tag:blogger.com,1999:blog-804714437673009003.post7512232717768534841..comments2024-02-23T09:06:13.967+00:00Comments on Dynamoo's Blog: Tilde.exe in C:\Windows\System32 folderUnknownnoreply@blogger.comBlogger6125tag:blogger.com,1999:blog-804714437673009003.post-2138193734353558502009-02-14T00:06:00.000+00:002009-02-14T00:06:00.000+00:00As of today, Avast has started finding that on my ...As of today, Avast has started finding that on my Win2k machine (not a laptop). It senses it's an odd filename but doesn't know what to do with it so offers Ignore and Delete. An hour or two after I selected Delete, Avast asked me again. The real scan it asked to do on reboot didn't find anything wrong (beside a couple items in the browser cache).The Mushroomhttps://www.blogger.com/profile/13466433750698090728noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-87926504944905633452008-09-02T16:18:00.000+01:002008-09-02T16:18:00.000+01:00Although F-Secure had this virus in its database (...Although F-Secure had this virus in its database (according to virustotal.com), it wouldnt pick it up on my system for some reason. This is why I downloaded PendMoves to delete it upon startup, just like jasonatr0n suggested.kellykinnshttps://www.blogger.com/profile/09317947230727749103noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-77989672492003691442008-09-02T16:09:00.000+01:002008-09-02T16:09:00.000+01:00I was just able to ditch this _cc00EFBA6.dat file ...I was just able to ditch this _cc00EFBA6.dat file by following the last part of this website:<BR/>http://bbayles.googlepages.com/antivundo.html<BR/>Basically the PendMove program it suggests. Also now Advast! updated it's database and can get rid of it too. Advast is free for like 3 months. Good luck! This virus is annoying :( Thanks Java!(according to wikipedia.)kellykinnshttps://www.blogger.com/profile/09317947230727749103noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-35112468036934626282008-08-28T16:20:00.000+01:002008-08-28T16:20:00.000+01:00Thanks, I struggled with the rogue .DAT file in th...Thanks, I struggled with the rogue .DAT file in the same way, but the F-Secure online scanner did the trick - http://support.f-secure.com/enu/home/ols.shtmlConrad Longmorehttps://www.blogger.com/profile/11751822299235747323noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-80847724468254402512008-08-28T16:12:00.000+01:002008-08-28T16:12:00.000+01:00Ok here is some more info on this infection. First...Ok here is some more info on this infection. First of all, anything that infects the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ area of the registry can be very difficult and frustrating to remove. Here are the steps I took to remove this particular infection:<BR/><BR/>1. download hijackthis<BR/>2. extract hijackthis to \program files\hijackthis<BR/>3. run Jasonatr0nhttps://www.blogger.com/profile/15381761139518837207noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-51813127715638568572008-08-28T15:33:00.000+01:002008-08-28T15:33:00.000+01:00I have just run across this on a laptop that I am ...I have just run across this on a laptop that I am attempting to repair. There are two files, ~.exe and __c00EFBA6.dat. I can delete the exe file, however the .dat corresponds to a winlogon registry key, and am not able to delete it. I will make another comment when I am able to come to a resolution.Jasonatr0nhttps://www.blogger.com/profile/15381761139518837207noreply@blogger.com