Se connecter / S'enregistrer
Votre question

..n'est pas une application Win32 valide.

Tags :
  • Acer
  • Sécurité
Dernière réponse : dans Sécurité et virus
22 Janvier 2009 18:53:15

Bonjour , voila aujourd'hui je rentre j'allume mon pc , mon ordinateur m'ouvre une fenetre erreur pour demaon tools parlant de pluggins je n'ai pas bien fait attention je la ferme , puis je vois plus icone Acer Empowering technology alors je vais le chercher dans mes dossier je double-clik dessus et il me dit... :

C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe n'est pas une application Win32 valide


Voila si vous pouvez m'aider a comprendre et a m'en sortir , je vous remercie d'avance..

Autres pages sur : application win32 valide

22 Janvier 2009 20:17:53

bonsoir
Etape 1

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2


Etape 2

Télécharge Rooter.exe (d’ Eric 71) sur ton Bureau.

  • Double-clique dessus, une fenêtre va s'ouvrir, il te faudra patienter.
  • Poste le rapport qui s'ouvre.

    Note : Il se trouve ici : %SystemDrive%\Rooter.txt (%SystemDrive% étant la partition où est installée Windows; C:\ en général)


    23 Janvier 2009 10:57:00

    Voila le rapport pour hijackthis :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:55:48, on 23/01/2009
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16764)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Users\Tenshi\AppData\Local\Temp\RtkBtMnt.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
    C:\Acer\Empowering Technology\eAudio\eAudio.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
    C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
    D:\Video cocan\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.cegetel.net
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O1 - Hosts: 91.121.136.188 l2testauthd.lineage2.com
    O1 - Hosts: 91.121.136.188 l2authd.lineage2.com
    O1 - Hosts: 88.191.37.32 nProtect.lineage2.com
    O1 - Hosts: 88.191.37.32 update.nProtect.com
    O1 - Hosts: 88.191.37.32 update.nProtect.net
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
    O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
    O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
    O4 - HKLM\..\Run: [0232801200136732mcinstcleanup] C:\Users\Tenshi\AppData\Local\Temp\023280~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Users\Tenshi\AppData\Local\Temp\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
    O4 - Global Startup: Acer VCM.lnk = ?
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Empowering Technology Launcher.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: eNetHook.dll
    O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
    O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
    O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
    O23 - Service: Power Manager (PowerManager) - Unknown owner - C:\Windows\svchost.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --
    End of file - 9799 bytes
    Contenus similaires
    23 Janvier 2009 11:06:08

    et rooter txt :


    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5250 @ 1.50GHz )
    BIOS : ZD1 v1.3708 3G08
    USER : Tenshi ( Administrator )
    BOOT : Normal boot

    Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Not Activated)


    C:\ (Local Disk) - NTFS - Total:69 Go (Free:27 Go)
    D:\ (Local Disk) - NTFS - Total:66 Go (Free:46 Go)
    E:\ (CD or DVD)
    F:\ (CD or DVD)
    G:\ (CD or DVD)

    23/01/2009|11:04

    ----------------------\\ Search..

    No infections found !


    1 - "C:\Rooter$\Rooter_1.txt" - 23/01/2009|10:57
    2 - "C:\Rooter$\Rooter_2.txt" - 23/01/2009|11:04

    ----------------------\\ Scan completed at 11:04
    23 Janvier 2009 20:56:25

    re

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
    Une fois l'installation et la mise à jour effectuées :
  • Fais redémarrer ton ordinateur en mode sans échec
    - Au démarrage, après le chargement du bios, appuie successivement sur la touche F8 (ou F5) de ton clavier jusqu'à l'apparition d'un menu sur fond noir. Une fois arrivé à ce stade, sélectionne à l'aide du clavier Mode sans Echec.
    -- Dans ce mode, tu n'as pas accès à Internet, et tu te retrouves avec une configuration visuelle différente (pas de fond d'écran, icônes très grosses). Ne sois donc pas étonné.
    --- C'est pour ces différentes raisons que je t'invite à imprimer, noter, ou enregistrer dans un document texte les informations suivantes afin de ne pas être perdu.
    ---- ! Ne fais pas démarrer ton ordinateur en mode sans échec via MSConfig ! Pourquoi ? Certaines infections cassent les clefs du mode sans échec, ce qui ferait crasher ton ordinateur.

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

    ~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    ~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
    ~~~~ Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.

    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    Note : Si tu ne parviens à télécharger MBAM à partir de MajorGeeks, tu peux le télécharger ici!

    [#FF0000]Aide
    :
  • Comment utiliser MBAM.
  • Comment faire démarrer son ordinateur en mode sans échec.
    24 Janvier 2009 07:03:10

    Malwarebytes' Anti-Malware 1.33
    Version de la base de données: 1685
    Windows 6.0.6000

    24/01/2009 06:58:52
    mbam-log-2009-01-24 (06-58-35).txt

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 144021
    Temps écoulé: 32 minute(s), 32 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 3
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 1

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\powermanager (Trojan.Agent) -> No action taken.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\powermanager (Trojan.Agent) -> No action taken.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\powermanager (Trojan.Agent) -> No action taken.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Windows\svchost.exe (Trojan.Agent) -> No action taken.
    24 Janvier 2009 23:40:16

    re
    Malwarebytes' Anti-Malware a ciblé ce que je voulais...mais tu as mal lu la procédure:
    dans ton rapport:
    Citation :
    C:\Windows\svchost.exe (Trojan.Agent)-> No action taken.


    Quand l'outil a trouvé quelque-chose, à la fin, il faut cliquer sur "Supprimer la sélection".

    Recommence stp
    25 Janvier 2009 05:18:44

    re-salut

    bon je me suis rate en enregistrant a nouveau le rapport a moins que tu saches ou il est enregistree de facon basique..

    Mais j'ai fais supprimer le salection et il y avait marque " delete or quarantine succesfully " un truc du genre donc sa va mieux l'ordi a l'air d'aller plus vite deja.
    merci beaucoup.
    25 Janvier 2009 10:54:14

    je l'ai retrouvé :

    Malwarebytes' Anti-Malware 1.33
    Version de la base de données: 1685
    Windows 6.0.6000

    25/01/2009 05:09:06
    mbam-log-2009-01-25 (05-09-06).txt

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 144145
    Temps écoulé: 32 minute(s), 51 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 3
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 1

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\powermanager (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\powermanager (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\powermanager (Trojan.Agent) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    25 Janvier 2009 11:52:44

    bonjour,
    je ne peux plus ouvrir avast il me met n'est pas une application valide, je ne peux non plus telecharger d'autres antivirus
    cordialement
    25 Janvier 2009 12:20:45

    boubouille53 a dit :
    bonjour,
    je ne peux plus ouvrir avast il me met n'est pas une application valide, je ne peux non plus telecharger d'autres antivirus
    cordialement


    Chacun son sujet.
    Crée toi un autre sujet.
    25 Janvier 2009 20:43:52

    bonsoir
    akujunkan :
    Fais une analyse antivirus en ligne sur Kaspersky avec Internet Explorer.

  • Autorise les Active x.
  • Clique sur Démarrer Online Scanner.
  • Sélectionne le poste de travail comme analyse. Enregistres sous le rapport en format .txt.
  • Colle son rapport ici.
  • Poste un nouveau rapport Hijackthis.

    Aide : Comment faire un scan en ligne avec Kaspersky .
    26 Janvier 2009 11:53:02

    Monday, January 26, 2009
    Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit (build 6000)
    Kaspersky Online Scanner 7 version: 7.0.25.0
    Program database last update: Monday, January 26, 2009 06:39:48
    Records in database: 1697217


    Scan settings
    Scan using the following database extended
    Scan archives yes
    Scan mail databases yes

    Scan area Critical Areas
    C:\Program Files
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    C:\Users\Tenshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    C:\Windows

    Scan statistics
    Files scanned 81410
    Threat name 1
    Infected objects 243
    Suspicious objects 0
    Duration of the scan 01:34:17

    File name Threat name Threats count
    C:\Program Files\Acer\Acer VCM\acp2HID.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Acer\Acer VCM\VC.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Acer Arcade Deluxe\DVDivine\DVDivine.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Acer Arcade Deluxe\Play Movie\PlayMovie.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Acer GameZone\Big Kahuna Reef 2\Uninstall.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Acer GameZone\Bricks of Egypt\Uninstall.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Acer GameZone\Dynasty\Uninstall.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Acer GameZone\Galapago\Uninstall.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Acer GameZone\Luxor 2\Uninstall.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Acer GameZone\Mystery Case Files - Prime Suspects\Uninstall.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Acer GameZone\Mystery Case Files Ravenhearst\Uninstall.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Acer GameZone\Treasures of the Deep\Uninstall.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Acer Inc\Acer GridVista\GridVistaULH.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\AGEIA Technologies\bin\AGEIAPhysXBoxes.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\AGEIA Technologies\bin\TrayIcon.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Apple Software Update\SoftwareUpdate.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Common Files\InstallShield\Driver\7\Intel 32\IDriver.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Common Files\InstallShield\Driver\9\Intel 32\IDriver.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Common Files\InstallShield\Driver\9\Intel 32\IDriver2.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Common Files\microsoft shared\DW\DW20.EXE Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Common Files\microsoft shared\OFFICE12\OFFDIAG.EXE Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Common Files\microsoft shared\OFFICE12\Office Setup Controller\SETUP.EXE Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Common Files\microsoft shared\Works Shared\dw15.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Common Files\NewTech Infosystems\LiveUpdate\LiveUpdate.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\CyberLink\Common\UpdateIPR.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\CyberLink\PowerDVD\cltest.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\CyberLink\PowerDVD\ddtester.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\DivX\DivX Player\DivX Player.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Free.fr\iconf.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Google\Google Earth\earthflashsol.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}\setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{27B462E7-0238-4BB5-88A6-F7FC23172209}\setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{31403E22-2FDB-452F-AE9E-20854633226D}\Setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{57265292-228A-41FA-9AEC-4620CBCC2739}\Setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-4089-8825-55DE4B366799}\setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{9BC8F28F-24B1-11DA-9D78-000129760D75}\Setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{A450831D-25F6-4F42-9662-D000B25E0D82}\Setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{AA047D7C-5E7C-4878-B75C-77589151B563}\setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\Setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\Setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\Setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\Setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\Setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Intel\Intel Matrix Storage Manager\migrStatus.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\LG Electronics\LG USB Modem Driver\InstallUSB.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\LG PC Suite 2\Driver\Driver_Setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\LG PC Suite 2\Phone Manager\DX9\dxsetup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\LG PC Suite 2\Phone Manager\LGMediaPlayer.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\McAfee\MSC\mcappcfg.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\McAfee\MSC\mcoemmgr.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\McAfee\MSC\mcregist.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\McAfee\Temp\qxz3E85\mcappcfg.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\McAfee\Temp\qxzC8F9\sasetup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\McAfee\Temp\qxzF5E2\mcoemcpy.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Microsoft Office\Office12\CLVIEW.EXE Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Microsoft Office\Office12\DSSM.EXE Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Microsoft Office\Office12\GRAPH.EXE Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Microsoft Office\Office12\MSQRY32.EXE Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Microsoft Office\Office12\MSTORDB.EXE Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Microsoft Office\Office12\MSTORE.EXE Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Microsoft Office\Office12\OIS.EXE Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Microsoft Office\Office12\PPTVIEW.EXE Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Microsoft Office\Office12\SELFCERT.EXE Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Microsoft Works\wklnckml.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Microsoft Works\WksDict.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\QuickTime\PictureViewer.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\QuickTime\QTInfo.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\QuickTime\QTSystem\ExportController.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\QuickTime\QTSystem\QuickTimeUpdateHelper.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Realtek\InstallShield\RTLUPD.EXE Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\VideoLAN\VLC\uninstall.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Winbond Electronics\Winbond CIR Drivers\x86\DPInstx86.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Windows Live\installer\Dashboard.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Windows Live Safety Center\uninstall.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Windows Live Safety Center\wlscuploader.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Program Files\Yahoo!\common\unyt.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\ACER\Install_Flash_Player_9_AX_9.0.28.0.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\msil_ehexthost_31bf3856ad364e35_6.0.6001.18000_none_bee8b564bed7d168\ehexthost.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_bth.inf_31bf3856ad364e35_6.0.6001.18000_none_7244c43bbb913795\fsquirt.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_mcupdate_31bf3856ad364e35_6.0.6001.18000_none_c89cd1bfabce5e98\mcupdate.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-agentsvr_31bf3856ad364e35_6.0.6001.18000_none_334f4f322beda902\AgentSvr.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-audio-volumecontrol_31bf3856ad364e35_6.0.6001.18000_none_c62871670779ffa4\SndVol.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-c..utermanagerlauncher_31bf3856ad364e35_6.0.6001.18000_none_8e157293f4522572\CompMgmtLauncher.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-calendar_31bf3856ad364e35_6.0.6001.18000_none_90f0b3cb5ec7bc56\WinCal.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-com-dtc-runtime_31bf3856ad364e35_6.0.6001.18000_none_195302e56002fb82\msdtc.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-d..-japanese-utilities_31bf3856ad364e35_6.0.6001.18000_none_ed313ee5721aa9bc\IMJPDCT.EXE Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6001.18000_none_9d11908bf54395f2\WUDFHost.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_6.0.6001.18000_none_3a8c422a9f3101c4\IMEPADSV.EXE Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-d..x-directxdiagnostic_31bf3856ad364e35_6.0.6001.18000_none_23c398325dc3f8d0\dxdiag.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-defrag-adminui_31bf3856ad364e35_6.0.6001.18000_none_99160ebe9044f369\dfrgui.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-defrag-ntfs_31bf3856ad364e35_6.0.6001.18000_none_1e22f0b7b462590d\DfrgNtfs.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-digitallocker_31bf3856ad364e35_6.0.6001.18000_none_04d1e0ab2a69a034\digitalx.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-dpapi-keys_31bf3856ad364e35_6.0.6001.18000_none_7dd2d2fbcd70d3d7\dpapimig.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-dpiscaling_31bf3856ad364e35_6.0.6001.18000_none_7a47d3365af01664\DpiScaling.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-e..ortingcompatibility_31bf3856ad364e35_6.0.6001.18000_none_fe9fa554f584b164\DWWIN.EXE Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6001.18000_none_3429e869d9fa322b\McrMgr.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-ehome-ehprivjob_31bf3856ad364e35_6.0.6001.18000_none_f51330b831cb593a\ehprivjob.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-ehome-ehrec_31bf3856ad364e35_6.0.6001.18000_none_4af391155507e3ac\ehrec.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-ehome-ehtray_31bf3856ad364e35_6.0.6001.18000_none_2ad90dbf6d091834\ehtray.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-errorreportingconsole_31bf3856ad364e35_6.0.6001.18000_none_560d317722e5879b\wercon.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_6.0.6001.18000_none_70071ca23cc95139\WerFault.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_6.0.6001.18000_none_70071ca23cc95139\WerFaultSecure.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-help-client_31bf3856ad364e35_6.0.6001.18000_none_6c1890222e16b0ed\HelpPane.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-i..tional-chinese-core_31bf3856ad364e35_6.0.6001.18000_none_5983fd8d00f80d0b\IMTCPROP.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-ie-iexpress_31bf3856ad364e35_6.0.6001.18000_none_647bdce13eb1f1e0\iexpress.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18000_none_2f62000919fe80c9\iexplore.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-ie-winfxdocobj_31bf3856ad364e35_6.0.6001.18000_none_f1b717a41a56df36\WinFXDocObj.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6001.18000_none_e89bd91e91a25d81\ieinstal.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6001.18000_none_0d440e3ad41d1d33\ieuser.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-iis-managementconsole_31bf3856ad364e35_6.0.6001.18000_none_87d39d60bb177bc2\InetMgr.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-ime-eashared-ccshared_31bf3856ad364e35_6.0.6001.18000_none_d61a04e87a3248f5\IMCCPHR.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-lpksetup_31bf3856ad364e35_6.0.6001.18000_none_215961096c78771c\lpksetup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-m..-management-console_31bf3856ad364e35_6.0.6001.18000_none_0f734b1075a23eba\mmc.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-m..diagnostic-schedule_31bf3856ad364e35_6.0.6001.18000_none_93d69c3c79b78449\MdSched.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-m..lepc-mobilitycenter_31bf3856ad364e35_6.0.6001.18000_none_5a99f4da0b4319f4\mblctr.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-m..onwizardapplication_31bf3856ad364e35_6.0.6001.18000_none_ba7b16e99455464b\MigSetup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-m..onwizardapplication_31bf3856ad364e35_6.0.6001.18000_none_ba7b16e99455464b\migwiz.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-m..resentationsettings_31bf3856ad364e35_6.0.6001.18000_none_6d275aaa036a1d6f\PresentationSettings.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-m..yer-sideshow-gadget_31bf3856ad364e35_6.0.6001.18000_none_2829a2edaef220ed\WMPSideShowGadget.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6001.18000_none_f1582d884fb532fb\WinMail.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-mail-sideshow-gadget_31bf3856ad364e35_6.0.6001.18000_none_bee072cd201a5a3d\WindowsMailGadget.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-mediaplayer-autoplay_31bf3856ad364e35_6.0.6001.18000_none_1afab09e3ffabfdd\wmlaunch.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18000_none_0b69c31f4f19b995\wmpconfig.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18000_none_0b69c31f4f19b995\wmplayer.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18000_none_0b69c31f4f19b995\wmpshare.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-mediaplayer-setup_31bf3856ad364e35_6.0.6001.18000_none_adf3c981d68ad9ed\setup_wm.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-mediaplayer-setup_31bf3856ad364e35_6.0.6001.18000_none_adf3c981d68ad9ed\unregmp2.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-msconfig-exe_31bf3856ad364e35_6.0.6001.18000_none_da7a3e839dc01091\msconfig.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-msdt_31bf3856ad364e35_6.0.6001.18000_none_a58261f31d86797e\msdt.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-msinfo32-exe-common_31bf3856ad364e35_6.0.6001.18000_none_8644ff1aeae0de50\msinfo32.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-msinfo32-exe_31bf3856ad364e35_6.0.6001.18000_none_abdc66d6f9ae4938\msinfo32.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-mspaint_31bf3856ad364e35_6.0.6001.18000_none_8e1d86a4ee91b91a\mspaint.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-n..protection-statusui_31bf3856ad364e35_6.0.6001.18000_none_3d9b042027fd390a\NAPSTAT.EXE Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-notepadwin_31bf3856ad364e35_6.0.6001.18000_none_42c9ccdefb0d0dc9\notepad.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-notepad_31bf3856ad364e35_6.0.6001.18000_none_6f1a8d7b6fffbb73\notepad.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-oobe-machine_31bf3856ad364e35_6.0.6001.18000_none_0d7e4a350331a941\msoobe.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6001.18000_none_2bad9989db66dd67\printfilterpipelinesvc.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-p..topeeradhocmeetings_31bf3856ad364e35_6.0.6001.18000_none_aa47d5c4002219b8\WinCollab.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-packagemanager_31bf3856ad364e35_6.0.6001.18000_none_ecd7c41bf34445a7\PkgMgr.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-peertopeercollab_31bf3856ad364e35_6.0.6001.18000_none_97354e832d228b4c\p2phost.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-performancetoolsgui_31bf3856ad364e35_6.0.6001.18000_none_9c09be2ba0f3f010\perfmon.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-r..sistance-dcomserver_31bf3856ad364e35_6.0.6001.18000_none_2ff39ff37592ad4f\raserver.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-recdisc-main_31bf3856ad364e35_6.0.6001.18000_none_847bfa71b3a145b1\recdisc.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-remoteassistance-exe_31bf3856ad364e35_6.0.6001.18000_none_3758172c01e5ce47\msra.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-s..inboxgames-freecell_31bf3856ad364e35_6.0.6001.18000_none_5871c59a9cdacbf3\FreeCell.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-s..inboxgames-shanghai_31bf3856ad364e35_6.0.6001.18000_none_c0a3fbb5ef29fe27\Mahjong.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-s..l-inboxgames-hearts_31bf3856ad364e35_6.0.6001.18000_none_f409fe2f63d8cdb4\Hearts.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-s..mes-spidersolitaire_31bf3856ad364e35_6.0.6001.18000_none_82b83466754f24cc\SpiderSolitaire.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-s..nboxgames-solitaire_31bf3856ad364e35_6.0.6001.18000_none_751d5a58fbacf66d\Solitaire.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-s..oxgames-minesweeper_31bf3856ad364e35_6.0.6001.18000_none_a2611d5c392f48a1\MineSweeper.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-s..oxgames-purbleplace_31bf3856ad364e35_6.0.6001.18000_none_062b7e7afe71e492\PurblePlace.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-s..ty-licensing-slc-ux_31bf3856ad364e35_6.0.6001.18000_none_8a77ef16b537c01e\SLLUA.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-s..ty-licensing-slc-ux_31bf3856ad364e35_6.0.6001.18000_none_8a77ef16b537c01e\SLUI.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-safedocs-main_31bf3856ad364e35_6.0.6001.18000_none_2509bc4c66c893cc\sdclt.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.18000_none_486853160059f17b\wscript.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-sethc_31bf3856ad364e35_6.0.6001.18000_none_62c03ef9751b4e51\sethc.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-setup-component_31bf3856ad364e35_6.0.6001.18000_none_322c7e4ead424897\Setup.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-sharedfoldersui_31bf3856ad364e35_6.0.6001.18000_none_b81d34d8318ab2de\shrpubw.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-sidebar_31bf3856ad364e35_6.0.6001.18000_none_cedcabbd26a81ad6\sidebar.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-sonic-sbeserver_31bf3856ad364e35_6.0.6001.18000_none_1d120741593a4ddc\SBEServer.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-soundrecorder_31bf3856ad364e35_6.0.6001.18000_none_9f0945a332e359bf\SoundRecorder.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-sqm-consolidator-base_31bf3856ad364e35_6.0.6001.18000_none_d43f6be9619719bf\wsqmcons.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.0.6001.18000_none_46dfcfe7b33efe29\rstrui.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6001.18000_none_4ddc4d9521178ffe\mstsc.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-t..nputpersonalization_31bf3856ad364e35_6.0.6001.18000_none_3fac12f5c6543548\InputPersonalization.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-t..nputpersonalization_31bf3856ad364e35_6.0.6001.18000_none_3fac12f5c6543548\IpsOptInSrv.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-t..nputpersonalization_31bf3856ad364e35_6.0.6001.18000_none_3fac12f5c6543548\ShapeCollector.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-t..platform-input-core_31bf3856ad364e35_6.0.6001.18000_none_d1104c78dccde5fe\wisptis.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-tabletpc-inkball_31bf3856ad364e35_6.0.6001.18000_none_ca06807969eb5627\inkball.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-tabletpc-inkwatson_31bf3856ad364e35_6.0.6001.18000_none_085728f200fb9954\InkWatson.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-tabletpc-inputpanel_31bf3856ad364e35_6.0.6001.18000_none_118f15c677824d1e\TabTip.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.0.6001.18000_none_17b18851a49835e5\Journal.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-tabletpc-snippingtool_31bf3856ad364e35_6.0.6001.18000_none_cfb2f7da0cc08338\SnippingTool.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-taskmgr_31bf3856ad364e35_6.0.6001.18000_none_14622f2da933f0c7\taskmgr.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6001.18000_none_e5ac4d2ebeda6d57\taskeng.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-utilman_31bf3856ad364e35_6.0.6001.18000_none_02a9afef313d4ed2\Utilman.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-windowsanytimeupgrade_31bf3856ad364e35_6.0.6001.18000_none_1cc9bf4b19ce0f40\WindowsAnytimeUpgrade.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.0.6001.18000_none_1062be8b8b6509c7\WmiPrvSE.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6001.18000_none_b95403151f989ff3\WMIADAP.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-wmi-tools_31bf3856ad364e35_6.0.6001.18000_none_d7fb69e1839f6663\wbemtest.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-wmpnss-ux_31bf3856ad364e35_6.0.6001.18000_none_b7c4c310b976a07a\wmpnscfg.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-wordpad_31bf3856ad364e35_6.0.6001.18000_none_2dba79336ce584c1\wordpad.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-wusa_31bf3856ad364e35_6.0.6001.18000_none_ad00917d189cdb2c\wusa.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6001.18000_none_57bcb0ca582f18c5\MSASCui.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_wcf-icardagt_exe_31bf3856ad364e35_6.0.6001.18000_none_31d7aac871a79f44\icardagt.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_winmobil.inf_31bf3856ad364e35_6.0.6001.18000_none_9f841f055f7e71c2\wmdSync.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_wpf-presentationhostexe_31bf3856ad364e35_6.0.6001.18000_none_6ff43351201dde39\PresentationHost.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_wpf-xpsviewerexe_31bf3856ad364e35_6.0.6001.18000_none_c9336c81088f402c\XPSViewer.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\SUYIN NB Cam\LiveCam.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DivXCodecVersionChecker.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DivXsm.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\acrsun32z.inf_c7de317b\UIU32m.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\acrzun32z.inf_c9f4065e\UIU32m.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\bth.inf_c206c850\fsquirt.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\bth.inf_cf39a24e\fsquirt.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\hdart.inf_1923a5db\RtlUpd.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_e7fffa83\hkcmd.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_e7fffa83\igfxcfg.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_e7fffa83\igfxext.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_e7fffa83\igfxpers.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_e7fffa83\igfxsrvc.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_e7fffa83\igfxtray.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_e7fffa83\igfxzoom.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\nvac.inf_4993c1da\dpinst.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\nvac.inf_4993c1da\nvcolor.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\nvac.inf_4993c1da\nvcplui.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\nvac.inf_4993c1da\nvudisp.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\nvac.inf_4993c1da\nvuninst.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\synpd.inf_ba946813\InstNT.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\synpd.inf_ba946813\SynAcer.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\synpd.inf_ba946813\SynMood.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\synpd.inf_ba946813\SynTPEnh.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\synpd.inf_ba946813\SynZMetr.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\synpd.inf_ba946813\Tutorial.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\DriverStore\FileRepository\winmobil.inf_1c3787bf\wmdSync.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\Macromed\Flash\NPSWF32_FlashUtil.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\oobe\Info\ET2\ETv2_5_en-2.exe Infected: Virus.Win32.Hidrag.a 1

    C:\Windows\System32\Remove_eRecovery.exe Infected: Virus.Win32.Hidrag.a 1

    The selected area was scanned.
    26 Janvier 2009 11:55:18

    et voila hijackthis :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:54:47, on 26/01/2009
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16764)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Razer\Krait\razerhid.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Razer\Krait\razerofa.exe
    C:\Users\Tenshi\AppData\Local\Temp\RtkBtMnt.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
    D:\Video cocan\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.cegetel.net
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O1 - Hosts: 91.121.165.60 L2authd.Lineage2.com
    O1 - Hosts: 91.121.165.60 L2testauthd.lineage2.com
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
    O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
    O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
    O4 - HKLM\..\Run: [0232801200136732mcinstcleanup] C:\Users\Tenshi\AppData\Local\Temp\023280~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Krait] C:\Program Files\Razer\Krait\razerhid.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Users\Tenshi\AppData\Local\Temp\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
    O4 - Global Startup: Acer VCM.lnk = ?
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Empowering Technology Launcher.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: eNetHook.dll
    O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
    O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
    O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --
    End of file - 9512 bytes
    26 Janvier 2009 11:56:11

    Encore merci de m'aider a resoudre mes soucis d'ordinateur
    26 Janvier 2009 20:35:31

    bonsoir
    hum... sauvegarde tes photos et doc txt... ne sauvegarde pas de fichiers .exe.
    On va devoir passer un outil puissant et il est possible que ça se termine mal...

    Télécharge Dr.Web CureIt sur ton Bureau:
    ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

  • Double clique drweb-cureit.exe et clique sur "Start".
  • Ce scan rapide permet l'analyse des processus chargés en mémoire; s'il trouve des processus infectés, clique le bouton "Yes" à l'invite.
  • Lorsque le scan rapide est terminé, Clique sur Options >> Change settings;
  • Choisis l'onglet "Scan", et décoche "Heuristic analysis".
  • De retour à la fenêtre principale : choisis "complete scan"
  • Clique la flèche verte sur la droite, et le scan débutera.
  • Clique Yes to all à l'invite de "cure/move" le fichier détecté.
  • Lorsque le scan sera complété, regarde si tu peux cliquer sur cet icône, adjacent aux fichiers détectés :
  • Si oui, alors clique dessus et ensuite clique sur l'icône "Next", au dessous, et choisis Move incurable, tel que présenté dans cette image:

  • Du menu principal de l'outil, au haut à gauche, clique sur le menu File et choisis Save report list
  • Sauvegarde le rapport sur ton Bureau. Ce dernier se nommera DrWeb.csv
  • Ferme Dr.Web Cureit
  • Redémarre ton ordi (*très important*), car certains fichiers peuvent être déplacés/réparés au redémarrage.
  • Suite au redémarrage, poste (Copie/Colle) le contenu du rapport de l'outil Dr.Web dans ta prochaine réponse.

    Un tuto en images complet est disponible ici (merci à Malekal_morte):
    http://www.malekal.com/tutorial_DrWebCureIt.php
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS