Spyware Stormer continues to give pop ups, I need to know how to get rid of it. I have tried Adaware, Macafee, and Spybot.

Spyware Stormer continues to give pop ups, I need to know how to get rid of it. I have tried Adaware, Macafee, and Spybot. I still receive constant advertisements wanting me too purchase their product. Please tell me how to stop spyware stormer popups.
gmar777Asked:
Who is Participating?
 
SheharyaarSaahilCommented:
Hello gmar777 =)

Download HijackThis v1.98.2, run it, Save the LOG file and Post it here:
http://tools.radiosplace.com/HijackThis.exe
0
 
gmar777Author Commented:
Logfile of HijackThis v1.98.2
Scan saved at 2:11:25 PM, on 8/20/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\altiris\AClient.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\altiris\AClntUsr.EXE
C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\mstsc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\gmartin\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mvusd.k12.ca.us
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = cec-isa.mvusd.k12.ca.us:1414
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = outlook.mvusd.k12.ca.us;iwww.mvusd.k12.ca.us;vlhs-lib.mvusd.k12.ca.us/wx/s.dll;mvusd4gl.mvusd.k12.ca.us;blackboard.mvusd.k12.ca.us;www.mvusd.k12.ca.us;helpdesk.mvusd.k12.ca.us;vvhs.mvusd.k12.ca.us;vvhs;<local>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [AClntUsr] c:\altiris\AClntUsr.EXE
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.mvusd.k12.ca.us
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1092763979001
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mvusd.k12.ca.us
O17 - HKLM\Software\..\Telephony: DomainName = mvusd.k12.ca.us
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = mvusd.k12.ca.us
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = mvusd.k12.ca.us

0
 
SheharyaarSaahilCommented:
lol..... ur LOG is clean,,,,, nothing BAD :)
is ur messenger service running,,, if YES then disable it >> http://www.itc.virginia.edu/desktop/docs/messagepopup/
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
SheharyaarSaahilCommented:
Also just try downloading this Popup Blocker >> http://www.synergeticsoft.com/docs/pop_up_blocker/
Direct Download link >> http://www.synergeticsoft.com/files/PB.exe

and Add those Spyware Stromer popups in its block list,,,, and next time they will be blocked by this tool :)
0
 
acmpCommented:
All the info I can find on Google says the 'Spyware Stormer' is as bad as the spyware it is susposed to remove.

If you have installed this software I'd recommend removing it. Though I can't see any evidance of it in your log file.

acmp<><
0
 
EllisonGCommented:
0
 
rcolkettCommented:
You should purchase a program called X-Cleaner, from www.xblock.com.  I have been using it for the past year, and it works great.
0
 
clepkens_koenCommented:
CWshreder is OK, but try to stop the incomming.
The CWshreder has got some real good info on how the spyware comes in....
It has something to do with the XP version and the service pack installed or not.
Install service pack 1, then run the CWshreder
0
 
a1servCommented:
I am using Spy Sweeper and STOPzilla.  They work very well for my home PC.

Here are URL for these products:
http://www.webroot.com/land/spysweeperb.php?rc=1061&ac=disc
http://www.stopzilla.com/download/download_select.asp?AID=10004&S=4&type=DOWNLOAD&topic=&source=&AAID=&dre=

Good luck!
0
 
danhrmrCommented:
I just had this problem!

Bring up Spyware Stormer.
Click on 'Advanced'.
Make sure Auto-Load Spyware Stormer with Windows' and 'ProActive Spyware Protection'
is unclicked.
Close window and restart.
Problem solved!!!

   Dan R.

0
 
titan203Commented:
This problem is bring by some free spyware. they will include worm and hijack your PC when u online.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.