5

NobleT

Normal scan
Also scan: Inside subfolders, Compressed files, Streams

Scan started: 2008-1-24, 20:42:21
---------------------------------------------------------------------

[Clean]        Boot sector on drive F:
[Clean]        Boot sector on drive E:
[Clean]        Boot sector on drive D:
[Clean]        Boot sector on drive G:
[Clean]        Boot sector on drive C:
[Clean]        Master Boot Record on disk 0
[Found security risk]         <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        F:\654321.rar->080109审竟??セ.rar->userinit.exe
[Found downloader]         <W32/Downldr2.AWQD (exact, not disinfectable)>        F:\654321.rar->123456.zip->WZC1.BAT->(embedded)
[Found security risk]         <W32/OnlineGames.A.gen!GSA (not disinfectable, generic)>        F:\654321.rar->080109审竟?痜瑀?セ.rar->gjfhazc.rar->gjfhazc.exe
[Clean]        F:\654321.rar->080109审竟?痜瑀?セ.rar->taskmgr.rar->taskmgr.exe
[Clean]        F:\654321.rar->080109审竟?痜瑀?セ.rar->taskmgr.rar
[Found worm]         <W32/Worm.LGX (exact, not disinfectable)>        F:\654321.rar->080109审竟?痜瑀?セ.rar->userinit.rar->userinit.exe
[Contains infected objects]        F:\654321.rar
[Quarantined]        F:\654321.rar->080109审竟?痜瑀?セ.rar->userinit.rar->userinit.exe
[Clean]        F:\Diskeeper\IfaastMon.dat
[Clean]        F:\Diskeeper\IFaastRegions.dat
[Clean]        F:\RECYCLER\S-1-5-21-1606980848-1390067357-839522115-500\desktop.ini
[Clean]        F:\RECYCLER\S-1-5-21-1606980848-1390067357-839522115-500\INFO2
[Clean]        F:\RECYCLER\S-1-5-21-343818398-1123561945-1801674531-500\desktop.ini
[Clean]        F:\RECYCLER\S-1-5-21-343818398-1123561945-1801674531-500\INFO2
[Clean]        F:\RECYCLER\S-1-5-21-746137067-725345543-839522115-1003\desktop.ini
[Clean]        F:\RECYCLER\S-1-5-21-746137067-725345543-839522115-1003\INFO2
[Clean]        F:\RECYCLER\S-1-5-21-776561741-651377827-725345543-500\desktop.ini
[Clean]        F:\RECYCLER\S-1-5-21-776561741-651377827-725345543-500\INFO2
[Clean]        F:\RECYCLER\S-1-5-21-776561741-854245398-725345543-500\desktop.ini
[Clean]        F:\RECYCLER\S-1-5-21-776561741-854245398-725345543-500\INFO2
[Clean]        F:\RECYCLER\S-1-5-21-789336058-1292428093-682003330-500\desktop.ini
[Clean]        F:\RECYCLER\S-1-5-21-789336058-1292428093-682003330-500\INFO2
[Clean]        F:\RECYCLER\S-1-5-21-790525478-1844823847-839522115-500\desktop.ini
[Clean]        F:\RECYCLER\S-1-5-21-790525478-1844823847-839522115-500\INFO2

---------------------------------------------------------------------
Scan ended:        2008-1-24, 20:42:25
Duration:        0:00:03

Scan result:

Scanned files:                 23
Infected objects:         4
Disinfected objects:         0
Quarantined files:         1
---------------------------------------------------------------------

冷冷

是正常
连误报王IK都没有报！
===========================================================IK
I:\virus\test\gjfhazc.exe - Signature 'Trojan-Spy.Win32.Delf.uv' found
I:\virus\test\taskmgr.exe
I:\virus\test\userinit.exe - Signature 'Trojan-Downloader.Win32.Zlob.and' found
I:\virus\test\userinit1.exe - Signature 'Worm.Win32.Downloader.au' found
I:\virus\test\WZC1.BAT - Signature 'Trojan-Downloader.Win32.Zlob.and' found
5 Files scanned
   (0 Archives with 0 files)
4 Signatures found
0 Suspect code-parts found
Used time: 0:00.016

clc78223

全部扫完,剩一个好的,哈

hj5abc

avast kill 4 ...全了.

Sign of "Win32:Agent-PWC [Trj]" has been found in "F:\123456\WZC1.BAT" file.
Sign of "Win32:OnLineGames-BGD [Trj]" has been found in "F:\080109机器狗病毒样本\gjfhazc\gjfhazc.exe\[Upack]\[Embedded#MUSIC]" file.
Sign of "Win32:Downloader-RR [Wrm]" has been found in "F:\080109机器狗病毒样本\userinit\userinit.exe" file.  
Sign of "Win32:Downloader-RW [Wrm]" has been found in "F:\080109机器狗病毒样本\userinit\userinit.exe\[Embedded#1a18]" file.
Sign of "Win32:Agent-LSI [Trj]" has been found in "F:\080109机器狗样本\userinit.exe\[Upack]\[Embedded#6090]" file.

zwl2828

C:\Users\Wesley\Downloads\654321.rar
  [0] Archive type: RAR
    --> 080109&Eacute;ó&frac34;&sup1;&ordf;&macr;&yacute;&copy;&yen;&raquo;.rar
      [1] Archive type: RAR
      --> userinit.exe
          [DETECTION] Is the Trojan horse TR/Dldr.Small.hmk
    --> 123456.zip
      [1] Archive type: ZIP
      --> WZC1.BAT
          [DETECTION] The file contains an executable. This, however, is disguised by a harmless file extension (HIDDENEXT/Crypted)
    --> 080109&Eacute;ó&frac34;&sup1;&ordf;&macr;&macr;f&not;r&yacute;&copy;&yen;&raquo;.rar
      [1] Archive type: RAR
      --> gjfhazc.rar
        [2] Archive type: RAR
        --> gjfhazc.exe
            [DETECTION] Is the Trojan horse TR/WuDisable.B
      --> userinit.rar
        [2] Archive type: RAR
        --> userinit.exe
            [DETECTION] Is the Trojan horse TR/Drop.Agent.23552

mofunzone

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\My Documents\654321.rar'
C:\Documents and Settings\Administrator\My Documents\
  654321.rar
    [0] Archive type: RAR
发表帖子[完成后可按      --> 080109￉?ﾾﾹﾪﾯ�ﾩﾥﾻ.rar
        [1] Archive type: RAR
        --> userinit.exe
          [2] Archive type: Runtime Packed
          --> Object
            [3] Archive type: RSRC
            --> Object
                [DETECTION] Is the Trojan horse TR/Dldr.Small.hmk
                [WARNING]   Infected files in archives cannot be repaired!
      --> 123456.zip
        [1] Archive type: ZIP
        --> WZC1.BAT
          [2] Archive type: Runtime Packed
          --> Object
            [3] Archive type: RSRC
            --> Object
                [DETECTION] Is the Trojan horse TR/Dldr.Small.hdz.2
                [WARNING]   Infected files in archives cannot be repaired!
Ctrl+Enter 发布]&nbsp;      --> 080109￉?ﾾﾹﾪﾯﾯfﾬr�ﾩﾥﾻ.rar
        [1] Archive type: RAR
        --> gjfhazc.rar
          [2] Archive type: RAR
          --> gjfhazc.exe
            [3] Archive type: Runtime Packed
            --> Object
              [4] Archive type: RSRC
              --> Object
                  [DETECTION] Is the Trojan horse TR/WuDisable.B
                  [WARNING]   Infected files in archives cannot be repaired!
        --> taskmgr.rar
          [2] Archive type: RAR
          --> taskmgr.exe
        --> userinit.rar
          [2] Archive type: RAR
          --> userinit.exe
              [DETECTION] Is the Trojan horse TR/Drop.Agent.23552
              [WARNING]   Infected files in archives cannot be repaired!
      [INFO]      The file was deleted!


End of the scan: 2008年1月24日  08:03
Used time: 00:04 min

The scan has been done completely.

      0 Scanning directories
     12 Files were scanned
      4 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      1 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      8 Files not concerned
     10 Archives were scanned
      4 Warnings
      0 Notes

xiaoxmj

费尔报4个

残缺的唯美

Trojan Horse
病毒 ID: 25464
类型: 已压缩
风险: 高 (高 隐蔽性，高 清除可能，高 性能，高 隐私)  
类别: 病毒
状态: 删除失败
-----------
1 文件
[userinit.exe] 位于[080109机器狗样本.rar] 位于[g:\users\administrator\desktop\654321.rar] - 已感染


Infostealer.Gampass
病毒 ID: 40673
类型: 已压缩
风险: 高 (高 隐蔽性，高 清除可能，高 性能，高 隐私)  
类别: 病毒
状态: 删除失败
-----------
1 文件
[gjfhazc.exe] 位于[gjfhazc.rar] 位于[080109机器狗病毒样本.rar] 位于[g:\users\administrator\desktop\654321.rar] - 已感染


Trojan Horse
病毒 ID: 25464
类型: 已压缩
风险: 高 (高 隐蔽性，高 清除可能，高 性能，高 隐私)  
类别: 病毒
状态: 删除失败
-----------
1 文件
[userinit.exe] 位于[userinit.rar] 位于[080109机器狗病毒样本.rar] 位于[g:\users\administrator\desktop\654321.rar] - 已感染