I have run spybot & still am getting wtoolsa error box &
can't get rid of it. Heeeellllppp......

Do a search of this NG for 'wtoolsa' (or just look through the
posts)..............you will find that this has been addressed. I imagine
Mike is wearing out his 'copy and paste' buttons.
Heirloom, old and oh heck, here, I did it for
you.........

Dale,

Did you read any of the many replies that have been posted to those with
this
problem?

wtoolsa.exe is malware and appears to be a new member of the IBIS Toolbar
family
(http://www.pestpatrol.com/PestInfo/i/ibis_toolbar.asp) or even a variant of
the CoolWebSearch parasite. It certainly doesn't form a part of the Win Me
operating system. One install mechanism it uses is if you choose to install
the toolbar from xxx.websearch.com

Boot to Safe Mode, open MSConfig (Start, Run, enter MSConfig in the box and
click OK), open the Startup tab and uncheck the entry being used to launch
wstoolsa.exe, possibly labelled something like WinTools as well as any
entries
referring to wtoolsb.dll, wsup.exe and tb_setup.exe.

Browse to and delete the contents of your C:\Windows\Temp folder and also
clear you Temporary Internet Files (Internet Options | General | Delete
Files
and ensure that you check the box "Delete all offline content", then click
OK
and Apply.

Now check Add/Remove Programs and uninstall any entry for WinTools.

You should also delete the entire Wintools folder which is probably
located as a sub-folder in C:\Program Files\Common Files or alternatively in
C:\Windows\System. Check for and delete all copies of wtoolsa.exe,
wtoolsb.dll, wsup.exe and tb_setup.exe.

Now reboot back into Normal Mode and check your system for commercial
parasites.

This might be a good time to download yourself a copy
of the free Ad-Aware 6.0 from Lavasoft
(http://www.lavasoftusa.com/software/adaware/) and also SpyBot
(http://www.safer-networking.org/) and scan your system for and remove all
unwanted parasites, adware and spyware that might be hiding on your PC.

I would suggest you download and run merijn's CWShredder which targets the
CoolWebSearch parasite. CWShredder can be downloaded from
(http://www.zerosrealm.com/downloads/CWShredder.zip or
http://www.spywareinfo.com/~merijn/files/cwshredder.zip). Details of the
many
forms of the CoolWebSearch hijacker can be found at
http://www.spywareinfo.com/~merijn/cwschronicles.html and also
http://www.pestpatrol.com/pestinfo/c/cws.asp.

If you continue to have problems download a copy of HijackThis from
http://www.spywareinfo.com/~merijn/downloads.html). Create a folder called
hijackthis on C: and copy the file you downloaded to that folder. Close as
many applications as you can including all instances of Internet Explorer
and
then run hijackthis.exe and post back the log, provided that it isn't too
long, to this thread, otherwise to the HijackThis Forum at
http://www.spywareinfo.com/forums/ and hopefully this will enable someone to
identify the cause of your problem.

Possible entries in the HiJackThis log to remove include:
O4 - HKLM\..\Run: [WinTools] C:\Program Files\Common
files\WinTools\WToolsA.exe
O4 - HKLM\..\RunServices: [WinTools] C:\Program Files\Common
files\WinTools\WToolsA.exe

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Fun Web Products
Installer
Start) - http://imgfarm.com/images/nocache/funwe....0.0.5.cab
--?
Mike Maltby MS-MVP


> wrote in message
...
> I have run spybot & still am getting wtoolsa error box &
> can't get rid of it. Heeeellllppp......

>-----Original Message-----
>I have run spybot & still am getting wtoolsa error box &
>can't get rid of it. Heeeellllppp......
>.
>I had the same problem. Downloaded/installed/ran Ad-
Aware product by Lavosoft. Error box is gone.
Good Luck

Ray wrote:

>>-----Original Message-----
>>I have run spybot & still am getting wtoolsa error box &
>>can't get rid of it. Heeeellllppp......
>>.
>>I had the same problem. Downloaded/installed/ran Ad-
>
> Aware product by Lavosoft. Error box is gone.
> Good Luck

Allright so Ad-Aware's latest update takes care of it ? Fantastic


Rick