Link to home
Start Free TrialLog in
Avatar of Jeff_Burns
Jeff_Burns

asked on

Spyware Wizard

OK, this is the first time I have found a rogue security program that I could not get rid of. Spyware Wizard as hijacked the MSN home page only (MSN software). It has not affected Internet Explorer which is odd. The following programs were unable to 'see' it: CounterSpy, Spyware Doctor, Panda, AdAware, SuperAntiSpyware, AVG. The MSN home page is re-directed to "theta-main.hosting" and "zeta-main.hosting", which then pulls up the Spyware Wizard home page. There is NO code 10, R0, R1 on HijackThis regarding a hijacker or re-director. There are NO suspicious codes 02 or 03 either. Along with my own knowledge I even ran it through the .de analyzer website which found no problems to speak of. I have uninstalled MSN and reinstalled to find it still there. Any ideas?
ASKER CERTIFIED SOLUTION
Avatar of David-Howard
David-Howard
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Jeff_Burns
Jeff_Burns

ASKER

This machine is running Win 2K...the only entries in the Hosts folder appear to be 'examples'. Nothing refers to any particular website.
There is nothing out of the ordinary in the start up.
I am re-running Counterspy in safe mode now.
All potential probelm temp files, cookies, etc have been removed.
Avatar of Jeff_Burns
Jeff_Burns

ASKER

I ran CounerSpy and AVG in safe mode...nothing.
Avatar of Jeff_Burns
Jeff_Burns

ASKER

Sohos and Root Kit Revealer found nothing!
Avatar of p_davis
p_davis
try spybot search and destroy

free from http://www.download.com

nails a lot of bad things -- you can also try ewido.
Avatar of Jeff_Burns
Jeff_Burns

ASKER

I removed Spybot S&D from this computer since it obviously wasn't doing it's job. I have never found Spybot to be very reliable when it comes to rogue security programs.
Avatar of Jeff_Burns
Jeff_Burns

ASKER

Ewido is now AVG Anti-Spyware, which unfortunately has not faired too well in the tests I've performed.
SOLUTION
Avatar of p_davis
p_davis
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of rpggamergirl
rpggamergirl
Flag of Australia image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Jeff_Burns
Jeff_Burns

ASKER

"Smit" didn't work. After researching for hours, I came to the conclusion that there IS no solution for this bug yet...like the "Winfixer" problem a year ago, it took the anti-spyware community MUCH longer than expected to write code to kill WinFixer and apparently they haven't figured out this one yet.
I appreciate everyone's input.
Jeff