[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 267
  • Last Modified:

paypopup / yesadvertising

Somehow a downloader virus made it's way onto my system while I was at a keenspot webcomic and though I cleaned out all infections via AVG, it must have put something on my computer which causes a pop up window to occur after a certain length of time (I do not know the exact amount of time it takes to respawn) from a www.paypopup.com website which is black save for the words "no ads". The first pop up I recieved was of this: http://www.yesadvertising.com/click.x.php?aid=spyblocs2&at=0&du=http://66.33.0.35/spyblocs/adv/paypop1.html 

I have run CWshredder, ad-aware, avg and hijack this to see if I can find anything related to either of these websites to no avail. If anyone has any suggestions of what I need to do to get rid of this problem, I'd be grateful.

0
infernal_vanguard
Asked:
infernal_vanguard
  • 3
  • 2
1 Solution
 
rossfingalCommented:
Hi!

Did you run your HijackThis log through the Automatic Analysis, to see what it turns up?
If not, you should do so:
http://www.hijackthis.de/index.php?langselect=english
Post back here any entries it flags as "Nasty", "Possibly Nasty" or "Unknown".

Good luck!
RF


0
 
infernal_vanguardAuthor Commented:
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

Was the only nasty it came up with, so I deleted the registry and found a folder in my program files containing installation files and what have you for Viewpoint (which I do not even remember putting onto my computer). I'll have to wait a while to see if the ads keep popping up; if not, you have my deepest thanks.
0
 
rossfingalCommented:
HI!

"Viewpoint" is installed with other things - you wouldn't even know it's being installed.
Try to uninstall these things through Add/Remove Programs first -
they may be listed there.
Reboot into "safe" mode and delete the folder:
C:\Program Files\Viewpoint <- delete the whole "Viewpoint" folder
You may have to stop a process first - start Task Manager and look for a running process called -
ViewMgr.exe
Kill it
Then search your ENTIRE computer for any instances of it - delete them all.
Clean out your temp files:
# C:\Windows\Temp - delete ALL of the CONTENTS of the folder - Not the "temp" folder itself!
# C:\Documents and Settings\<Your Profile>\Local Settings\Temporary Internet Files (all contents)
  <=This will delete all your cached internet content including cookies.
  This is recommended and strongly suggested!
    However, if you delete all your cookies - this can affect your stored Internet passwords
    and your ability to logon automatically to various sites.
    So, consider deleting all your cookies - optional
# C:\Documents and Settings\<Your Profile>\Local Settings\Temp (all contents)
# C:\Documents and Settings\<Any other users Profile>\Local Settings\Temporary Internet Files (all contents)
# C:\Documents and Settings\<Any other users Profile>\Local Settings\Temp (all contents)
# Empty your "Recycle Bin".
Reboot your computer into "noemal" mode and see how things are working
Regards...
RF
0
 
infernal_vanguardAuthor Commented:
Thank you for your help, but unfortunately getting rid of viewpoint did not fix the problem, and somehow in the process another problem occurred. Normally I am able to fix things like this, but instead I just decided to reformat my c drive since all my files are on my d drive.

Again, I thank you for your time and effort.
0
 
rossfingalCommented:
Hi!   infernal_vanguard

I'm sorry no one could help -
If you have it , could you post your HijackThis log that you ran through
the "Automatic Analysis" site -
or post a link where it can be found.
Thanks...
RF
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now