Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Perfc000, Not Sure Though..


  • Please log in to reply
3 replies to this topic

#1 collon

collon

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:06:02 AM

Posted 17 May 2007 - 07:46 PM

Ok, on May 02, 2007 there was a folder created of the name perfc000.dat in my SYSTEM32 folder. It affected my computer Internet browser. At first the effects were not noticable. On May 8th i beleive is when my internet browser stopped working alltogether. It wouldnt load pages, only google. I could not figure out what was going on. My AVG wouldnt pick it up, and i was really mad because i couldnt use my computer. My freind sent me a direct download for Ad-Aware and i installed it and ran it. It found some tracking cookie/data miners. I quarintined and deleted. The problem still exsisted. My dad then took a IE .4 disc and downloaded that and re-downloaded IE .7. My internet worked and AVG picked up the virus. It didnt seem to bother me until about May 11th-12th when i decided to delete the file where it was located. I found it in C:\WINDOWS\SYSTEM32 as perfc000. Everytime i deleted it, it would just come back. So i googled it and found this site with some steps to take. People were talking about killing it on reboot. I didn't know how until i saw someone show killbox. So i downloaded it, killed perfc000 and my web browser seemed to be working again. I ran AVG and only find tacking cookies. Same with Ad-aware. But just recently i have been noticing its affect again. Its the affects of me not cleaning out my Internet cache. Pictures have red x's, Page wont load properly, Page wont load at all, and some other affects. I usually just reloaded the page and it was fine. But now, its taking several reloads and stuff to fix it. Also google isint working properly. Some links are, but not all. Like adware and ad viruses. But i killed perfc000. Please help, i would rather not reformat my computer. I am open to most suggetions and tips. If you need any info and its not to private ask away. Thank you!

P.S. I had to copy this because of the browser saying 'Page cannot be displayed'

BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,096 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:02 AM

Posted 17 May 2007 - 09:15 PM

Use the smitfraudfix tool in the link below. Follow the instructions carefully.
http://siri.urz.free.fr/Fix/SmitfraudFix_En.php
--------------------------------------------------------------------------------


Install Super Antispyware. Run it in safe mode. Allow it to quarantine whatever it finds.
http://www.superantispyware.com/

Run the online scan for Bit Defender in normal mode. Allow it to quarantine whatever it finds.
http://www.bitdefender.com/scan8/ie.html

--------------------------------------------------------------------------------

Post a Hijack This log in the Hijack This Forum by following the directions in the link below if the programs above have not removed ALL malware. DO NOT post the log in this forum.
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/
--------------------------------------------------------------------------------

How To start Windows in Safe Mode
http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,279 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:02 PM

Posted 17 May 2007 - 10:51 PM

The perfc000.dat file is loaded through the AppInit_DLLs Registry value & Winlogon Notify Subkeys which remains after the physical file is deleted. I'm also finding that file seems to be accompanied by other malware infections so you may be dealing with several issues. Your best course of action is to follow buddy215's instructions for posting a hijackthis log.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 collon

collon
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:06:02 AM

Posted 18 May 2007 - 12:13 AM

I followed it, and posted a HJT log in the correct forum. The bit defender did not work though. Thanks for the help.

Edited by collon, 18 May 2007 - 12:14 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users