File:00009602.exe, c'est quoi?Help!!
djichtus
Messages postés
76
Statut
Membre
-
abdellah01100 -
abdellah01100 -
Bonjour suite a une détection de Antivir, il ma sortie a plusieurs reprise les fichiers File:00009600.exe, File:00009602.exe, File:00009604, File:00009614.exe, File:00009652.exe, File:1123cdc.exe et a chaque fois était inscrit après : This archive contains one more infected files
Infected files in archive will not be deleted or repaired
Would you like to receive this message each archive with infected files.
Qu'est ce que ca veut dire?
Comment puis-je faire pour les réparer, est-ce grave?
Merci d'avance pour vos réponse qui je l'espère pourront m'aider
Dj Ichtus
Infected files in archive will not be deleted or repaired
Would you like to receive this message each archive with infected files.
Qu'est ce que ca veut dire?
Comment puis-je faire pour les réparer, est-ce grave?
Merci d'avance pour vos réponse qui je l'espère pourront m'aider
Dj Ichtus
A voir également:
- File:00009602.exe, c'est quoi?Help!!
- .Dat file - Guide
- Host file - Guide
- .Bin file - Guide
- Iso file - Guide
- File ///sdcard/ - Télécharger - Gestion de fichiers
3 réponses
A la fin de l'analyse Antivir me dit : Viruses and/or unwanted program were found in one or more archives!
Infected files in archives will not be deleted or repaired
Je vous donne le rapport de l'analyse d'antivir :
Creation date of the report file: 02.09.2004 18:56
AntiVir®/XP (2000 + NT) Personal Edition v6.26.00.00 of 27.05.2004
VDF file v6.26.0.13 (0) of 02.07.2004
This program is for PERSONAL USE only.
Any other use is PROHIBITED.
Informations regarding commercial versions of AntiVir may be obtained from:
www.hbedv.com.
Scanning for 87427 virus strains and unwanted programs.
Licensed for: AntiVir Personal Edition
Serial number: 0000149996-ADJIE-0001
FUSE: Basic license
Please enter the workstation and
contact name with phone number in this form:
Name ___________________________________________
Street ___________________________________________
Town ___________________________________________
Phone/Fax ___________________________________________
EMail ___________________________________________
Platform: Windows NT Workstation
Windows version: 5.0 Build 2195 (Service Pack 4)
Username: Administrateur
Processor: Pentium
Working memory: 1310192 KB free
Version information:
AVEWIN32.DLL : v6.26.0.3 430592 15.06.2004 07:42:20
AVGNT.EXE : v6.26.00.03 122920 04.06.2004 09:09:06
AVGUARD.EXE : v6.26.00.02 204840 14.05.2004 15:00:30
GUARDMSG.DLL : v6.26.00.03 90152 26.05.2004 12:33:30
AVGCMSG.DLL : v6.26.00.00 245800 26.05.2004 13:55:40
AVGNTDD.SYS : v6.26.00.07 34016 25.05.2004 18:35:04
AVPACK32.DLL : v6.22.00.24 299048 09.06.2004 16:05:52
AVGETVER.DLL : v6.22.00.00 24576 20.01.2004 14:14:00
AVWIN.DLL : v6.26.00.00 557096 27.05.2004 12:50:18
AVSHLEXT.DLL : v6.22.00.00 57344 20.01.2004 14:14:00
AVSched32.EXE : v6.23.00.00 110632 20.01.2004 14:14:00
AVSched32.DLL : v6.23.00.00 122880 20.01.2004 14:14:00
AVREG.DLL : v6.22.00.00 41000 20.01.2004 14:14:00
AVRep.DLL : v6.26.00.07 483368 02.07.2004 15:12:34
INETUPD.EXE : v6.26.00.01 200704 27.05.2004 12:50:44
INETUPD.DLL : v6.26.00.01 143360 27.05.2004 12:50:44
CTL3D32.DLL : v2.31.000 27136 16.12.1999 02:00:00
MFC42.DLL : v6.00.9586.0 1015859 19.06.2003 21:05:04
MSVCRT.DLL : v6.10.9844.0 286773 19.06.2003 21:05:04
CTL3DV2.DLL : No information
Configuration file:
Name of configuration file: C:\Program Files\AVPersonal\AVWIN.INI
Name of report file: C:\Program Files\AVPersonal\LOGFILES\AVWIN.LOG
Start path: C:\Program Files\AVPersonal
Command line:
Start mode: unknown
Mode of report file:
[ ] Do not create report
[X] Overwrite report
[ ] Append new report
Data in report file:
[X] Infected files
[ ] Infected files with paths
[ ] All scanned files
[ ] Full information
Abridge report file:
[ ] Abridge report file
Warnings in report:
[X] Access denied/file locked
[X] Wrong file size in directory
[X] Wrong creation time in directory
[ ] COM file is too large
[X] Invalid start address
[X] Invalid EXE header
[X] Possibly damaged
Summary report:
[X] Create summary report
Output file: AVWIN.ACT
Maximum number of entries: 100
Where to search:
[X] Memory
[X] Boot record of selected drives
[ ] Report unknown boot sectors
[ ] All files
[X] Program files
Extensions: .386 .ACM .ADE .ADP .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .JS* .JSE .LNK .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDR .PGM .PIF .PKG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
Response in case of a detection:
[X] Repair with prompt
[ ] Repair without prompt
[ ] Delete with prompt
[ ] Delete without prompt
[ ] Write in report file only
[X] Acoustic alarm
Response in case of destroyed files:
[X] Delete with prompt
[ ] Delete without prompt
[ ] Ignore
Response in case of destroyed files:
[X] No change
[ ] Current system time
[ ] Correct date
Drag&drop settings:
[X] Scan subdirectories
Profile settings:
[X] Scan subdirectories
Archive options
[X] Search archive
[X] All archive types
Miscellaneous options:
Temporary path: %TEMP% -> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
[X] Overwrite infected files
[ ] Detect idle time
[X] Allow interruptions of scan
[ ] Load AVWin®/NT Guard on System start
General settings:
[X] Save options on exiting AntiVir
Priority: medium
Drives:
A: Floppy drive
C: Hard disk
D: Hard disk
E: CD-ROM
F: CD-ROM
Start of scan: 02.09.2004 18:56
Memory test OK
Master boot record of hard disk HD0 OK
Boot record of drive C: OK
Boot record of drive D: OK
C:\
pagefile.sys
Access denied! Error during file opening!
This is a Windows swap file. This file is locked by Windows.
Error code: 0x000D
WARNING! Access error/file locked!
C:\Documents and Settings\Administrateur\Favoris
FREE DESKTOP WALLPAPERS ???? ??? ???????? ????? www.MOTA.RU.url
Access denied! Error during file opening!
Error code: 0x0016
WARNING! Access error/file locked!
C:\Program Files\WinRAR
rarnew.dat
ArchiveType: RAR
NOTE! The archive is created by multiple volumes
C:\RECYCLER\NPROTECT
00009600.exe
ArchiveType: RAR SFX (self extracting)
--> getot.exe
[DETECTION] Contains signature of the worm Worm/Sdbot.39936.B
00009602.exe
ArchiveType: RAR SFX (self extracting)
--> getot.exe
[DETECTION] Contains signature of the worm Worm/Sdbot.39936.B
00009604.exe
ArchiveType: RAR SFX (self extracting)
--> getot.exe
[DETECTION] Contains signature of the worm Worm/Sdbot.39936.B
00009614.exe
ArchiveType: RAR SFX (self extracting)
--> getot.exe
[DETECTION] Contains signature of the worm Worm/Sdbot.39936.B
00009652.exe
ArchiveType: RAR SFX (self extracting)
--> getot.exe
[DETECTION] Contains signature of the worm Worm/Sdbot.39936.B
Error! Could not change directory: System Volume Information
C:\WINNT\system32
1123cdc.exe
ArchiveType: RAR SFX (self extracting)
--> getot.exe
[DETECTION] Contains signature of the worm Worm/Sdbot.39936.B
C:\WINNT\system32\config
default
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
SAM
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
SECURITY
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
software
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
system
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
D:\Program Files\Macromedia\Flash MX\Players\Release
Install Flash Player 6 OSX.hqx
ArchiveType: BinHex (Mac)
NOTE! No files to extract.
Install Flash Player 6.hqx
ArchiveType: BinHex (Mac)
NOTE! No files to extract.
D:\Program Files\Macromedia\Flash MX\Players\Debug
Install Flash Player 6 OSX.hqx
ArchiveType: BinHex (Mac)
NOTE! No files to extract.
Install Flash Player 6.hqx
ArchiveType: BinHex (Mac)
NOTE! No files to extract.
D:\David\Favoris
FREE DESKTOP WALLPAPERS ???? ??? ???????? ????? www.MOTA.RU.url
Access denied! Error during file opening!
Error code: 0x0016
WARNING! Access error/file locked!
D:\Logiciels\Logiciel de Musique
AudioTools4.ZIP
ArchiveType: ZIP
--> keygen.exe
WARNING! Invalid start address!
D:\Logiciels\Logiciel de Musique\AudioTools4
keygen.exe
WARNING! Invalid start address!
D:\Logiciels\Graphisme Web\Director 8.5
patch director8.5.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
End of scan: 02.09.2004 19:30
Time taken: 33:45 min
2621 directories were scanned
42624 files were scanned
10 warning messages were issued
0 files were deleted
0 files were repaired
6 detections
Si quelqu'un pouvais je l'en remerice d'avance
Dj Ichtus
Infected files in archives will not be deleted or repaired
Je vous donne le rapport de l'analyse d'antivir :
Creation date of the report file: 02.09.2004 18:56
AntiVir®/XP (2000 + NT) Personal Edition v6.26.00.00 of 27.05.2004
VDF file v6.26.0.13 (0) of 02.07.2004
This program is for PERSONAL USE only.
Any other use is PROHIBITED.
Informations regarding commercial versions of AntiVir may be obtained from:
www.hbedv.com.
Scanning for 87427 virus strains and unwanted programs.
Licensed for: AntiVir Personal Edition
Serial number: 0000149996-ADJIE-0001
FUSE: Basic license
Please enter the workstation and
contact name with phone number in this form:
Name ___________________________________________
Street ___________________________________________
Town ___________________________________________
Phone/Fax ___________________________________________
EMail ___________________________________________
Platform: Windows NT Workstation
Windows version: 5.0 Build 2195 (Service Pack 4)
Username: Administrateur
Processor: Pentium
Working memory: 1310192 KB free
Version information:
AVEWIN32.DLL : v6.26.0.3 430592 15.06.2004 07:42:20
AVGNT.EXE : v6.26.00.03 122920 04.06.2004 09:09:06
AVGUARD.EXE : v6.26.00.02 204840 14.05.2004 15:00:30
GUARDMSG.DLL : v6.26.00.03 90152 26.05.2004 12:33:30
AVGCMSG.DLL : v6.26.00.00 245800 26.05.2004 13:55:40
AVGNTDD.SYS : v6.26.00.07 34016 25.05.2004 18:35:04
AVPACK32.DLL : v6.22.00.24 299048 09.06.2004 16:05:52
AVGETVER.DLL : v6.22.00.00 24576 20.01.2004 14:14:00
AVWIN.DLL : v6.26.00.00 557096 27.05.2004 12:50:18
AVSHLEXT.DLL : v6.22.00.00 57344 20.01.2004 14:14:00
AVSched32.EXE : v6.23.00.00 110632 20.01.2004 14:14:00
AVSched32.DLL : v6.23.00.00 122880 20.01.2004 14:14:00
AVREG.DLL : v6.22.00.00 41000 20.01.2004 14:14:00
AVRep.DLL : v6.26.00.07 483368 02.07.2004 15:12:34
INETUPD.EXE : v6.26.00.01 200704 27.05.2004 12:50:44
INETUPD.DLL : v6.26.00.01 143360 27.05.2004 12:50:44
CTL3D32.DLL : v2.31.000 27136 16.12.1999 02:00:00
MFC42.DLL : v6.00.9586.0 1015859 19.06.2003 21:05:04
MSVCRT.DLL : v6.10.9844.0 286773 19.06.2003 21:05:04
CTL3DV2.DLL : No information
Configuration file:
Name of configuration file: C:\Program Files\AVPersonal\AVWIN.INI
Name of report file: C:\Program Files\AVPersonal\LOGFILES\AVWIN.LOG
Start path: C:\Program Files\AVPersonal
Command line:
Start mode: unknown
Mode of report file:
[ ] Do not create report
[X] Overwrite report
[ ] Append new report
Data in report file:
[X] Infected files
[ ] Infected files with paths
[ ] All scanned files
[ ] Full information
Abridge report file:
[ ] Abridge report file
Warnings in report:
[X] Access denied/file locked
[X] Wrong file size in directory
[X] Wrong creation time in directory
[ ] COM file is too large
[X] Invalid start address
[X] Invalid EXE header
[X] Possibly damaged
Summary report:
[X] Create summary report
Output file: AVWIN.ACT
Maximum number of entries: 100
Where to search:
[X] Memory
[X] Boot record of selected drives
[ ] Report unknown boot sectors
[ ] All files
[X] Program files
Extensions: .386 .ACM .ADE .ADP .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .JS* .JSE .LNK .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDR .PGM .PIF .PKG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
Response in case of a detection:
[X] Repair with prompt
[ ] Repair without prompt
[ ] Delete with prompt
[ ] Delete without prompt
[ ] Write in report file only
[X] Acoustic alarm
Response in case of destroyed files:
[X] Delete with prompt
[ ] Delete without prompt
[ ] Ignore
Response in case of destroyed files:
[X] No change
[ ] Current system time
[ ] Correct date
Drag&drop settings:
[X] Scan subdirectories
Profile settings:
[X] Scan subdirectories
Archive options
[X] Search archive
[X] All archive types
Miscellaneous options:
Temporary path: %TEMP% -> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
[X] Overwrite infected files
[ ] Detect idle time
[X] Allow interruptions of scan
[ ] Load AVWin®/NT Guard on System start
General settings:
[X] Save options on exiting AntiVir
Priority: medium
Drives:
A: Floppy drive
C: Hard disk
D: Hard disk
E: CD-ROM
F: CD-ROM
Start of scan: 02.09.2004 18:56
Memory test OK
Master boot record of hard disk HD0 OK
Boot record of drive C: OK
Boot record of drive D: OK
C:\
pagefile.sys
Access denied! Error during file opening!
This is a Windows swap file. This file is locked by Windows.
Error code: 0x000D
WARNING! Access error/file locked!
C:\Documents and Settings\Administrateur\Favoris
FREE DESKTOP WALLPAPERS ???? ??? ???????? ????? www.MOTA.RU.url
Access denied! Error during file opening!
Error code: 0x0016
WARNING! Access error/file locked!
C:\Program Files\WinRAR
rarnew.dat
ArchiveType: RAR
NOTE! The archive is created by multiple volumes
C:\RECYCLER\NPROTECT
00009600.exe
ArchiveType: RAR SFX (self extracting)
--> getot.exe
[DETECTION] Contains signature of the worm Worm/Sdbot.39936.B
00009602.exe
ArchiveType: RAR SFX (self extracting)
--> getot.exe
[DETECTION] Contains signature of the worm Worm/Sdbot.39936.B
00009604.exe
ArchiveType: RAR SFX (self extracting)
--> getot.exe
[DETECTION] Contains signature of the worm Worm/Sdbot.39936.B
00009614.exe
ArchiveType: RAR SFX (self extracting)
--> getot.exe
[DETECTION] Contains signature of the worm Worm/Sdbot.39936.B
00009652.exe
ArchiveType: RAR SFX (self extracting)
--> getot.exe
[DETECTION] Contains signature of the worm Worm/Sdbot.39936.B
Error! Could not change directory: System Volume Information
C:\WINNT\system32
1123cdc.exe
ArchiveType: RAR SFX (self extracting)
--> getot.exe
[DETECTION] Contains signature of the worm Worm/Sdbot.39936.B
C:\WINNT\system32\config
default
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
SAM
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
SECURITY
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
software
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
system
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
D:\Program Files\Macromedia\Flash MX\Players\Release
Install Flash Player 6 OSX.hqx
ArchiveType: BinHex (Mac)
NOTE! No files to extract.
Install Flash Player 6.hqx
ArchiveType: BinHex (Mac)
NOTE! No files to extract.
D:\Program Files\Macromedia\Flash MX\Players\Debug
Install Flash Player 6 OSX.hqx
ArchiveType: BinHex (Mac)
NOTE! No files to extract.
Install Flash Player 6.hqx
ArchiveType: BinHex (Mac)
NOTE! No files to extract.
D:\David\Favoris
FREE DESKTOP WALLPAPERS ???? ??? ???????? ????? www.MOTA.RU.url
Access denied! Error during file opening!
Error code: 0x0016
WARNING! Access error/file locked!
D:\Logiciels\Logiciel de Musique
AudioTools4.ZIP
ArchiveType: ZIP
--> keygen.exe
WARNING! Invalid start address!
D:\Logiciels\Logiciel de Musique\AudioTools4
keygen.exe
WARNING! Invalid start address!
D:\Logiciels\Graphisme Web\Director 8.5
patch director8.5.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
End of scan: 02.09.2004 19:30
Time taken: 33:45 min
2621 directories were scanned
42624 files were scanned
10 warning messages were issued
0 files were deleted
0 files were repaired
6 detections
Si quelqu'un pouvais je l'en remerice d'avance
Dj Ichtus
Ben c'est simple, ces fichiers machintrucbidule.exe sont des archives auto-extractibles, et dans ces archives il y a un fichier qui est infecté.
Une archive auto-extractible (sfx) est une archive comme les archives rar ou zip (appellés aussi dossiers compressés par XP), sauf qu'elle n'a pas besoin de winrar ou winzip pour être lue et en extraire les fichiers qu'elle contient, car elle sait le faire toute seule.
Si tu as des connaissances en informatique, ouvre ton archive PAS EN DOUBLE-CLIQUANT DESSUS !!!!! mais avec winrar, et vire le fichier infecté.
Si tu n'as pas de connaissances, fous les en quarantaine avec l'antivirus, ou à la min tu fais un couper-coller (ctrl-x puis ctrl-v dans le dossier de sortie) dans un dossier que tu appelle "VIRUS A NE PAS OUVRIR" au cas où frangin passe dans le coin, et tu attends une semaine ou deux. si tu n'as pas de plantage qui réclame un de ces fichiers, supprime-les et vide ta corbeille. Si t'as des plantages qui les raclament (ça m'étonnerait, mais bon...) ben passe ton PC à un ami informaticien ou fais-lui faire une cure dans un magasin :)
@@++
Une archive auto-extractible (sfx) est une archive comme les archives rar ou zip (appellés aussi dossiers compressés par XP), sauf qu'elle n'a pas besoin de winrar ou winzip pour être lue et en extraire les fichiers qu'elle contient, car elle sait le faire toute seule.
Si tu as des connaissances en informatique, ouvre ton archive PAS EN DOUBLE-CLIQUANT DESSUS !!!!! mais avec winrar, et vire le fichier infecté.
Si tu n'as pas de connaissances, fous les en quarantaine avec l'antivirus, ou à la min tu fais un couper-coller (ctrl-x puis ctrl-v dans le dossier de sortie) dans un dossier que tu appelle "VIRUS A NE PAS OUVRIR" au cas où frangin passe dans le coin, et tu attends une semaine ou deux. si tu n'as pas de plantage qui réclame un de ces fichiers, supprime-les et vide ta corbeille. Si t'as des plantages qui les raclament (ça m'étonnerait, mais bon...) ben passe ton PC à un ami informaticien ou fais-lui faire une cure dans un magasin :)
@@++
