My home computer and some co-workers’ computers have been hit with some pernicious adware: obnoxious pop-ups in Internet Explorer, displaying ads from belgiandip.com. Spybot didn’t help get rid of it. (I didn’t try AdAware until after I’d already dealt with it manually.)
I searched Google for “belgiandip” and found this suggestion. It seemed to help. Here’s how to do what I did:
- Open an explorer window on C:\Windows\System32, set it to the Details view.
- Right-click on the column headers to add another column. In the More... list at the bottom is Company. Select it, then sort by that column.
- Scroll down to “totempole” in the Company list. I found four .exe files, all 64K in size, all of which said in the properties that OriginalFileName was “pup.exe”.
- Delete them all (one was running: find it in the Task manager and kill it, then delete the file).
- Do the same thing for the C:\Windows directory.
- In the registry, in HK_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run, find the entry corresponding to the exe that was running, and delete the entry.