Re: vtsqr.dll

From: AJM (Reply_to_newsgroup_only_please_at_nospam.co.uk)
Date: 09/26/05 

Date: Mon, 26 Sep 2005 01:49:22 +0100

David here are the results from virus tool. Guess from this avast was right
enough and thought said file was a trojano-2502.
Very usefull service thanks for your advice. I know nothing about vtsqr.dll
and what role it plays in XP or other software but I know when it is not
there XP throws up many run error boxes.
This experience has been very interesting and changed my use and thoughts on
Virus scanners.

I have yet to work out how to block ports on the router etc as you also
recommended.
Thanks
AJM

Server response

--------------------------------------------------------------------------------

Results of a file scan
This is a report processed by VirusTotal on 09/26/2005 at 02:25:59 (CET)
after scanning the file "vtsqr.dll" file.
      Antivirus Version Update Result
      AntiVir 6.32.0.6 09.25.2005 ADSPY/Virtumonde.O
      Avast 4.6.695.0 09.23.2005 Win32:Trojano-2502
      AVG 718 09.23.2005 no virus found
      Avira 6.32.0.6 09.25.2005 ADSPY/Virtumonde.O
      BitDefender 7.2 09.25.2005 no virus found
      CAT-QuickHeal 8.00 09.25.2005 AdWare.Virtumonde.o (Not a Virus)
      ClamAV devel-20050917 09.25.2005 Adware.Virtumonde-1
      DrWeb 4.32b 09.25.2005 no virus found
      eTrust-Iris 7.1.194.0 09.25.2005 no virus found
      eTrust-Vet 11.9.1.0 09.23.2005 no virus found
      F-Prot 3.16c 09.23.2005 no virus found
      Ikarus 0.2.59.0 09.23.2005 AdWare.Virtumonde.O
      Kaspersky 4.0.2.24 09.25.2005 Trojan.Win32.Crypt.o
      McAfee 4589 09.23.2005 potentially unwanted program Adware-Virtumundo
      NOD32v2 1.1232 09.25.2005 Win32/Adware.Virtumonde.O
      Norman 5.70.10 09.23.2005 no virus found
      Panda 8.02.00 09.25.2005 no virus found
      Sophos 3.98.0 09.25.2005 no virus found
      Symantec 8.0 09.25.2005 no virus found
      TheHacker 5.8.2.114 09.22.2005 Adware/Virtumonde.o
      VBA32 3.10.4 09.21.2005 AdWare.Virtumonde.o

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:OOLMKIcwFHA.2348@TK2MSFTNGP15.phx.gbl...
> From: "AJM" <Reply_to_newsgroup_only_please@nospam.co.uk>
>
> | Hello
> | Virus checker does not like C:\WINDOWS\SYSYEM32\VTSQR.DLL, when it deals
> | with said file windows a bit upset at starts up and requires the file.
> Does
> | a virus or other nasty use this file? How can I keep both windows and
> Virus
> | checker happy?
> |
> | Also don't know if this is related but there is something running in the
> | background using up resources looking at task launcher processes SYSTEM
> IDLE
> | PROCESS and WINLOGON.EXE are battling away for CPU usage one second one
> is
> | 85% say next the other is, this goes on constantly.
> |
> | XP home, all windows updates auto installed, P4 2.0 GHz CPU, 1024 Mb
> RAM,
> | connected LAN to router for ADSL. Use Avast as virus checker and have MS
> | antispyware installed.
> |
> | Thanks
> | AJM Scotland
> |
>
> Please submit a sample of "VTSQR.DLL" to Virus Total --
> http://www.virustotal.com/flash/index_en.html
> The submission will then be tested against many different AV vendor's
> scanners.
> That will give you an idea what it is and who recognizes it. In addition,
> unless told
> otherwise, Virus Total will provide the sample to all participating
> vendors.
>
> When you get the report, please post back the EXACT results.
>
> As always, I suggest blocking TCP and UDP ports 135 ~ 139 and 445 on *any*
> SOHO Router.
> This will help keep the hackers and Internet worms out of your LAN and
> keep MS Networking
> from leaking out of your LAN into the Internet.
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> http://www.ik-cs.com/got-a-virus.htm
>
>

Relevant Pages

  • Re: Help needed
    ... | As I have a very decent Virus Scanner (Avast) and a good Spyware detector, ... FireWall to allow it to download the needed AV vendor related files. ... needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key ...
    (microsoft.public.security.virus)
  • Re: Trojan? Or a false alarm?
    ... And I run virus and security checks ALL the ... | uninstalled Norton and installed Avast!. ... | It said that it was a Malware type Trojan called Win32:SdBot-3324 ... drive is just a "recovery partition" used by my computer. ...
    (alt.comp.anti-virus)
  • Re: File lost during antivirus scanning
    ... Off the top of my head, none of those files looke like they are part of XP, meaning they are either parts of the virus or parts of other programs you have. ... original system files were infected, then the deletion of the backups makes sense as the system files were most likely replaced with infected copies. ... Most likely, Avast determined the that the files should be deleted as per the recent vulnerability reported in IIS, which is what all of the files except for mplay32.exe, are related to. ... Click on Infected Files in the left frame, then *right* click each file and choose Restore. ...
    (microsoft.public.windowsxp.general)
  • Re: OT: Holy CRAP---nasty virus, worst Ive seen!
    ... get past my firewall in the router and past Avast? ...  Has anybody seen such a nasty virus? ... Being a little suspicous I purchased Kaspersky and guess ... economic mallware intended to force people to purchase. ...
    (rec.crafts.metalworking)
  • Re: Help needed
    ... As I have a very decent Virus Scanner (Avast) and a good Spyware ... detector, I didn't suspect any virus intrusion in my computer system. ...
    (microsoft.public.security.virus)