Hi Mate Its tricky if you have tried everything in safe
mode but will try help if i can.If you have service pack
2 installed first open a internet window and go to tools
the check the manage add ons page and check in there for
any suspicious entries,disable any you know you havent
intentionally installed.Then download both of these if
you dont already have them
CCleaner (removes unused and temporary files from your
system)
http://majorgeeks.com/downloadget.php?
id=4191&file=11&evp=a12d758b021af1a4f0a6bfe45b0c7a82
CWShredder (Unrelated to your problem but well worth
having)
http://cwshredder.net/bin/CWShredder.exe
Then reboot into safe mode and follow these advise tips
before doing anything else:
ALWAYS do these when trying to remove a bug.
First: Turn off Windows XP System Restore (Start,Right
click my computer,Properties,then system restore and
disable and apply)
Next: Show hidden files and folders. (Start,Search,Then
tools at the top bar,choose folder options then go to the
second page View,and tick show hidden files and folders)
Next: Delete Temp Internet files :
Open a internet browser window, click Tools then Internet
Options.
Click on the Delete Cookies and the Delete Files buttons,
then click OK and close the browser window.
Next: Close all open internet browser windows.
Next: Delete Windows Temporary Files - (start,run then
type %temp% delete all files you can in this folder
The Windows temporary directory (usually located at
C:\windows\temp).
This directory should not be confused with the Internet
Explorer "Temporary Internet Files Directory".
The Windows temporary directory stores temporary files
that are used during installation of programs and at
other various times.
Cleaning this directory regularly is generally a good
idea.
Start by scanning again with MS antispy,Adaware,Spybot
all in safe mode with the system restore off then reboot
and see if its gone if not then carry on with these:
Manual Removal
Follow these steps to remove TopSearch from your
machine. Begin by backing up your registry and your
system, and/or setting a Restore Point, to prevent
trouble if you make a mistake.
Stop Running Processes:
Kill these running processes with Task Manager:
points manager.exe
programfilesdir+\altnet\download manager\adm4005.exe
Go to start then Run and type in msconfig. Then select
the startup tab.
End These Processes if found
kazaa.exe
mmod.exe
pgmonitr.exe
topsearch.dll
adm.exe
Now reboot and go back to safe mode :
UnRegister DLLs
You can use the Regsvr32 tool (Regsvr32.exe) to register
and unregister object linking and embedding (OLE)
controls such as dynamic-link library (DLL) or ActiveX
Controls (OCX) files that are self-registerable.
RegSvr32.exe has the following command-line options:
Regsvr32 [/u] [/n] [/i[:cmdline]] dllname
/u - Unregister server<BR/>
/i - Call DllInstall passing it an optional [cmdline];
when used with /u calls dll uninstall
/n - do not call DllRegisterServer; this option must be
used with /i
When you use Regsvr32.exe, it attempts to load the
component and call its DLLSelfRegister function. If this
attempt is successful, Regsvr32.exe displays a dialog
indicating success. If the attempt is unsuccessful,
Regsvr32.exe returns an error message, which may include
a Win32 error code.
Example: To unregister Winshow's winshow.dll:
Click the Start button, and select Run
Enter this command line:
regsvr32 /u [systemroot]\winshow.dll (Only a example)
Unregister these .dlls then reboot
asmps.dll
programfilesdir+\altnet\points manager\sysdetect.dll
programfilesdir+\kazaa lite\topsearch.dll
programfilesdir+\kazaa\topsearch.dll
Clean Registry:
Most applications, including pests you want to remove,
will modify the registry in some way, adding their own
entries and changing some previous entries. Complete
removal of an application includes registry edits.
The registry can be edited with regedit(Start > Run >
type regedit )
Remove these registry items (if present) with RegEdit:
HKEY_CURRENT_USER\software\microsoft\internet
explorer\toolbar\webbrowser\{6ad2f325-2f86-473e-908f-
9d4d30698a62}
HKEY_LOCAL_MACHINE\software\microsoft\internet
explorer\toolbar\{6ad2f325-2f86-473e-908f-9d4d30698a62}
Remove Files:
Either search or use Windows explorer
Go to search > then tools at the top bar > then folder
options > go to the second page which is view then make
sure there is a tick next to 'show all files and folders'
Remove these files (if present) with Windows Explorer:
asmps.dll
peer points manager.lnk
points manager.exe
points manager.exe-33e92ffa.pf
programfilesdir+\altnet\download manager\adm4005.exe
programfilesdir+\altnet\points
manager\localpages\altnet.css
programfilesdir+\altnet\points
manager\localpages\local_firstuse.html
programfilesdir+\altnet\points
manager\localpages\local_points.html
programfilesdir+\altnet\points
manager\localpages\local_redeem.html
programfilesdir+\altnet\points
manager\localpages\local_start.html
programfilesdir+\altnet\points
manager\localpages\local_wallet.html
programfilesdir+\altnet\points manager\sysdetect.dll
programfilesdir+\kazaa lite\topsearch.dll
programfilesdir+\kazaa\topsearch.dll
Remove Directories:
Remove these directories (if present) with Windows
Explorer:
profilepath+\start menu\programs\altnet
programfilesdir+\altnet
programfilesdir+\altnet\points manager\localpages
programfilesdir+\altnet\points manager\skin
systemroot+\temp\altnet
Then finally run Ccleaner and follow the onscreen promts
to remove all unused files and temp files
Then switch system restore back on
You can also use Spyware Blaster to help prevent more
attacks it runs in the background and blocks blacklisted
sites in the same way the spybot Search & Destroys
Immunize part does
SpywareBlaster
http://majorgeeks.com/downloadget.php?
id=2859&file=11&evp=61b0e8ad41924a03c37615f4682b4cef
Regards
Andy
Regards Andy
