Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Fake Adobe Flash Player Update Infected My Laptop (Windows), iPad, and my hp


  • This topic is locked This topic is locked
5 replies to this topic

#1 fasciola

fasciola

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:09:15 PM

Posted 25 March 2014 - 08:51 AM

Dear all experts,

 

I don't know since when fake adobe flash player update kept popping up when I open facebook link on my laptop (Windows OS, not Macbook). Not only that, my sister's laptop, my iPad, and my handphone (Samsung Note 3) also have the same pop-up. I guess this is because all these gadgets share the same wireless connection.

 

- I have tried various ways to fix the problem. I had bought Kaspersky to fix the problem but it didn't detect any problem.

- I have installed trial SpyHunter and StopZilla. They detect a lot of malwares and Trojans; but I need to purchase them if to remove all the threats. But I didn't purchase after seeing many bad reviews about them.

- I have also followed the steps recommended in this link by bleepingcomputer:

http://www.bleepingcomputer.com/forums/t/526198/redirect-from-youtube-fb-to-fake-adobe-player-download/

But all the reports showed no problem. (I can attach all the reports, if needed)

- I have installed Spyware Doctor also have no problem.

 

Today, not only fake adobe flash player update; I have some problem typing in password to some websites on my Google Chrome; even for bleepingcomputer login. When I type in, the password becomes lengthened. But I managed to get in through my Mozilla; but the fake adobe flash player update begins to pop up here as well.

 

Is there any way I can remove this? :(

 

Thank you for your assistance!



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:15 AM

Posted 25 March 2014 - 02:10 PM

Hello fasciola

Let's try this first...

Please download Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.
Download and install:

Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
How to get logs:
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 fasciola

fasciola
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:09:15 PM

Posted 25 March 2014 - 09:35 PM

Hi Global Moderator,

 

Thanks for the fast reply!

 

I had tried the RKill, but it didn't flash and disappear.

 

Here is the report for Rkill.

 

Rkill 2.6.5 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 03/26/2014 09:38:09 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKLM\Software\Classes\.exe\shell found and deleted!
 
  * HKCU\SOFTWARE\Classes\.exe "@" exists and is set to exefile!
  * HKCU\SOFTWARE\Classes\.exe has been deleted!
  * HKCU\SOFTWARE\Classes\exefile has been deleted!
 
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1 localhost
  ::1 localhost
 
Program finished at: 03/26/2014 09:42:49 AM
Execution time: 0 hours(s), 4 minute(s), and 40 seconds(s)
 
Here is the report for Malwarebytes Anti-Malware Scan.
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 3/26/2014
Scan Time: 10:29:48 AM
Logfile: 
Administrator: Yes
 
Version: 2.00.0.1000
Malware Database: v2014.03.26.01
Rootkit Database: v2014.03.25.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: You Li
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 258973
Time Elapsed: 20 min, 21 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
Please kindly advise on next steps. 


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:15 AM

Posted 26 March 2014 - 03:05 PM

Hello, sorry for the delay.. I've been looking and it appears in your situation we need a deeper look to find this.

Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 fasciola

fasciola
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:09:15 PM

Posted 27 March 2014 - 12:52 AM

Hi boopme, don't need to apologise. Thanks for replying and helping out.

 

I have followed your instruction and posted a new topic in this link:

http://www.bleepingcomputer.com/forums/t/528949/fake-adobe-flash-player-update-infected-my-laptop-windows-ipad-and-my-hp/?p=3326158

 

There was some error so the topic has been posted three times :( I am not sure how to delete the rest.

The rest of duplicated topics are here:

http://www.bleepingcomputer.com/forums/t/528951/fake-adobe-flash-player-update-infected-my-laptop-windows-ipad-and-my-hp/

http://www.bleepingcomputer.com/forums/t/528950/fake-adobe-flash-player-update-infected-my-laptop-windows-ipad-and-my-hp/



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:15 AM

Posted 27 March 2014 - 09:38 AM

Thank you, I've removed the extras.

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 5 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users