stlbdist.DLL stlbdist.dll

stlbdist.DLL stlbdist.dll -- An application tries to load
this .dll every time I reboot my system. In researching
this online I find that it is an adware browseraid. Why
doesn't MicoSoft's Anti Spyware detect and clean this,
and how do I remove it?

DETAILS BELOW FROM kephyr.com:

Filename Startup entry
stlbdist.dll
stlbdist.dll is part of the BrowserAid Internet Explorer
software toolbars.

stlbdist.dll is located in "C:\WINDOWS\SYSTEM\" on
Windows 95/98/ME, "C:\WINNT\SYSTEM32\" on Windows NT/2000
and "C:\WINDOWS\SYSTEM32\" on Windows XP.

Restart in safe mode and run a full system scan, on the scan page choose
scan options > Full system scan.

--

Andre
http://spaces.msn.com/members/adacosta
FAQ for MS AntiSpy http://www.geocities.com/marfer_mvp/FAQ_MSantispy.htm

"DLestina" <anonymous@discussions.microsoft.com> wrote in message
news:2b2e01c52041$e2149550$a501280a@phx.gbl...
> stlbdist.DLL stlbdist.dll -- An application tries to load
> this .dll every time I reboot my system. In researching
> this online I find that it is an adware browseraid. Why
> doesn't MicoSoft's Anti Spyware detect and clean this,
> and how do I remove it?
>
> DETAILS BELOW FROM kephyr.com:
>
> Filename Startup entry
> stlbdist.dll
> stlbdist.dll is part of the BrowserAid Internet Explorer
> software toolbars.
>
> stlbdist.dll is located in "C:\WINDOWS\SYSTEM\" on
> Windows 95/98/ME, "C:\WINNT\SYSTEM32\" on Windows NT/2000
> and "C:\WINDOWS\SYSTEM32\" on Windows XP.
>
>

You may not need to do this manually take andre's advise
and go for a scan in safe mode but if you still have
problems take the files out yourself

this File comes from Cash Toolbar's Company
(browseraid.com),Most seemed to be stealth installed
(letssearch.com) will install a variant if your IE
security settings are not set high enough

There's many Variants coming from this company but if its
just the StlbDist file then its a Simple toolbar but does
have a search & homepage hijacking function.


First check for these :

Open the Control Panel's 'Add/Remove Programs' function.
Check and remove any entries called
'BrowserAid'
'CashToolbar'
'Web Toolbar'
'BrowserPal'

Theres loads of variants and possible entries but i will
just list the values for stlbdist for now,unless you find
the above names in add/remove then i can give you them
also.


Open the registry (click 'Start', choose 'Run' and
enter 'regedit'), and find the key

If you havent used regedit before then just take your
time First go to HKEY_LOCAL_MACHINE click the plus(+)
next to it then find SOFTWARE and click the plus + next
to it Then to Microsoft and the + and so on untill you
get to the Run Folder then in the right pane check for
this entry


HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersi
on\Run. Delete the '{2CF0B992-5EEB-4143-99C0-
5297EF71F444}' entry.

Open a DOS command prompt window (from Start->Programs-
>Accessories) and enter:

First copy and paste this first line into the command
prompt

cd "%WinDir%\System"

Then press enter and then copy and paste this second line
in.

regsvr32 /u stlbdist.dll


Restart the machine and then delete the files
stlbdist.dll and stlbdist.xml in the System folder

(which is inside the Windows folder, and
called 'System32' under Windows NT, 2000 and XP).


That will be gone then

While im posting on this i wanted to add this about this
company and the tactics they are using to trick users.

Note*** This is a bogus warning sent to users to visit a
site to get Microsoft Patches ***

WINDOWS SECURITY WARNING!!

A VIRUS HAS BEEN DETECTED ON YOUR COMPUTER. IN ORDER FOR
YOUR COMPUTER NOT
TO CRASH YOU WILL NEED TO GO TO:

HTTP://WWW.WINDOWSUPDATENOW.COM

AND IT WILL AUTOMATICALLY UPDATE YOUR COMPUTERS SECURITY
PATCHES.

SIMPLY TYPE IN HTTP://WWW.WINDOWSUPDATENOW.COM INTO YOUR
BROWSER.
OTHERWISE
YOU WILL KEEP RECEIVING THIS SECURITY ALERT EMAIL EVERY
DAY.


And they got sued by microsoft for this scam

Daniel Khoshnood from California, ran a pair of spam
campaigns to coax consumers into running a toolbarwhich
claimed to automatically download Microsoft's latest
security patches from a site
called "Windowsupdatenow.com".

In reality, the toolbar loaded a utility called called
BrowserAid/QuickLaunch which bombarded users with random,
unrequested pop-up ads.

The scam came to light after MSN users complained about
the bogus emails. Redmond in turn sent its lawyers after
Khoshnood and two companies he ran (Pointcom and Joshua-
than Investments).

Shows the lengths these sites will go to to get on your
pc but Microsoft had the last laugh as they got awarded
$3.95m for violating the MS trademark rights )

Regards Andy

Thanks Andy... I tried the safe mode and full scan and
found 1 more spyware app, but still get the .dll error...
This one is a nasty booger. I'll follow your advise now
and see how works out.

Regards,

Dan


>-----Original Message-----
>You may not need to do this manually take andre's advise
>and go for a scan in safe mode but if you still have
>problems take the files out yourself
>
>this File comes from Cash Toolbar's Company
>(browseraid.com),Most seemed to be stealth installed
>(letssearch.com) will install a variant if your IE
>security settings are not set high enough
>
>There's many Variants coming from this company but if
its
>just the StlbDist file then its a Simple toolbar but
does
>have a search & homepage hijacking function.
>
>
>First check for these :
>
>Open the Control Panel's 'Add/Remove Programs' function.
>Check and remove any entries called
>'BrowserAid'
>'CashToolbar'
>'Web Toolbar'
>'BrowserPal'
>
>Theres loads of variants and possible entries but i will
>just list the values for stlbdist for now,unless you
find
>the above names in add/remove then i can give you them
>also.
>
>
>Open the registry (click 'Start', choose 'Run' and
>enter 'regedit'), and find the key
>
>If you havent used regedit before then just take your
>time First go to HKEY_LOCAL_MACHINE click the plus(+)
>next to it then find SOFTWARE and click the plus + next
>to it Then to Microsoft and the + and so on untill you
>get to the Run Folder then in the right pane check for
>this entry
>
>
>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVers
i
>on\Run. Delete the '{2CF0B992-5EEB-4143-99C0-
>5297EF71F444}' entry.
>
>Open a DOS command prompt window (from Start->Programs-
>>Accessories) and enter:
>
>First copy and paste this first line into the command
>prompt
>
>cd "%WinDir%\System"
>
>Then press enter and then copy and paste this second
line
>in.
>
>regsvr32 /u stlbdist.dll
>
>
>Restart the machine and then delete the files
>stlbdist.dll and stlbdist.xml in the System folder
>
>(which is inside the Windows folder, and
>called 'System32' under Windows NT, 2000 and XP).
>
>
>That will be gone then
>
>While im posting on this i wanted to add this about this
>company and the tactics they are using to trick users.
>
>Note*** This is a bogus warning sent to users to visit
a
>site to get Microsoft Patches ***
>
>WINDOWS SECURITY WARNING!!
>
>A VIRUS HAS BEEN DETECTED ON YOUR COMPUTER. IN ORDER FOR
>YOUR COMPUTER NOT
>TO CRASH YOU WILL NEED TO GO TO:
>
>HTTP://WWW.WINDOWSUPDATENOW.COM
>
>AND IT WILL AUTOMATICALLY UPDATE YOUR COMPUTERS SECURITY
>PATCHES.
>
>SIMPLY TYPE IN HTTP://WWW.WINDOWSUPDATENOW.COM INTO YOUR
>BROWSER.
>OTHERWISE
>YOU WILL KEEP RECEIVING THIS SECURITY ALERT EMAIL EVERY
>DAY.
>
>
>And they got sued by microsoft for this scam
>
>Daniel Khoshnood from California, ran a pair of spam
>campaigns to coax consumers into running a toolbarwhich
>claimed to automatically download Microsoft's latest
>security patches from a site
>called "Windowsupdatenow.com".
>
>In reality, the toolbar loaded a utility called called
>BrowserAid/QuickLaunch which bombarded users with
random,
>unrequested pop-up ads.
>
>The scam came to light after MSN users complained about
>the bogus emails. Redmond in turn sent its lawyers after
>Khoshnood and two companies he ran (Pointcom and Joshua-
>than Investments).
>
>Shows the lengths these sites will go to to get on your
>pc but Microsoft had the last laugh as they got awarded
>$3.95m for violating the MS trademark rights )
>
>Regards Andy
>.
>

ANDY YOU ROCK!!! Thank you soooooooo much! I had tried
everything I knew to do, but I didn't know this. I
REALLY appreciate your help with this. I'm sure you know
the feeling when you've been trying to tackle an issue
thats kicking your tail and finally the computer does
what it should (in my case, booting up without giving
that dumb error). This is my first time in a user group
and I appreciate you and the others that responded so
quickly.

You've made my day!

Thanks!

Dan


>-----Original Message-----
>You may not need to do this manually take andre's advise
>and go for a scan in safe mode but if you still have
>problems take the files out yourself
>
>this File comes from Cash Toolbar's Company
>(browseraid.com),Most seemed to be stealth installed
>(letssearch.com) will install a variant if your IE
>security settings are not set high enough
>
>There's many Variants coming from this company but if
its
>just the StlbDist file then its a Simple toolbar but
does
>have a search & homepage hijacking function.
>
>
>First check for these :
>
>Open the Control Panel's 'Add/Remove Programs' function.
>Check and remove any entries called
>'BrowserAid'
>'CashToolbar'
>'Web Toolbar'
>'BrowserPal'
>
>Theres loads of variants and possible entries but i will
>just list the values for stlbdist for now,unless you
find
>the above names in add/remove then i can give you them
>also.
>
>
>Open the registry (click 'Start', choose 'Run' and
>enter 'regedit'), and find the key
>
>If you havent used regedit before then just take your
>time First go to HKEY_LOCAL_MACHINE click the plus(+)
>next to it then find SOFTWARE and click the plus + next
>to it Then to Microsoft and the + and so on untill you
>get to the Run Folder then in the right pane check for
>this entry
>
>
>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVers
i
>on\Run. Delete the '{2CF0B992-5EEB-4143-99C0-
>5297EF71F444}' entry.
>
>Open a DOS command prompt window (from Start->Programs-
>>Accessories) and enter:
>
>First copy and paste this first line into the command
>prompt
>
>cd "%WinDir%\System"
>
>Then press enter and then copy and paste this second
line
>in.
>
>regsvr32 /u stlbdist.dll
>
>
>Restart the machine and then delete the files
>stlbdist.dll and stlbdist.xml in the System folder
>
>(which is inside the Windows folder, and
>called 'System32' under Windows NT, 2000 and XP).
>
>
>That will be gone then
>
>While im posting on this i wanted to add this about this
>company and the tactics they are using to trick users.
>
>Note*** This is a bogus warning sent to users to visit
a
>site to get Microsoft Patches ***
>
>WINDOWS SECURITY WARNING!!
>
>A VIRUS HAS BEEN DETECTED ON YOUR COMPUTER. IN ORDER FOR
>YOUR COMPUTER NOT
>TO CRASH YOU WILL NEED TO GO TO:
>
>HTTP://WWW.WINDOWSUPDATENOW.COM
>
>AND IT WILL AUTOMATICALLY UPDATE YOUR COMPUTERS SECURITY
>PATCHES.
>
>SIMPLY TYPE IN HTTP://WWW.WINDOWSUPDATENOW.COM INTO YOUR
>BROWSER.
>OTHERWISE
>YOU WILL KEEP RECEIVING THIS SECURITY ALERT EMAIL EVERY
>DAY.
>
>
>And they got sued by microsoft for this scam
>
>Daniel Khoshnood from California, ran a pair of spam
>campaigns to coax consumers into running a toolbarwhich
>claimed to automatically download Microsoft's latest
>security patches from a site
>called "Windowsupdatenow.com".
>
>In reality, the toolbar loaded a utility called called
>BrowserAid/QuickLaunch which bombarded users with
random,
>unrequested pop-up ads.
>
>The scam came to light after MSN users complained about
>the bogus emails. Redmond in turn sent its lawyers after
>Khoshnood and two companies he ran (Pointcom and Joshua-
>than Investments).
>
>Shows the lengths these sites will go to to get on your
>pc but Microsoft had the last laugh as they got awarded
>$3.95m for violating the MS trademark rights )
>
>Regards Andy
>.
>

No Problem Dan, its good to get one up on the scumware
for a change

Have a nice night

Andy

Wow, good one Andy, I posted your instructions on my blog about the removal,
if you don't mind?

--

Andre
http://spaces.msn.com/members/adacosta
FAQ for MS AntiSpy http://www.geocities.com/marfer_mvp/FAQ_MSantispy.htm

"AndyManchesta" <andyorange334@hotmail.com> wrote in message
news:2b7801c5204a$f9617670$a501280a@phx.gbl...
> You may not need to do this manually take andre's advise
> and go for a scan in safe mode but if you still have
> problems take the files out yourself
>
> this File comes from Cash Toolbar's Company
> (browseraid.com),Most seemed to be stealth installed
> (letssearch.com) will install a variant if your IE
> security settings are not set high enough
>
> There's many Variants coming from this company but if its
> just the StlbDist file then its a Simple toolbar but does
> have a search & homepage hijacking function.
>
>
> First check for these :
>
> Open the Control Panel's 'Add/Remove Programs' function.
> Check and remove any entries called
> 'BrowserAid'
> 'CashToolbar'
> 'Web Toolbar'
> 'BrowserPal'
>
> Theres loads of variants and possible entries but i will
> just list the values for stlbdist for now,unless you find
> the above names in add/remove then i can give you them
> also.
>
>
> Open the registry (click 'Start', choose 'Run' and
> enter 'regedit'), and find the key
>
> If you havent used regedit before then just take your
> time First go to HKEY_LOCAL_MACHINE click the plus(+)
> next to it then find SOFTWARE and click the plus + next
> to it Then to Microsoft and the + and so on untill you
> get to the Run Folder then in the right pane check for
> this entry
>
>
> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersi
> on\Run. Delete the '{2CF0B992-5EEB-4143-99C0-
> 5297EF71F444}' entry.
>
> Open a DOS command prompt window (from Start->Programs-
>>Accessories) and enter:
>
> First copy and paste this first line into the command
> prompt
>
> cd "%WinDir%\System"
>
> Then press enter and then copy and paste this second line
> in.
>
> regsvr32 /u stlbdist.dll
>
>
> Restart the machine and then delete the files
> stlbdist.dll and stlbdist.xml in the System folder
>
> (which is inside the Windows folder, and
> called 'System32' under Windows NT, 2000 and XP).
>
>
> That will be gone then
>
> While im posting on this i wanted to add this about this
> company and the tactics they are using to trick users.
>
> Note*** This is a bogus warning sent to users to visit a
> site to get Microsoft Patches ***
>
> WINDOWS SECURITY WARNING!!
>
> A VIRUS HAS BEEN DETECTED ON YOUR COMPUTER. IN ORDER FOR
> YOUR COMPUTER NOT
> TO CRASH YOU WILL NEED TO GO TO:
>
> HTTP://WWW.WINDOWSUPDATENOW.COM
>
> AND IT WILL AUTOMATICALLY UPDATE YOUR COMPUTERS SECURITY
> PATCHES.
>
> SIMPLY TYPE IN HTTP://WWW.WINDOWSUPDATENOW.COM INTO YOUR
> BROWSER.
> OTHERWISE
> YOU WILL KEEP RECEIVING THIS SECURITY ALERT EMAIL EVERY
> DAY.
>
>
> And they got sued by microsoft for this scam
>
> Daniel Khoshnood from California, ran a pair of spam
> campaigns to coax consumers into running a toolbarwhich
> claimed to automatically download Microsoft's latest
> security patches from a site
> called "Windowsupdatenow.com".
>
> In reality, the toolbar loaded a utility called called
> BrowserAid/QuickLaunch which bombarded users with random,
> unrequested pop-up ads.
>
> The scam came to light after MSN users complained about
> the bogus emails. Redmond in turn sent its lawyers after
> Khoshnood and two companies he ran (Pointcom and Joshua-
> than Investments).
>
> Shows the lengths these sites will go to to get on your
> pc but Microsoft had the last laugh as they got awarded
> $3.95m for violating the MS trademark rights )
>
> Regards Andy

Sorry i just saw your reply I dont mind at all andre,Im
glad to be able to help out so feel free to repost my
comments anywhere

Regards Andy