spyware/hijack problem super-spider

[SixFive]

This is a nasty one. My wife picked it up last night while I was at work :cursin: and I can't get rid of it. I have run Spybot S&D, Adaware, and CWShredder each numerous times, but this sob keeps getting back. I have run all the updates on these programs, and I am running the latest versions. Any advice?

 

[SixFive]

my homepage is correct, but as soon as it starts to open, I am switched to http://super-spider.com/hp.htm?id=543

 

[TJBELL]

SCAN

Click on the download (Stinger) in the middle of the page. Let me know if it works.

Had almost the same problem and this was recommended by the internet company. It worked for me! (Even if it doesn't, it will check for viruses)

GL!

 

[Captain Crunch]

Sixfive, if all else fails, do what I did. Was well worth the money. Read my reply to Box and One.

Good Luck

http://www.madjacksports.com/forum/showthread.php?t=154646

 

[Lightning]

www.hijackthis.com

This site may help you.

Another program that is like that and is a pain in arse to get rid of is Blazefind.

 

[cisco]

Go to Trend Micro and get the free scan. These guys are good.

http://housecall.trendmicro.com/housecall/start_corp.asp

 

[SixFive]

still can't get rid of this thing. I can change my home page back, and it will open it nearly all the way but then switch to super-spider.

 

[ocelot]

I got something very similar if not the same last week. I updated adaware, ran it twice, then ran hijack and deleted about 5 things that I was sure were crap that it came up with, then ran spybot which finally seemed to kill it. But before all that I ran regedit and did a search for a certain string which I am trying to remember and deleted all occurences one by one of that string. I will post back here if I can rediscover what that was.

 

[ocelot]

Incidentally, it is my belief that this crap was contracted through file-sharing software that my kids use and which I have now outlawed on our home computer. Specifically I believe it was some version of Kazaa.

 

[ocelot]

6-5 The following was posted at a site that adressed the version of this same problem I was experiencing. Don't neglect the reboot step at the end:

"Try this:
Download the latest version of Ad-Aware from here (if you already have Ad-Aware installed, make sure that it is the latest version and always go online and update it before you run it).
NOTE: Since you don't have access to the Internet you'll have to download to another computer and burn to a CD or use other method to transfer to your computer.

Download Lavasoft's VX2 Cleaner plug-in here
http://updates.ls-servers.com/plvx2cleaner.exe

How to use Lavasoft's VX2 Cleaner plug-in

- Close Ad-Aware 6 build 181 and Ad-Watch (if running)
- Download the free VX2 Cleaner at http://updates.ls-servers.com/plvx2cleaner.exe
- Install the VX2 Cleaner
- Start Ad-Aware 6 build 181
- Go to "Plug-ins"
- Select the VX2 Cleaner plug-in and click "Run Plugin"
- If your computer isn't infected, click "Close".


If your computer is infected

- Select "Clean system"
- Reboot your computer
- Scan your computer with Ad-Aware
- Remove any VX2 objects detected
- Reboot your computer again
- Run a second scan to make sure the files have been removed from your computer

Reboot your PC."

 

[ocelot]

6-5:

Also I now remember I also searched my computer for 2 files named sysbd.dll and sysbd.exe and deleted them. You can rename them if you like - I actually placed "shit" at the ends of their names. Also deleted wupdt.exe. Once all this junk was done and I was able to access the net again I immediately updated Norton AV and did a Windows update. Still looking for the string I blasted from the registry. Stand by.

 

[ocelot]

Okay, here is the string I purged from my registry: "drsnsrch". I cleared all values in the registry containing it.

Also just found this though I did not do it myself. Will do it later today though. One techie advised deleting the file "C:\Windows\redir.txt". I would rename it to be safe or just don't empty the recycle bin until sure all is well. Good luck.

 

[Master Capper]

6-5 did you ever get rid of this I am now having a similiar problem?

 

[SixFive]

thanks for the help guys! I finally got rid of it. I ran CWShredder, spybot S&D, and adaware multiple times. I also had to delete some files in regedit like ocelot spoke about. All mine were in this folder. Local_Machine/software/microsoft/windows/current version/run. I had 5 things in this folder when in reality, the only one that matters is the (default). I deleted them, and I'm in good shape now.

 

[Master Capper]

The problem that I am having isthat someone has hijacked my ability to use search engines! When I try to use Google or any other bigtime search engine it says no page found and takes me to some weird search engine

 

[Master Capper]

Cant believe it but I ran that CWshredder that six-five mentioned and it repaired my problem!

 

[cisco]

Check out Browser Hijack Blaster. Stops anyone from taking over your home page. It's free.

http://www.pcworld.com/downloads/file_description/0,fid,22955,00.asp