alt net spyware

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hey guys, jus tried using spybot and ad-aware and they removed all of
my spyware except one.. altnet, it says its stored in memory and cant
be removed at the moment.. i was gonna go into the registry and try n
remove it but i think  its too risky. any suggestions?? thanks


Re: alt net spyware

this jewel:
Quoted text here. Click to load it

Try removing in safe-mode.

max
--
Playing Nice on Usenet:
http://oakroadsystems.com/genl/unice.htm#xpost
My Pages:
Virus Removal Instructions
http://home.neo.rr.com/manna4u /
Keeping Windows Clean
http://home.neo.rr.com/manna4u/keepingclean.html
Windows Help and Tools
http://home.neo.rr.com/manna4u/tools.html
Change nomail.afraid.org to gmail.com to reply.
nomail.afraid.org is setup specifically for use in USENET
Feel free to use it yourself.



Re: alt net spyware

wrote:
Quoted text here. Click to load it

thanks but i tried it in safe mode as well and it didnt work still
said it was being used in memory,

ciaran


Re: alt net spyware



|
| thanks but i tried it in safe mode as well and it didnt work still
| said it was being used in memory,
|
| ciaran



If you are using any version of Sun Java that is prior to JRE Version 6.0,
then you are strongly urged to remove any/all versions.
There are numerous vulnerabilities in them and they are actively being exploited.

It is highly suggested that you update to the latest version which is Sun Java
JRE/JSE
Version 6.0

Simple check, look under...
C:\Program Files\Java

The only folder under that folder should be the latest version.

Such as...
C:\Program Files\Java\jre1.6.0

http://java.sun.com/javase/downloads/index.jsp
http://www.java.com/en/download/manual.jsp

FYI:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102557-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102622-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1



For non-viral malware...

Please download, install and update the following software...

* Ad-aware SE v1.06
  http://www.lavasoft.de /
  http://www.lavasoftusa.com /
  http://www.lavasoft.de/ms/index.htm

* SpyBot Search and Destroy v1.4
  http://security.kolla.de /
  http://www.safer-networking.org/microsoft.en.html

* SuperAntiSpyware
  http://www.superantispyware.com/superantispywarefreevspro.html

After the software is updated, I suggest scanning the system in Safe Mode.

I also suggest downloading, installing and updating BHODemon for any Browser
Helper Objects
that may be on the PC.

* BHODemon

http://www.majorgeeks.com/downloadget.php?id=3550&file=11&evp=245a87539eea8ed6904332b4b8b8442d

For viral malware...

* Download MULTI_AV.EXE from the URL --
  http://www.ik-cs.com/programs/virtools/Multi_AV.exe

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go
through your
FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal
Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the
PC.

You can choose to go to each menu item and just download the needed files or you
can
download the files and perform a scan in Normal Mode. Once you have downloaded
the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode
[F8 key
during boot] and re-run the menu again and choose which scanner you want to run
in Safe
Mode.  It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive
PDF help
file.  http://www.ik-cs.com/multi-av.htm

Additional Instructions:
http://pcdid.com/Multi_AV.htm


* * *   Please report back your results  * * *


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: alt net spyware


On Wed, 28 Feb 2007 22:28:29 GMT, "David H. Lipman"

Quoted text here. Click to load it

Version 5.0_10 just updated itself to 5.0_11 within the last couple of
weeks so it looks like it's being kept reasonably well up to date.
Finally, it looks like the auto update is working as it should.

I guess they're fixing vulnerabilities in both versions 5 & 6 as and
when they find them so it's not imperative to move to version 6


Jim.


Re: alt net spyware


Quoted text here. Click to load it

Thanks, Jim.....I tried Version 6.0 and didn't like it.  Reverted to
5.0_10 and as you say it updated itself.  I am quite happy with the
Version 5 series and will stay with that one.

Cheers.....Heather



Re: alt net spyware



|
| Version 5.0_10 just updated itself to 5.0_11 within the last couple of
| weeks so it looks like it's being kept reasonably well up to date.
| Finally, it looks like the auto update is working as it should.
|
| I guess they're fixing vulnerabilities in both versions 5 & 6 as and
| when they find them so it's not imperative to move to version 6
|
| Jim.

At v5 update 10 is most likely still on the PC and a well craft web page can now
exploit it.

V6 is lighter on resources and is totally rewritten and I am sure in a matter of
weeks a
vulnerability will be found in v5 update 11.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: alt net spyware


On Thu, 01 Mar 2007 21:49:25 GMT, "David H. Lipman"

Quoted text here. Click to load it

Yes, they seem to make a point of *not* removing earlier jre
installations in the readme and indeed 10 gets left in place when 11
gets installed. Following earlier advice here I removed 10 manually
when I installed 11 to be on the safe side.


Quoted text here. Click to load it


But going purely off the timeline, v6_0 has been out for quite some
time (since it last got a mention here) and v5_11 is the more up to
date of the two. That may well be because vulnerabilities keep
cropping up in v5 more often than v6 but it begs the question why did
the auto update install v5_11 and not v6_0 if it's lighter, better and
backwards compatible?


Jim.
 

Re: alt net spyware


|
| On Thu, 01 Mar 2007 21:49:25 GMT, "David H. Lipman"
|
Quoted text here. Click to load it
| Yes, they seem to make a point of *not* removing earlier jre
| installations in the readme and indeed 10 gets left in place when 11
| gets installed. Following earlier advice here I removed 10 manually
| when I installed 11 to be on the safe side.
|
Quoted text here. Click to load it
|
| But going purely off the timeline, v6_0 has been out for quite some
| time (since it last got a mention here) and v5_11 is the more up to
| date of the two. That may well be because vulnerabilities keep
| cropping up in v5 more often than v6 but it begs the question why did
| the auto update install v5_11 and not v6_0 if it's lighter, better and
| backwards compatible?
|
| Jim.
|

Jim:

You bring up good points which Sun has failed to answer.  All I can say is that
theya rea
all screwed up!

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: alt net spyware


On 28 Feb 2007 05:53:02 -0800, s00058515@itsligo.ie wrote:

Quoted text here. Click to load it

Remove it from memory first by closing the appropriate process(es)
with process explorer.
http://www.microsoft.com/technet/sysinternals/ProcessesAndThreads/ProcessExplorer.mspx

If it keeps restarting as soon as you close it down, use the kill
process tree option to zap any linked processes at the same time.



Jim.


Site Timeline