terminal Server SDK APIsxpsp2res.dll Mensajes de Service Pack 2SORTED BY DESCRIPTIONhnetcfg.dll Administrador de configuración de redes domésticasIphlpapi.dll API auxiliar para IPADVAPI32.dll API base de Windows 32 avanzadodot3api.dll API de configuración automática 802.3SETUPAPI.dll API de instalación de Windowsdot3dlg.dll Aplicación auxiliar de la interfaz de usuario 802.3MSASN1.dll ASN.1 Runtime APIsATL.DLL ATL Module for Windows XP (Unicode)WS2HELP.dll Ayuda de Windows Socket 2.0 para Windows NTOneX.DLL Biblioteca de súplica IEEE 802.1XSHLWAPI.dll Biblioteca de utilidades de ShellUxTheme.dll Biblioteca UxTheme de Microsofteappcfg.dll Configuración de mismo nivel EAPCRYPT32.dll Crypto API32SHELL32.dll DLL común del shell de WindowsWLDAP32.dll DLL de API de LDAP Win32kernel32.dll DLL de cliente API BASE de Windows NTUSER32.dll DLL de cliente USER API de Windows XPcomdlg32.dll DLL de diálogos comunesntdll.dll DLL de la capa de Windows NTACTIVEDS.dll DLL de nivel de enrutado para ADadsldpc.dll DLL de proveedor LDAP de ADMSCTF.dll DLL del servidor MSCTFDnsApi.dll DNS Client API DLLGDI32.dll GDI Client DLLcredui.dll Interfaz de usuario del administrador de credencialeswship6.dll IPv6 Helper DLLLPK.DLL Language PackWINMM.dll MCI API DLLxpsp2res.dll Mensajes de Service Pack 2MSVCP60.dll Microsoft ® C++ Runtime Libraryeappprxy.dll Microsoft EAPHost Peer Client DLLrsaenh.dll Microsoft Enhanced Cryptographic Providerole32.dll Microsoft OLE para Windowsmsctfime.ime Microsoft Text Frame Work Service IMEnetapi32.dll Net Win32 API DLLnetshell.dll Núcleo de conexiones de redPSAPI.DLL Process Status Helpermswsock.dll Proveedor de servicios de Microsoft Windows Sockets 2.0NTMARTA.DLL Proveedor MARTA de Windows NTrasadhlp.dll Remote Access AutoDial HelperRPCRT4.dll Remote Procedure Call Runtimertutils.dll Routing UtilitiesSAMLIB.dll SAM Library DLLSecur32.dll Security Support Provider Interfaceshfolder.dll Shell Folder ServiceUSP10.dll Uniscribe Unicode script processorUSERENV.dll UserenvVERSION.dll Version Checking and File Installation Librariesmsvcrt.dll Windows NT CRT DLLMPRAPI.dll Windows NT MP Router Administration DLLWS2_32.dll Windows Socket 2.0 32-Bit DLLwshtcpip.dll Windows Sockets Helper DLLWTSAPI32.dll Windows Terminal Server SDK APIsIMM32.DLL Windows XP IMM32 API Client DLLWINSTA.dll Winstation LibraryCLBCATQ.DLL COMRes.dll oleaut32.dll Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.