Andrew
Altnet [RESOLVED]
Started by
AndrewB
, Jul 14 2005 12:38 PM
-
This topic is locked
#16
Posted 22 July 2005 - 02:00 AM
AndrewB
- Topic Starter
-
- Member
-
- 13 posts
Member
Andrew
#17
Posted 22 July 2005 - 01:56 PM
AndrewB
- Topic Starter
-
- Member
-
- 13 posts
Member
Hello again, back from a long day out and about.
Here we go again.
Only found:
acrsec.fon
acrsecI.fon
acrsecB.fon and deleted.
In Registry:
Entered and changed permissions in:
[HKEY_LOCAL_MACHINE\\Software\\Altnet]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Altnet\\Dashboard]
But nothing else other than in:
[HKEY_USERS\S-1-5-21-1872151285-55732034-263556365-1006\Software\Microsoft\\SearchAssistant\ACMru\5603]
I found an entry:
006 REG_SZ Altnet not \"000\"=\"altnet\"
Before I do anything else should I delete this?
Also when in Registry changing permissions I'm not sure that permissions changed as they should've
In the Alnet Folder I have FULL CONTROL <Not inherited> This key and Subkeys
In Dashboard I have: FULL CONTROL MACHINE\SOFTWARE\Altnet This Key and subkeys
What do you think??
Here we go again.
Only found:
acrsec.fon
acrsecI.fon
acrsecB.fon and deleted.
In Registry:
Entered and changed permissions in:
[HKEY_LOCAL_MACHINE\\Software\\Altnet]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Altnet\\Dashboard]
But nothing else other than in:
[HKEY_USERS\S-1-5-21-1872151285-55732034-263556365-1006\Software\Microsoft\\SearchAssistant\ACMru\5603]
I found an entry:
006 REG_SZ Altnet not \"000\"=\"altnet\"
Before I do anything else should I delete this?
Also when in Registry changing permissions I'm not sure that permissions changed as they should've
In the Alnet Folder I have FULL CONTROL <Not inherited> This key and Subkeys
In Dashboard I have: FULL CONTROL MACHINE\SOFTWARE\Altnet This Key and subkeys
What do you think??
#18
Posted 22 July 2005 - 02:29 PM
AndrewB
- Topic Starter
-
- Member
-
- 13 posts
Member
Just noticed that in:
[HKEY_USERS\S-1-5-21-1872151285-55732034-263556365-1006\Software\Microsoft\\SearchAssistant\ACMru\5603] not only is there
006 REG_SZ Altnet
but:
Default REG_SZ (Value not set)
000 REG_SZ sysdat32a.sys
001 REG_SZ symdat32m.sys
002 REG_SZ acrsecB.fon
003 REG_SZ acrsecI.fon
004 REG_SZ acrsec.fon
005 REG_SZ fonts
007 REG_SZ restore
008 REG_SZ req.dll
Is there anything that needs to be done to these as well the 006?? Or should they be left alone??
Andrew
[HKEY_USERS\S-1-5-21-1872151285-55732034-263556365-1006\Software\Microsoft\\SearchAssistant\ACMru\5603] not only is there
006 REG_SZ Altnet
but:
Default REG_SZ (Value not set)
000 REG_SZ sysdat32a.sys
001 REG_SZ symdat32m.sys
002 REG_SZ acrsecB.fon
003 REG_SZ acrsecI.fon
004 REG_SZ acrsec.fon
005 REG_SZ fonts
007 REG_SZ restore
008 REG_SZ req.dll
Is there anything that needs to be done to these as well the 006?? Or should they be left alone??
Andrew
#20
Guest_usetobe_*
Posted 22 July 2005 - 02:45 PM
Guest_usetobe_*
Guest_usetobe_*
-
- Guest
They all need to be deleted in registery. now permissions are changed they should go.
#21
Posted 22 July 2005 - 03:23 PM
AndrewB
- Topic Starter
-
- Member
-
- 13 posts
Member
Success at last!! Wow!!!!Altnet folder has successfully been deleted and Spybot and Ad-Aware scans both confirm this.
All there now are now are the remaining entries in the Registry as shown in the attached document DOC1.
Do I now have to delete these individually? And is it just the entry which includes the Altnet name such as the 006 or do the rest of the entries 000 to 007 have to be deleted as well.
What about the P2P folders with the Altnet Top Search Folder - does all that go that have to go or just from the Altnet Folder?
And REGEDIT Last Key entry does that go too?
Many thanks for your patience.
Are all Altnet problems so difficult to resolve?
#22
Guest_usetobe_*
Posted 22 July 2005 - 03:52 PM
Guest_usetobe_*
Guest_usetobe_*
-
- Guest
As you can see the problem is that there are so many different entries that this is a swine to remove.
The topsearch folder needs to go now. Enter Safe Mode in order to delete it with regedit. If you cannot delete it in regedit then let me know and we will have to manually delete each part of it. Also delete all the entries in Doc1 individually.
Let me know how you get on
The topsearch folder needs to go now. Enter Safe Mode in order to delete it with regedit. If you cannot delete it in regedit then let me know and we will have to manually delete each part of it. Also delete all the entries in Doc1 individually.
Let me know how you get on
#23
Posted 22 July 2005 - 04:48 PM
AndrewB
- Topic Starter
-
- Member
-
- 13 posts
Member
Hi, went into safe mode and then into the registry to find that all but one entry has gone and that includes all the P2P directory structure - A vertiable miracle!
The only remaining one is shown on the attached DOC1 now much shortened.
So finally, should all the entries shown in Folder 5063 be deleted ?
Default REG_SZ (Value not set)
000 REG_SZ sysdat32a.sys
001 REG_SZ symdat32m.sys
002 REG_SZ acrsecB.fon
003 REG_SZ acrsecI.fon
004 REG_SZ acrsec.fon
005 REG_SZ fonts
006 REG_SZ Altnet
007 REG_SZ restore
008 REG_SZ req.dll
and does that include the folder itself and what about 5064 and ACMru?
This is my first venture into the registry and very complicated it looks too! In fact where do you start and now where to stop?
Once again your help has been tremendous and my daughters are now banned from downloading Kazzaa!
The only remaining one is shown on the attached DOC1 now much shortened.
So finally, should all the entries shown in Folder 5063 be deleted ?
Default REG_SZ (Value not set)
000 REG_SZ sysdat32a.sys
001 REG_SZ symdat32m.sys
002 REG_SZ acrsecB.fon
003 REG_SZ acrsecI.fon
004 REG_SZ acrsec.fon
005 REG_SZ fonts
006 REG_SZ Altnet
007 REG_SZ restore
008 REG_SZ req.dll
and does that include the folder itself and what about 5064 and ACMru?
This is my first venture into the registry and very complicated it looks too! In fact where do you start and now where to stop?
Once again your help has been tremendous and my daughters are now banned from downloading Kazzaa!
Attached Files
-
Doc1.doc 88.5KB
7 downloads
#24
Guest_usetobe_*
Posted 22 July 2005 - 05:23 PM
Guest_usetobe_*
Guest_usetobe_*
-
- Guest
OK , we can stop worrying now, those relate to searches you have carried out on your pc and do not relate to altnet or topsearch, there are just a recording of what you have searched for.
From your log, I see nothing in the ways of trojans, nor any evil entities attempting to possess your computer, except for Windows but it's too late for that one.
Congratulations your log now appears to be clean.
Here are some tips, to reduce the potential for spyware infection in the future, I strongly recommend installing the following applications:
Detect and Remove Programs:
So how did I get infected in the first place? and AntiSpyware Net's spyware article: Spyware, Adware, Malware: What it is, how it got on my computer, how to get rid of it, and how to prevent it.
From your log, I see nothing in the ways of trojans, nor any evil entities attempting to possess your computer, except for Windows but it's too late for that one.
Congratulations your log now appears to be clean.
Here are some tips, to reduce the potential for spyware infection in the future, I strongly recommend installing the following applications:
Detect and Remove Programs:
- How to use Ad-Aware to remove Spyware <= If you suspect that you have spyware installed on your computer, here are instructions on how to download, install and then use Ad-Aware.
- How to use Spybot to remove Spyware <= If you suspect that you have spyware installed on your computer, here are instructions on how to download, install and then use Spybot. Similar to Ad-Aware, I strongly recommend both to catch most spyware.
- Spywareblaster <= SpywareBlaster will prevent spyware from being installed.
- Spywareguard <= SpywareGuard offers realtime protection from spyware installation attempts.
- IE/Spyad <= IE/Spyad places over 4000 websites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites.
- MVPS Hosts file <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your coputer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer
- Google Toolbar <= Get the free google toolbar to help stop pop up windows.
- AntiVirus Program<= An AntiVirus program is a must! Whether it is a free version like AVG or Anti-Vir, or a shareware version like Norton or Kapersky, this is a must have.
- Firewall<= A firewall is definatley a must have. Two good free versions are Sygate and ZoneLabs.
- More Secure Browser<= Internet Explorer is not the most secure and best browser. There are safer and better alternatives available. I recommend Firefox, however Opera and SlimBrowsers are good as well.
So how did I get infected in the first place? and AntiSpyware Net's spyware article: Spyware, Adware, Malware: What it is, how it got on my computer, how to get rid of it, and how to prevent it.
#25
Guest_usetobe_*
Posted 23 July 2005 - 02:36 PM
Guest_usetobe_*
Guest_usetobe_*
-
- Guest
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. 
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
