Vicious Redirecting Malware and Adware
For the past week or so I've been having some rather annoying pop-ups showing themselves at seemingly random times. The first few days I thought it was merely site related pop-ups attempting to link other sites. Eventually I realized that this wasn't the case, as they started showing themselves on MY website. This raised a few red flags. I noticed the ads were mostly search and keyword related. For example, if I went to google and did a search on, lets say, cars. I'd go into a site and a pop up would appear at the bottom left of my browser with an ad to a site using my exact keywords. Occasionally, my browser would 'freeze' to a point where I couldn't click on links or anything else on the page. If I did, a new browser tab would pop open. Most of the time it was to a bogus flash player installation page where it would immediately attempt to download something. Ummmmm no, cancelled (later on, I realized how lucky I had gotten by catching this seemingly harmless download).
Just in case you don't know, Adware is a type of program that sends ads to your computer, usually via popups. Malware programs are generally much worse, as they typically have a malicious attempt to damage your hard drive or essential programs on your computer.
In this day and age, having an anti-virus program is like having car insurance: without it, you're screwed. So of course I ran a quick scan and found one infection that was actually quite serious. No biggie, quarantined then deleted. Five minutes later the pop-ups started again. What the... Ran another scan, this one came up with nothing. Ran a full scan, still nothing.
I became rather confused at this point. I knew something was wrong, but apparently my anti-virus didn't. I use Microsoft Security Essentials which I THOUGHT was a good anti-virus program. Did some snooping and apparently MSE isn't very effective anymore. Okay, so I found a new anti-virus called Malwarebytes Anti-Malware and downloaded the trial version. Ran a scan and oh wow, look at that, over 200 infections. Nearly crapped myself.
So with over 200 infections now deleted this annoying nightmare was now over right? Wrong. Five minutes later, the redirecting popups began again. Now I was starting to get quite worried because this was starting to get serious and beyond an annoyance. Did even more snooping around and apparently redirecting viruses hide extremely well from every anti-virus. Remember earlier I mentioned that little automatic download that was attempted over and over? Well, on one forum I read this guy had this happen and thinking it was a legitimate download for flash player, he allowed it. It required him to restart his computer and when it was rebooting he encountered a critical error: It froze on a black screen every single time he attempted to start his computer. Eventually he had to reformat the entire hard drive and lost everything he had on it. See how I got lucky? Phew
So here's what I did. I checked my system configuration and noticed my Java was peculiar. When I updated it the last time it went to Version 7 Update 40 and it informed me all previous versions were deleted yet here I saw a version from, oh I don't know, 2008? Java was formerly known as Sun Microsystems but now are Oracle and this version said it was from Sun. I found only one file this was attached to and it was jureg.exe. DELETED. I also disabled it from my start up menu, and although I still can't find exactly where this thing is on my computer, after I deleted the jureg.exe everything's been fine. For extra measures I also uninstalled all my toolbars (no idea why I had them installed in the first place) and reset all my browsers.
Haven't seen a pop-up since, thank you God. So, these things can be quite nasty and most of the time you might not even think there's anything wrong until it's too late. Getting an external hard drive and copying the contents of your computer to it might not be a bad idea...
Recent Comments
1
Thanks for sharing.