• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1262
  • Last Modified:

Infected by Horoscope and other Software

My XP laptop, shortly after being connected to the university network, automatically installed many useless programs including My Daily Horoscope and others.  

I initially removed all the programs using add/remove programs.  They reinstalled one day.  I removed them again.  I also found several folders including bsx32 and a file called bsx32.ini which I deleted.  

They reinstalled again.  

When I use explorer and go to the symantec web site, a new window opens for another goofy security software which was installed by these phantom programs, saying something about an alternative to symantec.

I am now using Netscape.  But I would like to remove all traces of these other programs so they don't reinstall if I use IE.  Any help is much appreciated.  

Greg
0
monacoassociates
Asked:
monacoassociates
2 Solutions
 
Pete LongTechnical ConsultantCommented:
Browser Hijacking/Spyware/Adware/Malware Removal instructions

Full removal and Prevention instructions are available on my website,

http://www.petenetlive.com/Tech/Browsers/hijack.htm

Please don't "Gum up" the TA's here by posting Hijack This Logs
go here and have it analysed.
http://www.hijackthis.de/index.php?langselect=english

The EE Official Link to info is,
 http:Q_20975384.html#10973783
0
 
visualcoatCommented:
for a great free virus protection www.avast.com use avast home additon you can get it from www.download.com
0
 
monacoassociatesAuthor Commented:
If this is the wrong place to post, I apologize.

I am not clear what the second comment means--"go and download the software and have the pc analyzed?"
0
KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

 
visualcoatCommented:
if you download hijackthis it will creat a low which you can send to them to analyis and they can help detrimin how you are being hijacked.
0
 
luv2smileCommented:
Also note that your univeristy will probably have a free antivirus program that you can download. I work for a university and we provide all students, faculty, and staff with free downloads of Norton for use on university and home computers.
0
 
ShattucCommented:
Lavasoft Ad-Aware http://www.lavasoftusa.com/software/adaware/
Spybot S&D http://www.safer-networking.org/en/download/index.html
AVG Free  http://free.grisoft.com/freeweb.php/doc/2/
Spyware Blaster http://www.javacoolsoftware.com/spywareblaster.html
Spyware Guard http://www.javacoolsoftware.com/spywareguard.html

These are all programs that can be used by the average computer user

without difficulty, and without undesired results.

Lavasoft Ad-Aware will clean up alot of spyware infections.
Spybot S&D will clean up alot of spyware infections.
between these two programs, most of the nasties can be safely removed

without damaging other programs.

AVG Free Antivirus is an Excellent Antivirus, especially since it is

free. (found a nasty trojan that was giving me Fits for a week)

Spyware Blaster is a program that you only have to run weekly, the

settings and changes it makes are static, and you don't need to keep it

running for it's protection to work.
It has a large database of Identified, and known spyware/malware/activeX

controls. It instructs windows and IE, Firefox, and mozilla browsers not

to install or run any of these nasties.

Spyware Guard is like your Antivirus, but for spyware, it is a resident

and is always running, if it encounters something that should not be

downloaded, by default it will popup a dialog box and ask for

instruction.

these last two, will help keep your system running smoothly.

lastly, make sure you do not run TWO antivirus programs at the same time.

it can result in conflicts, and leaving your system wide open to attack

and infection. (Spyware Guard is not an Anti-Virus and can be run side by

side with anti-virus without conflicts)

also in Spybot S&D there is a resident program called tea-timer. it

monitors your registry entries and notifies you of changes made to your

registry.

If all else fails and you do have an infection, then get a copy of Hijack

This. HiJack this is an Advanced Diagnostic tool. not everything it finds

should be fixed. if you fix the wrong entry, it can make your system

unstable, and even cause some programs to not function. if you must

resort to using Hijack This, be sure to consult an expert about your log

before you fix anything.
you can find it here.

http://www.bleepingcomputer.com/files/hijackthis.php


also, don't delete entries because a program says to do it, there is a new variant of CWS, and if you delete HJT entries prematurely it can mutate.
0
 
Pete LongTechnical ConsultantCommented:
ThanQ
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now