Copy link to clipboard
Copied
I recently tried to install the new flashplayer update, but Windows Defender automatically blocked it. I don't have any other Antivirus other than Malwarebytes and Advanced System Care. The error I received was called
According to BrowserModifier:Win32/Hopadef it is a possible malware. The "download link" that opened when trying to update Adobe is https://thooblists-n-profits.com/3681276781228/a25e6b06ce67056841926be95a6a1e14.html . Anyone know if this is a legitimate update or if this is a new Malware that Adobe is not aware of? And if it is a legit update, hos do I allow for it to bypass through Windows Defender?
Copy link to clipboard
Copied
That is most definitely not a legitimate link to download Flash Player from. It sounds like you downloaded the installer from a malicious site, or got a prompt, from a malicious site, to download the installer, or something else, but it's not legitimate. I recommend scanning your site for malware/viruses/etc.
Adobe takes these incidents very seriously and follows-up on them. I have forwarded your message to the fraud department for follow-up.
Official Flash Player installers are posted at https://get.adobe.com/flashplayer
Copy link to clipboard
Copied
i already scanned my laptop and removed it but it seems to keep returning every so often. I used Malwarebytes and Windows Defender and scanned it but came up with nothing. The last time it was detected it was placed in quarantine and then I removed it.
Copy link to clipboard
Copied
Questioner94: What did you scan it with? I have the same problem.
Copy link to clipboard
Copied
Malwarebytes and Windows Defender.
Copy link to clipboard
Copied
But you just said you canned it with them and came up with nothing. Then you also said you scanned it and removed it. That is very confusing. Were you able to scan it and detect it and remove it? If you removed it, what were you using to remove it?
Copy link to clipboard
Copied
Questioner 94: But you just said you canned it with them and came up with nothing. Then you also said you scanned it and removed it. That is very confusing. Were you able to scan it and detect it and remove it? If you removed it, what were you using to remove it?
Copy link to clipboard
Copied
I removed it with Defender then it came back and removed it with Bytes. It keeps coming back up every week or so.
Copy link to clipboard
Copied
Questioner94: How long has this been going on? Do you have any idea what it does? What OS are you using?
Copy link to clipboard
Copied
Win 10 HP Pavilion. Been starting ever since early May.
Copy link to clipboard
Copied
Questioner94: Thanks. I will try Malawarebytes. If you learn anything more, please post it here.
Copy link to clipboard
Copied
Questioner94: What was the malicious file called when you found it?
Copy link to clipboard
Copied
Look back up for the name and it just randomly appeared one day as a fashplayer update.
Copy link to clipboard
Copied
Questioner94: What did Malawarebytes say the virus was called when it detected it and reported it to you?
Copy link to clipboard
Copied
Questioner94: The only thing Malawarebytes found were several files called Rootkit. Is that what you got?
Copy link to clipboard
Copied
I forgot what I got from malwarebytes
Copy link to clipboard
Copied
Quesioner94: Could it have been Rootkit?
Copy link to clipboard
Copied
Like the others, I got it with Chrome and Firefox. It opens a new tab by itself. MS Security Essentials catches it and will clear it, but it comes back anyway, with different URL's. Visually it looks like an Adobe site. Adobe, is there a place where it can be sent to your security people for analysis? FYI i deleted the browsers and reinstalled, to no avail.
Copy link to clipboard
Copied
Adobe takes these issues seriously and follows-up on them. I forwarded the URL from the first post to the fraud team to investigate. If you have other URLs private message them to me and I'll forward to the fraud team. I'd rather you private message me the URL instead of posting it here to reduce the advertising of these malicious sites.
--
Maria
Copy link to clipboard
Copied
Any info from Adobe on what is causing this and how to eliminate would be appreciated.
Copy link to clipboard
Copied
This isn't from Adobe. It's malicious users who are doing this. I have received the URL you sent me and forwarded it to the fraud department.
Copy link to clipboard
Copied
I've also received this malware from three different comic sites (so far), 6 Gun Mage, Supernormal Step and Twokinds. I was immediately redirected to a page that looked like Adobe.com but tried to download a malware progam called BrowserModifier:Win32/Hopadef. Fortunately my Microsoft Securities Essentials caught it and blocked the install. I'm suspecting it's an ad that's redirecting me as I don't block ads on comic sites.
Copy link to clipboard
Copied
Try Malwarebytes.
Copy link to clipboard
Copied
I have Malwarebytes as well but Microsoft Securities Essentials has caught the malware each time.
Copy link to clipboard
Copied
Remember, if you have suspicious URL's, send them in a private message to the Adobe staff member who requested them.