AproposMedia is the advert-showing part of the 'PeopleOnPage' program, an Internet Explorer sidebar which claims to show a list of other users of the current site.
POP after its program name, Envolo after the name of the updater component included in PeopleOnPage.
PeopleOnPage was bundled with Grokster around June 2003, and it installed by pop-up ActiveX drive-by download.
Yes. Opens pop-up adverts (which themselves may spawn other pop-ups) at regular intervals when Internet Explorer is in use.
Yes. When the PeopleOnPage sidebar is open, the addresses of all pages visited are sent to the controlling server with a unique tracking ID.
Yes. Includes an updater component which can silently download and execute arbitrary code form its controlling server.
None known.
Go to the Control Panel's Add/Remove Programs feature. Select and remove 'AM Server' and 'POP'.
Open the registry, by clicking 'Start', choosing 'Run' and entering 'regedit'. Open the 'CLSID' key inside 'HKEY_CLASSES_ROOT' and delete the following subkeys:
{645FD3BC-C314-4F7A-9D2E-64D62A0FDD78}
{65C8C1F5-230E-4DC9-9A0D-F3159A5E7778}
{8023A3E7-AB95-4C23-8313-0BE9842CC70E}
{976C4E11-B9C5-4B2B-97EF-F7D06BA4242F}
{B3BE5046-8197-48FB-B89F-7C767316D03C}
You can also delete HKEY_CLASSES_ROOT\POP.Server[.1], HKEY_CLASSES_ROOT\POPAd.Server[.1], HKEY_LOCAL_MACHINE\Software\POP and HKEY_CURRENT_USER\Software\POP to clean up.
Next, open HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run and delete the entries 'POP' and 'AutoUpdater'.
Restart the computer and you should be able to delete the 'POP' folder in Programs Files, and the 'AutoUpdate' in a folder called 'Program Files' on the C: drive (regardless of whether or not that's where your real Program Files folder is).