Help with a 'pop-up'

J

jeannie

Warlord
Joined
Nov 12, 2002
Messages
254
Location
New Jersey-50 miles to NYC theaters
A friend of mine called me today because he was getting pop-ups about a spyware tool, so I went over to his place to help him.

The pop-ups seemed to multiply, and eat up more and more of his memory, and he had called Microsoft for advice and they told him to download Adaware. This little 'monster' then also interfered with www.download.com so if you asked to download Adaware or Spybot, it would tell you it was downloading but never ask what you wanted to do with the file (run it, save it, et.) - just tie up further resources in the system. I finally remembered the TUCOWS site and we got ADAWARE there.

Norton Antivirus identified file windows/system32/pplh.dll as a suspicious file and recommended deleting it, and he confirmed he wanted to delete it, but Norton didn't delete it. Nor could we manually delete it - it said it was in use and was a crucial system file :mad:

After updating the Adaware files (I guess these are similar to 'virus signature' files) to the ones dated yesterday, Adaware also identified it and DID delete it.

But a couple of hours later, it came back - but under a different file name. I left, since we'd spent close to 12 hours getting the problem 'fixed' before it re-occured.

Questions:
1) How to stop this happening again.
2) Is this a 'virusl' or is it spyware? I'm not sure I understand the distinction in this case.
3) how to fix it.
4) any other advice.
 
1) How to stop this happening again.

We'll need more information first...


2) Is this a 'virus' or is it spyware? I'm not sure I understand the distinction in this case.

What's those popups? Are they IE JavaScript alerts, or are they Windows dialogs?
Can you post a screenshot?


3) how to fix it.

We'll need to know what it is first.


4) any other advice.

The best way to fight these pest is: Don't get infected in the first place.
Keep your Windows updated - download and install security patches as Micorsoft releases them.
Use antivirus software and keep them up-to-date.
Install a firewall. Now this usually comes with antivirus.
Stop using IE, or at least adjust the security settings.
Don't browse suspicious sites. Today they annoy you with some ActiveX control/JavaScript, next day they'll use a MS security loophole they've found.
Don't use those so-called "File sharing" software.

Stop using Windows for web browsing. Use Linux ;)
 
Getting spybot might be a good idea as well and installing a firewall will hopefully stop thigs from coming back...
 
Since this problem is at a friend's house, I don't currently have access to his system to capture copies of the screens. And he DOES have a firewall. I'll suggest to him that he run Adaware again and Spybot S&D, as well, and hope that fixes his problem, and I'll schedule another time to go over there and check out some other things on his system.
 
You must log in or register to reply here.

Similar threads

planetfall
Why is river goddess broken?
Replies
6
Views
734
planetfall
planetfall
H
VP 4.22 + 34UC v88 Korean Mod & Modpack
Replies
0
Views
1K
HANDANI
H
A
Help with editing CIV4BuildingInfos!
Replies
6
Views
371
Leoreth
Leoreth
Nikas Kunitz
Need quick help with spawn dates
Replies
2
Views
567
Nikas Kunitz
Nikas Kunitz
I
HELP Missionaries buildable with Mosques mod issues
Replies
2
Views
517
Icthiolavarunt
I
Back
Top Bottom