I already got this from Google but I am looking for a removal tool until my vendor release VDU

Win32.Hidrag


--------------------------------------------------------------------------------

Hidrag is not a dangerous memory resident parasitic Win32 virus. The virus infects Win32 PE EXE files. While infecting the virus encrypts a block of the victim file.

When the virus runs it creates its copy about 36K of size in Windows directory with the "svchost.exe" name and registers this file in system registry auto-start key:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

PowerManager = %WindowsDir%\SVCHOST.EXE

The virus then stays in Windows memory as active process, searches for EXE files on all drives starting from C: and infects them.

The virus does not manifest itself in any way. The virus contains the encrypted text strings:

Hidden Dragon virus. Born in a tropical swamp.

PowerManagerMutant