Solved

Infected by Horoscope and other Software

Posted on 2004-09-24
7
1,249 Views
Last Modified: 2013-11-15
My XP laptop, shortly after being connected to the university network, automatically installed many useless programs including My Daily Horoscope and others.  

I initially removed all the programs using add/remove programs.  They reinstalled one day.  I removed them again.  I also found several folders including bsx32 and a file called bsx32.ini which I deleted.  

They reinstalled again.  

When I use explorer and go to the symantec web site, a new window opens for another goofy security software which was installed by these phantom programs, saying something about an alternative to symantec.

I am now using Netscape.  But I would like to remove all traces of these other programs so they don't reinstall if I use IE.  Any help is much appreciated.  

Greg
0
Comment
Question by:monacoassociates
7 Comments
 
LVL 57

Accepted Solution

by:
Pete Long earned 100 total points
ID: 12143374
Browser Hijacking/Spyware/Adware/Malware Removal instructions

Full removal and Prevention instructions are available on my website,

http://www.petenetlive.com/Tech/Browsers/hijack.htm

Please don't "Gum up" the TA's here by posting Hijack This Logs
go here and have it analysed.
http://www.hijackthis.de/index.php?langselect=english

The EE Official Link to info is,
 http:Q_20975384.html#10973783
0
 
LVL 2

Expert Comment

by:visualcoat
ID: 12143476
for a great free virus protection www.avast.com use avast home additon you can get it from www.download.com
0
 

Author Comment

by:monacoassociates
ID: 12143486
If this is the wrong place to post, I apologize.

I am not clear what the second comment means--"go and download the software and have the pc analyzed?"
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 2

Assisted Solution

by:visualcoat
visualcoat earned 25 total points
ID: 12143629
if you download hijackthis it will creat a low which you can send to them to analyis and they can help detrimin how you are being hijacked.
0
 
LVL 18

Expert Comment

by:luv2smile
ID: 12143807
Also note that your univeristy will probably have a free antivirus program that you can download. I work for a university and we provide all students, faculty, and staff with free downloads of Norton for use on university and home computers.
0
 
LVL 2

Expert Comment

by:Shattuc
ID: 12145341
Lavasoft Ad-Aware http://www.lavasoftusa.com/software/adaware/
Spybot S&D http://www.safer-networking.org/en/download/index.html
AVG Free  http://free.grisoft.com/freeweb.php/doc/2/
Spyware Blaster http://www.javacoolsoftware.com/spywareblaster.html
Spyware Guard http://www.javacoolsoftware.com/spywareguard.html

These are all programs that can be used by the average computer user

without difficulty, and without undesired results.

Lavasoft Ad-Aware will clean up alot of spyware infections.
Spybot S&D will clean up alot of spyware infections.
between these two programs, most of the nasties can be safely removed

without damaging other programs.

AVG Free Antivirus is an Excellent Antivirus, especially since it is

free. (found a nasty trojan that was giving me Fits for a week)

Spyware Blaster is a program that you only have to run weekly, the

settings and changes it makes are static, and you don't need to keep it

running for it's protection to work.
It has a large database of Identified, and known spyware/malware/activeX

controls. It instructs windows and IE, Firefox, and mozilla browsers not

to install or run any of these nasties.

Spyware Guard is like your Antivirus, but for spyware, it is a resident

and is always running, if it encounters something that should not be

downloaded, by default it will popup a dialog box and ask for

instruction.

these last two, will help keep your system running smoothly.

lastly, make sure you do not run TWO antivirus programs at the same time.

it can result in conflicts, and leaving your system wide open to attack

and infection. (Spyware Guard is not an Anti-Virus and can be run side by

side with anti-virus without conflicts)

also in Spybot S&D there is a resident program called tea-timer. it

monitors your registry entries and notifies you of changes made to your

registry.

If all else fails and you do have an infection, then get a copy of Hijack

This. HiJack this is an Advanced Diagnostic tool. not everything it finds

should be fixed. if you fix the wrong entry, it can make your system

unstable, and even cause some programs to not function. if you must

resort to using Hijack This, be sure to consult an expert about your log

before you fix anything.
you can find it here.

http://www.bleepingcomputer.com/files/hijackthis.php


also, don't delete entries because a program says to do it, there is a new variant of CWS, and if you delete HJT entries prematurely it can mutate.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 12155888
ThanQ
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
This video demonstrates how to use each tool, their shortcuts, where and when to use them, and how to use the keyboard to improve workflow.
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now