New nasty virus

Ineligible

I managed to get a new virus that neither my antivirus software or any malware programs picked up. It places a file called perfc000.dat in the windows/system32 folder, and sets it up to be loaded into memory at boot-up as an appinit_dll, which causes it to run when most other processes run. When it runs, it re-copies itself back into the windows/system32 folder, so after every attempt to delete it it reappears almost immediately. It tries to do various illegal things that cause error messages and/or programs to close; it also downloads various other trojans.It is possible to get rid of it through setting up HijackThis to delete it on reboot - though it will still copy itself into memory before HijackThis is able to delete it, so it's necessary to be very careful. Alternatively, a dummy file can be created and put in its place.It's taken me nearly two days to get rid of it, and I'm still crossing my fingers. I'm just posting in case anyone else gets the same thing.

sdp

Do you know what it's called?

websexinfo

I would have probably booted it to Bart PE and ran all kinds of anti-virus/malware/adware/spyware tools on it.

Ineligible

Apparently one of the few antivirus programs that recognises it so far has named it TR/Crypt.XPACK.Gen. I presume TR stands for Trojan.Thinking about it later, I've wondered if it could be removed by running the computer in DOS and deleting the file from that.

Ineligible

Look what happened to my post! Do you see a scroll bar?

CR125

i have a scroll bar... u do mean the one at hte side right..

Ineligible

This was on the side of the post itself, not the whole window - but now it's gone. I must be going mad . . .Edit: And now it's back!

CR125

...and ur not getting any of my PM

animefreak135

Oh it does that to me sometimes, too...dunno why. Shouldn't be anything to worry about.

pinkranger4

How do i get it!?My mom asked me the other day to get a virus on my brothers computer .. cause all he does all day is clog up the phone line we have dialup and look at porn.

peesemould

Get broadband - it's not much more than dial up...

punku2

Thanks for informing us.Hopefully my computer won't get it. But it's not like i'd know, because our virus blocker is horribly out of date.But thanks. I'll be sure to look out.