Hi! For about 2 months I've try to clean my computer and only one thing cannot be cleaned. It's a virus called Hidrag or W32/Jeefo. This is a parasitic 32-bit file infecting virus that infects Windows PE files on the victim machine. When an infected file is run on the victim machine, the file SVCHOST.exe (36,352 bytes) is dropped in %WinDir%. The file is set with the system attribute set. On Windows 9x machines, the following Registry key is added to hook system startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\_ CurrentVersion\RunServices "PowerManager" = %WinDir%\SVCHOST.exe On Windows NT/2000/XP machines, the dropped file is installed as a service, with the following characteristics: Description: Manages the power save features of the computer Display Name: Power Manager Start Type: Automatic Account: Local system Once running in memory, the virus periodically attempts to infect PE files on the victim machine. I simply try to delete the registry key and the file but it simply keep comming about 2 min after. I have try about 5 anti-virus prog and they cannot clean it they just quarantined the file or delete it but all my *.exe is infected. If you have some idea, reply. I've also try to format my computer but some of my drivers that I install is contaminated. Thanks

J-P From the write-up at symantec...where you got the info you posted it seems it shouldn't be difficult to remove, i have removed that virus from several systems win 98 on up to and including win xp You need to run your anti virus program in safe mode. If you have tried that without joy... Make sure you have shut down computer completly for at least 30 seconds...unplug it if necessary to clear the virus from memory (which is why it keeps loading again) Once in safe mode (tap f8 while booting) then start your av program, delete the infected files that cannot be repaired, remove the registry value as to symantec's instructions and reboot. Many times symantec's instructions for removing viruses will just tell you to boot to safe mode and not include the 30 second shut down.....many times it does not work until you shut down for...I usually extend it to a couple minuites. I have not had problems removing it and many others if I used that procedure. Make sure also your antivirus is set to scan all files including compressed files. ___________________________________ I never give up! Windows Update

Thanks for the explication but if I understand what you say, I cannot keep my .exe infected. I need to delete all of them because I can clean them. Is that right?

J-P or whoever... How the heck did you get my name in reply????? If your antivirus can't clean them...(always try and fix them first with the antivirus program first) then yes either quarentine or delete is in order... Depending on what programs are affected you may be looking at re-installing them. If some critical windows are affected then you may be looking at doing a repair install of xp or just runing sfc might work fine (hopefully you have the xp cd)...if you don't see if you can borrow one) Once you get rid of the virus...the least destructive method of recovery if needed is sfc (system file checker) To run that utility.. Click start Click run Type "sfc /scannow" without quotes, hit enter, note the space between the c and / Have the xp cd ready. Any other programs affected may need to be re-installed...try and uninstall them first then re install. It is possible your antivirus program is affected you can run an online scan in safe mode (f8 at boot after 30 second shutdown, choose safe mode with networking) Online scans: Housecall Pandascan Rav Antivirus Let me know how it goes ___________________________ I never give up! Windows Update

Thanks a lot blender but I wanted to keep my infected file. I've found a program that can clean infected file and it kick ass take a look http://www.sophos.com/support/disinfection/jeefoa.html However, thank you very much, you are a good guy