I am a avast user. After I set up windows 2003 OS, I accept a bootscan of the avast server edition. Two files were reported Trojan was found in them, and they are C:\windows\system32\userinit.exe and C:\windows\system32\dllcache\userinit.exe. Then I selected ignore it. And when I scaned it with avast ,nothing was found. But when I copy it and paste in another partition F:,the avast show that there was a Trojan. And the log is :sign of “Win32:Spyware-gen[trj]” has been found in “F:userinit.exe” file.Then I post the file to the www.virscan.org,the result is this:
VirSCAN.org Scanned Report :
Scanned time : 2009/08/24 12:25:14 (CST)
Scanner results: 8%的杀软(3/37)报告发现病毒
File Name : userinit.exe
File Size : 25088 byte
File Type : PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5 : 2ee4b34b6da4c8199da3cd18668f5504
SHA1 : 416dfc041f3633938d1db01e17ef2a50c7fae7ca
Online report : http://virscan.org/report/315ac85fb03989ddc245fd66cd086af0.html
Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 4.5.0.8 20090822190221 2009-08-22 0.33 -
安博士V3 2009.08.22.00 2009.08.22 2009-08-22 0.90 -
AntiVir 8.2.1.3 7.1.5.149 2009-08-21 0.24 -
安天 2.0.18 20090823.2728168 2009-08-23 0.12 -
Arcavir 2009 200908232012 2009-08-23 0.04 -
Authentium 5.1.1 200908231730 2009-08-23 1.34 -
AVAST! 4.7.4 090823-0 2009-08-23 0.00 Win32:Spyware-gen [Trj]
AVG 8.5.288 270.13.65/2322 2009-08-24 0.41 -
BitDefender 7.81008.3912317 7.27311 2009-08-24 3.47 -
CA (VET) 9.0.0.143 31.6.6693 2009-08-21 3.77 -
ClamAV 0.95.2 9728 2009-08-23 0.01 -
Comodo 3.10 2076 2009-08-24 0.95 -
CP Secure 1.1.0.715 2009.08.23 2009-08-23 12.23 -
Dr.Web 4.44.0.9170 2009.08.23 2009-08-23 5.29 -
F-Prot 4.4.4.56 20090823 2009-08-23 1.22 -
F-Secure 7.02.73807 2009.08.23.05 2009-08-23 0.19 -
Fortinet 2.81-3.120 10.751 2009-08-23 0.21 -
GData 19.7343/19.449 20090824 2009-08-24 6.03 Win32:Spyware-gen [Trj] [Engine:B]
ViRobot 20090822 2009.08.22 2009-08-22 0.44 -
Ikarus T3.1.01.68 2009.08.24.73341 2009-08-24 4.04 -
Jiangmin 11.0.800 2009.08.23 2009-08-23 4.25 -
kaspersky 5.5.10 2009.08.24 2009-08-24 0.17 -
Kingsoft 2009.2.5.15 2009.8.24.7 2009-08-24 0.82 -
Mcafee 5.3.00 5718 2009-08-23 3.20 -
Microsoft 1.4903 2009.08.23 2009-08-23 5.79 -
Norman 6.01.09 6.01.00 2009-08-21 4.01 -
Panda Security 9.05.01 2009.08.22 2009-08-22 0.60 -
Trend Micro 8.700-1004 6.390.01 2009-08-23 0.03 -
Quick Heal 10.00 2009.08.22 2009-08-22 1.18 -
RISING 20.0 21.44.00.00 2009-08-24 0.83 -
Sophos 2.89.1 4.44 2009-08-24 3.26 -
Sunbelt 5350 5350 2009-08-22 1.36 -
Symantec 1.3.0.24 20090823.003 2009-08-23 0.05 -
nProtect 20090823.01 5121977 2009-08-23 6.59 Trojan-Downloader/W32.Small.25088.AG
The Hacker 6.3.4.3 v00386 2009-08-22 0.73 -
VBA32 3.12.10.9 20090823.1723 2009-08-23 2.02 -
VirusBuster 4.5.11.10 10.112.14/1801590 2009-08-23 2.22 -