DCSportbikes.net  
» Help Support .NET!
DCSportbikes Premier Membership for 25$ per year. Discounts! Click here for full information.

Now available in the .NET Shop:



Get your DCSBN Gear!
» Shoutbox
Sorry, only registered users have the ability to use our real-time shoutbox to chat with other members.

Register now, it's free!
» Online Users: 613
1 members and 612 guests
tonetone
Most users ever online was 4,519, September 2, 2015 at 03:26 AM.
Go Back   DCSportbikes.net > Non-Sportbike Forums > Non-Sportbike Chat

Reply
LinkBack Thread Tools
IT Help Needed- tuvtstq.dll
Unread
  (#1)
Ballaugh Bridge
 
CrazyMotorcycleGuy's Avatar
 
Posts: 6,873
Join Date: September 29, 2002
Location: VA
IT Help Needed- tuvtstq.dll - December 13, 2007, 08:25 PM

I'm not having any success getting rid of this file because I don't know what the hell is using it, so I can't shut it down.

Apparently it causes IE to openly automatically to various sites.


'08 MARRC Expert Racer of the Year
2009 #3 Combined Overall Championship

  Send a message via AIM to  
Reply With Quote
Unread
  (#2)
It was me.
 
Widow Maker's Avatar
 
Posts: 4,255
Join Date: March 3, 2006
December 13, 2007, 08:31 PM

I hate that shit. It makes me not want to download anything. Ask Ghostryder.


Mohawk Ryderz Road Captain
www.MohawkRyderz.com

"We drop sukaz!"

-
http://1.bp.blogspot.com/_GwgOmlI0ht.../s400/byah.jpg
  Send a message via AIM to Send a message via AIM to Widow Maker  
Reply With Quote
Unread
  (#3)
Meh
 
Posts: 7,983
Join Date: October 1, 2002
December 13, 2007, 08:43 PM

get a MAC...end of story
  Send a message via AIM to  
Reply With Quote
Unread
  (#4)
Meh
 
Posts: 7,983
Join Date: October 1, 2002
December 13, 2007, 08:43 PM

stupid IE double post...point illustrated
  Send a message via AIM to  
Reply With Quote
Unread
  (#5)
singin sweet home alabama
 
DvlsAdvc8's Avatar
 
Posts: 4,174
Join Date: March 6, 2006
Location: Huntsville, AL
December 13, 2007, 09:01 PM

There are several trojans that do this, try online scan from: http://www.pandasoftware.com/activescan/ or http://housecall.trendmicro.com/

Do you have AV on this computer? Is it up to date?

Sometimes you can just do a system restore - if you have a system restore point available that is prior to infection. Not always, but occassionally.


"No race has ever been won in the first corner, but plenty have been lost there."

Last edited by DvlsAdvc8; December 13, 2007 at 09:07 PM..
  MySpace.com Page Send a message via AIM to Send a message via MSN to DvlsAdvc8  
Reply With Quote
Unread
  (#6)
GP Champ
 
Posts: 2,839
Join Date: November 12, 2002
Location: Woodbridge, VA
December 13, 2007, 09:02 PM

not too much shows up from a google search but a couple things popped up. May have something to do with Toolbar 888, more than likely spyware located under c\windows\system32\tuvtstq.dll

Have you tried to run spybot, windows defender, or something similar? Make sure it checks the registry as well.


Katie 135
  MySpace.com Page Send a message via AIM to Send a message via AIM to Brooks  
Reply With Quote
Unread
  (#7)
whoa preppy......
 
Scot's Avatar
 
Posts: 7,072
Join Date: May 19, 2005
Location: Fredericksburg, Va
December 13, 2007, 09:35 PM

may sounds silly but have you tried to remove it in safe mode?


2018 XSR700
2013 Moto Guzzi V7 Racer
2019 Honda Monkey
2019 Z900 ABS
2019 Janus Halcyon
  MySpace.com Page Send a message via AIM to  
Reply With Quote
Unread
  (#8)
Ballaugh Bridge
 
CrazyMotorcycleGuy's Avatar
 
Posts: 6,873
Join Date: September 29, 2002
Location: VA
December 13, 2007, 09:42 PM

I'm running AVG for AV, updated today and it's caught a bunch of stuff.

It started with some spyguardpro.com window popped up and stuff started downloading. I killed my wireless card asap.

tuvtstq.dll is in C:\WINDOWS\system32\ That's where some other crap had been. The date and time is within a few minutes of what the other files had. Those were in various folders within the Temp folder.

Some other files that I think are related are core.sys and core.cache.dsk in C:\WINDOWS\system32\drivers. They have create/mod times around the same time too.

I can't delete any of these.


I've looked up "spyguardpro.com popup" with Google and found some similiar cases but nothing about tuvtstq.dll


'08 MARRC Expert Racer of the Year
2009 #3 Combined Overall Championship

  Send a message via AIM to  
Reply With Quote
Unread
  (#9)
NOM NOM NOM
 
Dragon's Avatar
 
Posts: 1,209
Join Date: June 17, 2006
December 13, 2007, 09:47 PM

simple...format it
  Send a message via AIM to  
Reply With Quote
Unread
  (#10)
Go Team Venture!!!
 
Jedi's Avatar
 
Posts: 1,326
Join Date: April 23, 2004
Location: Round Hill
December 13, 2007, 09:56 PM

Backup your registry:
  • Start
  • Run
  • Type the following to the box and hit Ok: regedit
  • A window opens, click on File
  • Choose Export form the menu
  • Change the save location to C:\
  • Give the filename, RegBackUp
  • Make sure that the filetype is set to Registryfiles (*.reg)
  • Click on Save and Close the window

Open Notepad (NOT WORDPAD!) and copy the following lines from the quote box below into a new document, leaving a blank line at the end. (don't forget to copy and paste the word REGEDIT4) :

Quote:
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{71B45E0D-2FD2-4EA6-91FD-A0AFEB696BD0}"=-


Make sure there are NO blank lines before REGEDIT4
Make sure there IS one blank line at the end of the file.

Save the document to your desktop as Fix.reg and filetype: All Files
Go to your desktop and double click on the file to run Fix.reg and when it asks you if you want to merge the contents to the registry, click yes/ok.

Restart your computer to the safe mode:
  • Restart your computer
  • Start tapping the F8 key when the computer restarts.
  • When the start menu opens, choose Safe mode
  • Press Enter. The computer then begins to start in Safe mode.
Go to the My Computer and delete the following files (if present):
C:\WINDOWS\system32\ddaya.dll
C:\WINDOWS\system32\ssqrs.dll
C:\WINDOWS\system32\wvuvsqq.dll
C:\WINDOWS\system32\sttss.bak2
C:\WINDOWS\system32\sttss.bak1
C:\WINDOWS\system32\tuvtstq.dll

Go to the My Computer and delete the following folders (if present):
C:\WINDOWS\iofo
C:\Program Files\VSAdd-in
Restart normally. Let me know how things are running.


"Whore Force One" pilot
The Whitest of White Boys
Not 40 yet!
The Force is strong in this one
  Send a message via AIM to Send a message via Yahoo to Jedi Send a message via AIM to Jedi Send a message via MSN to Jedi  
Reply With Quote
Unread
  (#11)
Now with a TBSP of love
 
Spiritnblk's Avatar
 
Posts: 2,990
Join Date: June 16, 2007
Location: Manassas
December 13, 2007, 10:41 PM

Quote:
Originally Posted by Jedi
Backup your registry:
  • Start
  • Run
  • Type the following to the box and hit Ok: regedit
  • A window opens, click on File
  • Choose Export form the menu
  • Change the save location to C:\
  • Give the filename, RegBackUp
  • Make sure that the filetype is set to Registryfiles (*.reg)
  • Click on Save and Close the window
Open Notepad (NOT WORDPAD!) and copy the following lines from the quote box below into a new document, leaving a blank line at the end. (don't forget to copy and paste the word REGEDIT4) :

Quote:
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{71B45E0D-2FD2-4EA6-91FD-A0AFEB696BD0}"=-


Make sure there are NO blank lines before REGEDIT4
Make sure there IS one blank line at the end of the file.

Save the document to your desktop as Fix.reg and filetype: All Files
Go to your desktop and double click on the file to run Fix.reg and when it asks you if you want to merge the contents to the registry, click yes/ok.

Restart your computer to the safe mode:
  • Restart your computer
  • Start tapping the F8 key when the computer restarts.
  • When the start menu opens, choose Safe mode
  • Press Enter. The computer then begins to start in Safe mode.
Go to the My Computer and delete the following files (if present):
C:\WINDOWS\system32\ddaya.dll
C:\WINDOWS\system32\ssqrs.dll
C:\WINDOWS\system32\wvuvsqq.dll
C:\WINDOWS\system32\sttss.bak2
C:\WINDOWS\system32\sttss.bak1
C:\WINDOWS\system32\tuvtstq.dll

Go to the My Computer and delete the following folders (if present):
C:\WINDOWS\iofo
C:\Program Files\VSAdd-in
Restart normally. Let me know how things are running.
I was gonna say the exact same thing

/\ should work
  MySpace.com Page Send a message via AIM to Send a message via AIM to Spiritnblk  
Reply With Quote
Unread
  (#12)
Ballaugh Bridge
 
CrazyMotorcycleGuy's Avatar
 
Posts: 6,873
Join Date: September 29, 2002
Location: VA
December 14, 2007, 06:59 AM

None of the suggestions has worked. It still won't let me delete it.

tuvtstq.dll is still the only thing that seems to be the problem.

What happens is when I'm browsing in Firefox I'll click a link, like on this forum and IE will open. The same sites have opened several times.


'08 MARRC Expert Racer of the Year
2009 #3 Combined Overall Championship

  Send a message via AIM to  
Reply With Quote
Unread
  (#13)
Triple Secks
 
Abrasive's Avatar
 
Posts: 1,422
Join Date: June 7, 2007
Location: Arnold, MD
December 14, 2007, 07:39 AM

I had a similar issue a year or so ago on my wifes pc.

I *think* i used this:
http://www.free-codecs.com/guides/Ho...d_AX_files.htm

it looks very familiar, but i cant be 100% sure that is what i used due to time passed.

Good luck!


I believe i can see the future;
because everyday i repeat the
same routine.
  Send a message via AIM to  
Reply With Quote
Unread
  (#14)
Retired to most ...
 
JohnnySpeed1KRR's Avatar
 
Posts: 7,646
Join Date: May 17, 2005
Location: NoVa
December 14, 2007, 08:03 AM

You are going to have to manually go in and remove all it's components.

Run a search for the file or name ..... every single thing that shows up related to that file gets deleted one at a time. You just have to make sure you are killing files and file links to THAT program since most of what you are going to find will be in system32 files and you don't wanna be in there just deleting shit!!

Lemme know if you need some help doing it. I had to do the same thing for a couple of the computers here at FLC.


God Speed Jeff! You'll never be forgotten.

BOOSTZX3 : in all seriousness head injuries ain't no joke. I've had around 10 concussions and now I ride a Buell Don't let it happen to you!
  Send a message via AIM to Send a message via AIM to JohnnySpeed1KRR  
Reply With Quote
Unread
  (#15)
B
It goes to 11.
 
B's Avatar
 
Posts: 16,806
Join Date: November 8, 2004
Location: Moet Chandon on a Schlitz budget
December 14, 2007, 09:41 AM

remove IE...

What jedi posted is basically what you need to do, go in in safe mode and delete the dll, backing up your registry is a must.


SV650s for SALE!!!
- 2007 SV650 Racebike-Superbike KWS/Thermosman suspension/Swenz bodywork/All GSXR Parts
- 2009 SV650 Streetbike Race blue with white stripe/No wrecks/fully faired with M4 full system

Shoot me a PM or talk to Nate (Nudist) if you're interested in purchase.
  Send a message via AIM to Send a message via AIM to B  
Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Powered by vBadvanced CMPS v3.2.3


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2019, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0
vBulletin Skin developed by: vBStyles.com
All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest 2002-2010 by DCSportbikes.net. DCSportbikes.net is owned by End of Time Studios, LLC.