Home / malwarePDF  

Adware:JS/Popupper


First posted on 17 April 2012.
Source: Microsoft

Aliases :

There are no other names known for Adware:JS/Popupper.

Explanation :

Adware:JS/Popupper is a detection for particular JavaScript that attempts to display pop-under advertisements.


Top

Adware:JS/Popupper is a detection for particular JavaScript that attempts to display pop-under advertisements.

It attempts multiple "exploits" to bypass pop-up blockers, including CVE-2004-1173 (using the DHTML Edit ActiveX control).

In the wild, we have also observed the adware loading an external SWF file to create the pop-under.

It is common for this detection to trigger in your Internet cache. When using Internet Explorer, the Internet cache is known as the Temporary Internet Files folder and is commonly located at C:\Users\<user name>\AppData\Local\Microsoft\Windows\Temporary Internet Files\. The Temporary Internet Files (or cache) folder contains webpage content that is stored on your hard disk for quick viewing. This cache permits Internet Explorer to download only the content that has changed since you last viewed a webpage, instead of downloading all the content for a page every time it is displayed.

Having this detection reported by your antivirus product may indicate that you have recently visited a website that attempted to display pop-under advertisements.



Analysis by Chris Stubbs

Last update 17 April 2012

 

TOP