Solved

paypopup / yesadvertising

Posted on 2004-10-01
5
257 Views
Last Modified: 2010-04-12
Somehow a downloader virus made it's way onto my system while I was at a keenspot webcomic and though I cleaned out all infections via AVG, it must have put something on my computer which causes a pop up window to occur after a certain length of time (I do not know the exact amount of time it takes to respawn) from a www.paypopup.com website which is black save for the words "no ads". The first pop up I recieved was of this: http://www.yesadvertising.com/click.x.php?aid=spyblocs2&at=0&du=http://66.33.0.35/spyblocs/adv/paypop1.html 

I have run CWshredder, ad-aware, avg and hijack this to see if I can find anything related to either of these websites to no avail. If anyone has any suggestions of what I need to do to get rid of this problem, I'd be grateful.

0
Comment
Question by:infernal_vanguard
  • 3
  • 2
5 Comments
 
LVL 12

Expert Comment

by:rossfingal
ID: 12208352
Hi!

Did you run your HijackThis log through the Automatic Analysis, to see what it turns up?
If not, you should do so:
http://www.hijackthis.de/index.php?langselect=english
Post back here any entries it flags as "Nasty", "Possibly Nasty" or "Unknown".

Good luck!
RF


0
 

Author Comment

by:infernal_vanguard
ID: 12208725
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

Was the only nasty it came up with, so I deleted the registry and found a folder in my program files containing installation files and what have you for Viewpoint (which I do not even remember putting onto my computer). I'll have to wait a while to see if the ads keep popping up; if not, you have my deepest thanks.
0
 
LVL 12

Accepted Solution

by:
rossfingal earned 250 total points
ID: 12209666
HI!

"Viewpoint" is installed with other things - you wouldn't even know it's being installed.
Try to uninstall these things through Add/Remove Programs first -
they may be listed there.
Reboot into "safe" mode and delete the folder:
C:\Program Files\Viewpoint <- delete the whole "Viewpoint" folder
You may have to stop a process first - start Task Manager and look for a running process called -
ViewMgr.exe
Kill it
Then search your ENTIRE computer for any instances of it - delete them all.
Clean out your temp files:
# C:\Windows\Temp - delete ALL of the CONTENTS of the folder - Not the "temp" folder itself!
# C:\Documents and Settings\<Your Profile>\Local Settings\Temporary Internet Files (all contents)
  <=This will delete all your cached internet content including cookies.
  This is recommended and strongly suggested!
    However, if you delete all your cookies - this can affect your stored Internet passwords
    and your ability to logon automatically to various sites.
    So, consider deleting all your cookies - optional
# C:\Documents and Settings\<Your Profile>\Local Settings\Temp (all contents)
# C:\Documents and Settings\<Any other users Profile>\Local Settings\Temporary Internet Files (all contents)
# C:\Documents and Settings\<Any other users Profile>\Local Settings\Temp (all contents)
# Empty your "Recycle Bin".
Reboot your computer into "noemal" mode and see how things are working
Regards...
RF
0
 

Author Comment

by:infernal_vanguard
ID: 12213733
Thank you for your help, but unfortunately getting rid of viewpoint did not fix the problem, and somehow in the process another problem occurred. Normally I am able to fix things like this, but instead I just decided to reformat my c drive since all my files are on my d drive.

Again, I thank you for your time and effort.
0
 
LVL 12

Expert Comment

by:rossfingal
ID: 12213944
Hi!   infernal_vanguard

I'm sorry no one could help -
If you have it , could you post your HijackThis log that you ran through
the "Automatic Analysis" site -
or post a link where it can be found.
Thanks...
RF
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now