When I click on a Contact Us link on any webpage  that links me to the
websites email address, instead of it launching Outlook Express and
getting the address line with the intended web sites email address, my
computer launches IE browsers infinitely until it can't anymore,
usually about 60 to 80 of them.  So I have to do a group close to
close all of them.

Its terrible because I can't email any website for info...

---

Request for Question Clarification by pafalafa-ga on 21 Nov 2005 06:59 PST

reeden-ga,


Under the IE "Tools" menu, select "Internet Options" from the
pull-down menu, and then select "Programs".  Check to see if Outlook
Express is listed as your default email program.  If not, select it.

Let me know what you find as you go through this process.

pafalafa-ga

---

Clarification of Question by reeden-ga on 21 Nov 2005 09:33 PST

Its not that simple.  I am familiar with IE and Outlook Express is
listed as the default email program.  At first I thought it was a
WINTOOLS problem since WINTOOLS is a malicious program that gathers
data (the PC had WINTOOLS before, it was cleaned).  Unfortunately, the
only bug remaining is that one; if i click on any email address within
a website it launches exactly 64 IE browsers!  Crazy isn't it?

http://www.pchell.com/support/wintools.shtml

What is WinTools?

WinTools appears to be a variant of Huntbar. It is very persistent and
extremely difficult to remove. It creates its own folder under Program
Files/Common Files called WinTools. All of its files appear to be
contained within this folder.

How do I Remove WinTools? 

Although there are many different methods across the web to remove
this parasite, here is the most reliable way of doing this.

1) While online, download the popular HiJackThis program for
Spywareinfo.com. You may want to read through the HiJackThis tutorial
as well.

2) Reboot your computer into Safe Mode, you may want to also Turn off
System Restore in Windows XP/ME as well to remove any backups of the
files you are about to delete.

3) Remove the Startup Entries in the Registry

Click on Start, Run, Type REGEDIT and Click OK

Click the pluses(+) next to the following items
HKEY_LOCAL_MACHINE 
Software 
Microsoft 
Windows 
CurrentVersion 
Run

Right-Click on the file WinTools and click DELETE

Click the pluses(+) next to the following items
HKEY_LOCAL_MACHINE 
Software 
Microsoft 
Windows 
CurrentVersion 
RunServices

Right-Click on the file WinTools and click DELETE

Close REGEDIT 
3) Run HiJackThis (while in Safe Mode) and Delete any entries relating
to WinTools including

O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183}-
C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll
O2 - BHO: (no name) - {63B78BC1-A711-4D46-AD2F-C581AC420D41} -
C:\PROGRA~1\COMMON~1\WINTOOLS\BTIEIN.DLL

Although the following entries should have been deleted in Step 2,
delete these entries if they still exist.

O4 - HKLM\..\Run: [WinTools] C:\Program Files\Common files\WinTools\WToolsA.exe
O4 - HKLM\..\RunServices: [WinTools] C:\Program Files\Common
files\WinTools\WToolsA.exe
O4 - HKLM\..\Run: [WinTools] C:\Program Files\Common files\WinTools\WToolsS.exe
O4 - HKLM\..\RunServices: [WinTools] C:\Program Files\Common
files\WinTools\WToolsS.exe
O4 - HKLM\..\Run: [WinTools] C:\Program Files\Common files\WinTools\WSup.exe
O4 - HKLM\..\RunServices: [WinTools] C:\Program Files\Common
files\WinTools\WSup.exe

3) Delete the WinTools folder and all associated files

Open My Computer, Drive C, Program Files, Common Files 
Right-click on the WinTools folder (if it exists) and Delete it 

4) You should also delete or clean up your hosts file 

Windows 95/98/Me c:\windows\hosts 
Windows NT/2000/XP Pro  c:\winnt\system32\drivers\etc\hosts 
Windows XP Home c:\windows\system32\drivers\etc\hosts 


5) Reboot the computer in Normal Mode and run HiJackThis again to test
(Wintools should be gone)