DSL Fast but messed up my XP settings- Adware?Spyware?

[Alppasta]

I have just gotten Verizon DSL. I have a router with a firewall and
have a software firewall. I have a virus detect and severa
adware/spyware programs. All the software programs I have say th
machine is clean. The second I plug into the internet, several EX
files begin running in the backround and I get my IE homepage change
to "SLOTCH.COM" my favorites sites get added to with bookmarks I di
not request and I get bombarded with software pushes from unknow
sources. Any options besides rebooting XP software and startin
over?????
I can't even get help because I can't stay on the internet long withou
getting slammed with stuff

 

[David H. Lipman]

1) Download the following three items...

Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp

Latest Trend signature files.
http://www.trendmicro.com/download/pattern.asp

Adaware SE (personal free version)
http://www.lavasoftusa.com/

Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")

Download sysclean.com and place it in that directory.
Dowload the signature files (pattern files) by obtaining the ZIP file.
For example; lpt228.zip

Extract the contents of the ZIP file and place the contents in the same directory as
sysclean.com.

2) Update Adware with the latest definitions.
3) If you are using WinME or WinXP, disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
4) Reboot your PC into Safe Mode
5) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
platform and clean/delete any infectors/parasites found.
(a few cycles may be needed)
6) Restart your PC and perform a "final" Full Scan of your platform using both the
Trend Sysclean utility and Adaware
7) If you are using WinME or WinXP,Re-enable System Restore and re-apply any
System Restore preferences, (e.g. HD space to use suggested 400 ~ 600MB),
8) Reboot your PC.
9) If you are using WinME or WinXP, create a new Restore point

You can also try some of the below online scanners.

Trend:
http://housecall.antivirus.com
http://housecall.trendmicro.com

F-Secure:
http://support.f-secure.com/enu/home/ols.shtml

McAfee:
http://www.mcafee.com/myapps/mfs/default.asp

Panda:
http://www.pandasoftware.com/activescan/

Kaspersky:
http://www.kaspersky.com/de/scanforvirus

Symantec:
http://security.symantec.com/

BitDefender
http://www.bitdefender.com/scan/license.php

Freedom Online scanner
http://www.freedom.net/viruscenter/index.html


* * * Please report your results ! * * *

Dave






|
| I have just gotten Verizon DSL. I have a router with a firewall and I
| have a software firewall. I have a virus detect and several
| adware/spyware programs. All the software programs I have say the
| machine is clean. The second I plug into the internet, several EXE
| files begin running in the backround and I get my IE homepage changed
| to "SLOTCH.COM" my favorites sites get added to with bookmarks I did
| not request and I get bombarded with software pushes from unknown
| sources. Any options besides rebooting XP software and starting
| over?????
| I can't even get help because I can't stay on the internet long without
| getting slammed with stuff.
|
|
| --
| Alppasta

 

[Bullwinkle. J. Moose]

You might want to contact Verizon DSL help line 800 567-6789. They are
there 24/7 and will walk you through your setup.

 

[Malke]

You might want to contact Verizon DSL help line 800 567-6789. They
are there 24/7 and will walk you through your setup.

This is not an issue for Verizon support. Your computer is most
definitely infested with malware. You may have even installed some
so-called spyware removal tools that are in themselves spyware. Here is
a link to a site discussing "rogue" anti-spyware tools ("betrayalware")
so you can see if anything you installed is on that list:

http://www.spywarewarrior.com/rogue_anti-spyware.htm

Run through the following malware removal steps:

1) Scan in Safe Mode with current version (not earlier than 2003)
antivirus using updated definitions;

2) remove spyware with Spybot Search & Destroy
(www.safer-networking.org) and Ad-aware (www.lavasoftusa.com). These
programs are free, so use them both since they complement each other.
There is a new version of CWShredder from
http://www.intermute.com/spysubtract/cwshredder_download.html. I would
not install the other Intermute programs, however. Alternately, there
are CoolWebSearch malware removal steps at
http://www.silentrunners.org/sr_cwsremoval.html. A combination of
HijackThis and About:Buster (http://www.majorgeeks.com) works well in
removing homepage hijackers. Always read the instructions before
running a spyware removal tool. Be sure to update these programs before
running, and it is a good idea to do virus/spyware scans in Safe Mode.
Make sure you are able to see all hidden files and extensions (View tab
in Folder Options);

3) If you are running Windows ME or XP, you should disable/enable System
Restore because malware will be in the Restore Points. With ME, you
must disable System Restore completely. With XP, you can delete all but
the most recent (presumably clean) System Restore point from the More
Options section of Disk Cleanup (Run>cleanmgr).

4) make sure you've visited Windows Update and applied all security
patches. Do not install driver updates from Windows Update;

5) run a firewall.

Malke