550 Infections?

  • Thread starter Thread starter Marcus
  • Start date Start date
M

Marcus

I just ran the "award winning" Spy Doctor 3.2 and it came up with an
astounding 550 infections! Of course it then asks you to purchase the
product to remove the culprits. How could this program win an award? I'm at
a loss as to how to remove Wintools-adware from the registry so I thought
I'd check this Spy Doctor out as it is a suggested fix. But it doesn't sound
particularly honest.

Comments, solutions welcome.

Marcus
 
I just ran the "award winning" Spy Doctor 3.2 and it came
up with an astounding 550 infections! Of course it then
asks you to purchase the product to remove the culprits.
How could this program win an award? I'm at a loss as to
how to remove Wintools-adware from the registry so I
thought I'd check this Spy Doctor out as it is a suggested
fix. But it doesn't sound particularly honest.

Comments, solutions welcome.

Marcus
Click to expand...

Look before you leap?
http://www.spywarewarrior.com/rogue_anti-spyware.htm

BTW, in re "award winning":
Is that how you buy cars, ...?
(don't answer -- I'm being facetious ;)

J
 
From: "Marcus" <[email protected]>

| I just ran the "award winning" Spy Doctor 3.2 and it came up with an
| astounding 550 infections! Of course it then asks you to purchase the
| product to remove the culprits. How could this program win an award? I'm at
| a loss as to how to remove Wintools-adware from the registry so I thought
| I'd check this Spy Doctor out as it is a suggested fix. But it doesn't sound
| particularly honest.
|
| Comments, solutions welcome.
|
| Marcus
|

Try Ad-aware SE v1.06 and SpyBot Search and Destroy v1.4. They are free
( Ad-aware is free for personal use and SpyBot will accept donations ).
 
Thanks,

But nothing seems to get the Wintools-Adware out of the registry!
Tried Adware, SpyBot, House Call Security, Symantec Security Check and
Rav....all in Safe Mode.
Also ran "Hijack This" in Safe Mode and it did not identify the numerical
keys of anything in program files/common files/wintools. Also checked the
suggested Registry Keys:
# HKEY_LOCAL_MACHINE
# Software
# Microsoft
# Windows
# CurrentVersion
#Run
# RunServices

Nothing showing up! Is this a phantom Spyware?

Advice sought.

Marcus
 
Marcus said:
Thanks,

But nothing seems to get the Wintools-Adware out of the registry!
Tried Adware, SpyBot, House Call Security, Symantec Security Check and
Rav....all in Safe Mode.
Also ran "Hijack This" in Safe Mode and it did not identify the numerical
keys of anything in program files/common files/wintools. Also checked the
suggested Registry Keys:
# HKEY_LOCAL_MACHINE
# Software
# Microsoft
# Windows
# CurrentVersion
#Run
# RunServices

Nothing showing up! Is this a phantom Spyware?

Advice sought.
Click to expand...

Is System Restore enabled? Sometimes a persistent infection is located there, and the AV can't
purge it.
 
This self-help guide will walk you through the steps to remove WinTools

Tools Needed for this fix:
a.. HijackThis
Related Tutorials:
a.. How to use HijackThis to remove Browser Hijackers & Spyware
Symptoms in a HijackThis Log:

QUOTE

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch
= res://C:\PROGRA~1\Toolbar\toolbar.dll/sa
O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} -
C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll
O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe





Notes: WinTools is often installed by of programs. If there is WinTools
installed on your machine, it is a good chance that other programs you do
not want are installed as well.


--------------------------------------------------------------------------------


Instructions:

Automatic Uninstall Method:
1.. Click on start, then settings, and then control panel.


2.. Double-click on the Add/Remove programs icon.


3.. Scroll down till you see an entry that contains the word WinTools and
then uninstall it


4.. Follow all the prompts asking to uninstall and reboot when it asks.


5.. After it has rebooted fix any entries in HijackThis for WinTools


6.. Delete the following directories:

C:\Program Files\Toolbar\
C:\Program Files\Common Files\WinTools\
Manual Uninstall Method (If WinTools is not listed in Add/Remove Programs):
1.. Reboot your computer into Safe Mode


2.. Only for XP/2000/NT - Click on Start, then Run, and type services.msc
and press the OK button.
1.. Scroll down till you see the service named WinTools for IE Service.
2.. Double-click on the service name and change the Startup Type to
Disable and then stop the service by clicking on the Stop button.
3.. Exit the services window.
3.. Press control-alt-delete and end the following processes by clicking
once on them and then clicking the End Process button:
WToolsA.exe
WToolsS.exe
WSup.exe


4.. Exit the Task Manager


5.. Open a command prompt by click on Start, then Run, and typing the
following based on your operating system:
1.. For Windows 98/ME/95 type command.exe and press the OK button.
2.. For Windows XP/2000/NT type cmd.exe and press the OK button.
6.. You will now be in a command prompt. Type regsvr32 /u /s "C:\Program
Files\Toolbar\toolbar.dll and press the enter key on your keyboard.


7.. Type exit to close the command prompt.


8.. Now delete the following directories:

C:\Program Files\Common Files\WinTools\
C:\Program Files\Toolbar\


9.. Run Hijackthis and fix all entries that contain WinTools in them.


10.. If you are using Windows XP/NT/2000 open regedit and navigate to the
following key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services

Click on the services key so you see a list of the services in the right
section. Scroll through those services till you find one that has WinTools
in it and right click on it and delete the WinTools service.


11.. Disable and re-enable System Restore. Instructions can be found here:

Managing Windows Millenium System Restore

or

Windows XP System Restore Guide


12.. Reboot your computer and Wintools should be gone.
 
Thanks

Marcus



Lew/+Silat said:
This self-help guide will walk you through the steps to remove WinTools

Tools Needed for this fix:
a.. HijackThis
Related Tutorials:
a.. How to use HijackThis to remove Browser Hijackers & Spyware
Symptoms in a HijackThis Log:

QUOTE

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch
= res://C:\PROGRA~1\Toolbar\toolbar.dll/sa
O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} -
C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll
O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe





Notes: WinTools is often installed by of programs. If there is WinTools
installed on your machine, it is a good chance that other programs you do
not want are installed as well.


-------------------------------------------------------------------------- ------


Instructions:

Automatic Uninstall Method:
1.. Click on start, then settings, and then control panel.


2.. Double-click on the Add/Remove programs icon.


3.. Scroll down till you see an entry that contains the word WinTools and
then uninstall it


4.. Follow all the prompts asking to uninstall and reboot when it asks.


5.. After it has rebooted fix any entries in HijackThis for WinTools


6.. Delete the following directories:

C:\Program Files\Toolbar\
C:\Program Files\Common Files\WinTools\
Manual Uninstall Method (If WinTools is not listed in Add/Remove Programs):
1.. Reboot your computer into Safe Mode


2.. Only for XP/2000/NT - Click on Start, then Run, and type services.msc
and press the OK button.
1.. Scroll down till you see the service named WinTools for IE Service.
2.. Double-click on the service name and change the Startup Type to
Disable and then stop the service by clicking on the Stop button.
3.. Exit the services window.
3.. Press control-alt-delete and end the following processes by clicking
once on them and then clicking the End Process button:
WToolsA.exe
WToolsS.exe
WSup.exe


4.. Exit the Task Manager


5.. Open a command prompt by click on Start, then Run, and typing the
following based on your operating system:
1.. For Windows 98/ME/95 type command.exe and press the OK button.
2.. For Windows XP/2000/NT type cmd.exe and press the OK button.
6.. You will now be in a command prompt. Type regsvr32 /u /s "C:\Program
Files\Toolbar\toolbar.dll and press the enter key on your keyboard.


7.. Type exit to close the command prompt.


8.. Now delete the following directories:

C:\Program Files\Common Files\WinTools\
C:\Program Files\Toolbar\


9.. Run Hijackthis and fix all entries that contain WinTools in them.


10.. If you are using Windows XP/NT/2000 open regedit and navigate to the
following key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services

Click on the services key so you see a list of the services in the right
section. Scroll through those services till you find one that has WinTools
in it and right click on it and delete the WinTools service.


11.. Disable and re-enable System Restore. Instructions can be found here:

Managing Windows Millenium System Restore

or

Windows XP System Restore Guide


12.. Reboot your computer and Wintools should be gone.
Click to expand...
 
Marcus - 01.07.2005 04:47 :

~ 150! unnecessary quoting lines (snipped) only to post 1 single word:
Thanks
Click to expand...

Recommendation: Please learn to quote with as few quoting lines as
possible. THX.
 
From: "Peter Seiler" <[email protected]>

| Marcus - 01.07.2005 04:47 :
|
| ~ 150! unnecessary quoting lines (snipped) only to post 1 single word:
||
| Recommendation: Please learn to quote with as few quoting lines as
| possible. THX.
|
| --
| by(e) PS
|
| spam will be killed
|

Recommendation:
Please add to the discussions and not just bother people about their posting habits.
 
David H. Lipman - 01.07.2005 16:44 :
Recommendation:
Please add to the discussions and not just bother people about their posting habits.
Click to expand...

ok, David, but is common "overquoting" (perhaps 80% of the postings!)
really a good idea? There are good reasons that in NG-rules, NG-FAQs,
How-Tos etc. especially newbies are suggested for a better quoting
behavior. One can see in some extreme threads, where posts/repots with
unlimited, cumulated quotings unnecessarely more and more grow up to
real confusing, unreadable, bandwidth-wasting thread-monsters.

Nice weekend to you.
 
From: "Peter Seiler" <[email protected]>

| David H. Lipman - 01.07.2005 16:44 :
||
| ok, David, but is common "overquoting" (perhaps 80% of the postings!)
| really a good idea? There are good reasons that in NG-rules, NG-FAQs,
| How-Tos etc. especially newbies are suggested for a better quoting
| behavior. One can see in some extreme threads, where posts/repots with
| unlimited, cumulated quotings unnecessarely more and more grow up to
| real confusing, unreadable, bandwidth-wasting thread-monsters.
|
| Nice weekend to you.
|
| --
| by(e) PS
|
| spam will be killed
|

Peter:

maybe it is or maybe it isn't. However, your posts in *many* News Groups are mostly these
type of comments.

I can see if you added to the discussion of a given thread and made the additional comment
of the post habit. However, just posting a comment on the posting habit w/o added to the
discussion thread becioames tiresome.

Just my 2 cents. { however, one is a 1909 VDB ;-) }

Thanx for your weekend wishes it is the 4th of July holiday weekend which represents the
birth of the US and the ratification of the Declaration of Independence.

My wishes to you and yours for a phun and safe weekend Peter.
 
Back
Top