File:00009602.exe, c'est quoi?Help!!

djichtus Messages postés 76 Statut Membre -  
 abdellah01100 -
Bonjour suite a une détection de Antivir, il ma sortie a plusieurs reprise les fichiers File:00009600.exe, File:00009602.exe, File:00009604, File:00009614.exe, File:00009652.exe, File:1123cdc.exe et a chaque fois était inscrit après : This archive contains one more infected files
Infected files in archive will not be deleted or repaired
Would you like to receive this message each archive with infected files.
Qu'est ce que ca veut dire?
Comment puis-je faire pour les réparer, est-ce grave?
Merci d'avance pour vos réponse qui je l'espère pourront m'aider

Dj Ichtus

3 réponses

  1. djichtus Messages postés 76 Statut Membre 3
     
    A la fin de l'analyse Antivir me dit : Viruses and/or unwanted program were found in one or more archives!
    Infected files in archives will not be deleted or repaired

    Je vous donne le rapport de l'analyse d'antivir :

    Creation date of the report file: 02.09.2004 18:56

    AntiVir®/XP (2000 + NT) Personal Edition v6.26.00.00 of 27.05.2004
    VDF file v6.26.0.13 (0) of 02.07.2004

    This program is for PERSONAL USE only.
    Any other use is PROHIBITED.
    Informations regarding commercial versions of AntiVir may be obtained from:
    www.hbedv.com.

    Scanning for 87427 virus strains and unwanted programs.

    Licensed for: AntiVir Personal Edition
    Serial number: 0000149996-ADJIE-0001
    FUSE: Basic license

    Please enter the workstation and
    contact name with phone number in this form:

    Name ___________________________________________

    Street ___________________________________________

    Town ___________________________________________

    Phone/Fax ___________________________________________

    EMail ___________________________________________

    Platform: Windows NT Workstation
    Windows version: 5.0 Build 2195 (Service Pack 4)
    Username: Administrateur
    Processor: Pentium
    Working memory: 1310192 KB free

    Version information:
    AVEWIN32.DLL : v6.26.0.3 430592 15.06.2004 07:42:20
    AVGNT.EXE : v6.26.00.03 122920 04.06.2004 09:09:06
    AVGUARD.EXE : v6.26.00.02 204840 14.05.2004 15:00:30
    GUARDMSG.DLL : v6.26.00.03 90152 26.05.2004 12:33:30
    AVGCMSG.DLL : v6.26.00.00 245800 26.05.2004 13:55:40
    AVGNTDD.SYS : v6.26.00.07 34016 25.05.2004 18:35:04
    AVPACK32.DLL : v6.22.00.24 299048 09.06.2004 16:05:52
    AVGETVER.DLL : v6.22.00.00 24576 20.01.2004 14:14:00
    AVWIN.DLL : v6.26.00.00 557096 27.05.2004 12:50:18
    AVSHLEXT.DLL : v6.22.00.00 57344 20.01.2004 14:14:00
    AVSched32.EXE : v6.23.00.00 110632 20.01.2004 14:14:00
    AVSched32.DLL : v6.23.00.00 122880 20.01.2004 14:14:00
    AVREG.DLL : v6.22.00.00 41000 20.01.2004 14:14:00
    AVRep.DLL : v6.26.00.07 483368 02.07.2004 15:12:34
    INETUPD.EXE : v6.26.00.01 200704 27.05.2004 12:50:44
    INETUPD.DLL : v6.26.00.01 143360 27.05.2004 12:50:44
    CTL3D32.DLL : v2.31.000 27136 16.12.1999 02:00:00
    MFC42.DLL : v6.00.9586.0 1015859 19.06.2003 21:05:04
    MSVCRT.DLL : v6.10.9844.0 286773 19.06.2003 21:05:04
    CTL3DV2.DLL : No information

    Configuration file:

    Name of configuration file: C:\Program Files\AVPersonal\AVWIN.INI
    Name of report file: C:\Program Files\AVPersonal\LOGFILES\AVWIN.LOG
    Start path: C:\Program Files\AVPersonal
    Command line:
    Start mode: unknown

    Mode of report file:
    [ ] Do not create report
    [X] Overwrite report
    [ ] Append new report

    Data in report file:
    [X] Infected files
    [ ] Infected files with paths
    [ ] All scanned files
    [ ] Full information

    Abridge report file:
    [ ] Abridge report file

    Warnings in report:
    [X] Access denied/file locked
    [X] Wrong file size in directory
    [X] Wrong creation time in directory
    [ ] COM file is too large
    [X] Invalid start address
    [X] Invalid EXE header
    [X] Possibly damaged

    Summary report:
    [X] Create summary report
    Output file: AVWIN.ACT
    Maximum number of entries: 100

    Where to search:
    [X] Memory
    [X] Boot record of selected drives
    [ ] Report unknown boot sectors
    [ ] All files
    [X] Program files
    Extensions: .386 .ACM .ADE .ADP .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .JS* .JSE .LNK .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDR .PGM .PIF .PKG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP

    Response in case of a detection:
    [X] Repair with prompt
    [ ] Repair without prompt
    [ ] Delete with prompt
    [ ] Delete without prompt
    [ ] Write in report file only
    [X] Acoustic alarm

    Response in case of destroyed files:
    [X] Delete with prompt
    [ ] Delete without prompt
    [ ] Ignore

    Response in case of destroyed files:
    [X] No change
    [ ] Current system time
    [ ] Correct date

    Drag&drop settings:
    [X] Scan subdirectories

    Profile settings:
    [X] Scan subdirectories

    Archive options
    [X] Search archive
    [X] All archive types

    Miscellaneous options:
    Temporary path: %TEMP% -> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
    [X] Overwrite infected files
    [ ] Detect idle time
    [X] Allow interruptions of scan
    [ ] Load AVWin®/NT Guard on System start

    General settings:
    [X] Save options on exiting AntiVir
    Priority: medium

    Drives:
    A: Floppy drive
    C: Hard disk
    D: Hard disk
    E: CD-ROM
    F: CD-ROM

    Start of scan: 02.09.2004 18:56

    Memory test OK
    Master boot record of hard disk HD0 OK
    Boot record of drive C: OK
    Boot record of drive D: OK

    C:\
    pagefile.sys
    Access denied! Error during file opening!
    This is a Windows swap file. This file is locked by Windows.
    Error code: 0x000D
    WARNING! Access error/file locked!
    C:\Documents and Settings\Administrateur\Favoris
    FREE DESKTOP WALLPAPERS ???? ??? ???????? ????? www.MOTA.RU.url
    Access denied! Error during file opening!
    Error code: 0x0016
    WARNING! Access error/file locked!
    C:\Program Files\WinRAR
    rarnew.dat
    ArchiveType: RAR
    NOTE! The archive is created by multiple volumes
    C:\RECYCLER\NPROTECT
    00009600.exe
    ArchiveType: RAR SFX (self extracting)
    --> getot.exe
    [DETECTION] Contains signature of the worm Worm/Sdbot.39936.B
    00009602.exe
    ArchiveType: RAR SFX (self extracting)
    --> getot.exe
    [DETECTION] Contains signature of the worm Worm/Sdbot.39936.B
    00009604.exe
    ArchiveType: RAR SFX (self extracting)
    --> getot.exe
    [DETECTION] Contains signature of the worm Worm/Sdbot.39936.B
    00009614.exe
    ArchiveType: RAR SFX (self extracting)
    --> getot.exe
    [DETECTION] Contains signature of the worm Worm/Sdbot.39936.B
    00009652.exe
    ArchiveType: RAR SFX (self extracting)
    --> getot.exe
    [DETECTION] Contains signature of the worm Worm/Sdbot.39936.B
    Error! Could not change directory: System Volume Information
    C:\WINNT\system32
    1123cdc.exe
    ArchiveType: RAR SFX (self extracting)
    --> getot.exe
    [DETECTION] Contains signature of the worm Worm/Sdbot.39936.B
    C:\WINNT\system32\config
    default
    Access denied! Error during file opening!
    Error code: 0x000D
    WARNING! Access error/file locked!
    SAM
    Access denied! Error during file opening!
    Error code: 0x000D
    WARNING! Access error/file locked!
    SECURITY
    Access denied! Error during file opening!
    Error code: 0x000D
    WARNING! Access error/file locked!
    software
    Access denied! Error during file opening!
    Error code: 0x000D
    WARNING! Access error/file locked!
    system
    Access denied! Error during file opening!
    Error code: 0x000D
    WARNING! Access error/file locked!

    D:\Program Files\Macromedia\Flash MX\Players\Release
    Install Flash Player 6 OSX.hqx
    ArchiveType: BinHex (Mac)
    NOTE! No files to extract.
    Install Flash Player 6.hqx
    ArchiveType: BinHex (Mac)
    NOTE! No files to extract.
    D:\Program Files\Macromedia\Flash MX\Players\Debug
    Install Flash Player 6 OSX.hqx
    ArchiveType: BinHex (Mac)
    NOTE! No files to extract.
    Install Flash Player 6.hqx
    ArchiveType: BinHex (Mac)
    NOTE! No files to extract.
    D:\David\Favoris
    FREE DESKTOP WALLPAPERS ???? ??? ???????? ????? www.MOTA.RU.url
    Access denied! Error during file opening!
    Error code: 0x0016
    WARNING! Access error/file locked!
    D:\Logiciels\Logiciel de Musique
    AudioTools4.ZIP
    ArchiveType: ZIP
    --> keygen.exe
    WARNING! Invalid start address!
    D:\Logiciels\Logiciel de Musique\AudioTools4
    keygen.exe
    WARNING! Invalid start address!
    D:\Logiciels\Graphisme Web\Director 8.5
    patch director8.5.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected

    End of scan: 02.09.2004 19:30
    Time taken: 33:45 min

    2621 directories were scanned
    42624 files were scanned
    10 warning messages were issued
    0 files were deleted
    0 files were repaired
    6 detections

    Si quelqu'un pouvais je l'en remerice d'avance

    Dj Ichtus
    1
  2. JahvaScript Maniac
     
    Ben c'est simple, ces fichiers machintrucbidule.exe sont des archives auto-extractibles, et dans ces archives il y a un fichier qui est infecté.

    Une archive auto-extractible (sfx) est une archive comme les archives rar ou zip (appellés aussi dossiers compressés par XP), sauf qu'elle n'a pas besoin de winrar ou winzip pour être lue et en extraire les fichiers qu'elle contient, car elle sait le faire toute seule.

    Si tu as des connaissances en informatique, ouvre ton archive PAS EN DOUBLE-CLIQUANT DESSUS !!!!! mais avec winrar, et vire le fichier infecté.

    Si tu n'as pas de connaissances, fous les en quarantaine avec l'antivirus, ou à la min tu fais un couper-coller (ctrl-x puis ctrl-v dans le dossier de sortie) dans un dossier que tu appelle "VIRUS A NE PAS OUVRIR" au cas où frangin passe dans le coin, et tu attends une semaine ou deux. si tu n'as pas de plantage qui réclame un de ces fichiers, supprime-les et vide ta corbeille. Si t'as des plantages qui les raclament (ça m'étonnerait, mais bon...) ben passe ton PC à un ami informaticien ou fais-lui faire une cure dans un magasin :)

    @@++
    0
  3. abdellah01100
     
    aidai moi je ne connait pas cest koi un code de winrar je sait pas comment fair
    0