Belgiandip

Thursday 15 April 2004

My home computer and some co-workers’ computers have been hit with some pernicious adware: obnoxious pop-ups in Internet Explorer, displaying ads from belgiandip.com. Spybot didn’t help get rid of it. (I didn’t try AdAware until after I’d already dealt with it manually.)

I searched Google for “belgiandip” and found this suggestion. It seemed to help. Here’s how to do what I did:

  1. Open an explorer window on C:\Windows\System32, set it to the Details view.
  2. Right-click on the column headers to add another column. In the More... list at the bottom is Company. Select it, then sort by that column.
  3. Scroll down to “totempole” in the Company list. I found four .exe files, all 64K in size, all of which said in the properties that OriginalFileName was “pup.exe”.
  4. Delete them all (one was running: find it in the Task manager and kill it, then delete the file).
  5. Do the same thing for the C:\Windows directory.
  6. In the registry, in HK_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run, find the entry corresponding to the exe that was running, and delete the entry.

Comments

[gravatar]
Abhijit 8:16 PM on 15 Apr 2004

one of my colleagues had the same problem. Spybot didnt help. Finally he ended up formatting his machine and reinstalling everything

[gravatar]
Abhijit 8:17 PM on 15 Apr 2004

there is a very good utility at sysinternals.com known as autoruns. It allows you to view the various files that are launched at start-up. That should help.

[gravatar]
Keith 9:01 PM on 15 Apr 2004

Do you know how you got it?

[gravatar]
Ned Batchelder 9:07 PM on 15 Apr 2004

No, I don't know how "I" got it. "I" is a misnomer here: I only ever use the home computer to fix things like this on it. I'd blame it on a kid who'll click any OK button just to get rid of dialogs on the screen, but the fact is some very knowledgble technical people at work had it on their computers, so who knows where it came from?

[gravatar]
Zoran Lazarevic 11:25 AM on 16 Apr 2004

The safest solution for these kinds of problems is to delete IE shortcuts and install Opera or Mozilla. And of course run a firewall and an anti-virus software.

[gravatar]
Kev Spencer 1:17 PM on 16 Apr 2004

If you did want to explore other alternatives to IE, you could do *much* worse than Mozilla's Firefox.

Quite simply - it rocks.

[gravatar]
Doug L. 7:25 PM on 18 Apr 2004

Actually, the safest solution for these kinds of problems is to delete Windows, sell the PC, and get a Mac. Or, short of that, install Linux.

Add a comment:

Ignore this:
Leave this empty:
Name is required. Either email or web are required. Email won't be displayed and I won't spam you. Your web site won't be indexed by search engines.
Don't put anything here:
Leave this empty:
URLs auto-link and some tags are allowed: <a><b><i><p><br><pre>.