~.exe in my documents and settings
Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: ~.exe in my documents and settings

  1. #1
    Senior Member
    Join Date
    Jun 2003
    Posts
    101

    ~.exe in my documents and settings

    i have found this file ~.exe 52kb in size, it's contensts look like this but more could be hidden

    MZ

    i have tried searching google with "~.exe" but nothing

    when i tried to delete it remotley from another pc all it's antiviral software kicked off and went nuts but i could not delete...?

    i shutdown this computer with this ~.exe file on it and booted it into linux. i also have webmin installed so mounted the windows partition and tried to delete it using the 'file manager' but kept saying this is a read only system (not true)

    tried to chmod 777 ~.exe but same message

    started samba and accessed the partition that way but still could not delete

    so any ideas what it is and how to delete it (esp if a nasty)
    like life, this is a test

  2. #2
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hmmmm,

    when i tried to delete it remotley from another pc all it's antiviral software kicked off and went nuts but i could not delete...?
    So what did the AV think that it had found?............... it must have given you a message or log entry?

    It looks like a font/character recognition issue at first sight. Have you tried to delete it locally in safe mode?

    What operating/file system are we talking about here?

    Just getting rid of the file isn't the main issue........... you really ought to find out what hit you and what the potential extent of the damage might be............. IMO "band aid" solutions are not an option
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  3. #3
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391
    get into a command prompt while in your administrator account, just navigate to the directory and type

    del c:\INSERT-DIRECTORY-HERE\~.exe

  4. #4
    Senior Member
    Join Date
    Jun 2003
    Posts
    101
    sorry chaps
    windows xp home
    although i am running avast as antivirus and email checking plus avg for daily scan ( yes i know you should not have 2 anti v's but so far been clean for 4 years but this might be the first!!)

    the pc which did not like the ~.exe was also xp(pro) running avast the message was just a warning when i connected to the shared folder and tried to delete it (all on the same network)

    nihil: you are right but want to get rid of 'it' if it is a problem, however not very subtle place to put a nasty is it???
    like life, this is a test

  5. #5
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    www.activescan.com

    Post the log here.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  6. #6
    Senior Member Ouroboros's Avatar
    Join Date
    Nov 2001
    Location
    Superior, WI USA
    Posts
    628
    Quote Originally Posted by Cider View Post
    www.activescan.com

    Post the log here.
    Not very friendly reviews from what I have seen. You sure? I would try this http://security.symantec.com/sscv6/WelcomePage.asp instead. Don't download it...just do the security check online (ActiveX control and IE necessary, unfortunately) Just my opinion, of course

    O
    Last edited by Ouroboros; November 25th, 2008 at 02:45 AM.
    "entia non sunt multiplicanda praeter necessitatem"

    "entities should not be multiplied beyond necessity."

    -Occam's Razor


  7. #7
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Meh, any online scan would be okay

    I just work with Active scan on a daily basis so I can troubleshoot
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  8. #8
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,188
    Have you done scans with other tools such as spybot or malware bytes? I would be interested to see if there weren't other infections on the system. Cider's suggestion of running an online scan may be useful as well. I have never used active scan, so I cannot comment on it. I have used TrendMicro's housecall, with mixed results. I once ran a scan that took a few hours, only to have it crap out on me right at the end. Frustrating to say the least. I would suggest running Spybot though. If it finds stuff, and cannot remove them, try running it in safemode.
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

  9. #9
    Senior Member
    Join Date
    Jun 2003
    Posts
    101
    cheers for advice
    have got spybot running and not picked anything up
    will scan file with avast
    and try an online scan too
    sorry not got back to you chaps earlier
    work getting in the way of life
    like life, this is a test

  10. #10
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    You might try this:

    http://www.brothersoft.com/dellater-download-40658.html

    It deletes stuff on reboot so it might work
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

Similar Threads

  1. Forensic Process and Tricks
    By Tiger Shark in forum The Security Tutorials Forum
    Replies: 3
    Last Post: January 12th, 2007, 09:44 PM
  2. Apache, PHP, MySQL with basic security settings.
    By nightcat in forum The Security Tutorials Forum
    Replies: 9
    Last Post: May 28th, 2005, 02:47 AM
  3. Replies: 6
    Last Post: October 5th, 2004, 08:26 AM
  4. Windows XP Tips
    By Nokia in forum Tips and Tricks
    Replies: 4
    Last Post: June 18th, 2004, 04:24 PM
  5. xp question:restore settings after installing
    By tyfon in forum Operating Systems
    Replies: 6
    Last Post: January 8th, 2004, 10:01 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides