Voila j'ai le meme virus je ben15 je tenvoie mon report.exe voila :
Final Check:
catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-09 21:34:04
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
C:\Documents and Settings\Admin\qkaetqpp.exe [696] 0x8572D990
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 1
hidden services: 0
hidden files: 48
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Morpheus\\Morpheus.exe"="C:\\Program Files\\Morpheus\\Morpheus.exe:*:Disabled:Morpheus"
"C:\\Program Files\\utorrent\\utorrent.exe"="C:\\Program Files\\utorrent\\utorrent.exe:*:Disabled:æTorrent"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\eMule\\eMule.exe"="C:\\Program Files\\eMule\\eMule.exe:*:Enabled:eMule Plus"
"C:\\DOCUME~1\\Admin\\LOCALS~1\\Temp\\dllhost.exe"="C:\\DOCUME~1\\Admin\\LOCALS~1\\Temp\\dllhost.exe:*:Enabled:Flash Media"
"C:\\Documents and Settings\\Admin\\qkaetqpp.exe"="C:\\Documents and Settings\\Admin\\qkaetqpp.exe:*:Enabled:Flash Media"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
Remaining Files:
---------------
Files with Hidden Attributes:
Thu 5 Aug 2004 94,864 ..SH. --- "C:\WINDOWS\twain.dll"
Thu 5 Aug 2004 50,688 ..SH. --- "C:\WINDOWS\twain_32.dll"
Thu 5 Aug 2004 1,028,096 ..SH. --- "C:\WINDOWS\system32\mfc42.dll"
Thu 5 Aug 2004 54,784 ..SH. --- "C:\WINDOWS\system32\msvcirt.dll"
Thu 5 Aug 2004 413,696 ..SH. --- "C:\WINDOWS\system32\msvcp60.dll"
Thu 5 Aug 2004 343,040 ..SH. --- "C:\WINDOWS\system32\msvcrt.dll"
Thu 17 May 2007 549,376 ..SH. --- "C:\WINDOWS\system32\oleaut32.dll"
Thu 5 Aug 2004 83,456 ..SH. --- "C:\WINDOWS\system32\olepro32.dll"
Thu 5 Aug 2004 12,288 ..SH. --- "C:\WINDOWS\system32\regsvr32.exe"
Tue 19 Dec 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Fri 3 Aug 2007 2,498,560 A..H. --- "C:\Documents and Settings\Admin\Mes documents\Dossier christiane et kjell\~WRL0002.tmp"
Mon 4 Nov 2002 1,678,848 A..H. --- "C:\Documents and Settings\Admin\Mes documents\Dossier christiane et kjell\~WRL0745.tmp"
Sat 2 Nov 2002 1,597,952 A..H. --- "C:\Documents and Settings\Admin\Mes documents\Dossier christiane et kjell\~WRL0935.tmp"
Sat 2 Nov 2002 1,498,624 A..H. --- "C:\Documents and Settings\Admin\Mes documents\Dossier christiane et kjell\~WRL1335.tmp"
Sat 17 Sep 2005 26,112 A..H. --- "C:\Documents and Settings\Admin\Mes documents\Dossier christiane et kjell\~WRL1776.tmp"
Sat 2 Nov 2002 1,596,928 A..H. --- "C:\Documents and Settings\Admin\Mes documents\Dossier christiane et kjell\~WRL2069.tmp"
Thu 11 Apr 2002 190,976 A..H. --- "C:\Documents and Settings\Admin\Mes documents\Dossier christiane et kjell\~WRL2112.tmp"
Mon 20 May 2002 19,968 A..H. --- "C:\Documents and Settings\Admin\Mes documents\Dossier christiane et kjell\~WRL2255.tmp"
Tue 19 Apr 2005 19,456 A..H. --- "C:\Documents and Settings\Admin\Mes documents\Dossier christiane et kjell\~WRL2292.tmp"
Tue 5 Nov 2002 697,344 A..H. --- "C:\Documents and Settings\Admin\Mes documents\Dossier christiane et kjell\~WRL2313.tmp"
Thu 11 Apr 2002 189,440 A..H. --- "C:\Documents and Settings\Admin\Mes documents\Dossier christiane et kjell\~WRL2432.tmp"
Sat 2 Nov 2002 1,598,464 A..H. --- "C:\Documents and Settings\Admin\Mes documents\Dossier christiane et kjell\~WRL2462.tmp"
Sat 2 Nov 2002 20,480 A..H. --- "C:\Documents and Settings\Admin\Mes documents\Dossier christiane et kjell\~WRL2703.tmp"
Tue 5 Nov 2002 1,677,312 A..H. --- "C:\Documents and Settings\Admin\Mes documents\Dossier christiane et kjell\~WRL2789.tmp"
Thu 11 Apr 2002 188,416 A..H. --- "C:\Documents and Settings\Admin\Mes documents\Dossier christiane et kjell\~WRL3105.tmp"
Sat 2 Nov 2002 1,597,440 A..H. --- "C:\Documents and Settings\Admin\Mes documents\Dossier christiane et kjell\~WRL3186.tmp"
Sat 2 Nov 2002 1,598,464 A..H. --- "C:\Documents and Settings\Admin\Mes documents\Dossier christiane et kjell\~WRL3579.tmp"
Fri 16 Sep 2005 21,504 A..H. --- "C:\Documents and Settings\Admin\Mes documents\Dossier christiane et kjell\~WRL3833.tmp"
Sat 18 Nov 2006 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sat 13 Nov 2004 37,376 ...H. --- "C:\Program Files\Fichiers communs\Adobe\ESD\DLMCleanup.exe"
Wed 30 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\585dc2612ebcefc90e7dee4c276ee95e\BIT2.tmp"
Wed 19 Sep 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\778fd2fc3fe6b905e366b5ddbba384c8\BITA.tmp"
Finished!
Clean virus msn
