• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1260
  • Last Modified:

Infected by Horoscope and other Software

My XP laptop, shortly after being connected to the university network, automatically installed many useless programs including My Daily Horoscope and others.  

I initially removed all the programs using add/remove programs.  They reinstalled one day.  I removed them again.  I also found several folders including bsx32 and a file called bsx32.ini which I deleted.  

They reinstalled again.  

When I use explorer and go to the symantec web site, a new window opens for another goofy security software which was installed by these phantom programs, saying something about an alternative to symantec.

I am now using Netscape.  But I would like to remove all traces of these other programs so they don't reinstall if I use IE.  Any help is much appreciated.  

2 Solutions
Pete LongTechnical ConsultantCommented:
Browser Hijacking/Spyware/Adware/Malware Removal instructions

Full removal and Prevention instructions are available on my website,


Please don't "Gum up" the TA's here by posting Hijack This Logs
go here and have it analysed.

The EE Official Link to info is,
for a great free virus protection www.avast.com use avast home additon you can get it from www.download.com
monacoassociatesAuthor Commented:
If this is the wrong place to post, I apologize.

I am not clear what the second comment means--"go and download the software and have the pc analyzed?"
Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

if you download hijackthis it will creat a low which you can send to them to analyis and they can help detrimin how you are being hijacked.
Also note that your univeristy will probably have a free antivirus program that you can download. I work for a university and we provide all students, faculty, and staff with free downloads of Norton for use on university and home computers.
Lavasoft Ad-Aware http://www.lavasoftusa.com/software/adaware/
Spybot S&D http://www.safer-networking.org/en/download/index.html
AVG Free  http://free.grisoft.com/freeweb.php/doc/2/
Spyware Blaster http://www.javacoolsoftware.com/spywareblaster.html
Spyware Guard http://www.javacoolsoftware.com/spywareguard.html

These are all programs that can be used by the average computer user

without difficulty, and without undesired results.

Lavasoft Ad-Aware will clean up alot of spyware infections.
Spybot S&D will clean up alot of spyware infections.
between these two programs, most of the nasties can be safely removed

without damaging other programs.

AVG Free Antivirus is an Excellent Antivirus, especially since it is

free. (found a nasty trojan that was giving me Fits for a week)

Spyware Blaster is a program that you only have to run weekly, the

settings and changes it makes are static, and you don't need to keep it

running for it's protection to work.
It has a large database of Identified, and known spyware/malware/activeX

controls. It instructs windows and IE, Firefox, and mozilla browsers not

to install or run any of these nasties.

Spyware Guard is like your Antivirus, but for spyware, it is a resident

and is always running, if it encounters something that should not be

downloaded, by default it will popup a dialog box and ask for


these last two, will help keep your system running smoothly.

lastly, make sure you do not run TWO antivirus programs at the same time.

it can result in conflicts, and leaving your system wide open to attack

and infection. (Spyware Guard is not an Anti-Virus and can be run side by

side with anti-virus without conflicts)

also in Spybot S&D there is a resident program called tea-timer. it

monitors your registry entries and notifies you of changes made to your


If all else fails and you do have an infection, then get a copy of Hijack

This. HiJack this is an Advanced Diagnostic tool. not everything it finds

should be fixed. if you fix the wrong entry, it can make your system

unstable, and even cause some programs to not function. if you must

resort to using Hijack This, be sure to consult an expert about your log

before you fix anything.
you can find it here.


also, don't delete entries because a program says to do it, there is a new variant of CWS, and if you delete HJT entries prematurely it can mutate.
Pete LongTechnical ConsultantCommented:
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now