1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Error deleting file or folder

Discussion in 'All Other Software' started by mgbgtgrimm, Jan 26, 2005.

Thread Status:
Not open for further replies.
Advertisement
  1. mgbgtgrimm

    mgbgtgrimm Thread Starter

    Joined:
    Apr 22, 2002
    Messages:
    490
    I get the message "Cannot delete wtAppConfig0200: Access is denied. The source file may be in use."
    The actual name of the folder is "WildT anqent"
    According to properties it was added/installed on Dec 28, 2004, which is around the time when I was cleaning out all the spyware/adware stuff via help from this forum. I have no idea what this program is about and I don't want to launch it and get in trouble again. How can I delete it, get rid of it.
    Greg & Grimm
     
  2. polak

    polak

    Joined:
    Oct 12, 2003
    Messages:
    567
  3. EAFiedler

    EAFiedler Moderator

    Joined:
    Apr 25, 2000
    Messages:
    14,146
    Hi mgbgtgrimm

    Have you tried removing Wild Tangent in your Add/Remove programs in the Control Panel?

    Let us know.
     
  4. mgbgtgrimm

    mgbgtgrimm Thread Starter

    Joined:
    Apr 22, 2002
    Messages:
    490
    I just ran Spybot search and destry and it said "14 problems fixed". They were in red and had check marks next to them. Spybot indicates that it got rid of WildTangent. I did not run Ad-Aware because SpyBot siad something about Ad-Aware didn't like the fixes that SpyBot made. It told me to do something but I didn't understand what it was saying.
     
  5. mgbgtgrimm

    mgbgtgrimm Thread Starter

    Joined:
    Apr 22, 2002
    Messages:
    490
    Add/Remove programs would not do anything.
    Now when I restarted my computer I got error message:
    Error loading C:\PROGRA~1\WILDTA~1\APPS\CDA\CDAENG~1.DLL
    however, computer seems to have restarted OK!
     
  6. 911

    911

    Joined:
    Mar 25, 2003
    Messages:
    546
    Run the removal program in Safe mode. Windows won't let "open" files get changed except by the program that opened them. If the infection is in a file that some program has opened, removing it is a problem. Safe mode bypasses all those start menu programs that open when you boot up, so the infected files probably won't be open, and the infection can be removed. After removal, clear any existing System Restore points, so the infection can't come back. ---911
     
  7. mgbgtgrimm

    mgbgtgrimm Thread Starter

    Joined:
    Apr 22, 2002
    Messages:
    490
    OK 911, I did first part but how do I "clear any existing System Restore points". I am afraid I don't know how to do that.
     
  8. 911

    911

    Joined:
    Mar 25, 2003
    Messages:
    546
    I don't know why Microsoft makes this so hard to find.
    START > SETTINGS > CONTROL PANEL.
    Click the SYSTEM icon.
    Click the PERFORMANCE tab on the next screen.
    Click the FILE SYSTEM button on the next screen near the bottom.
    Click the TROUBLESHOOTING tab on the next screen.
    Check the box "Disable System Restore" at the bottom.
    Restart your system. All existing Restore points will be deleted.

    Go back through the same route and uncheck "Disable System Restore .
    Restart your system again.
    Invoke System Restore, and make a new restore point for future needs.
     
  9. Triple6

    Triple6 Moderator

    Joined:
    Dec 26, 2002
    Messages:
    52,888
    First Name:
    Rob
  10. 911

    911

    Joined:
    Mar 25, 2003
    Messages:
    546
    I left something important out. After you check "Disable System Restore" , click the APPLY button before you restart your machine. --- sorry.
     
  11. mgbgtgrimm

    mgbgtgrimm Thread Starter

    Joined:
    Apr 22, 2002
    Messages:
    490
    Here's my highjackthis log file just now taken. I did what 911 said and found 2 files that said they were bad and told spyware to fix 'em. I still get the same error message. In safe mode I found 6 files labeled with "WILDTA" and was able to delete them.



    Logfile of HijackThis v1.99.0
    Scan saved at 10:41:28 AM, on 1/30/2005
    Platform: Windows ME (Win9x 4.90.3000)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\PROGRAM FILES\LOGITECH\ITOUCH\ITOUCH.EXE
    C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
    C:\PROGRAM FILES\AT&T\ACP\PROGRAMS\WNPCA.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\PROGRAM FILES\WUSB11 WLAN MONITOR\WUSB11B.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE
    C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSESCN.EXE
    C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE
    C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
    C:\PROGRAM FILES\LOGITECH\ITOUCH\KBDTRAY.EXE
    C:\PROGRAM FILES\WEBSHOTS\WEBSHOTS.SCR
    C:\PROGRAM FILES\PRINTKEY2000\PRINTKEY2000.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\MY DOCUMENTS\HIGHJACKTHIS\HIJACKTHIS.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by AT&T WorldNet Service
    O2 - BHO: AIM Helper - {D70E6A20-7060-4829-B3D7-B6624A1DE7C6} - C:\PROGRAM FILES\AIM TOOLBAR\AIMHELPER.DLL
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHL.DLL
    O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\PROGRAM FILES\AIM TOOLBAR\AIMBAR.DLL
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\PROGRA~1\LOGITECH\ITOUCH\iTouch.exe
    O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\ADAPTEC\DIRECTCD\DIRECTCD.EXE
    O4 - HKLM\..\Run: [AT&T DSL Service PCA Program] C:\Program Files\AT&T\ACP\programs\wnpca.exe /ws
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ReleaseRAM] C:\PROGRAM FILES\R-RAM\RRAM.exe
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [WUSB11B.exe] C:\Program Files\WUSB11 WLAN Monitor\WUSB11B.exe
    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE" /checktask
    O4 - HKLM\..\Run: [VirusScan Online] "C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe"
    O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe C:\PROGRA~1\WILDTA~1\APPS\CDA\CDAENG~1.DLL,cdaEngineMain
    O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
    O4 - HKLM\..\RunServices: [McVsRte] C:\PROGRA~1\MCAFEE.COM\VSO\mcvsrte.exe /embedding
    O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
    O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
    O4 - Startup: Printkey2000.lnk = C:\Program Files\PrintKey2000\Printkey2000.exe
    O8 - Extra context menu item: Translate Selection with Worldlingo.com - http://www.worldlingo.com/UP62768/P5001/l/scripts/btool.js?btool=s&uname=btool48&pword=lingocnet
    O8 - Extra context menu item: Translate Page with Worldlingo.com - http://www.worldlingo.com/UP62768/P5001/l/scripts/btool.js?btool=s&uname=btool48&pword=lingocnet
    O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
    O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
    O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmtrans.html
    O8 - Extra context menu item: &AIM Search - res://C:\PROGRAM FILES\AIM TOOLBAR\AIMBAR.DLL/aimsearch.htm
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
    O12 - Plugin for .bcf: C:\PROGRA~1\INTERN~1\Plugins\NPBelv32.dll
    O15 - Trusted IP range: 206.161.125.149
    O15 - Trusted IP range: (HKLM)
    O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
    O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.dll
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/mcgdmgr.cab
    O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx
    O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} (Webshots Photo Uploader) - http://community.webshots.com/html/WSPhotoUploader.CAB
     
  12. Triple6

    Triple6 Moderator

    Joined:
    Dec 26, 2002
    Messages:
    52,888
    First Name:
    Rob
    Remove these entries in Hijackthis:
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe C:\PROGRA~1\WILDTA~1\APPS\CDA\CDAENG~1.DLL,cdaEngineMain
    O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
    9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
     
  13. mgbgtgrimm

    mgbgtgrimm Thread Starter

    Joined:
    Apr 22, 2002
    Messages:
    490
    Mission accomplised, thank you very much. Have a nice weekend.
    Greg & Grimm
     
  14. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/323732

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice