PeopleOnPage.AproposMedia
Aliases of PeopleOnPage.AproposMedia (AKA):
| [Kaspersky] | Backdoor.Agent.ag, TrojanDownloader.Win32.Apropo.b, TrojanDownloader.Win32.Apropo.g |
| [Eset] | Win32/Agent.AG trojan, Win32/TrojanDownloader.Apropo.B trojan, Win32/TrojanDownloader.Apropo.G trojan |
| [Panda] | Adware/Apropos, Adware/SideSearch, Adware/WinTools, Trj/Upseter.A |
How to Remove PeopleOnPage.AproposMedia from Your Computer^
To completely purge PeopleOnPage.AproposMedia from your computer, you need to delete the files, folders, Windows registry keys and registry values associated with PeopleOnPage.AproposMedia. These files, folders and registry elements are respectively listed in the Files, Folders, Registry Keys and Registry Values sections on this page.
For instructions on deleting the PeopleOnPage.AproposMedia registry keys and registry values,
see How to Remove PeopleOnPage.AproposMedia from the Windows Registry.
For instructions on deleting the PeopleOnPage.AproposMedia files and folders,
see How to Delete PeopleOnPage.AproposMedia Files (.exe, .dll, etc.)
How to Delete PeopleOnPage.AproposMedia Files (.exe, .dll, etc.)^
The files and folders associated with PeopleOnPage.AproposMedia are listed in the Files and Folders sections on this page.
To delete the PeopleOnPage.AproposMedia files and folders:
- Using your file explorer, browse to each file and folder listed in the Folders and Files sections.
- Select the file or folder and press SHIFT+Delete on the keyboard.
- Click Yes in the confirm deletion dialog box.
[%PROFILE_TEMP%]\_istmp1.dir\_istmp0.dir\dsetup16.dll
[%PROFILE_TEMP%]\_istmp1.dir\_istmp0.dir\dsetup32.dll
[%WINDOWS%]\temp\updater.exe
[%DESKTOP%]\OPTIFLEX\Nová složka++\magic puzzle\MagicInlayInstall.exe
[%PROFILE_TEMP%]\QTInstallerHelper.dll
[%PROFILE_TEMP%]\write_ph.dll
[%PROFILE_TEMP%]\acsdir.dll
[%PROFILE_TEMP%]\_istmp1.dir\_istmp0.dir\truetypefontinfo.dll
[%PROFILE_TEMP%]\_istmp1.dir\_istmp0.dir\directxvercheck.dll
[%PROFILE_TEMP%]\acsver.ini
[%PROFILE_TEMP%]\delcuwiz.ini
[%PROFILE_TEMP%]\_ISTMP2.DIR\_ISTMP0.DIR\DirectXVerCheck.dll
[%PROFILE_TEMP%]\_ISTMP2.DIR\_ISTMP0.DIR\TrueTypeFontInfo.dll
[%PROFILE_TEMP%]\_ISTMP1.DIR\_ISTMP0.DIR\410e627.DLL
[%PROFILE_TEMP%]\_ISTMP2.DIR\_ISTMP0.DIR\af9b42.DLL
[%SYSTEM%]\auto_update_uninstall.exe
[%SYSTEM%]\auto_update_uninstall.log
[%PROGRAM_FILES%]\CxtPls\CxtPls.exe
[%PROGRAM_FILES%]\CxtPls\proxystub.dll
[%PROGRAM_FILES%]\CxtPls\cxtpls.dll
[%PROFILE_TEMP%]\_istmp1.dir\_istmp0.dir\dsetup.dll
[%PROFILE_TEMP%]\_istmp1.dir\_istmp0.dir\dsetup32.dll
[%PROFILE_TEMP%]\_istmp1.dir\_istmp0.dir\dsetup16.dll
[%WINDOWS%]\TEMP\acsdir.dll
[%WINDOWS%]\TEMP\write_ph.dll
[%SYSTEM%]\asfw400.exe
[%PROFILE_TEMP%]\delreg.ini
[%PROFILE_TEMP%]\_istmp1.dir\_istmp0.dir\directxvercheck.dll
[%SYSTEM%]\wmpser.exe
[%WINDOWS%]\temp\~apropos0\atla.dll
[%WINDOWS%]\temp\~apropos0\setup.inf
[%PROFILE_TEMP%]\_ISTMP3.DIR\_ISTMP0.DIR\DirectXVerCheck.dll
[%PROFILE_TEMP%]\_ISTMP3.DIR\_ISTMP0.DIR\TrueTypeFontInfo.dll
[%PROFILE_TEMP%]\_ISTMP2.DIR\_ISTMP0.DIR\296ec10.DLL
[%PROFILE_TEMP%]\_ISTMP3.DIR\_ISTMP0.DIR\29ac619.DLL
[%PROFILE_TEMP%]\_ISTMP4.DIR\_ISTMP0.DIR\53b6f1.DLL
[%PROFILE_TEMP%]\_ISTMP4.DIR\_ISTMP0.DIR\DirectXVerCheck.dll
[%PROFILE_TEMP%]\_ISTMP4.DIR\_ISTMP0.DIR\TrueTypeFontInfo.dll
[%PROFILE_TEMP%]\_ISTMP1.DIR\_ISTMP0.DIR\a10bbe3.DLL
[%PROFILE_TEMP%]\datacache.ini
[%WINDOWS%]\temp\z.exe
[%PROFILE_TEMP%]\_ISTMP1.DIR\_ISTMP0.DIR\27768.DLL
[%PROFILE_TEMP%]\_ISTMP2.DIR\_ISTMP0.DIR\337da.DLL
[%PROFILE_TEMP%]\_istmp1.dir\_istmp0.dir\truetypefontinfo.dll
[%PROFILE_TEMP%]\_ISTMP1.DIR\_ISTMP0.DIR\100cae1.DLL
[%PROFILE_TEMP%]\~apropos0\atla.dll
[%PROFILE_TEMP%]\~apropos0\atlw.dll
[%PROFILE_TEMP%]\~apropos0\setup.inf
[%PROFILE_TEMP%]\_ISTMP1.DIR\_ISTMP0.DIR\909d7.DLL
[%WINDOWS%]\temp\update_1.exe
[%PROFILE_TEMP%]\_ISTMP1.DIR\_ISTMP0.DIR\a1a096.DLL
[%PROFILE_TEMP%]\_ISTMP2.DIR\_ISTMP0.DIR\a284fb.DLL
[%PROFILE_TEMP%]\_ISTMP3.DIR\_ISTMP0.DIR\a84bad.DLL
[%WINDOWS%]\temp\mw_4s_stub.exe
[%PROFILE_TEMP%]\AutoUpdate0\auto_update_install.exe
[%PROFILE_TEMP%]\update_1.exe
[%PROFILE_TEMP%]\_ISTMP10.DIR\_ISTMP0.DIR\DirectXVerCheck.dll
[%PROFILE_TEMP%]\_ISTMP12.DIR\_ISTMP0.DIR\DirectXVerCheck.dll
[%PROFILE_TEMP%]\_ISTMP2.DIR\_ISTMP0.DIR\45c4b9e.DLL
[%PROFILE_TEMP%]\~apropos0\atl.dll
[%PROGRAM_FILES%]\Aprps\ace.dll
[%PROGRAM_FILES%]\Aprps\ATL.DLL
[%PROGRAM_FILES%]\Aprps\CxtPls.dll
[%PROGRAM_FILES%]\Aprps\CxtPls.exe
[%PROGRAM_FILES%]\Aprps\proxystub.dll
[%PROGRAM_FILES%]\Aprps\WinGenerics.dll
[%PROGRAM_FILES%]\AutoUpdate\AutoUpdate.exe
[%SYSTEM%]\cnewapi.exe
[%SVC_SYS_PROFILE_TEMP%]\write_ph.dll
[%SYSTEM%]\magrip.exe
[%SYSTEM%]\ntsrage.exe
[%WINDOWS%]\cxtpls_loader.exe
[%WINDOWS%]\cxtpls_loader.exe_
[%WINDOWS%]\temp\autoupdate0\auto_update_install.exe
[%DESKTOP%]\digital detective\tempfiles\wrifo.exe
[%PROFILE_TEMP%]\homhup8fnvn.tmp\hup8fnvn-1.htm
[%PROFILE_TEMP%]\homhup8fnvn.tmp\hup8fnvn-2.htm
[%PROFILE_TEMP%]\homhup8fnvn.tmp\hup8fnvn-3.htm
[%PROFILE_TEMP%]\homhup8fnvn.tmp\hup8fnvn-4.htm
[%PROFILE_TEMP%]\homhup8fnvn.tmp\hup8fnvn.htm
[%PROFILE_TEMP%]\homhup8fnvn.tmp\index.htm
[%PROFILE_TEMP%]\magicinlayinstall.exe
[%PROFILE_TEMP%]\midaddle.exe
[%PROFILE_TEMP%]\mv7dizbww.exe
[%PROFILE_TEMP%]\qnqyiee.dll
[%PROFILE_TEMP%]\qnqyiee.exe
[%PROFILE_TEMP%]\sfl.exe
[%PROFILE_TEMP%]\tribbglk.htm
[%PROFILE_TEMP%]\triijhkm.htm
[%PROFILE_TEMP%]\trimepnm.htm
[%PROFILE_TEMP%]\trinjapb.htm
[%PROFILE_TEMP%]\_istmp1.dir\_istmp0.dir\199e866.dll
[%SYSTEM%]\aproposplugin.dll
[%SYSTEM%]\dx8iext.exe
[%SYSTEM%]\rcisp.exe
[%SYSTEM%]\shmhupnp.exe
[%SYSTEM%]\sm1ay.exe
[%SYSTEM%]\wrifo.exe
[%WINDOWS%]\ororoxid.exe
How to Remove PeopleOnPage.AproposMedia from the Windows Registry^
The Windows registry stores important system information such as system preferences, user settings and installed programs details as well as the information about the applications that are automatically run at start-up. Because of this, spyware, malware and adware often store references to their own files in your Windows registry so that they can automatically launch every time you start up your computer.
To effectively remove PeopleOnPage.AproposMedia from your Windows registry, you must delete all the registry keys and values associated with PeopleOnPage.AproposMedia, which are listed in the Registry Keys and Registry Values sections on this page.
To remove the PeopleOnPage.AproposMedia registry keys and values:
- On the Windows Start menu, click Run.
- In the Open box, type regedit and click OK.
The Registry Editor window opens. This window consists of two panes. The left pane displays folders that represent the registry keys arranged in hierarchical order. The right one lists the registry values of the currently selected registry key. - To delete each registry key listed in the Registry Keys section, do the following:
- Locate the key in the left pane of the Registry Editor window by sequentially expanding the folders according to the path indicated in the Registry Keys section. For example, if the path of a registry key is HKEY_LOCAL_MACHINE\software\FolderA\FolderB\KeyName1sequentially expand the HKEY_LOCAL_MACHINE, software, FolderA and FolderB folders.
- Select the key name indicated at the end of the path (KeyName1 in the example above).
- Right-click the key name and select Delete on the menu.
- Click Yes in the Confirm Key Delete dialog box.
- Locate the key in the left pane of the Registry Editor window by sequentially expanding the folders according to the path indicated in the Registry Keys section. For example, if the path of a registry key is
- To delete each registry value listed in the Registry Values section, do the following:
- Display the value in the right pane of the Registry Editor window by sequentially expanding the folders in the left pane according to the path indicated in the Registry Values section and selecting the specified key name. For example, if the path of a registry value is HKEY_LOCAL_MACHINE\software\FolderA\FolderB\KeyName2,valueC=sequentially expand the HKEY_LOCAL_MACHINE, software, FolderA and FolderB folders and select the KeyName2 key to display the valueC value in the right pane.
- In the right pane, select the value name indicated after a comma at the end of the path (valueC in the example above).
- Right-click the value name and select Delete on the menu.
- Click Yes in the Confirm Value Delete dialog box.
- Display the value in the right pane of the Registry Editor window by sequentially expanding the folders in the left pane according to the path indicated in the Registry Values section and selecting the specified key name. For example, if the path of a registry value is
Registry KeysHKEY_CLASSES_ROOT\interface\{b99a727f-0782-4a71-bcc2-6e1e66414904}
HKEY_CLASSES_ROOT\clsid\{01c5bf6c-e699-4cd7-bea1-786fa05c83ab}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{01c5bf6c-e699-4cd7-bea1-786fa05c83ab}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{65c8c1f5-230e-4dc9-9a0d-f3159a5e7778}
HKEY_LOCAL_MACHINE\software\classes\clsid\{645fd3bc-c314-4f7a-9d2e-64d62a0fdd78}
HKEY_LOCAL_MACHINE\software\classes\clsid\{65c8c1f5-230e-4dc9-9a0d-f3159a5e7778}
HKEY_LOCAL_MACHINE\software\classes\clsid\{8023a3e7-ab95-4c23-8313-0be9842cc70e}
HKEY_LOCAL_MACHINE\software\classes\clsid\{976c4e11-b9c5-4b2b-97ef-f7d06ba4242f}
HKEY_LOCAL_MACHINE\software\classes\clsid\{d5580d6f-0e5f-4bdb-9cdf-f8ee68beb008}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{01c5bf6c-e699-4cd7-bea1-786fa05c83ab}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{65c8c1f5-230e-4dc9-9a0d-f3159a5e7778}
Registry Values[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] hww4rgb9s=(EMPTY)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] ko0prxdqp=(EMPTY)
[HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar] {645fd3bc-c314-4f7a-9d2e-64d62a0fdd78}=(EMPTY)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] mv7dizbww.exe=(EMPTY)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] nr1beo9r.exe=(EMPTY)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] ororoxid=(EMPTY)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] pf8g35x=(EMPTY)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] z=(EMPTY)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] zga.exe=(EMPTY)
PeopleOnPage.AproposMedia Categorized as:^
BHO
Browser Helper Object, or BHO, is a dynamic link library (DLL) that runs whenever Internet Explorer is started. Generally, BHOs are included in installation of third-party programs where they are offered as enhancements of the browser functionality. For example, many Internet Explorer plug-ins are in essence BHOs.
BHOs can be installed silently or “legitimately” when a user fails to read the fine print included in the freeware program’s EULA (End User License Agreement).
Because BHOs are small programs, they can do anything that other programs can do. It’s not easy to detect the BHOs installed on the computer. This enables hackers and other malevolent users to employ the BHO functionality in their interests, for example, secretly install adware programs or gather various statistics on the user’s browsing trends.
Be Aware of the Following BHO Threats:
INetSpeak.Iexplorr, Webext, TheLocalSearch, Wssclient, Xupiter.Browser.
Backdoor
Of all trojans, backdoor trojans pose the greatest danger to users’ PCs because they give their authors remote control over infected computers. They are downloaded, installed, and run silently, without the user’s consent or knowledge. Upon installation, backdoor trojans can be instructed to send, receive, execute and delete files, gather and transfer confidential data from the computer, log all activity on the computer, and perform other harmful activities.
Be Aware of the Following Backdoor Threats:
Hijacker
Software that seizes control of a computer’s resources to proliferate itself or use them for other malicious purposes.
There are several types of hijackers. The most common are:
- Browser hijackers – Alters the existing Internet browser settings so that a user is redirected to unwanted or malicious Web sites. These include programs that change the browser Home page or replace a popular search service’s home page with its own fake copy, whose search results point to particular malicious or irrelevant sites.
- Autorun hijackers – Automatically run certain programs on start-up of a user’s computer.
Be Aware of the Following Hijacker Threats:
gomyron.com, CWS.conyc, Roings.com, CWS.Winres, IGetNet.ClearSearch.
Downloader
A type of trojan. The primary purpose of downloaders is to install malicious code on a user’s computer. However, they can enable other malicious uses. For example, they can be used to continually download new versions of malicious code, adware, or “pornware.” They are also used frequently used to exploit the vulnerabilities of Internet Explorer.
Downloaders are typically written in script languages such as VBS or JavaScript.
Be Aware of the Following Downloader Threats:
Cvme, Win32.Agent.byh, W95.Tick.dr, TrojanDownloader.VB, Win32.TrojanDownloader.Small.
How Did My PC Get Infected with PeopleOnPage.AproposMedia?^
The following are the most likely reasons why your computer got infected with PeopleOnPage.AproposMedia:
- Your operating system and Web browser's security settings are too lax.
- You are not following safe Internet surfing and PC practices.
Downloading and Installing Freeware or Shareware
Small-charge or free software applications may come bundled with spyware, adware, or programs like PeopleOnPage.AproposMedia. Sometimes adware is attached to free software to enable the developers to cover the overhead involved in created the software. Spyware frequently piggybacks on free software into your computer to damage it and steal valuable private information.
Using Peer-to-Peer Software
The use of peer-to-peer (P2P) programs or other applications using a shared network exposes your system to the risk of unwittingly downloading infected files, including malicious programs like PeopleOnPage.AproposMedia.
Visiting Questionable Web Sites
When you visit sites with dubious or objectionable content, trojans-including PeopleOnPage.AproposMedia, spyware and adware, may well be automatically downloaded and installed onto your computer.
Detecting PeopleOnPage.AproposMedia^
The following symptoms signal that your computer is very likely to be infected with PeopleOnPage.AproposMedia:
PC is working very slowly
PeopleOnPage.AproposMedia can seriously slow down your computer. If your PC takes a lot longer than normal to restart or your Internet connection is extremely slow, your computer may well be infected with PeopleOnPage.AproposMedia.
New desktop shortcuts have appeared or the home page has changed
PeopleOnPage.AproposMedia can tamper with your Internet settings or redirect your default home page to unwanted web sites. PeopleOnPage.AproposMedia may even add new shortcuts to your PC desktop.
Annoying popups keep appearing on your PC
PeopleOnPage.AproposMedia may swamp your computer with pestering popup ads, even when you're not connected to the Internet, while secretly tracking your browsing habits and gathering your personal information.
E-mails that you didn't write are being sent from your mailbox
PeopleOnPage.AproposMedia may gain complete control of your mailbox to generate and send e-mail with virus attachments, e-mail hoaxes, spam and other types of unsolicited e-mail to other people.
Thank you for your excellent program and your even more excellent support in helping me rid my computer of some nasty malware.
Even though problem took a while to uncover, It was a pleasure to work with you. I felt as though you were right there with me with timely and personal support. I was really impressed.
Great job! I will certainly recommend Exterminate It to others.
Thanks again,