Solved

Infected by Horoscope and other Software

Posted on 2004-09-24
7
1,251 Views
Last Modified: 2013-11-15
My XP laptop, shortly after being connected to the university network, automatically installed many useless programs including My Daily Horoscope and others.  

I initially removed all the programs using add/remove programs.  They reinstalled one day.  I removed them again.  I also found several folders including bsx32 and a file called bsx32.ini which I deleted.  

They reinstalled again.  

When I use explorer and go to the symantec web site, a new window opens for another goofy security software which was installed by these phantom programs, saying something about an alternative to symantec.

I am now using Netscape.  But I would like to remove all traces of these other programs so they don't reinstall if I use IE.  Any help is much appreciated.  

Greg
0
Comment
Question by:monacoassociates
7 Comments
 
LVL 57

Accepted Solution

by:
Pete Long earned 100 total points
ID: 12143374
Browser Hijacking/Spyware/Adware/Malware Removal instructions

Full removal and Prevention instructions are available on my website,

http://www.petenetlive.com/Tech/Browsers/hijack.htm

Please don't "Gum up" the TA's here by posting Hijack This Logs
go here and have it analysed.
http://www.hijackthis.de/index.php?langselect=english

The EE Official Link to info is,
 http:Q_20975384.html#10973783
0
 
LVL 2

Expert Comment

by:visualcoat
ID: 12143476
for a great free virus protection www.avast.com use avast home additon you can get it from www.download.com
0
 

Author Comment

by:monacoassociates
ID: 12143486
If this is the wrong place to post, I apologize.

I am not clear what the second comment means--"go and download the software and have the pc analyzed?"
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 2

Assisted Solution

by:visualcoat
visualcoat earned 25 total points
ID: 12143629
if you download hijackthis it will creat a low which you can send to them to analyis and they can help detrimin how you are being hijacked.
0
 
LVL 18

Expert Comment

by:luv2smile
ID: 12143807
Also note that your univeristy will probably have a free antivirus program that you can download. I work for a university and we provide all students, faculty, and staff with free downloads of Norton for use on university and home computers.
0
 
LVL 2

Expert Comment

by:Shattuc
ID: 12145341
Lavasoft Ad-Aware http://www.lavasoftusa.com/software/adaware/
Spybot S&D http://www.safer-networking.org/en/download/index.html
AVG Free  http://free.grisoft.com/freeweb.php/doc/2/
Spyware Blaster http://www.javacoolsoftware.com/spywareblaster.html
Spyware Guard http://www.javacoolsoftware.com/spywareguard.html

These are all programs that can be used by the average computer user

without difficulty, and without undesired results.

Lavasoft Ad-Aware will clean up alot of spyware infections.
Spybot S&D will clean up alot of spyware infections.
between these two programs, most of the nasties can be safely removed

without damaging other programs.

AVG Free Antivirus is an Excellent Antivirus, especially since it is

free. (found a nasty trojan that was giving me Fits for a week)

Spyware Blaster is a program that you only have to run weekly, the

settings and changes it makes are static, and you don't need to keep it

running for it's protection to work.
It has a large database of Identified, and known spyware/malware/activeX

controls. It instructs windows and IE, Firefox, and mozilla browsers not

to install or run any of these nasties.

Spyware Guard is like your Antivirus, but for spyware, it is a resident

and is always running, if it encounters something that should not be

downloaded, by default it will popup a dialog box and ask for

instruction.

these last two, will help keep your system running smoothly.

lastly, make sure you do not run TWO antivirus programs at the same time.

it can result in conflicts, and leaving your system wide open to attack

and infection. (Spyware Guard is not an Anti-Virus and can be run side by

side with anti-virus without conflicts)

also in Spybot S&D there is a resident program called tea-timer. it

monitors your registry entries and notifies you of changes made to your

registry.

If all else fails and you do have an infection, then get a copy of Hijack

This. HiJack this is an Advanced Diagnostic tool. not everything it finds

should be fixed. if you fix the wrong entry, it can make your system

unstable, and even cause some programs to not function. if you must

resort to using Hijack This, be sure to consult an expert about your log

before you fix anything.
you can find it here.

http://www.bleepingcomputer.com/files/hijackthis.php


also, don't delete entries because a program says to do it, there is a new variant of CWS, and if you delete HJT entries prematurely it can mutate.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 12155888
ThanQ
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Enterprise Password Manager Suites as well as Local Password managers are covered in this article.
The 21st century solution to antiquated pagers.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question