Solved

Spyware Stormer continues to give pop ups, I need to know how to get rid of it. I have tried Adaware, Macafee, and Spybot.

Posted on 2004-08-20
11
48,950 Views
Last Modified: 2008-03-17
Spyware Stormer continues to give pop ups, I need to know how to get rid of it. I have tried Adaware, Macafee, and Spybot. I still receive constant advertisements wanting me too purchase their product. Please tell me how to stop spyware stormer popups.
0
Comment
Question by:gmar777
11 Comments
 
LVL 65

Accepted Solution

by:
SheharyaarSaahil earned 500 total points
ID: 11855810
Hello gmar777 =)

Download HijackThis v1.98.2, run it, Save the LOG file and Post it here:
http://tools.radiosplace.com/HijackThis.exe
0
 

Author Comment

by:gmar777
ID: 11856056
Logfile of HijackThis v1.98.2
Scan saved at 2:11:25 PM, on 8/20/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\altiris\AClient.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\altiris\AClntUsr.EXE
C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\mstsc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\gmartin\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mvusd.k12.ca.us
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = cec-isa.mvusd.k12.ca.us:1414
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = outlook.mvusd.k12.ca.us;iwww.mvusd.k12.ca.us;vlhs-lib.mvusd.k12.ca.us/wx/s.dll;mvusd4gl.mvusd.k12.ca.us;blackboard.mvusd.k12.ca.us;www.mvusd.k12.ca.us;helpdesk.mvusd.k12.ca.us;vvhs.mvusd.k12.ca.us;vvhs;<local>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [AClntUsr] c:\altiris\AClntUsr.EXE
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.mvusd.k12.ca.us
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1092763979001
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mvusd.k12.ca.us
O17 - HKLM\Software\..\Telephony: DomainName = mvusd.k12.ca.us
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = mvusd.k12.ca.us
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = mvusd.k12.ca.us

0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11856107
lol..... ur LOG is clean,,,,, nothing BAD :)
is ur messenger service running,,, if YES then disable it >> http://www.itc.virginia.edu/desktop/docs/messagepopup/
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11856153
Also just try downloading this Popup Blocker >> http://www.synergeticsoft.com/docs/pop_up_blocker/
Direct Download link >> http://www.synergeticsoft.com/files/PB.exe

and Add those Spyware Stromer popups in its block list,,,, and next time they will be blocked by this tool :)
0
 
LVL 6

Expert Comment

by:acmp
ID: 11864927
All the info I can find on Google says the 'Spyware Stormer' is as bad as the spyware it is susposed to remove.

If you have installed this software I'd recommend removing it. Though I can't see any evidance of it in your log file.

acmp<><
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Expert Comment

by:EllisonG
ID: 11929798
0
 

Expert Comment

by:rcolkett
ID: 12058754
You should purchase a program called X-Cleaner, from www.xblock.com.  I have been using it for the past year, and it works great.
0
 

Expert Comment

by:clepkens_koen
ID: 12062794
CWshreder is OK, but try to stop the incomming.
The CWshreder has got some real good info on how the spyware comes in....
It has something to do with the XP version and the service pack installed or not.
Install service pack 1, then run the CWshreder
0
 

Expert Comment

by:a1serv
ID: 12087929
I am using Spy Sweeper and STOPzilla.  They work very well for my home PC.

Here are URL for these products:
http://www.webroot.com/land/spysweeperb.php?rc=1061&ac=disc
http://www.stopzilla.com/download/download_select.asp?AID=10004&S=4&type=DOWNLOAD&topic=&source=&AAID=&dre=

Good luck!
0
 

Expert Comment

by:danhrmr
ID: 12093795
I just had this problem!

Bring up Spyware Stormer.
Click on 'Advanced'.
Make sure Auto-Load Spyware Stormer with Windows' and 'ProActive Spyware Protection'
is unclicked.
Close window and restart.
Problem solved!!!

   Dan R.

0
 

Expert Comment

by:titan203
ID: 14403843
This problem is bring by some free spyware. they will include worm and hijack your PC when u online.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Locky virus 9 74
Help with possible virus 16 121
Anti-virus for Linux Server 15 85
Sophos EC migration to Cloud. 1 42
These are on the increase and getting more common these days. Users who use the Google search engine may complain of having their search redirected to unwanted sites, regardless of what browser is used. This happens when the system is infected with…
For those of you actively in the Malware fightling business, we now have available an amazing new tool in the malware wars (first recommended to me by rpggamergirl (http://www.experts-exchange.com/M_3598771.html), the Zone Advisor for the Virus and …
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now