Home > General > Perfc000.dat


Type : IECache Entry Data : [email protected][2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:4 Value : Cookie:[email protected]/ Expires : 5-15-2010 10:38:58 PM LastSync : Hits:4 UseCount : Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dllO3 - Toolbar: Rambler-└˝˝Ŕ˝˛ňݲ - {468CD8A9-7C25-45FA-969E-3D925C689DC4} - C:\Program Files\Rambler Assistant\ramblertoolbarU0.dllO4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startupO4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exeO4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exeO4 It may have some info that will help. The deletion of perfc000.dat will fail if your Windows uses the NT File System (NTFS) and you have no write rights for the file. have a peek here

While it is working in your computer, it performs a series of malicious attacks to damage the computer system such as corrupting system registry files, disabling security programs and turning off Did not go in Safe Mode at all yet. or read our Welcome Guide to learn how to use this site. FileDescription : Bluetooth Support Server InternalName : BTWDIns LegalCopyright : Copyright WIDCOMM, Inc. 2000-2004. http://www.exterminate-it.com/malpedia/file/perfc000.dat

Exterminate It! Exterminate It! If you need this topic reopened, please contact a staff member. Location: : S-1-5-21-3760607338-1603120009-2945326695-1005\software\adobe\adobe acrobat\6.0\avgeneral\crecentfiles Description : list of recently used files in adobe acrobat MRU List Object Recognized!

  1. Invision Power Board © 2001-2017 Invision Power Services, Inc.
  2. Keith Edited by doofus, 21 June 2007 - 10:55 AM.
  3. Download Exterminate It!TOP10 AlertsTop 100 Alerts Linkury Elex MyWebSearch PCFixTray GlobalUpdate SearchPage ReImage PennyBee InstallCore Zlob.DNS Changer LATEST 10 FilesLatest Files psv_Zunla psv_Zaamdom psv_WhiteKix psv_Vila-Fax psv_Statstock psv_Saltfix psv_Round-Flex psv_Conbam psv_Betacore psv_Aircom
  4. This consists of programs that are misleading, harmful, or undesirable.

This Trojan uses the system security vulnerabilities to vandalize the infected computer and then it performs lots of destructive activities on the compromised computer. perfc000.dat appears to be a compressed file. For instructions on deleting locked files, see Deleting Locked Files. Jump to content Build Theme!

Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin This file has been identified as a program that is undesirable to have running on your computer. Copies of the logs from running your scanning software is below. http://www.bleepingcomputer.com/startups/perfc000.dat-18512.html Using Windows Explorer, locate the following files/folders, and delete them: C:\windows\system32\perfc000.dat<=file Exit Explorer, and reboot as normal afterwards. ====== Deckardĺs System Scanner Download Deckard's System Scanner (DSS) to your Desktop.

Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra 'Tools' menuitem: Yahoo! If we have ever helped you in the past, please consider helping us. OriginalFilename : CTFMON.EXE #:36 [bttray.exe] FilePath : C:\Program Files\WIDCOMM\Bluetooth Software\ ProcessID : 2384 ThreadCreationTime : 5-27-2007 8:01:58 PM BasePriority : Normal FileVersion : 1.4.3 Build 4 ProductVersion : 1.4.3 Build 4 Location: : S-1-5-21-3760607338-1603120009-2945326695-1005\software\realnetworks\realplayer\6.0\preferences Description : list of recent skins in realplayer MRU List Object Recognized!

Click to Run a Free Virus Scan for the perfc000.dat malware Perfc000.dat file information Here is some of what is known about the process. HijackThis Category O20 Entry Note %System% is a variable that refers to the Windows System folder. hijackthis.log -- HiJackThis v2 Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 12:28:32 PM, on 5/28/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe Location: : S-1-5-21-3760607338-1603120009-2945326695-1005\software\winrar\dialogedithistory\extrpath Description : winrar "extract-to" history Performing conditional scans... ╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗ Win32.TrojanSpy.BZub Object Recognized!

Reboot your computer and check it again to make sure that perfc000.dat is terminated completely The perfc000.dat virus does great harm to users' computers. We invite you to ask questions, share experiences, and learn. After that I started getting the above mentioned error perfc000.dat error. Reboot into Safe Mode: please see here if you are not sure how to do this.

OriginalFilename : BTWDIns.EXE #:16 [defwatch.exe] FilePath : C:\Program Files\NavNT\ ProcessID : 1748 ThreadCreationTime : 5-27-2007 8:01:49 PM BasePriority : Normal FileVersion : ProductVersion : ProductName : Norton AntiVirus CompanyName Should you experience an actual problem, try to recall the last thing you did, or the last thing you installed before the problem appeared for the first time. Alfons N. If you accept cookies from this site, you will only be shown this dialog once!You can press escape or click on the X to close this box.

Try What the Tech -- It's free! It's free. There is only one button OK in this popped up window.

Thank you SNOWHITE Back to top Back to Virus, Trojan, Spyware, and Malware Removal Logs 0 user(s) are reading this topic 0 members, 0 guests, 0 anonymous users Reply to quoted

Then ran the AdAware and here is its log. It does not provide an option to clean/disinfect. Help would be much appreciated, Thanks in advanceinfo of the virus:Threat Name - Backdoor.Small!sd5Type - StartupRisk Level - HighInfection - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs = C:\WINDOWS\system32\perfc000.datThreat Name - Backdoor.Small!sd5Type - FileRisk Level All rights reserved.

Location: : S-1-5-21-3760607338-1603120009-2945326695-1005\software\microsoft\microsoft management console\recent file list Description : list of recent snap-ins used in the microsoft management console MRU List Object Recognized! The name of the first found registry value referencing perfc000.dat is highlighted in the right pane of the Registry Editor window. OriginalFilename : svchost.exe #:24 [wdfmgr.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 244 ThreadCreationTime : 5-27-2007 8:01:49 PM BasePriority : Normal FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act) ProductVersion : 5.2.3790.1230 ProductName : Microsoft« Back to top Advertisements Register to Remove #2 Susan528 Susan528 SuperMember Authentic Member 3,194 posts Posted 28 May 2007 - 08:02 AM Hello OldMacDonald and Welcome to TomCoyote, Please set

Select the file and press SHIFT+Delete on the keyboard. Here is what you asked. This type of unwanted adware program is not considered by some antivirus software to be a virus and is therefore not marked for cleanup. F: is CDROM (No Media)G: is CDROM (No Media)H: is CDROM (No Media)J: is Removable (No Media)\\.\PHYSICALDRIVE1 - WDC WD2000BB-22GUC0 - 186.31 GiB - 1 partition \PARTITION0 (bootable) - Installable File

Location: : S-1-5-21-3760607338-1603120009-2945326695-1005\software\microsoft\visualstudio\6.0\projectmrulist Description : list of recently used projects in microsoft visual studio MRU List Object Recognized! Manual Removal perfc000.dat Virus Step 1: Reboot your infected computer, when it reboots but before Windows launches, tap ‘F8′ key constantly. Register now! Type : IECache Entry Data : [email protected][1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:[email protected]/ Expires : 5-13-2017 6:39:10 PM LastSync : Hits:1 UseCount :

Antimalware can effectively eradicate such viruses from your computer. As my problem is slightly different then the post http://forums.tomcoy...dat_t79088.html so thought of creating a new topic. Please download Deckard's System Scanner (DSS) and save to your Desktop.alternate download siteDSS will do the following:Create a new System Restore point in Windows XP and Vista.Clean your Temporary Files, Downloaded See what happens and let us know.

Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. All rights reserved. Using definitions file:SE1R172 22.05.2007 ╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗ References detected during the scan: ╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗ MRU List(TAC index:0):50 total references Tracking Cookie(TAC index:3):11 total references Win32.Trojan.Agent(TAC index:10):2 total references Win32.TrojanSpy.BZub(TAC index:10):4 total references ╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗╗ Ad-Aware Pressing CTRL+ALT+DEL identifies programs that are currently running - not necessarily at startup.

If the description states that it is a piece of malware, you should immediately run an antivirus and antispyware program. We aim to provide the valuable service known to come from BC to every member we can, but sometimes it takes just a little longer to get to every request for Location: : S-1-5-21-3760607338-1603120009-2945326695-1005\software\microsoft\windows\currentversion\applets\regedit Description : last key accessed using the microsoft registry editor MRU List Object Recognized! To avoid deleting a harmless file, ensure that the Value column for the registry value displays exactly one of the paths listed in Location of perfc000.dat and Associated Malware.

Location: : S-1-5-21-3760607338-1603120009-2945326695-1005\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy completelyuninstallprogram.com completelyuninstallprogram.com Back to top #3 OldMacDonald OldMacDonald New Member Authentic Member 10 posts Posted 28 May 2007 - 10:47 AM Thank You so much for time Susan528.