微点报未知

dd2006

扫描系统区域...
扫描所选择的目录和文件...
对象: vtutq.dll
        在压缩档案里: C:\Documents and Settings\Administrato\桌面\vtutq.rar
        状态: 已发现病毒
        病毒: not-a-virus:AdWare.Win32.Virtumonde.gen (KAV 引擎)
对象: vtutq.rar
        路径: C:\Documents and Settings\Administrato\桌面
        状态: 已发现病毒
        病毒: not-a-virus:AdWare.Win32.Virtumonde.gen (KAV 引擎)
分析完成: 2/20/2008 18:44
    已扫描 1 个文件
    已发现 1 个染毒文件
    发现 0 个可疑文件

qigang

不是病毒。

marskiller

Dear XXXXX

We have analyzed your submission.  The following is a report of our
findings for each file you have submitted:

filename:  D:\\vtutq.rar
machine: Machine
result: See the developer notes

filename: vtutq.dll
machine: Machine
result: This file is detected as Trojan.Vundo. http://www.symantec.com/avcenter/venc/data/trojan.vundo.html

Developer notes:
D:\\vtutq.rar is an archive (eg ZIP, RAR, etc) that contains a non-repairable worm(s)/trojan(s). Please delete the afflicted file(s) and restore from a known clean backup, as needed.
vtutq.dll is a non-repairable threat. Please delete this file and replace it if necessary. Please follow the instruction at the end of this email message to install the latest available definitions.  This file is contained by   D:\\vtutq.rar



Symantec Security Response has determined that the sample(s) that you provided are infected with a virus, worm, or Trojan. We have created RapidRelease definitions that will detect this threat. Please follow the instruction at the end of this email message to download and install the latest RapidRelease definitions.
Symantec is now building a new set of definitions to include the threat you have submitted. The approximate time to complete this process is one hour. We recommend checking the ftp site periodically over the next 60 to 90 minutes to download these definitions as soon as they are available.

Downloading and Installing RapidRelease Definitions:
1. Open your Web browser. If you are using a dial-up connection, connect to any Web site, such as:  http://securityresponse.symantec.com/
2. Copy and paste the address ftp://ftp.symantec.com/public/en ... idrelease/sequence/ into the address bar of your Web browser and then press Enter.(this could take a minute or so if you have a slow connection)
3. Now select 78789 folder or a higher. Open the folder.
4. Select the file symrapidreleasedefsx86.exe
5. When a download dialog box appears, save the file to the Windows desktop.
6. Double-click the downloaded file and follow the prompts.

Virus definition detail:

Sequence Number:        78789
Defs Version:                100220g
Extended Version:        02/20/2008 rev.7

wolffshen

FS结果: 找到 1 恶意软件
AdWare.Win32.Virtumonde (广告软件)
D:\Virus\Test\vtutq.dll 操作: 删除

啊弥陀佛

一个DLL文件