Trojan win32 ... besoin d'aide svp
Résolu/Fermé
crhistia
Messages postés
4
Date d'inscription
dimanche 29 avril 2007
Statut
Membre
Dernière intervention
30 avril 2007
-
29 avril 2007 à 18:05
crhistia Messages postés 4 Date d'inscription dimanche 29 avril 2007 Statut Membre Dernière intervention 30 avril 2007 - 30 avril 2007 à 10:00
crhistia Messages postés 4 Date d'inscription dimanche 29 avril 2007 Statut Membre Dernière intervention 30 avril 2007 - 30 avril 2007 à 10:00
A voir également:
- Trojan win32 ... besoin d'aide svp
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Win32 trojan gen - Forum Virus / Sécurité
- Hacktool win32 autokms ✓ - Forum Virus / Sécurité
- Trojan win32 ✓ - Forum Virus / Sécurité
- Win32/lodi - Forum Virus / Sécurité
5 réponses
instale avast ilva te demander si tu veu 1 scan au demarage tu acspte il va le trouver tu apui sur la touche 1 est c bon normalement
crhistia
Messages postés
4
Date d'inscription
dimanche 29 avril 2007
Statut
Membre
Dernière intervention
30 avril 2007
30 avril 2007 à 00:08
30 avril 2007 à 00:08
Merci.
Mais je suis déjà avec avast, et il n'avait rien trouvé. c'est bit defender, qui m'a trouvé des trucs dont voici le rapport :
BitDefender Online Scanner - Real Time Virus Report
Generated at: Sat, Apr 28, 2007 - 15:11:06
--------------------------------------------------------------------------------
Scan Info
Scanned Files
403360
Infected Files
25
Virus Detected
DeepScan:Generic.Sdbot.A8443D8B
8
Worm.Sedoubot.A
2
Trojan.FatObfus.Gen
2
DeepScan:Generic.Sdbot.AED8F817
13
Et voici le dernier rapport avec avg Antispyware :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 22:50:46 29/04/2007
+ Résultat de l'analyse:
C:\System Volume Information\_restore{CF8A8A89-AECF-4201-BE8A-1E0046528143}\RP117\A0016247.dll -> Backdoor.IRCBot.aaq : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32\__delete_on_reboot__r_d_i_h_o_s_t_._d_l_l_ -> Backdoor.IRCBot.aaq : Nettoyé et sauvegardé (mise en quarantaine).
[1396] C:\WINDOWS\system32\rdihost.dll -> Backdoor.IRCBot.aaq : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\aimmsn.exe -> Backdoor.Sdbot : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\U3236ULG\install2[1].exe -> Downloader.Adload.jm : Nettoyé et sauvegardé (mise en quarantaine).
:mozilla.231:D:\Documents and Settings\FOS BATI SERVICE\Application Data\Mozilla\Firefox\Profiles\31owt2e6.default\cookies.txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.771:D:\Documents and Settings\FOS BATI SERVICE\Application Data\Mozilla\Firefox\Profiles\31owt2e6.default\cookies.txt -> TrackingCookie.Connextra : Nettoyé.
:mozilla.772:D:\Documents and Settings\FOS BATI SERVICE\Application Data\Mozilla\Firefox\Profiles\31owt2e6.default\cookies.txt -> TrackingCookie.Connextra : Nettoyé.
:mozilla.269:D:\Documents and Settings\FOS BATI SERVICE\Application Data\Mozilla\Firefox\Profiles\31owt2e6.default\cookies.txt -> TrackingCookie.Dealtime : Nettoyé.
:mozilla.644:D:\Documents and Settings\FOS BATI SERVICE\Application Data\Mozilla\Firefox\Profiles\31owt2e6.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.645:D:\Documents and Settings\FOS BATI SERVICE\Application Data\Mozilla\Firefox\Profiles\31owt2e6.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.278:D:\Documents and Settings\FOS BATI SERVICE\Application Data\Mozilla\Firefox\Profiles\31owt2e6.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.378:D:\Documents and Settings\FOS BATI SERVICE\Application Data\Mozilla\Firefox\Profiles\31owt2e6.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.379:D:\Documents and Settings\FOS BATI SERVICE\Application Data\Mozilla\Firefox\Profiles\31owt2e6.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.380:D:\Documents and Settings\FOS BATI SERVICE\Application Data\Mozilla\Firefox\Profiles\31owt2e6.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
C:\Documents and Settings\FOS BATI service\Cookies\fos_bati_service@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\FOS BATI service\Cookies\fos_bati_service@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.637:D:\Documents and Settings\FOS BATI SERVICE\Application Data\Mozilla\Firefox\Profiles\31owt2e6.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
Fin du rapport
Je pense que tout est venu d'un fichier anglais reçu par quelqu'un de confiance sur MSN, Mais cette personne ne m'avait jamais rien envoyé !! Bêtement, je l'ai ouvert, et mes ennuis ont commencés !
J'ai aussi effectué MSNFix qui a trouvé quelque chose, et l'a détruit.
Je suis en train de refaire une analyse avec avast qui dure depuis 4 heures maintenant (est-ce normal qu'il soit si long ????) et je verrai ce que ça donne.
Merci encore
bonne soirée
Mais je suis déjà avec avast, et il n'avait rien trouvé. c'est bit defender, qui m'a trouvé des trucs dont voici le rapport :
BitDefender Online Scanner - Real Time Virus Report
Generated at: Sat, Apr 28, 2007 - 15:11:06
--------------------------------------------------------------------------------
Scan Info
Scanned Files
403360
Infected Files
25
Virus Detected
DeepScan:Generic.Sdbot.A8443D8B
8
Worm.Sedoubot.A
2
Trojan.FatObfus.Gen
2
DeepScan:Generic.Sdbot.AED8F817
13
Et voici le dernier rapport avec avg Antispyware :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 22:50:46 29/04/2007
+ Résultat de l'analyse:
C:\System Volume Information\_restore{CF8A8A89-AECF-4201-BE8A-1E0046528143}\RP117\A0016247.dll -> Backdoor.IRCBot.aaq : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32\__delete_on_reboot__r_d_i_h_o_s_t_._d_l_l_ -> Backdoor.IRCBot.aaq : Nettoyé et sauvegardé (mise en quarantaine).
[1396] C:\WINDOWS\system32\rdihost.dll -> Backdoor.IRCBot.aaq : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\aimmsn.exe -> Backdoor.Sdbot : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\U3236ULG\install2[1].exe -> Downloader.Adload.jm : Nettoyé et sauvegardé (mise en quarantaine).
:mozilla.231:D:\Documents and Settings\FOS BATI SERVICE\Application Data\Mozilla\Firefox\Profiles\31owt2e6.default\cookies.txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.771:D:\Documents and Settings\FOS BATI SERVICE\Application Data\Mozilla\Firefox\Profiles\31owt2e6.default\cookies.txt -> TrackingCookie.Connextra : Nettoyé.
:mozilla.772:D:\Documents and Settings\FOS BATI SERVICE\Application Data\Mozilla\Firefox\Profiles\31owt2e6.default\cookies.txt -> TrackingCookie.Connextra : Nettoyé.
:mozilla.269:D:\Documents and Settings\FOS BATI SERVICE\Application Data\Mozilla\Firefox\Profiles\31owt2e6.default\cookies.txt -> TrackingCookie.Dealtime : Nettoyé.
:mozilla.644:D:\Documents and Settings\FOS BATI SERVICE\Application Data\Mozilla\Firefox\Profiles\31owt2e6.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.645:D:\Documents and Settings\FOS BATI SERVICE\Application Data\Mozilla\Firefox\Profiles\31owt2e6.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.278:D:\Documents and Settings\FOS BATI SERVICE\Application Data\Mozilla\Firefox\Profiles\31owt2e6.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.378:D:\Documents and Settings\FOS BATI SERVICE\Application Data\Mozilla\Firefox\Profiles\31owt2e6.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.379:D:\Documents and Settings\FOS BATI SERVICE\Application Data\Mozilla\Firefox\Profiles\31owt2e6.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.380:D:\Documents and Settings\FOS BATI SERVICE\Application Data\Mozilla\Firefox\Profiles\31owt2e6.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
C:\Documents and Settings\FOS BATI service\Cookies\fos_bati_service@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\FOS BATI service\Cookies\fos_bati_service@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.637:D:\Documents and Settings\FOS BATI SERVICE\Application Data\Mozilla\Firefox\Profiles\31owt2e6.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
Fin du rapport
Je pense que tout est venu d'un fichier anglais reçu par quelqu'un de confiance sur MSN, Mais cette personne ne m'avait jamais rien envoyé !! Bêtement, je l'ai ouvert, et mes ennuis ont commencés !
J'ai aussi effectué MSNFix qui a trouvé quelque chose, et l'a détruit.
Je suis en train de refaire une analyse avec avast qui dure depuis 4 heures maintenant (est-ce normal qu'il soit si long ????) et je verrai ce que ça donne.
Merci encore
bonne soirée
youri glogenflobish
Messages postés
17
Date d'inscription
dimanche 29 avril 2007
Statut
Membre
Dernière intervention
4 mai 2008
30 avril 2007 à 00:22
30 avril 2007 à 00:22
A tout hasard, ce fichier s'intitulait "photo album" ou un truc dans le genre, et il était accompagné d'un message en anglais... Si c'est cela, j'ai fait la même erreur que toi, et il est vraiment pas sympa ce trojan.
crhistia
Messages postés
4
Date d'inscription
dimanche 29 avril 2007
Statut
Membre
Dernière intervention
30 avril 2007
30 avril 2007 à 00:38
30 avril 2007 à 00:38
Oui c'est bien celui-là !! tu as raison, il est coriace celui-là !! ;)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
crhistia
Messages postés
4
Date d'inscription
dimanche 29 avril 2007
Statut
Membre
Dernière intervention
30 avril 2007
30 avril 2007 à 10:00
30 avril 2007 à 10:00
Bonjour à toutes et à tous. J'ai fini le scan avec et voilà ce qu'il m'a trouver :
23/04/2007 02:18:57 FOS BATI service 3068 Sign of "Win32:Inject-BL [Trj]" has been found in "C:\Program Files\BitDownload\ZM\minime.exe" file.
23/04/2007 10:52:09 FOS BATI service 3068 Sign of "Win32:Inject-BL [Trj]" has been found in "C:\System Volume Information\_restore{CF8A8A89-AECF-4201-BE8A-1E0046528143}\RP110\A0015544.exe" file.
23/04/2007 10:55:39 FOS BATI service 3068 Sign of "Win32:Obfuscated-GT [Trj]" has been found in "C:\System Volume Information\_restore{CF8A8A89-AECF-4201-BE8A-1E0046528143}\RP63\A0010339.exe" file.
23/04/2007 10:55:40 FOS BATI service 3068 Sign of "Win32:Obfuscated-GT [Trj]" has been found in "C:\System Volume Information\_restore{CF8A8A89-AECF-4201-BE8A-1E0046528143}\RP63\A0010340.exe" file.
25/04/2007 23:44:51 SYSTEM 1380 Sign of "Win32:SpyBot-gen [Wrm]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\ur[1].exe" file.
25/04/2007 23:45:18 SYSTEM 1380 Sign of "Win32:SpyBot-gen [Wrm]" has been found in "C:\das.exe" file.
28/04/2007 03:25:05 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\2ISOSAAE\install[1].exe" file.
28/04/2007 10:52:09 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0K6HRORE\install[1].exe" file.
29/04/2007 00:13:08 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\install2[1].exe" file.
29/04/2007 15:05:57 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\install2[2].exe" file.
29/04/2007 15:06:03 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\install2[3].exe" file.
29/04/2007 15:06:15 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\install2[4].exe" file.
29/04/2007 15:06:31 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\install2[5].exe" file.
29/04/2007 15:06:36 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\install2[6].exe" file.
29/04/2007 15:13:31 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\install2[7].exe" file.
29/04/2007 15:13:35 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\install2[8].exe" file.
29/04/2007 15:14:25 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\install2[9].exe" file.
29/04/2007 15:14:33 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\install2[10].exe" file.
29/04/2007 15:14:34 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\install2[11].exe" file.
29/04/2007 15:30:42 FOS BATI service 1288 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\FOS BATI service\Local Settings\Temporary Internet Files\Content.IE5\LN8HZUAX\install2[1].exe" file.
29/04/2007 15:34:30 FOS BATI service 1288 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\FOS BATI service\cinstall.exe" file.
29/04/2007 17:12:31 FOS BATI service 1288 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: D:\Documents and Settings\FOS BATI SERVICE\Local Settings\Temporary Internet Files\Content.IE5\JNDBR9GS\functions[1].js (D:\Documents and Settings\FOS BATI SERVICE\Local Settings\Temporary Internet Files\Content.IE5\JNDBR9GS\functions[1].js) returning error, 0000001E.
29/04/2007 18:33:30 FOS BATI service 1364 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\iexplore.exe" file.
29/04/2007 18:40:05 FOS BATI service 1364 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\install.exe" file.
29/04/2007 18:49:44 FOS BATI service 1364 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\System Volume Information\_restore{CF8A8A89-AECF-4201-BE8A-1E0046528143}\RP117\A0016242.exe" file.
29/04/2007 18:49:45 FOS BATI service 1364 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\System Volume Information\_restore{CF8A8A89-AECF-4201-BE8A-1E0046528143}\RP117\A0016243.exe" file.
29/04/2007 20:52:13 FOS BATI service 1288 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\U3236ULG\install2[1].exe" file.
29/04/2007 20:55:51 FOS BATI service 1288 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\iexplore.exe" file.
29/04/2007 22:52:53 FOS BATI service 1364 Sign of "Win32:Agent-EIE [Trj]" has been found in "D:\install.exe" file.
30/04/2007 01:45:48 FOS BATI service 1364 Sign of "Win32:Agent-EIE [Trj]" has been found in "D:\System Volume Information\_restore{CF8A8A89-AECF-4201-BE8A-1E0046528143}\RP117\A0016249.exe" file.
30/04/2007 09:46:03 FOS BATI service 1308 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\FOS BATI service\Local Settings\Temporary Internet Files\Content.IE5\7MSPSZG9\install2[1].exe" file.
30/04/2007 09:46:46 FOS BATI service 1308 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\FOS BATI service\cinstall.exe" file.
J'ai redémarré mon pc et une nouvelle alerte à win32 agent EIE de la part d'avast est arrivé. Je ne sais plus quoi faire....
Merci pour votre aide
23/04/2007 02:18:57 FOS BATI service 3068 Sign of "Win32:Inject-BL [Trj]" has been found in "C:\Program Files\BitDownload\ZM\minime.exe" file.
23/04/2007 10:52:09 FOS BATI service 3068 Sign of "Win32:Inject-BL [Trj]" has been found in "C:\System Volume Information\_restore{CF8A8A89-AECF-4201-BE8A-1E0046528143}\RP110\A0015544.exe" file.
23/04/2007 10:55:39 FOS BATI service 3068 Sign of "Win32:Obfuscated-GT [Trj]" has been found in "C:\System Volume Information\_restore{CF8A8A89-AECF-4201-BE8A-1E0046528143}\RP63\A0010339.exe" file.
23/04/2007 10:55:40 FOS BATI service 3068 Sign of "Win32:Obfuscated-GT [Trj]" has been found in "C:\System Volume Information\_restore{CF8A8A89-AECF-4201-BE8A-1E0046528143}\RP63\A0010340.exe" file.
25/04/2007 23:44:51 SYSTEM 1380 Sign of "Win32:SpyBot-gen [Wrm]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\ur[1].exe" file.
25/04/2007 23:45:18 SYSTEM 1380 Sign of "Win32:SpyBot-gen [Wrm]" has been found in "C:\das.exe" file.
28/04/2007 03:25:05 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\2ISOSAAE\install[1].exe" file.
28/04/2007 10:52:09 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0K6HRORE\install[1].exe" file.
29/04/2007 00:13:08 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\install2[1].exe" file.
29/04/2007 15:05:57 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\install2[2].exe" file.
29/04/2007 15:06:03 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\install2[3].exe" file.
29/04/2007 15:06:15 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\install2[4].exe" file.
29/04/2007 15:06:31 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\install2[5].exe" file.
29/04/2007 15:06:36 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\install2[6].exe" file.
29/04/2007 15:13:31 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\install2[7].exe" file.
29/04/2007 15:13:35 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\install2[8].exe" file.
29/04/2007 15:14:25 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\install2[9].exe" file.
29/04/2007 15:14:33 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\install2[10].exe" file.
29/04/2007 15:14:34 SYSTEM 1380 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\SYQHGDZU\install2[11].exe" file.
29/04/2007 15:30:42 FOS BATI service 1288 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\FOS BATI service\Local Settings\Temporary Internet Files\Content.IE5\LN8HZUAX\install2[1].exe" file.
29/04/2007 15:34:30 FOS BATI service 1288 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\FOS BATI service\cinstall.exe" file.
29/04/2007 17:12:31 FOS BATI service 1288 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: D:\Documents and Settings\FOS BATI SERVICE\Local Settings\Temporary Internet Files\Content.IE5\JNDBR9GS\functions[1].js (D:\Documents and Settings\FOS BATI SERVICE\Local Settings\Temporary Internet Files\Content.IE5\JNDBR9GS\functions[1].js) returning error, 0000001E.
29/04/2007 18:33:30 FOS BATI service 1364 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\iexplore.exe" file.
29/04/2007 18:40:05 FOS BATI service 1364 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\install.exe" file.
29/04/2007 18:49:44 FOS BATI service 1364 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\System Volume Information\_restore{CF8A8A89-AECF-4201-BE8A-1E0046528143}\RP117\A0016242.exe" file.
29/04/2007 18:49:45 FOS BATI service 1364 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\System Volume Information\_restore{CF8A8A89-AECF-4201-BE8A-1E0046528143}\RP117\A0016243.exe" file.
29/04/2007 20:52:13 FOS BATI service 1288 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\U3236ULG\install2[1].exe" file.
29/04/2007 20:55:51 FOS BATI service 1288 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\iexplore.exe" file.
29/04/2007 22:52:53 FOS BATI service 1364 Sign of "Win32:Agent-EIE [Trj]" has been found in "D:\install.exe" file.
30/04/2007 01:45:48 FOS BATI service 1364 Sign of "Win32:Agent-EIE [Trj]" has been found in "D:\System Volume Information\_restore{CF8A8A89-AECF-4201-BE8A-1E0046528143}\RP117\A0016249.exe" file.
30/04/2007 09:46:03 FOS BATI service 1308 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\FOS BATI service\Local Settings\Temporary Internet Files\Content.IE5\7MSPSZG9\install2[1].exe" file.
30/04/2007 09:46:46 FOS BATI service 1308 Sign of "Win32:Agent-EIE [Trj]" has been found in "C:\Documents and Settings\FOS BATI service\cinstall.exe" file.
J'ai redémarré mon pc et une nouvelle alerte à win32 agent EIE de la part d'avast est arrivé. Je ne sais plus quoi faire....
Merci pour votre aide