attune? malicious program?

Discussion in 'Windows Desktop Systems' started by wingman411, May 26, 2004.

  1. wingman411

    wingman411 OSNN Senior Addict

    Messages:
    297
    Location:
    North of Seattle
    Is Attune a spyware type program?
     
  2. tdinc

    tdinc █▄█ ▀█▄ █ Political User

    Messages:
    3,507
    Location:
    Sterling Heights, MICHIGAN
    Category:Attune


    Adware: Software that brings ads to your computer. Such ads may or may not be targeted, but are "injected" and/or popup, and are not displayed within the form of an ad-sponsored application. Some Adware may hijack the ads of other companies, replacing them with its own. See also Spyware, Browser Helper Object.

    Variants:Attune

    Similar Pests:
    Adware
    Origins
    Group: Alset Research Inc.
    By This Group:
    HelpExpress
    Date of Origin:
    May, 2004
    Distribution
    Prevalence:
    # Attune: 6400.0% of all pest reports (6400000 per 100,000 reports)
    More Info
    Clot Factor:
    # Attune: On average, 4 objects detected in each machine

    The "Clot Factor" is a measure of how much a pest "gums up" a machine by adding registry entries, files, and directories. As more objects are placed in a machine, manual removal becomes more difficult and more error-prone.
    Countries Affected:
    In the past three months, we have received reports of Alset Network in Brazil, Canada, Italy, Portugal, Saudi Arabia, United Kingdom, United States.
    Operation
    Detection and Removal
    Automatic Removal:


    Manual Removal:
    Follow these steps to remove Alset Network from your machine. Begin by backing up your registry and your system, and/or setting a Restore Point, to prevent trouble if you make a mistake. Stop Running Processes
    ____________________________________________________
    Kill the following processes:

    programfilesdir+\aveo\attune\updater1\attunel.exe
    programfilesdir+\aveo\attune\updater1\auninst.exe
    ____________________________________________________
    Remove AutoRun Reference:

    Go To the key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run.
    If you find the value HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\attune download, delete it and reboot the machine immediately.
    ____________________________________________-
    Unregister DLLs:

    Unregister these DLLs with Regsvr32, then reboot:

    programfilesdir+\aveo\attune\updater1\0409\lang.dll
    programfilesdir+\aveo\attune\updater1\aclui.dll

    Remove these registry items (if present) with RegEdit:

    HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\attune download
    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\attune
    HKEY_USERS\s-1-5-21-1409082233-1390067357-1801674531-500\software\aveo\attunedownload
    _____________________________________________
    Remove Files:

    Remove these files (if present) with Windows Explorer:
    programfilesdir+\aveo\attune\updater1\0409\java.htm
    programfilesdir+\aveo\attune\updater1\0409\lang.dll
    programfilesdir+\aveo\attune\updater1\0409\update.htm
    programfilesdir+\aveo\attune\updater1\aclui.dll
    programfilesdir+\aveo\attune\updater1\attunel.exe
    programfilesdir+\aveo\attune\updater1\auninst.exe
    __________________________________________________
     
  3. wingman411

    wingman411 OSNN Senior Addict

    Messages:
    297
    Location:
    North of Seattle
  4. wingman411

    wingman411 OSNN Senior Addict

    Messages:
    297
    Location:
    North of Seattle
    Thanks Tdinc for the quick and through response to my question.