It's hooking explorer.exe and opera.exe (my browser)
The exe is located at C:\Windows\System32\install\MSCOMM32.exe and it's labeled as a operating system file. If I kill all 5 instances at once with Process Explorer and then delete the file, it just comes back.
What do I do? I tried googling for help but I can't find anything on this virus.
EDIT: Found the source. A file XxX.XxX was hooking opera.exe and forcing it to create the file. Booted into safe mode and deleted the Temp folder in AppData/Local. Also remove the entry in MSCONFIG startup then delete C:\Windows\System32\install.
Edited by fuckusernames, 07 August 2010 - 03:38 PM.