..n'est pas une application Win32 valide.
Forum Sécurité - Virus : ..n'est pas une application Win32 valide.
Bonjour , voila aujourd'hui je rentre j'allume mon pc , mon ordinateur m'ouvre une fenetre erreur pour demaon tools parlant de pluggins je n'ai pas bien fait attention je la ferme , puis je vois plus icone Acer Empowering technology alors je vais le chercher dans mes dossier je double-clik dessus et il me dit... :
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe n'est pas une application Win32 valide
Voila si vous pouvez m'aider a comprendre et a m'en sortir , je vous remercie d'avance..
bonsoir
Etape 1
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Etape 2
Télécharge Rooter.exe (d’ Eric 71) sur ton Bureau.
- Double-clique dessus, une fenêtre va s'ouvrir, il te faudra patienter.
- Poste le rapport qui s'ouvre.
Note : Il se trouve ici : %SystemDrive%\Rooter.txt (%SystemDrive% étant la partition où est installée Windows; C:\ en général)
/!\Marre de la pub: Firefox sécurisé/!\
Répondre à Sham_Rock
Voila le rapport pour hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:55:48, on 23/01/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16764)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Users\Tenshi\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
D:\Video cocan\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.cegetel.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/y [...] .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: 91.121.136.188 l2testauthd.lineage2.com
O1 - Hosts: 91.121.136.188 l2authd.lineage2.com
O1 - Hosts: 88.191.37.32 nProtect.lineage2.com
O1 - Hosts: 88.191.37.32 update.nProtect.com
O1 - Hosts: 88.191.37.32 update.nProtect.net
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [0232801200136732mcinstcleanup] C:\Users\Tenshi\AppData\Local\Temp\023280~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Users\Tenshi\AppData\Local\Temp\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Power Manager (PowerManager) - Unknown owner - C:\Windows\svchost.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9799 bytes
et rooter txt :
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5250 @ 1.50GHz )
BIOS : ZD1 v1.3708 3G08
USER : Tenshi ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Not Activated)
C:\ (Local Disk) - NTFS - Total:69 Go (Free:27 Go)
D:\ (Local Disk) - NTFS - Total:66 Go (Free:46 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (CD or DVD)
23/01/2009|11:04
----------------------\\ Search..
No infections found !
1 - "C:\Rooter$\Rooter_1.txt" - 23/01/2009|10:57
2 - "C:\Rooter$\Rooter_2.txt" - 23/01/2009|11:04
----------------------\\ Scan completed at 11:04
re
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
- Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées :
- Fais redémarrer ton ordinateur en mode sans échec
- Au démarrage, après le chargement du bios, appuie successivement sur la touche F8 (ou F5) de ton clavier jusqu'à l'apparition d'un menu sur fond noir. Une fois arrivé à ce stade, sélectionne à l'aide du clavier Mode sans Echec.
-- Dans ce mode, tu n'as pas accès à Internet, et tu te retrouves avec une configuration visuelle différente (pas de fond d'écran, icônes très grosses). Ne sois donc pas étonné.
--- C'est pour ces différentes raisons que je t'invite à imprimer, noter, ou enregistrer dans un document texte les informations suivantes afin de ne pas être perdu.
---- ! Ne fais pas démarrer ton ordinateur en mode sans échec via MSConfig ! Pourquoi ? Certaines infections cassent les clefs du mode sans échec, ce qui ferait crasher ton ordinateur.
- Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
- Afin de lancer la recherche, clic sur"Rechercher".
- Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
~~~~ Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.
Note : Si tu ne parviens à télécharger MBAM à partir de MajorGeeks, tu peux le télécharger ici!
Aide :
/!\Marre de la pub: Firefox sécurisé/!\
Répondre à Sham_Rock
Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1685
Windows 6.0.6000
24/01/2009 06:58:52
mbam-log-2009-01-24 (06-58-35).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 144021
Temps écoulé: 32 minute(s), 32 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\powermanager (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\powermanager (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\powermanager (Trojan.Agent) -> No action taken.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Windows\svchost.exe (Trojan.Agent) -> No action taken.
re
Malwarebytes' Anti-Malware a ciblé ce que je voulais...mais tu as mal lu la procédure:
dans ton rapport:
| Citation : C:\Windows\svchost.exe (Trojan.Agent)-> No action taken. |
Quand l'outil a trouvé quelque-chose, à la fin, il faut cliquer sur "Supprimer la sélection".
Recommence stp
/!\Marre de la pub: Firefox sécurisé/!\
Répondre à Sham_Rock
re-salut
bon je me suis rate en enregistrant a nouveau le rapport a moins que tu saches ou il est enregistree de facon basique..
Mais j'ai fais supprimer le salection et il y avait marque " delete or quarantine succesfully " un truc du genre donc sa va mieux l'ordi a l'air d'aller plus vite deja.
merci beaucoup.
je l'ai retrouvé :
Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1685
Windows 6.0.6000
25/01/2009 05:09:06
mbam-log-2009-01-25 (05-09-06).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 144145
Temps écoulé: 32 minute(s), 51 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\powermanager (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\powermanager (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\powermanager (Trojan.Agent) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
bonjour,
je ne peux plus ouvrir avast il me met n'est pas une application valide, je ne peux non plus telecharger d'autres antivirus
cordialement
| boubouille53 a écrit : bonjour,
|
Chacun son sujet.
Crée toi un autre sujet.
bonsoir
akujunkan :
Fais une analyse antivirus en ligne sur Kaspersky avec Internet Explorer.
- Autorise les Active x.
- Clique sur Démarrer Online Scanner.
- Sélectionne le poste de travail comme analyse. Enregistres sous le rapport en format .txt.
- Colle son rapport ici.
- Poste un nouveau rapport Hijackthis.
/!\Marre de la pub: Firefox sécurisé/!\
Répondre à Sham_Rock
Monday, January 26, 2009
Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit (build 6000)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Monday, January 26, 2009 06:39:48
Records in database: 1697217
Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes
Scan area Critical Areas
C:\Program Files
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
C:\Users\Tenshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
C:\Windows
Scan statistics
Files scanned 81410
Threat name 1
Infected objects 243
Suspicious objects 0
Duration of the scan 01:34:17
File name Threat name Threats count
C:\Program Files\Acer\Acer VCM\acp2HID.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Acer\Acer VCM\VC.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Acer Arcade Deluxe\DVDivine\DVDivine.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Acer Arcade Deluxe\Play Movie\PlayMovie.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Acer GameZone\Big Kahuna Reef 2\Uninstall.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Acer GameZone\Bricks of Egypt\Uninstall.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Acer GameZone\Dynasty\Uninstall.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Acer GameZone\Galapago\Uninstall.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Acer GameZone\Luxor 2\Uninstall.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Acer GameZone\Mystery Case Files - Prime Suspects\Uninstall.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Acer GameZone\Mystery Case Files Ravenhearst\Uninstall.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Acer GameZone\Treasures of the Deep\Uninstall.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Acer Inc\Acer GridVista\GridVistaULH.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\AGEIA Technologies\bin\AGEIAPhysXBoxes.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\AGEIA Technologies\bin\TrayIcon.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Apple Software Update\SoftwareUpdate.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Common Files\InstallShield\Driver\7\Intel 32\IDriver.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Common Files\InstallShield\Driver\9\Intel 32\IDriver.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Common Files\InstallShield\Driver\9\Intel 32\IDriver2.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Common Files\microsoft shared\DW\DW20.EXE Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Common Files\microsoft shared\OFFICE12\OFFDIAG.EXE Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Common Files\microsoft shared\OFFICE12\Office Setup Controller\SETUP.EXE Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Common Files\microsoft shared\Works Shared\dw15.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Common Files\NewTech Infosystems\LiveUpdate\LiveUpdate.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\CyberLink\Common\UpdateIPR.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\CyberLink\PowerDVD\cltest.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\CyberLink\PowerDVD\ddtester.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\DivX\DivX Player\DivX Player.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Free.fr\iconf.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Google\Google Earth\earthflashsol.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}\setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{27B462E7-0238-4BB5-88A6-F7FC23172209}\setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{31403E22-2FDB-452F-AE9E-20854633226D}\Setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{57265292-228A-41FA-9AEC-4620CBCC2739}\Setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-4089-8825-55DE4B366799}\setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{9BC8F28F-24B1-11DA-9D78-000129760D75}\Setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{A450831D-25F6-4F42-9662-D000B25E0D82}\Setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{AA047D7C-5E7C-4878-B75C-77589151B563}\setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\Setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\Setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\Setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\Setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\Setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Intel\Intel Matrix Storage Manager\migrStatus.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\LG Electronics\LG USB Modem Driver\InstallUSB.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\LG PC Suite 2\Driver\Driver_Setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\LG PC Suite 2\Phone Manager\DX9\dxsetup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\LG PC Suite 2\Phone Manager\LGMediaPlayer.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\McAfee\MSC\mcappcfg.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\McAfee\MSC\mcoemmgr.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\McAfee\MSC\mcregist.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\McAfee\Temp\qxz3E85\mcappcfg.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\McAfee\Temp\qxzC8F9\sasetup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\McAfee\Temp\qxzF5E2\mcoemcpy.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Microsoft Office\Office12\CLVIEW.EXE Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Microsoft Office\Office12\DSSM.EXE Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Microsoft Office\Office12\GRAPH.EXE Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Microsoft Office\Office12\MSQRY32.EXE Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Microsoft Office\Office12\MSTORDB.EXE Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Microsoft Office\Office12\MSTORE.EXE Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Microsoft Office\Office12\OIS.EXE Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Microsoft Office\Office12\PPTVIEW.EXE Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Microsoft Office\Office12\SELFCERT.EXE Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Microsoft Works\wklnckml.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Microsoft Works\WksDict.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\QuickTime\PictureViewer.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\QuickTime\QTInfo.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\QuickTime\QTSystem\ExportController.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\QuickTime\QTSystem\QuickTimeUpdateHelper.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Realtek\InstallShield\RTLUPD.EXE Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\VideoLAN\VLC\uninstall.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Winbond Electronics\Winbond CIR Drivers\x86\DPInstx86.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Windows Live\installer\Dashboard.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Windows Live Safety Center\uninstall.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Windows Live Safety Center\wlscuploader.exe Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Yahoo!\common\unyt.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\ACER\Install_Flash_Player_9_AX_9.0.28.0.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\msil_ehexthost_31bf3856ad364e35_6.0.6001.18000_none_bee8b564bed7d168\ehexthost.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_bth.inf_31bf3856ad364e35_6.0.6001.18000_none_7244c43bbb913795\fsquirt.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_mcupdate_31bf3856ad364e35_6.0.6001.18000_none_c89cd1bfabce5e98\mcupdate.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-agentsvr_31bf3856ad364e35_6.0.6001.18000_none_334f4f322beda902\AgentSvr.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-audio-volumecontrol_31bf3856ad364e35_6.0.6001.18000_none_c62871670779ffa4\SndVol.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-c..utermanagerlauncher_31bf3856ad364e35_6.0.6001.18000_none_8e157293f4522572\CompMgmtLauncher.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-calendar_31bf3856ad364e35_6.0.6001.18000_none_90f0b3cb5ec7bc56\WinCal.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-com-dtc-runtime_31bf3856ad364e35_6.0.6001.18000_none_195302e56002fb82\msdtc.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-d..-japanese-utilities_31bf3856ad364e35_6.0.6001.18000_none_ed313ee5721aa9bc\IMJPDCT.EXE Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6001.18000_none_9d11908bf54395f2\WUDFHost.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_6.0.6001.18000_none_3a8c422a9f3101c4\IMEPADSV.EXE Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-d..x-directxdiagnostic_31bf3856ad364e35_6.0.6001.18000_none_23c398325dc3f8d0\dxdiag.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-defrag-adminui_31bf3856ad364e35_6.0.6001.18000_none_99160ebe9044f369\dfrgui.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-defrag-ntfs_31bf3856ad364e35_6.0.6001.18000_none_1e22f0b7b462590d\DfrgNtfs.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-digitallocker_31bf3856ad364e35_6.0.6001.18000_none_04d1e0ab2a69a034\digitalx.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-dpapi-keys_31bf3856ad364e35_6.0.6001.18000_none_7dd2d2fbcd70d3d7\dpapimig.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-dpiscaling_31bf3856ad364e35_6.0.6001.18000_none_7a47d3365af01664\DpiScaling.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-e..ortingcompatibility_31bf3856ad364e35_6.0.6001.18000_none_fe9fa554f584b164\DWWIN.EXE Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6001.18000_none_3429e869d9fa322b\McrMgr.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-ehome-ehprivjob_31bf3856ad364e35_6.0.6001.18000_none_f51330b831cb593a\ehprivjob.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-ehome-ehrec_31bf3856ad364e35_6.0.6001.18000_none_4af391155507e3ac\ehrec.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-ehome-ehtray_31bf3856ad364e35_6.0.6001.18000_none_2ad90dbf6d091834\ehtray.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-errorreportingconsole_31bf3856ad364e35_6.0.6001.18000_none_560d317722e5879b\wercon.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_6.0.6001.18000_none_70071ca23cc95139\WerFault.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_6.0.6001.18000_none_70071ca23cc95139\WerFaultSecure.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-help-client_31bf3856ad364e35_6.0.6001.18000_none_6c1890222e16b0ed\HelpPane.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-i..tional-chinese-core_31bf3856ad364e35_6.0.6001.18000_none_5983fd8d00f80d0b\IMTCPROP.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-ie-iexpress_31bf3856ad364e35_6.0.6001.18000_none_647bdce13eb1f1e0\iexpress.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18000_none_2f62000919fe80c9\iexplore.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-ie-winfxdocobj_31bf3856ad364e35_6.0.6001.18000_none_f1b717a41a56df36\WinFXDocObj.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6001.18000_none_e89bd91e91a25d81\ieinstal.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6001.18000_none_0d440e3ad41d1d33\ieuser.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-iis-managementconsole_31bf3856ad364e35_6.0.6001.18000_none_87d39d60bb177bc2\InetMgr.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-ime-eashared-ccshared_31bf3856ad364e35_6.0.6001.18000_none_d61a04e87a3248f5\IMCCPHR.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-lpksetup_31bf3856ad364e35_6.0.6001.18000_none_215961096c78771c\lpksetup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-m..-management-console_31bf3856ad364e35_6.0.6001.18000_none_0f734b1075a23eba\mmc.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-m..diagnostic-schedule_31bf3856ad364e35_6.0.6001.18000_none_93d69c3c79b78449\MdSched.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-m..lepc-mobilitycenter_31bf3856ad364e35_6.0.6001.18000_none_5a99f4da0b4319f4\mblctr.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-m..onwizardapplication_31bf3856ad364e35_6.0.6001.18000_none_ba7b16e99455464b\MigSetup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-m..onwizardapplication_31bf3856ad364e35_6.0.6001.18000_none_ba7b16e99455464b\migwiz.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-m..resentationsettings_31bf3856ad364e35_6.0.6001.18000_none_6d275aaa036a1d6f\PresentationSettings.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-m..yer-sideshow-gadget_31bf3856ad364e35_6.0.6001.18000_none_2829a2edaef220ed\WMPSideShowGadget.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6001.18000_none_f1582d884fb532fb\WinMail.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-mail-sideshow-gadget_31bf3856ad364e35_6.0.6001.18000_none_bee072cd201a5a3d\WindowsMailGadget.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-mediaplayer-autoplay_31bf3856ad364e35_6.0.6001.18000_none_1afab09e3ffabfdd\wmlaunch.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18000_none_0b69c31f4f19b995\wmpconfig.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18000_none_0b69c31f4f19b995\wmplayer.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18000_none_0b69c31f4f19b995\wmpshare.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-mediaplayer-setup_31bf3856ad364e35_6.0.6001.18000_none_adf3c981d68ad9ed\setup_wm.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-mediaplayer-setup_31bf3856ad364e35_6.0.6001.18000_none_adf3c981d68ad9ed\unregmp2.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-msconfig-exe_31bf3856ad364e35_6.0.6001.18000_none_da7a3e839dc01091\msconfig.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-msdt_31bf3856ad364e35_6.0.6001.18000_none_a58261f31d86797e\msdt.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-msinfo32-exe-common_31bf3856ad364e35_6.0.6001.18000_none_8644ff1aeae0de50\msinfo32.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-msinfo32-exe_31bf3856ad364e35_6.0.6001.18000_none_abdc66d6f9ae4938\msinfo32.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-mspaint_31bf3856ad364e35_6.0.6001.18000_none_8e1d86a4ee91b91a\mspaint.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-n..protection-statusui_31bf3856ad364e35_6.0.6001.18000_none_3d9b042027fd390a\NAPSTAT.EXE Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-notepadwin_31bf3856ad364e35_6.0.6001.18000_none_42c9ccdefb0d0dc9\notepad.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-notepad_31bf3856ad364e35_6.0.6001.18000_none_6f1a8d7b6fffbb73\notepad.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-oobe-machine_31bf3856ad364e35_6.0.6001.18000_none_0d7e4a350331a941\msoobe.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6001.18000_none_2bad9989db66dd67\printfilterpipelinesvc.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-p..topeeradhocmeetings_31bf3856ad364e35_6.0.6001.18000_none_aa47d5c4002219b8\WinCollab.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-packagemanager_31bf3856ad364e35_6.0.6001.18000_none_ecd7c41bf34445a7\PkgMgr.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-peertopeercollab_31bf3856ad364e35_6.0.6001.18000_none_97354e832d228b4c\p2phost.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-performancetoolsgui_31bf3856ad364e35_6.0.6001.18000_none_9c09be2ba0f3f010\perfmon.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-r..sistance-dcomserver_31bf3856ad364e35_6.0.6001.18000_none_2ff39ff37592ad4f\raserver.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-recdisc-main_31bf3856ad364e35_6.0.6001.18000_none_847bfa71b3a145b1\recdisc.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-remoteassistance-exe_31bf3856ad364e35_6.0.6001.18000_none_3758172c01e5ce47\msra.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-s..inboxgames-freecell_31bf3856ad364e35_6.0.6001.18000_none_5871c59a9cdacbf3\FreeCell.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-s..inboxgames-shanghai_31bf3856ad364e35_6.0.6001.18000_none_c0a3fbb5ef29fe27\Mahjong.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-s..l-inboxgames-hearts_31bf3856ad364e35_6.0.6001.18000_none_f409fe2f63d8cdb4\Hearts.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-s..mes-spidersolitaire_31bf3856ad364e35_6.0.6001.18000_none_82b83466754f24cc\SpiderSolitaire.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-s..nboxgames-solitaire_31bf3856ad364e35_6.0.6001.18000_none_751d5a58fbacf66d\Solitaire.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-s..oxgames-minesweeper_31bf3856ad364e35_6.0.6001.18000_none_a2611d5c392f48a1\MineSweeper.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-s..oxgames-purbleplace_31bf3856ad364e35_6.0.6001.18000_none_062b7e7afe71e492\PurblePlace.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-s..ty-licensing-slc-ux_31bf3856ad364e35_6.0.6001.18000_none_8a77ef16b537c01e\SLLUA.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-s..ty-licensing-slc-ux_31bf3856ad364e35_6.0.6001.18000_none_8a77ef16b537c01e\SLUI.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-safedocs-main_31bf3856ad364e35_6.0.6001.18000_none_2509bc4c66c893cc\sdclt.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.18000_none_486853160059f17b\wscript.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-sethc_31bf3856ad364e35_6.0.6001.18000_none_62c03ef9751b4e51\sethc.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-setup-component_31bf3856ad364e35_6.0.6001.18000_none_322c7e4ead424897\Setup.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-sharedfoldersui_31bf3856ad364e35_6.0.6001.18000_none_b81d34d8318ab2de\shrpubw.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-sidebar_31bf3856ad364e35_6.0.6001.18000_none_cedcabbd26a81ad6\sidebar.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-sonic-sbeserver_31bf3856ad364e35_6.0.6001.18000_none_1d120741593a4ddc\SBEServer.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-soundrecorder_31bf3856ad364e35_6.0.6001.18000_none_9f0945a332e359bf\SoundRecorder.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-sqm-consolidator-base_31bf3856ad364e35_6.0.6001.18000_none_d43f6be9619719bf\wsqmcons.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.0.6001.18000_none_46dfcfe7b33efe29\rstrui.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6001.18000_none_4ddc4d9521178ffe\mstsc.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-t..nputpersonalization_31bf3856ad364e35_6.0.6001.18000_none_3fac12f5c6543548\InputPersonalization.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-t..nputpersonalization_31bf3856ad364e35_6.0.6001.18000_none_3fac12f5c6543548\IpsOptInSrv.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-t..nputpersonalization_31bf3856ad364e35_6.0.6001.18000_none_3fac12f5c6543548\ShapeCollector.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-t..platform-input-core_31bf3856ad364e35_6.0.6001.18000_none_d1104c78dccde5fe\wisptis.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-tabletpc-inkball_31bf3856ad364e35_6.0.6001.18000_none_ca06807969eb5627\inkball.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-tabletpc-inkwatson_31bf3856ad364e35_6.0.6001.18000_none_085728f200fb9954\InkWatson.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-tabletpc-inputpanel_31bf3856ad364e35_6.0.6001.18000_none_118f15c677824d1e\TabTip.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.0.6001.18000_none_17b18851a49835e5\Journal.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-tabletpc-snippingtool_31bf3856ad364e35_6.0.6001.18000_none_cfb2f7da0cc08338\SnippingTool.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-taskmgr_31bf3856ad364e35_6.0.6001.18000_none_14622f2da933f0c7\taskmgr.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6001.18000_none_e5ac4d2ebeda6d57\taskeng.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-utilman_31bf3856ad364e35_6.0.6001.18000_none_02a9afef313d4ed2\Utilman.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-windowsanytimeupgrade_31bf3856ad364e35_6.0.6001.18000_none_1cc9bf4b19ce0f40\WindowsAnytimeUpgrade.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.0.6001.18000_none_1062be8b8b6509c7\WmiPrvSE.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6001.18000_none_b95403151f989ff3\WMIADAP.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-wmi-tools_31bf3856ad364e35_6.0.6001.18000_none_d7fb69e1839f6663\wbemtest.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-wmpnss-ux_31bf3856ad364e35_6.0.6001.18000_none_b7c4c310b976a07a\wmpnscfg.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-wordpad_31bf3856ad364e35_6.0.6001.18000_none_2dba79336ce584c1\wordpad.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-wusa_31bf3856ad364e35_6.0.6001.18000_none_ad00917d189cdb2c\wusa.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6001.18000_none_57bcb0ca582f18c5\MSASCui.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_wcf-icardagt_exe_31bf3856ad364e35_6.0.6001.18000_none_31d7aac871a79f44\icardagt.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_winmobil.inf_31bf3856ad364e35_6.0.6001.18000_none_9f841f055f7e71c2\wmdSync.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_wpf-presentationhostexe_31bf3856ad364e35_6.0.6001.18000_none_6ff43351201dde39\PresentationHost.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_wpf-xpsviewerexe_31bf3856ad364e35_6.0.6001.18000_none_c9336c81088f402c\XPSViewer.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\SUYIN NB Cam\LiveCam.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DivXCodecVersionChecker.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DivXsm.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\acrsun32z.inf_c7de317b\UIU32m.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\acrzun32z.inf_c9f4065e\UIU32m.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\bth.inf_c206c850\fsquirt.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\bth.inf_cf39a24e\fsquirt.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\hdart.inf_1923a5db\RtlUpd.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_e7fffa83\hkcmd.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_e7fffa83\igfxcfg.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_e7fffa83\igfxext.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_e7fffa83\igfxpers.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_e7fffa83\igfxsrvc.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_e7fffa83\igfxtray.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_e7fffa83\igfxzoom.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\nvac.inf_4993c1da\dpinst.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\nvac.inf_4993c1da\nvcolor.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\nvac.inf_4993c1da\nvcplui.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\nvac.inf_4993c1da\nvudisp.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\nvac.inf_4993c1da\nvuninst.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\synpd.inf_ba946813\InstNT.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\synpd.inf_ba946813\SynAcer.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\synpd.inf_ba946813\SynMood.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\synpd.inf_ba946813\SynTPEnh.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\synpd.inf_ba946813\SynZMetr.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\synpd.inf_ba946813\Tutorial.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\DriverStore\FileRepository\winmobil.inf_1c3787bf\wmdSync.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\Macromed\Flash\NPSWF32_FlashUtil.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\oobe\Info\ET2\ETv2_5_en-2.exe Infected: Virus.Win32.Hidrag.a 1
C:\Windows\System32\Remove_eRecovery.exe Infected: Virus.Win32.Hidrag.a 1
The selected area was scanned.
et voila hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:54:47, on 26/01/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16764)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Razer\Krait\razerhid.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Razer\Krait\razerofa.exe
C:\Users\Tenshi\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
D:\Video cocan\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.cegetel.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/y [...] .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: 91.121.165.60 L2authd.Lineage2.com
O1 - Hosts: 91.121.165.60 L2testauthd.lineage2.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [0232801200136732mcinstcleanup] C:\Users\Tenshi\AppData\Local\Temp\023280~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Krait] C:\Program Files\Razer\Krait\razerhid.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Users\Tenshi\AppData\Local\Temp\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9512 bytes
Encore merci de m'aider a resoudre mes soucis d'ordinateur
bonsoir
hum... sauvegarde tes photos et doc txt... ne sauvegarde pas de fichiers .exe.
On va devoir passer un outil puissant et il est possible que ça se termine mal...
Télécharge Dr.Web CureIt sur ton Bureau:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
- Double clique drweb-cureit.exe et clique sur "Start".
- Ce scan rapide permet l'analyse des processus chargés en mémoire; s'il trouve des processus infectés, clique le bouton "Yes" à l'invite.
- Lorsque le scan rapide est terminé, Clique sur Options >> Change settings;
- Choisis l'onglet "Scan", et décoche "Heuristic analysis".
- De retour à la fenêtre principale : choisis "complete scan"
- Clique la flèche verte sur la droite, et le scan débutera.
- Clique Yes to all à l'invite de "cure/move" le fichier détecté.
- Lorsque le scan sera complété, regarde si tu peux cliquer sur cet icône, adjacent aux fichiers détectés :
- Si oui, alors clique dessus et ensuite clique sur l'icône "Next", au dessous, et choisis Move incurable, tel que présenté dans cette image:
- Du menu principal de l'outil, au haut à gauche, clique sur le menu File et choisis Save report list
- Sauvegarde le rapport sur ton Bureau. Ce dernier se nommera DrWeb.csv
- Ferme Dr.Web Cureit
- Redémarre ton ordi (*très important*), car certains fichiers peuvent être déplacés/réparés au redémarrage.
- Suite au redémarrage, poste (Copie/Colle) le contenu du rapport de l'outil Dr.Web dans ta prochaine réponse.
Un tuto en images complet est disponible ici (merci à Malekal_morte):
http://www.malekal.com/tutorial_DrWebCureIt.php
/!\Marre de la pub: Firefox sécurisé/!\
Répondre à Sham_Rock
Il y a 862 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
