Nuisance Pop-up Window

Report · May 15, 2013

I have, within the last few days, been experiencing a nuisance pop-up window that shows the following text....

Flash Player WARNING!

Your FlashPlayer Have Serious Secure Bugs!

Please Update NOW!

The webpage name shown at the address bar is http://mplayer5888.info/flashplayer/install/

When using Mozilla Firefox, the window opens randomly in the same window I am currently using and puts a smaller window in front of it with the poorly written text in it. This means that whatever I was doing is terminated and I have to either back out, or close the browser. When using Google Chrome, it seems to open a new tab, again randomly, and the same windows and text are evident.

I am not sure if I have described this adequately but I hope that it can be understood.

I have not used Internet Explorer (I have version 8) so have not noticed this same thing happening.

Having seen this pop-up, and been concerned about it, I visited the official Adobe website and installed Flash Player 11 latest version from there but the same pop-up still randomly occurs. Furthermore, a virus scan and a malware scan is not showing any problems with my computer.

Any ideas? Is this a real concern, or just a phishing attempt?

Report · May 15, 2013

The same thing has been happening for me, starting a few days ago. Ran a full-scan with Bitdefender and everything was clean. It was a nuisance at first, but now it's starting to worry me quite a bit. Does anyone know how to get rid of it?

Report · May 15, 2013

It just happened again while i was foum browsing at mmo-champion.com, but this time it redirected me to a different website than before(the old mplayer588.info)

Here's what it looks like:

Report · May 15, 2013

I have encountered the same problem. Is this a malicious site?

Report · May 16, 2013

Mine started 3 days ago. Only having problems on one particular website. The appearance of the message has changed 3 times since it started. The screen shot in your comment is exactly what it looked like last night.

Report · May 15, 2013

I think it's a malicious site, but avast! isn't picking it up. All I know is mplayer5888.info was registered on May 15, 2013 and the registration is private. I'm not sure that I'm not already infected with something, but I haven't installed whatever it is that they want me to install.

Report · May 15, 2013

It's definitely not something from Adobe; either your systems are infected with malware, or the website you are visiting is pushing it (may also be infected).

Try http://www.malwarebytes.org/ (free) to check your own systems for malware.

Report · May 17, 2013

I am a paid up user of malwarebytes and neither that, nor Avast has picked up anything during a scan.

Report · Jul 20, 2013

I was wondering if any of you have determined if this is just a phishing attempt or if just by having the website / pop-up means that the computer was actually compromised. I received the same pop-up message, coming from a website that was fake but looked a lot like the Adobe website, but the pop-up warning was badly written.

The new browser window appeared as I was reading an article on a dentist's blog. Once this new Window appeared, it only gave me the option to press OK on the pop-up Window, go Back, or close the Window. I went back and closed it. It has only happened once (yesterday).

The website, however, is not the same as you've listed above. For me, the problem was caused by http://funnygamel.com/FlashPlayer/index.html. I've run several URL scanners and all of them determine that there's no threat or vulnerability. I'm assuming that's just a phishing attempt but went ahead and notified Adobe through Facebook and an InfoSec guy in the office.

This is the link to the URL Scanner report: http://urlquery.net/report.php?id=3872690

This is an image of what the site looks like (a screen shot provided by the URL scanner):

Report · Jul 20, 2013

The problem seemed to go away on its own for me. I never did download whatever it was that the pop-up wanted me to load. I have a couple of theories why it went away, either it was because I kept legitimately updating everything I could as often as I could (adobe, anti-virus, windows, etc), or perhaps a server on the site(s) where I would get the pop-up was infected and now it is okay, I don't know.

What would have happened to us if the pop-ups were better written?

Report · Jul 20, 2013

According to VirusTotal, the website that you listed was/is indeed a malicious site; mine doesn't get flagged as such:

Sophos URL description

URL subjected to threat Mal/HTMLGen-A.

Websense ThreatSeeker URL category

Malicious Web Sites.

Report · Jul 20, 2013

Be careful, according to whois funnygamel.com was registered on July 17, 2013. I think it's not on any lists because whoever is behind this moves from one site to another.

Report · Jul 20, 2013

Yes, I noticed that too. But I haven't clicked on anything because it's obvious that it's fake. The spelling was awful in the pop-up. But, should I be worried if only the new browser Window opened and I just closed it? I know that there are times that things run on the background...

Adobe Community

Nuisance Pop-up Window

Sophos URL description

Websense ThreatSeeker URL category