Solved

Infected by Horoscope and other Software

Posted on 2004-09-24
7
1,254 Views
Last Modified: 2013-11-15
My XP laptop, shortly after being connected to the university network, automatically installed many useless programs including My Daily Horoscope and others.  

I initially removed all the programs using add/remove programs.  They reinstalled one day.  I removed them again.  I also found several folders including bsx32 and a file called bsx32.ini which I deleted.  

They reinstalled again.  

When I use explorer and go to the symantec web site, a new window opens for another goofy security software which was installed by these phantom programs, saying something about an alternative to symantec.

I am now using Netscape.  But I would like to remove all traces of these other programs so they don't reinstall if I use IE.  Any help is much appreciated.  

Greg
0
Comment
Question by:monacoassociates
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 57

Accepted Solution

by:
Pete Long earned 100 total points
ID: 12143374
Browser Hijacking/Spyware/Adware/Malware Removal instructions

Full removal and Prevention instructions are available on my website,

http://www.petenetlive.com/Tech/Browsers/hijack.htm

Please don't "Gum up" the TA's here by posting Hijack This Logs
go here and have it analysed.
http://www.hijackthis.de/index.php?langselect=english

The EE Official Link to info is,
 http:Q_20975384.html#10973783
0
 
LVL 2

Expert Comment

by:visualcoat
ID: 12143476
for a great free virus protection www.avast.com use avast home additon you can get it from www.download.com
0
 

Author Comment

by:monacoassociates
ID: 12143486
If this is the wrong place to post, I apologize.

I am not clear what the second comment means--"go and download the software and have the pc analyzed?"
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 2

Assisted Solution

by:visualcoat
visualcoat earned 25 total points
ID: 12143629
if you download hijackthis it will creat a low which you can send to them to analyis and they can help detrimin how you are being hijacked.
0
 
LVL 18

Expert Comment

by:luv2smile
ID: 12143807
Also note that your univeristy will probably have a free antivirus program that you can download. I work for a university and we provide all students, faculty, and staff with free downloads of Norton for use on university and home computers.
0
 
LVL 2

Expert Comment

by:Shattuc
ID: 12145341
Lavasoft Ad-Aware http://www.lavasoftusa.com/software/adaware/
Spybot S&D http://www.safer-networking.org/en/download/index.html
AVG Free  http://free.grisoft.com/freeweb.php/doc/2/
Spyware Blaster http://www.javacoolsoftware.com/spywareblaster.html
Spyware Guard http://www.javacoolsoftware.com/spywareguard.html

These are all programs that can be used by the average computer user

without difficulty, and without undesired results.

Lavasoft Ad-Aware will clean up alot of spyware infections.
Spybot S&D will clean up alot of spyware infections.
between these two programs, most of the nasties can be safely removed

without damaging other programs.

AVG Free Antivirus is an Excellent Antivirus, especially since it is

free. (found a nasty trojan that was giving me Fits for a week)

Spyware Blaster is a program that you only have to run weekly, the

settings and changes it makes are static, and you don't need to keep it

running for it's protection to work.
It has a large database of Identified, and known spyware/malware/activeX

controls. It instructs windows and IE, Firefox, and mozilla browsers not

to install or run any of these nasties.

Spyware Guard is like your Antivirus, but for spyware, it is a resident

and is always running, if it encounters something that should not be

downloaded, by default it will popup a dialog box and ask for

instruction.

these last two, will help keep your system running smoothly.

lastly, make sure you do not run TWO antivirus programs at the same time.

it can result in conflicts, and leaving your system wide open to attack

and infection. (Spyware Guard is not an Anti-Virus and can be run side by

side with anti-virus without conflicts)

also in Spybot S&D there is a resident program called tea-timer. it

monitors your registry entries and notifies you of changes made to your

registry.

If all else fails and you do have an infection, then get a copy of Hijack

This. HiJack this is an Advanced Diagnostic tool. not everything it finds

should be fixed. if you fix the wrong entry, it can make your system

unstable, and even cause some programs to not function. if you must

resort to using Hijack This, be sure to consult an expert about your log

before you fix anything.
you can find it here.

http://www.bleepingcomputer.com/files/hijackthis.php


also, don't delete entries because a program says to do it, there is a new variant of CWS, and if you delete HJT entries prematurely it can mutate.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 12155888
ThanQ
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There is a lot to be said for protecting yourself and your accounts with 2 factor authentication.  I found to my own chagrin, that there is a big downside as well.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
The viewer will learn how to successfully download and install the SARDU utility on Windows 7, without downloading adware.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question