Solved

Spyware Stormer continues to give pop ups, I need to know how to get rid of it. I have tried Adaware, Macafee, and Spybot.

Posted on 2004-08-20
11
48,991 Views
Last Modified: 2008-03-17
Spyware Stormer continues to give pop ups, I need to know how to get rid of it. I have tried Adaware, Macafee, and Spybot. I still receive constant advertisements wanting me too purchase their product. Please tell me how to stop spyware stormer popups.
0
Comment
Question by:gmar777
11 Comments
 
LVL 65

Accepted Solution

by:
SheharyaarSaahil earned 500 total points
ID: 11855810
Hello gmar777 =)

Download HijackThis v1.98.2, run it, Save the LOG file and Post it here:
http://tools.radiosplace.com/HijackThis.exe
0
 

Author Comment

by:gmar777
ID: 11856056
Logfile of HijackThis v1.98.2
Scan saved at 2:11:25 PM, on 8/20/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\altiris\AClient.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\altiris\AClntUsr.EXE
C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\mstsc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\gmartin\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mvusd.k12.ca.us
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = cec-isa.mvusd.k12.ca.us:1414
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = outlook.mvusd.k12.ca.us;iwww.mvusd.k12.ca.us;vlhs-lib.mvusd.k12.ca.us/wx/s.dll;mvusd4gl.mvusd.k12.ca.us;blackboard.mvusd.k12.ca.us;www.mvusd.k12.ca.us;helpdesk.mvusd.k12.ca.us;vvhs.mvusd.k12.ca.us;vvhs;<local>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [AClntUsr] c:\altiris\AClntUsr.EXE
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.mvusd.k12.ca.us
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1092763979001
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mvusd.k12.ca.us
O17 - HKLM\Software\..\Telephony: DomainName = mvusd.k12.ca.us
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = mvusd.k12.ca.us
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = mvusd.k12.ca.us

0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11856107
lol..... ur LOG is clean,,,,, nothing BAD :)
is ur messenger service running,,, if YES then disable it >> http://www.itc.virginia.edu/desktop/docs/messagepopup/
0
Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11856153
Also just try downloading this Popup Blocker >> http://www.synergeticsoft.com/docs/pop_up_blocker/
Direct Download link >> http://www.synergeticsoft.com/files/PB.exe

and Add those Spyware Stromer popups in its block list,,,, and next time they will be blocked by this tool :)
0
 
LVL 6

Expert Comment

by:acmp
ID: 11864927
All the info I can find on Google says the 'Spyware Stormer' is as bad as the spyware it is susposed to remove.

If you have installed this software I'd recommend removing it. Though I can't see any evidance of it in your log file.

acmp<><
0
 

Expert Comment

by:EllisonG
ID: 11929798
0
 

Expert Comment

by:rcolkett
ID: 12058754
You should purchase a program called X-Cleaner, from www.xblock.com.  I have been using it for the past year, and it works great.
0
 

Expert Comment

by:clepkens_koen
ID: 12062794
CWshreder is OK, but try to stop the incomming.
The CWshreder has got some real good info on how the spyware comes in....
It has something to do with the XP version and the service pack installed or not.
Install service pack 1, then run the CWshreder
0
 

Expert Comment

by:a1serv
ID: 12087929
I am using Spy Sweeper and STOPzilla.  They work very well for my home PC.

Here are URL for these products:
http://www.webroot.com/land/spysweeperb.php?rc=1061&ac=disc
http://www.stopzilla.com/download/download_select.asp?AID=10004&S=4&type=DOWNLOAD&topic=&source=&AAID=&dre=

Good luck!
0
 

Expert Comment

by:danhrmr
ID: 12093795
I just had this problem!

Bring up Spyware Stormer.
Click on 'Advanced'.
Make sure Auto-Load Spyware Stormer with Windows' and 'ProActive Spyware Protection'
is unclicked.
Close window and restart.
Problem solved!!!

   Dan R.

0
 

Expert Comment

by:titan203
ID: 14403843
This problem is bring by some free spyware. they will include worm and hijack your PC when u online.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The purpose of this Article is to provide information for a newly released variant of malware – with the assumption that many EE Members will have need of the information. According to “Computerworld”, well over one million web sites have been co…
If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

827 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question