Adobe Flash Player 11.5.502.16 - Getting anoying messages everytime I enter a website

Yes, I'm in Brazil as well. Seems odd that this topicwas viewed more than 400 times within 50 minutes. I have read one possible solution saying that this "virus" or whatever this is affects your router, therefore its reset and reconfiguration is needed. I'm looking for a simpler solution. I'm not an expert but there must be another way to solve this. I'd really appreciate if someone could shed some light on this.

Thanks,

I am also in Brazil and I was having the same problem.

Turns out this is a way that mackeeper forces you to renew its antivirus subscription. Once I renew it, the message got away.

And now I am feelling robbed by mackeeper.

I don't think that is the case here. Most likely the fact that you renewed your AV solution caused it to remove whatever was infecting your computers.

Interesting. I don't kave MacKeeper installed, so I don't think that could be the source of the problem for me at least. I'm with NET on the phone atm, as it seems this is only affecting people in Brazil, but so far the lady has been (unsurprisingly) unhelpful.

Also, cleaning the cache did nothing for me, unfortunately.

They usually don't even know what a DNS is and they rarely transfer to higher level support. Guess we're on our own, at least until this blows up and they are unable not to present some explanation.

I'm still trying to make the window reaper, but with little luck.

After killing the chrome process I mentioned (the one I didn't even bother to take a screenshot), the behaviour disappeared from all devices in the network.

It's also gone for me. I still think it might have been something on NETs network. Clearing the browsing data was literally the first thing I did, and it didn't help. Also the fact that it was present on all browsers and devices on the network (and this wasn't just me), and it happening to so many of us at the same time only makes me more suspicious.

I'm betting on something on the NET's side as well.

After changing the DNS on the router to google's the issue disappeared from everything.

I initially thought it was the chrome process I killed, but that doesn't seem reasonable.

It would seem that the DNS change was what caused the issue to disappear and that it was being injected via NET's DNSes into the victim's devices. That's how it managed to appear on IOS and Windows devices alike.

A dude in the kaspersky forum posted a screenshot of the div code: http://s21.postimg.org/npytequyf/flash_virus_2.png

Here's the thread: http://forum.kaspersky.com/index.php?s=fea0705eb0268ba4db2e73bc28fca024&showtopic=276270

Also, a thread on reddit: http://www.reddit.com/r/techsupport/comments/1s1m0b/adobe_flash_player_asking_to_download/

We must not let this die.

Same issue here:

Located in Belo Horizonte, Brazil, using NET Virtua ISP. Yesterday this page began appearing on iOS and Macs alike. Only in my MacBook Pro this is not showing, and, since I use OpenDNS only on this machine, it can certainly be traced to an issue with the ISP provided DNSs. Changed the DNS for one iOS device to OpenDNS, and the page never appeared back. So, NET Virtua's DNSs have been compromised for sure.

When I'm back home I'll try to contact their support, but don't think that they'll know what I'll be talking about as Topliff said. And since the first thing I did after the technician left my house for installing the modem was changing the administrator credentials, I'm sure that's not just the modem that was compromised, but their whole servers…

Anybody got a response from their side?

Re:MacKeeper

https://discussions.apple.com/docs/DOC-3691

Same thing here. Brazil with Virua ISP.

Any device presents the div. Including IOS devices (2 ipads tested). Same IP.

Nothing new installed in any device in the network. Nothing updated either.

Strangely, a suspicious chrome process was running in one of the computers. I killed it to test and the screen stopped showing in all devices. I was unable to make the weird process run again. Trying to get it back now.

Kaspersky detects the packed zip. Malwarebytes shows nothing in the windows computer.

Hey, that worked for me. Thanks

Thanks, Americo.

To everyone with the same issue, I used CCleaner and the messages seemed to go away. I'm using chrome, testing on many websites for 15 minutes and no problems so far.

Let's hope this does the trick.

Thanks to everyone.

Hi Mike,

Unfortunately there aren't any programs I could find with similar description nor did not recall installing. Thanks for your help anyway.

Just got for over half an hour with NET Virtua's Tech support trying to explain the case to the attendant, but got no luck in talking to the right department or someone who could understand the matter…

Switching my computer from OpenDNS to NET's DNS back and forth makes the problem appear and disappear. And it seems to appear in different pages each time, so it seems like it substitutes random DNS requests, since some pages that were showing the symptom are not anymore.

So, simply clearing caches would solve the problem for some pages, but it'd reappear in others after some time.

For everyone, I'd suggest switching your computer (or router) to OpenDNS or Google's DNS, and flushing your DNS records so it'll use the new ones in the meantime (clearing the caches, as suggested).