Spyware, Viruses, & Security forum

General discussion

New EXE on PC causing issues?

by frankendesigns / January 23, 2008 10:52 AM PST

Recently I discovered a program file in my system32 folder called wikii.exe.

I tried to do a search for that file, but no luck.

Anyway, I changed the exe to txt to look at it, and I know that it is definitely not a file that should be there, however, when I try to delete it, it reappears in seconds again. Now I checked to make sure there was not a duplicate in the dllcache folder, so I don't know if there is another dependant file in the folders somewhere.

Also, I looked through the registry and tried to look for references to wikii.exe and came up with one and here is the screenshot of the location and reference

And here is the link to the wikii.txt if anyone can look at it and determine what it does?

Screenshot of Registry

text file



Discussion is locked
You are posting a reply to: New EXE on PC causing issues?
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: New EXE on PC causing issues?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Google has a wiki.exe
by dawillie / January 23, 2008 11:05 AM PST

This is the executable to Wikipaedia the open source encyclopaedia.

However it should not be in the Sys32 folder.

Also deleting from the Sys32 folder is no use because it keeps coming back, on the next boot.

One program that may help is a little software called 'move on boot'.

Note this should only be attempted after you have tried a safe mode delete and it comes back.

Note also that you will have to write down the EXACT path to the file.

It should be something like c:\windows\system 32\wikii.exe

Here is the link to the download


d/l and execute the software.

now start it up and you will get a drop down, scroll to the exact location of the file, next 'delete' and continue and you are told you need to reboot or you get a message saying moveonboot is successful.

Re-boot and the file will be deleted during boot up.

Go back to your System 32 folder and it should be gone.

Post back with results, please.

Collapse -
Not It
by frankendesigns / January 23, 2008 11:39 AM PST
In reply to: Google has a wiki.exe

No, the Wikipedia is wiki.exe. This one is wikii.exe

and by looking at the exe in notepad there are lines on it that tell me this file is a virus or malware:

SOFTWARE\Microsoft zasucks SOFTWARE\Microsoft yo zasucks 0 -f -s -t 00 1 -f -r -f -l 0 0 0 %s?action=log&loc=%s&user=%s&cn=%s %.2x | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | yes yes yes yes yes c:\xxx.html c:\xxx.html c:\xxx.html

Collapse -
Run a full system scan
by Donna Buenaventura / January 23, 2008 4:48 PM PST
In reply to: Not It

Not sure if you've done a full scan using your up-to-date malware scanner. If not yet, please scan.

Or use online scanner (below scanners has the ability to remove infections and it has detection of most types of risks) :

For trojan online scan:
Note: Trojan Online Scan DO NOT have the ability to remove infections. To remove, you need to get the program a-squared from http://www.emsisoft.com

Collapse -
Also, if you still have the file wikii.exe
by Donna Buenaventura / January 23, 2008 4:50 PM PST
In reply to: Not It

Upload it at http://www.virustotal.com for single file scan using 32 malware scanners. You should see if it's infected or not.

Note the threat name or view the threat details below the scan result (usually from Sunbelt or PrevX.. if they detected any on it).

Collapse -
by Dango517 / January 23, 2008 11:14 AM PST

HijackThis. At this location:


Use this program with caution. Items on this program may not be what you suspect. If it is very clearly defined then this should get ride of it. Usually they aren't. A restore point might be advised when using this program.

You've probable used your spyware scanner haven't you?

You can run more then one malware program but just one anti virus program.

This freeware program is highly recommended. I use it myself.:


This thread is not being tracked by me.

Collapse -
Before using HJT without an expert
by roddy32 / January 23, 2008 12:12 PM PST
In reply to: Try
Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?