-
June 2nd, 2004, 12:47 PM
#1
wintoolsa.exe
anyone know what this is and what it does. It's running in the background on a one of the computers here.
Don't hate me because I'm a US citizen!
-
June 2nd, 2004, 01:18 PM
#2
Registered User
Probability factor of one to one...we have normality, I repeat we have normality. Anything you still can't cope with is therefore your own problem.
-
June 2nd, 2004, 01:19 PM
#3
Registered User
wintoolsa.exe is a parasite. Get rid of it!
Any decent spyware remover should get rid of it for you, but I'd personally recommend Spybot Search & Destroy
Mike
Last edited by NEPATEC; June 2nd, 2004 at 01:24 PM.
-
June 2nd, 2004, 01:22 PM
#4
Yeah thanks. I did some searching and eventually found that out. I did run spybot and it didn't find it. Adaware found and removed some of it but not all. I finally had to remove it manually.
http://www.pchell.com/support/wintools.shtml
Don't hate me because I'm a US citizen!
-
June 2nd, 2004, 02:51 PM
#5
Registered User
Originally Posted by Shard92
Yeah thanks. I did some searching and eventually found that out. I did run spybot and it didn't find it. Adaware found and removed some of it but not all. I finally had to remove it manually.
http://www.pchell.com/support/wintools.shtml
Lately, I have been using AdAware and Spybot, and despite the disclaimers, they do not seem to be bumping heads with each other. What one misses, the other seems to find. However, the latest detection rules update for Spybot 1.3 keeps giving me a bad checksum error when I try to download it.
-
June 2nd, 2004, 02:57 PM
#6
Registered User
Try downloading it from rootboxen.net rather than the european mirror
-
June 18th, 2004, 02:46 AM
#7
WinToolsA.exe
Just a word of thanks to everyone how posted about this #*&%(#& piece of spyware/virus/malware.
I just spent the last 4 hours digging this piece of #&#& out of my system, and I would not have been successful without the advice and links provided.
I cannot begin to tell you how angry I am at the little pus-bucket script kiddie who wrote this thing just to get his jollies.
Anyways, Thanks again for the help.
**********************************************
* I am way beyond pissed...I am all the way to thoughtful... *
**********************************************
-
June 18th, 2004, 03:57 AM
#8
Driver Terrier
Originally Posted by ringdangdoo3
Just a word of thanks to everyone how posted about this #*&%(#& piece of spyware/virus/malware.
I just spent the last 4 hours digging this piece of #&#& out of my system, and I would not have been successful without the advice and links provided.
I cannot begin to tell you how angry I am at the little pus-bucket script kiddie who wrote this thing just to get his jollies.
Anyways, Thanks again for the help.
**********************************************
* I am way beyond pissed...I am all the way to thoughtful... *
**********************************************
ringdangdoo3 Welcome to Windrivers
Please don't surpress your feelings it makes it hard to understand the posts
Only 4 hours? you got off lightly Money making on the net at any cost I am afraid..
Never, ever approach a computer saying or even thinking "I will just do this quickly."
-
June 18th, 2004, 08:17 AM
#9
I'll try to express my true feelings more in the future =)
well, it helps being a real-world application programmer who has to dig into the registry constantly =). That was how I knew something was up. when I first noticed my box wasn't behaving as it should, the first thing I did was open RegEdit, and checked out HKLM\Software\Microsoft\Windows\CurrentVersion\Run (there should be a speed-dial for that key =), and since I know what should be in that key, the moment I saw 3 strange entries, I knew my system was hosed.
For any other poor soul who is trying to remove this virus (and yes, do NOT delude yourself, it is a VIRUS, even if it isn't self-propagating, and even if the wonderful people at Symantec, McAfee, et al, don't have the slightest clue what you are talking about when you ask them what the hell "WinToolsA.exe" is), here is a list of the programs that helped me wash this piece of filth from my system:
Spybot - search and destroy
HijackThis
and most importantly
BCWipe
I highly recommend BCWipe, which is a low-level disk wiping program. Instead of using good old Winders Delete command (which does anything but), I used BCWipe to wipe the offending files with zeros and ones on the spot. This way I didn't have to futz with emptying the Recycle Bin and all that garbage. Also, BCWipe can wipe special files like the Swap file, the Recycle Bins, Temp Internet files (including that pesky index.dat file =). Sorry if I sound like an Infomercial, but if you are serious about getting crap like this off you system, you need to have this kind of utility.
One last word of encouragement if you are reading this while suffering from a WinToolsA or similar infection: You can do it. Be Brave, and dig into the Registry! These cockroaches are COUNTING on you to be too afraid of disturbing their haven there. Don't let them win. Good luck!
-
July 28th, 2004, 11:03 AM
#10
wintoolsa.exe
Originally Posted by ringdangdoo3
I'll try to express my true feelings more in the future =)
well, it helps being a real-world application programmer who has to dig into the registry constantly =). That was how I knew something was up. when I first noticed my box wasn't behaving as it should, the first thing I did was open RegEdit, and checked out HKLM\Software\Microsoft\Windows\CurrentVersion\Run (there should be a speed-dial for that key =), and since I know what should be in that key, the moment I saw 3 strange entries, I knew my system was hosed.
For any other poor soul who is trying to remove this virus (and yes, do NOT delude yourself, it is a VIRUS, even if it isn't self-propagating, and even if the wonderful people at Symantec, McAfee, et al, don't have the slightest clue what you are talking about when you ask them what the hell "WinToolsA.exe" is), here is a list of the programs that helped me wash this piece of filth from my system:
Spybot - search and destroy
HijackThis
and most importantly
BCWipe
I highly recommend BCWipe, which is a low-level disk wiping program. Instead of using good old Winders Delete command (which does anything but), I used BCWipe to wipe the offending files with zeros and ones on the spot. This way I didn't have to futz with emptying the Recycle Bin and all that garbage. Also, BCWipe can wipe special files like the Swap file, the Recycle Bins, Temp Internet files (including that pesky index.dat file =). Sorry if I sound like an Infomercial, but if you are serious about getting crap like this off you system, you need to have this kind of utility.
One last word of encouragement if you are reading this while suffering from a WinToolsA or similar infection: You can do it. Be Brave, and dig into the Registry! These cockroaches are COUNTING on you to be too afraid of disturbing their haven there. Don't let them win. Good luck!
I am pleased to see that oyu have successfully dealt with this real pain in the ***, I wonder if you could offer some advise on the registry. I am an experienced PC user but have not fiddled with tehregistry much and want to sort out this sucker. I am going to run the other apps you recommended.
(p.s. I have wintoolsS.exe running as well is this bad too?).
Kind regards
Paul
-
July 28th, 2004, 11:23 AM
#11
Registered User
Originally Posted by paul_martin71
I am pleased to see that oyu have successfully dealt with this real pain in the ***, I wonder if you could offer some advise on the registry. I am an experienced PC user but have not fiddled with tehregistry much and want to sort out this sucker. I am going to run the other apps you recommended.
(p.s. I have wintoolsS.exe running as well is this bad too?).
Kind regards
Paul
Yup that's probably bad too. You might want to make your own thread to help expedite your fix.
I highly advise installing Mozilla Firefox as your Innernet Browser once you get the machine fixed. It's good for taking the frustration out of surfing the innernet.
-
July 29th, 2004, 08:06 AM
#12
Driver Terrier
Originally Posted by paul_martin71
I am pleased to see that oyu have successfully dealt with this real pain in the ***, I wonder if you could offer some advise on the registry. I am an experienced PC user but have not fiddled with tehregistry much and want to sort out this sucker. I am going to run the other apps you recommended.
(p.s. I have wintoolsS.exe running as well is this bad too?).
Kind regards
Paul
Anything wintools is bad!!
Registry is pretty simple - and just as simple to screwup royally.
First thing you do when opening regedit is file export and export the entire reg to the c: drive so you can get at it easily.
The next thing to know about is edit find.... much easier than wading through all those keys!
If you find something you don't want in the registry - export just that key and then delete it. If something goes wrong you can merge it back by double clicking the exported file.
here is the mskb description of the registy
Let us know if you have more questions.
Never, ever approach a computer saying or even thinking "I will just do this quickly."
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Bookmarks