i got attacked by 30 or so pieces of spy/malware/trojans the other day and ive used everything in my power (including all the counter-malware procedures posted everywhere by all the response techs) to purge my system. but to no avail, im still getting popups from something embedded in my system.

i could post my hjt log but there isnt anything there im not familiar with. ive scanned my system with ad-aware pro, spybot, avg, ewido, and housecall. in addition to already having spybot teatimer and resident, ad-watch, as well as spyware blaster all installed and running when i got attacked.

my next step is to re-scan everything in safe mode which i should have just done in the first place, and then run every other credible anti-everything app available, i guess.

does anyone have any suggestions or techniques of finding and removing whatever it is that keeps launching pop ups, that i should try which isnt widely known or something? ive dealt with some devious invasions before, but whatever is on my system is completely invisible and its completely ridiculous.

That's what hjt stands for isn't it

Unfortunately free antispyware software isn't that good in cleaning your pc from worst attacks...i was getting really annoying popups (winfixer.com, sexbuddies, etc), even when browsing folders and after trying, well, anything from spybot to adaware to specific spyware cleaners, finally Spyware Doctor solved the issue. It would be worth buying...(notice the "would be" part... )

ANNOYING???

thanks for the suggestion, i gave it a try and to my surprise spyware doctor found 313 infections i was even more surprised though after it cleaned everything out and i restarted my system only to get the same popups i was getting before.

Tsk, and there are people who say Linux is not user friendly and hard to use.

To be brutally honest, they'd be dead right.

Really? As far as I can see, it might be true that the learning curve of Linux might be a bit steeper, though I personally think this isn't true anymore for quite some time. However, if you learned the basics you can lean back and relax indefinitely. Windoze is usually preinstalled. Therefore it appears for many people to be easier, but if I read something like this thread, I suppose the percentage of masochists, who really love that there never is an end to trouble and pain, is tremendous.

Did you run a quick or full scan? Is your version the latest, 4.0? I remember earlier versions didn't fix my issues. And when do those popups come up? When browsing with IE? Or anytime? Anyway, another great antispyware is SpySweeper, you could try that too. Also, update Spyware Doctor database everyday, maybe it will work sooner or later.

To Wargand:

sexbuddies.com can be a little less annoying when you're gay, since that's their target...

Really? I suspected this. However, when I checked http://www.sexbuddies.com before I postet my highly intelligent comment, I saw only women on that page.

Weeeell, probably they spotted me somehow

i ran both, actually. my version is 4.02.429 or something like that and it was released only two months ago. i updated it before i scanned.

the popups only come when i am browsing with IE. i can feel it activate when i click my quicklaunch shortcut, and right before each popup. most of the embedded pages were deleted so most of the popups are blank now, partypoker.com seems to be the most frequent ad. there is a wide array of ads though ranging from a music tech college to IBM, so i dont know wtf.

ill give spysweeper a shot now, see what happens.

im growing more suspicious of anti-spyware companies. who is to say that they are not hiring programmers to create the malware, collecting money from advertisements in malware from sponsors, and collecting money from selling anti-spyware (that doesnt work) to the victims?

That's so called "rogue" antispyare you're talking about, not working and bringing even more malware to users...but speaking of software like Spyware Doctor, and other popular ones, i don't think they're selling crap, my pc is perfectly clean now thanks to it. It's often a matter of time, waiting for those software companies to recognize new kinds of spyware and including them in their database.
I hope SpySweeper will solve your problem, but for now maybe you could stick to less vulnerable browsers (Firefox, Opera)

Let me guess, you were infected when browsing with IE? Surprise, surprise.
I don't understand why people use that pos application. It does more harm than good. Use firefox, ALWAYS, only use IE on terribly made websites that only work in IE, and even then, your probably better off using an alternative site if its that poorly made.

http://www.getfirefox.com


Anyway, the first step i always make on foolish relatives or friends that use IE is to ctrl+alt+del and close down any unrecognisable applications running. Then see if you can stop the malware from loading:
start>run>regedit

Browse to:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Delete the entries of malicious applications.

That stops em loading at system startup.
Then you just run adaware, avg or spybot Search and Destroy and its usually the end of it.

There's so many millions of ways for IE to get compromised that there's plenty of things to check, checking for a .dll that its installed because it has NO security at all is another one. You can see installed dlls under one of the menus, i can't remember much becasue i never load that POS. To uninstall you just remove the .dll.

The last thing i do is call them an idiot for using IE, and there's no ifs or buts about it, if you use IE your an idiot, or at least your being idiotic, then i install mozilla. IEs patheticness is legendary, its amazing how "windows problems" are nearly always caused by IE.

im on the same page with all of you, there isnt anything in this thread i havent tried or knew to try, aside from the recommendations of specific types of apps to try.



im a web designer, the browsers display code differently. i dont design in strict minimalist graphic-less code, so i have to use both to make the sites i build look as close to what i want them to as possible in both browers and not just firefox.

I need to check sites too, but you don't have to actively BROWSE in IE. That would just be plain daft. I load it up and go to one specific site to check, then i close it down. That's its sole purpose of existance when opera and mozilla exist.

I check all code in ie and opera, but for the love of god I don't browse in Internet Explorer, that would be asking for trouble. I'd be asking for a slap if i did that, and in all fairness i'd deserve one! Why not just browse in firefox, then check in ie when that's essential, and then close that POS down and lock it away until the next time you need to check a site?

That way you'll never get malware since firefox doesn't tend to do that crap.

It sounds like your just browing around the place with IE and your asking for trouble if you do that, and that's what you got . Get the firefox plugin to launch a url in ie, and then you can do that easily when you need to. Its really not an excuse for browsing with your pants down and getting infected with malware

Any site that installs malware you surely would have no merit in cloning, seeing the source, or using IE on.

So once again, use mozilla as your primary browser, and then only switch to ie or opera when you need to, and a crack or porn site isn't when you need to! They are always piss poor sites.

Just a suggestion that would save you future infection. Like a condom for the internet

that sucks been there and lucked out with spybot getting rid of everything. And great news, firefox now has a IE tab extension https://addons.mozilla.org/firefox/1419/

that way a web devolper can see what it would look like in IE without using the cursed crap.