Super Spyware?

I used ad aware and removed lots of spyware. Then spybot and did the same. Then I used Hijack this to remove everything remotely looking suspicious. Then I went through the registry and pulled out everything that looked suspicious that starts when windows loads. Then I ran a virus scanner. I'm still getting popups out the ass and spyware keeps showing up on all of my scanners. Also the hosts file puts itself back whenever I delete it. Any ideas where to go next?

ah shnap, what's it called CWShredder or something like that? Someone help me remember the name of the program.

Also, make sure you have the updated versions/deffinitions of your virus scan and spyware revmovers.

What are you doing to get these popups? Is it only a specifc times or randomly. I mean will you be using an office application and then some random popup comes up, or are they more like normal popups only when you go to specific websites? let us know

I hear you dude. I've got the same problem. I couldn't check my email or use secure websites(banking etc). I tried everything! Adaware, spybot, spyware doctor and norton virus. I have my hardware partitioned into 3 drives and I didn't want to lose everything on the d drive so I just reformatted my c driver(windows xp) and as soon as the computer finished installing I clicked on the explorer icon and gay porn sites came up. I couldn't delete the shit no matter what. I ran trend micro virus detector and found 16 viruses that norton didn't detect. I ended up formatting all 3 partitions in fear that one of the files I didn't delete was the culprit.

I'M STILL HAVING FUCKING PROBLEMS.

Popups occur even if the computer is left idle. There has to be something running in the background or a virus or something, but updated scans haven't picked it up. It's a win98 machine by the way.

I just reformatted my c driver(windows xp) and as soon as the computer finished installing I clicked on the explorer icon and gay porn sites came up.

lol.. sorry, dude, but that is just plain funny.

You formatted all three partitions and are still having problems with gay porn? Sounds like maybe it isn't your computer...

LOL. I had 60 gigs worth of vids and software on the one partition that i didn't want to delete so I deleted the other 2 partitions(tried formatting the first partition and got gay porn...reformatted...formatted the second partition....still gay fucking porn). I finally gave up and just burned my software and formatted that last drive. WHAT A FUCKING NIGHTMARE. All in all I reformatted 3 times in the last 24 hours.

I should have just formatted all 3 partitions right off the bat but I really wanted to keep some of videos I had. I've pretty much lost 20 gigs of music and 40 gigs of fights, instructionals, etc.

that's what happens when you visit Sherdog...

Check your temp folders, as well as your system folders. look for collections of files that are dated the same, that are not system files.
We often use antivir to check for spyware, it can detect some of the files that are hidden.
You may want to rename temp files and make new ones, as spyware can be a bitch to delete.
If you are in XP, make sure to search for Temp, and search hidden files as well, as there are a few temp folders.

Try getting Spywareblaster. It can find spyware that other software you mentioned does not find. It will then neutralize them. Doesn't get rid of them.

I've got an index DAT file in my temp folder that I just can't delete. It inflates quite a bit too. I can't delete this file for the life of me. It's under windows-temp-internet folders-Content.IE5-index

it's also under windows-temp-cookies-index

fucking hell...just formatted the goddamned thing and i'm getting them again.

edited to add this:

I just found this site regarding dat files. let me see if it helps at all.

http://www.exits.ro/index-dat-files.html

For those people who have some serious shit that can't be removed by the common cleaners, your best bet is to do a clean install of your OS in a secure way, then take measures to prevent yourself from being infected again.

Why do this instead of just finding a cleaner that works? Because you have been so deeply infected that even if you remove all noticeable infection, there are still probably all kinds of malicious software still on your computer which are well hidden and not obvious.

Do you have a legit(or at least reasonably trusted non legit) version of windows? If your Windows CD is compromised then you of course can't escape problems.

Do you have a hardware firewall or NAT router? When you install windows, make sure you are using some kind of firewall. It's possible(and actually likely) that someone can remotely compromise you before you download all the patches. If you don't have a hardware firewall, make sure you unplug yourself from the network while you install Windows, then install some software firewall from a clean, trusted CD, or turn on the XP firewall. Only then should you plug into the network and download all the updates.

After you have done a secure clean install and installed all the updates from windowsupdate.com, do yourself a favor and never use Internet Explorer again. Switch to Firefox from mozilla.com. Never use Outlook Express. Use Thunderbird from mozilla.com, or just Outlook is pretty good now. If you don't know what you're doing, the answer to any pop up question on the Internet is 'no'. Especially never download any software that you see in a pop up.

Don't click on links in email, and if you don't know what you're doing, don't open any email attachments of any kind unless you know for a fact that it's really from that person. You absolutely do need some anti-virus and some software or hardware firewall.

Here is a good resource on basic computer security intended for a non technical audience:

http://www.cmu.edu/computing/security/

and just buy gay porn dvds next time.

it's best to reimage your computer every 6 months anyway.

there's lots of stuff that comes and goes and it's best to start fresh. i'm constantly looking at my add/remove programs list.

stephen

My problem is that there are 3 people using this computer and I don't know what the other two are doing at all times.

Try Webroot's Spysweeper.

if you've got CWS, go check the securityfocus.com BUGTRAQ list from the past few weeks.

there are some procedures listed there that will get rid of CWS, guaranteed.. every version, even things CWShredder will miss.

then you should download a spy program to see what they are doing.

i bet they're beating off to gays doing it in the butt.

gay popups just don't happen.

stephen

It doesn't have to be from gay porn. Advertisers will stick trackers etc in all sorts of files. Especially p2p programs. You can download a file called "car races" and you may have an infected file.

The problem started when I installed Shareazza so it was definately from a file that was downloaded. It becomes a deterent for people who share files.

Haha, it wasn't gay porn. I've looked at every single thing on my hd so I can give the other guys shit and all I found was file of around 40gigs of vides from shareazza and direct connect. Obviously, one of the files was infected. There was a little porn, some car races, lots of fights/instructionals and a ton of music. No gay porn but I kept getting the popup for it. Once I ran trendmicro I found a ton of worms/viruses. Most could be deleted but not all. I just made one of my partitions for downloads and when I reformatted I thought I'd try to save the files and I figured the problems would go away after the format but I didn't think that the infected files were on the one partition.

I've just installed mozilla so I'm hoping it's sail free from here on in(noticed that it's much faster than IE). My friend told me to install windows with the modem disconnected and I should have listened to him.