1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

winwildapp.exe??

Discussion in 'Virus & Other Malware Removal' started by constant, Apr 20, 2004.

Thread Status:
Not open for further replies.
  1. constant

    constant Thread Starter

    Joined:
    Jul 21, 2003
    Messages:
    198
    I think this a virus my sister downloaded by accident. I already did a spybot scan and ad aware scan and got rid of everything it found. I did a hi-jack this and got rid of the suspicious lines. Now i see these 2 programs try to grant access to the internet when i'm online. So i need to get rid of this. I'm doing active online virus scan in a little bit to see what it finds. What should i do to get rid of this go in safe-mode and delete the files?? There in her temp directory. I already got rid of the files in windows that were suspicious, excpet for one i wasn't sure about. It's also hidden, it's called sysconfig16 and i didn't delete that, but when windowsloads up it load two of those up and i only see one in windows i think this is probly loading the other two or three files in to windows. winwildapp.exe and update1.exe. Let me know what you think i'll post a hi-jack this log up here let meknow if anyone see's anything i shoudl get rid of right away, thanks.

    Great!! i see some more crap, liek the two files that load up and try to get access to the internet. I know i'm going to have to get rid of those lines after i delete the files. Anyone know any more let me know, thanks. Help me get rid of this crappy virus:)
     
  2. constant

    constant Thread Starter

    Joined:
    Jul 21, 2003
    Messages:
    198
    Help!!!!!!!! i'm bout to start deleting **** myself. Like that syscfg16.exe file. I want to get this done now so can someone tell me what to drop i don't already know, thanks. The scan only found 4 files and none were the files i said. Uppin
     
  3. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    Run Hijack This again and put a check by these. Close all windows except HijackThis and click "Fix checked"

    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.windowenhancer.com/np...stmpl1&sstring=

    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.windowenhancer.com/np...stmpl1&sstring=

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

    O4 - HKLM\..\Run: [Windows System Configuration] C:\WINDOWS\SYSCFG16.EXE

    O4 - HKLM\..\Run: [Windows DLL Loader] C:\WINDOWS\SYSCFG16.EXE

    O4 - HKLM\..\Run: [QupZMrZze] C:\documents and settings\alyssa\local settings\temp\QupZMrZze.exe

    O4 - HKLM\..\Run: [QupZMrZze.exe] C:\documents and settings\alyssa\local settings\temp\QupZMrZze.exe


    Restart to safe mode.

    How to start your computer in safe mode

    First in safe mode click on My Computer. Go to Tools > Folder Options. Click on the View tab and make sure that "Show hidden files and folders" is checked. Also uncheck "Hide protected operating system files" and "Hide extensions for known file types" . Now click "Apply to all folders"
    Click "Apply" then "OK"

    Now find and delete:

    The C:\WINDOWS\SYSCFG16.EXE file

    Also in safe mode navigate to the C:\documents and settings\alyssa\local settings\temp folder. Open the temp folder and go to Edit > Select All then Edit > Delete to delete the entire contents of the Temp folder.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/222147

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice