help

  • Thread starter Thread starter randy
  • Start date Start date
R

randy

everytime i use ie 6.0 my fire-wall says c:\program
files\common files\wintools is trying to access the
internet is this real ie 6.0 software or is it a trogen
or something if anybody has info on the problem please
email me @ the above addy its really bugging me & i
havent ever seen this ?? the file name is WTOOLSA.file
ver. is
 
WTOOLSA is malware. Here is a post by Glen Ventura.

Try "YellowHammer's" procedure here:
http://computercops.info/modules.php?name=Forums&file=viewtopic&p=172295

Over-simplified version -
Restart in Safe Mode:
-Start the computer and hold down the CTRL key till the Windows 98 Startup
menu (boot menu) appears.
-Use the arrow keys to select "Safe Mode" and press Enter.

Then find and delete the Wintools folder in Windows Explorer, run HijackThis
in Safe Mode, and use it to remove these entries, if found:

C:\Program Files\Common files\WinTools\WToolsA.exe
C:\Program Files\Common files\WinTools\WToolsS.exe
C:\Program Files\Common files\WinTools\WSup.exe

R3 - URLSearchHook: (no name) -
{87766247-311C-43B4-8499-3D5FEC94A183} -C:\PROGRA~1\COMMON~1\WinTools\WTools
B.dll
O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} -
C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll
O4 - HKLM\..\Run: [WinTools] C:\Program Files\Common
Files\WinTools\WToolsA.exe

Here is my standard response on how to download and use Hijack This:

Download, unzip, and run Hijack This from one of these locations:
http://computercops.biz/downloads-cat-14.html
http://www.majorgeeks.com/downloads31.html
http://www.spywareinfo.com/downloads/tools/HijackThis.exe
Unzip to a folder other than your Desktop or the Temp folder, doubleclick
HijackThis.exe, and hit "Scan".

When the scan is finished, the "Scan" button will change into a "Save Log"
button.
Press that, save the log somewhere you can find it (Desktop, My Documents,
or similar).
Most of what it lists will be harmless or even required, so do NOT fix
anything yet.

Copy the log files and paste them into a new post at one of these forums:
http://forums.net-integration.net/
http://computercops.biz/forums.html
http://forums.spywareinfo.com/index.php?showforum=30
http://tomcoyote.org/forums/
http://www.lavasoftsupport.com
http://boards.cexx.org/

The folks there will tell you what to remove.

A tutorial for using Hijack This is located here:
http://tomcoyote.com/hjt/
and an in-depth tutorial is here:
http://aumha.org/a/hjttutor.htm
 
Back
Top