Solved

paypopup / yesadvertising

Posted on 2004-10-01
5
262 Views
Last Modified: 2010-04-12
Somehow a downloader virus made it's way onto my system while I was at a keenspot webcomic and though I cleaned out all infections via AVG, it must have put something on my computer which causes a pop up window to occur after a certain length of time (I do not know the exact amount of time it takes to respawn) from a www.paypopup.com website which is black save for the words "no ads". The first pop up I recieved was of this: http://www.yesadvertising.com/click.x.php?aid=spyblocs2&at=0&du=http://66.33.0.35/spyblocs/adv/paypop1.html 

I have run CWshredder, ad-aware, avg and hijack this to see if I can find anything related to either of these websites to no avail. If anyone has any suggestions of what I need to do to get rid of this problem, I'd be grateful.

0
Comment
Question by:infernal_vanguard
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 12

Expert Comment

by:rossfingal
ID: 12208352
Hi!

Did you run your HijackThis log through the Automatic Analysis, to see what it turns up?
If not, you should do so:
http://www.hijackthis.de/index.php?langselect=english
Post back here any entries it flags as "Nasty", "Possibly Nasty" or "Unknown".

Good luck!
RF


0
 

Author Comment

by:infernal_vanguard
ID: 12208725
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

Was the only nasty it came up with, so I deleted the registry and found a folder in my program files containing installation files and what have you for Viewpoint (which I do not even remember putting onto my computer). I'll have to wait a while to see if the ads keep popping up; if not, you have my deepest thanks.
0
 
LVL 12

Accepted Solution

by:
rossfingal earned 250 total points
ID: 12209666
HI!

"Viewpoint" is installed with other things - you wouldn't even know it's being installed.
Try to uninstall these things through Add/Remove Programs first -
they may be listed there.
Reboot into "safe" mode and delete the folder:
C:\Program Files\Viewpoint <- delete the whole "Viewpoint" folder
You may have to stop a process first - start Task Manager and look for a running process called -
ViewMgr.exe
Kill it
Then search your ENTIRE computer for any instances of it - delete them all.
Clean out your temp files:
# C:\Windows\Temp - delete ALL of the CONTENTS of the folder - Not the "temp" folder itself!
# C:\Documents and Settings\<Your Profile>\Local Settings\Temporary Internet Files (all contents)
  <=This will delete all your cached internet content including cookies.
  This is recommended and strongly suggested!
    However, if you delete all your cookies - this can affect your stored Internet passwords
    and your ability to logon automatically to various sites.
    So, consider deleting all your cookies - optional
# C:\Documents and Settings\<Your Profile>\Local Settings\Temp (all contents)
# C:\Documents and Settings\<Any other users Profile>\Local Settings\Temporary Internet Files (all contents)
# C:\Documents and Settings\<Any other users Profile>\Local Settings\Temp (all contents)
# Empty your "Recycle Bin".
Reboot your computer into "noemal" mode and see how things are working
Regards...
RF
0
 

Author Comment

by:infernal_vanguard
ID: 12213733
Thank you for your help, but unfortunately getting rid of viewpoint did not fix the problem, and somehow in the process another problem occurred. Normally I am able to fix things like this, but instead I just decided to reformat my c drive since all my files are on my d drive.

Again, I thank you for your time and effort.
0
 
LVL 12

Expert Comment

by:rossfingal
ID: 12213944
Hi!   infernal_vanguard

I'm sorry no one could help -
If you have it , could you post your HijackThis log that you ran through
the "Automatic Analysis" site -
or post a link where it can be found.
Thanks...
RF
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Reading a syslog for a botnet 12 84
4 Android flaws that leave 900M devices at Risk 7 81
Noob question:this site is sql vulns? 2 117
EXCHANGE 2007, EXCHANGE 2013 8 129
SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question