14 Replies Latest reply on May 19, 2015 7:57 AM by m_vargas

    Falsk Adobe Flash player "uppdate now"

    leifs79125112

      Den här sidan kommer upp ofta vid sökningar via Google. 194.6.232.151/39/en/video.php

      Inte bara på en dator i det trådlösa nätverket Asus rt-n56u

      Uppdatera länken och den önskade sidan kommer upp den falska Adobe annonseringen försvinner.

      Ett klick på "Update now" laddar ner massor av malvare saker!!! Men ngn Flash Player!

      Någon som vet hur man kan bli av med detta??
      Försöker rensa men lyckas inte helt. Måste jag formatera om håddisken och installera om allt??

      Sänd gärna frågan vidare, please
      falsk flash uppdatering.JPG

        • 1. Re: Falsk Adobe Flash player "uppdate now"
          najbarajo

          I've had this repeatedly over the last few days, seemingly at random appears when visiting different websites. I have run scans using Malwarebytes, Spybot and Windows Defender with nothing major appearing. I have also reset my router (Asus RT-N66U) to factory settings and uninstalled and reinstalled Chrome but with no luck. It also appears when using IE and also when browsing my library in Steam.

           

          This post and another on a polish website is all I have seen about this, all within the last few days. Nothing new has been installed on my laptop.

           

          Anybody have any suggestions?

          • 2. Re: Falsk Adobe Flash player "uppdate now"
            m_vargas Adobe Employee

            Hi Leif Söderberg,


            What is the URL for the page in your screenshot?

             

            --

            Maria

            • 3. Re: Falsk Adobe Flash player "uppdate now"
              leifs79125112 Level 1

              194.6.232.151/39/en/video.php

              • 4. Re: Falsk Adobe Flash player "uppdate now"
                leifs79125112 Level 1

                I am sure that this problem does not come from my computer. All of my three computers that run through my ASUS RT-n56u router has the same problem!

                Thus, a problem that ASUS should have a solution for! I had planned a factory reset. But I wait a bit because it has not helped others.

                Right now I am connected through my VPN tunnel rt-n56u router. It seems that it gereffekt. And I will return.

                • 5. Re: Falsk Adobe Flash player "uppdate now"
                  leifs79125112 Level 1

                  falsk flash uppdatering.JPG

                   

                  This page comes up often in searches through Google. The adress where it comes from is 194.6.232.151/39/en/video.php

                  it happens at all the computers on my wireless network ASUS RT-n56u

                  Update pagelink and the desired page comes up the fake Adobe advertising disappears.

                  A click on the "Udate Now" downloading lots of malvare things!!!
                  But No Adobe Flash Player!

                  Anyone knows how to get rid of this ??
                  Tried to uninstall and "clean" my harddisk but fails completely.
                  I must reformat the hard drive and reinstall everything ??

                  Please send this matter further to someone that knews how to solve it, please.

                  Any one that knows how the fake haml-page works. Is my Router hacked?
                  Or is the problem linked to the browser cals??

                   

                  It seams that a factory reset of the ASUS router does not help!!!

                  • 6. Re: Falsk Adobe Flash player "uppdate now"
                    najbarajo Level 1

                    Have you recently installed either Microsoft Silverlight or Amazon Music? These were my two most recent installed programs since the fake Adobe page started happening to me and I have uninstalled both (and reinstalled silverlight from Microsoft's website). I haven't had the fake Adobe page since so fingers crossed this might be the cause.

                    • 7. Re: Falsk Adobe Flash player "uppdate now"
                      leifs79125112 Level 1

                       

                      No najbarajo reinstal MS Silverlight did not help...!

                       

                      And using the VPN-tunnel did not work!

                       

                      Asus recommends update of firmware and factory reset. For my router RT_N56U,

                      http://dlcdnet.asus.com/pub/ASUS/wireless/RT-N56U/FW_RT_N56U_30043763879.zip?_ga=1.1043604 56.98062902.1426780942

                       

                       

                      • 8. Re: Falsk Adobe Flash player "uppdate now"
                        m_vargas Adobe Employee

                        Hi leifs79125112,

                         

                        Unfortunately, 194.6.232.151/en/video.php appears to be a malicious site. I'm actually not even able to download the installer from that page as the malicious URL is being blocked by our IT department.


                        Flash Player installers are ONLY hosted at get.adobe.com/flashplayer (or get3.adobe.com/flashplayer), not at 194.6.232.151/en/video.php.  It seems that someone has created a realistic looking page to get folks to install malicious software.  We actively go after people who host malicious copies of Flash Player and I have forwarded the URL to the folks who handle this.


                        I am sorry that you were tricked into installing malicious software and will now need to spend quite a bit of time cleaning your system from whatever malicious software was installed.

                         

                        --

                        Maria

                        • 9. Re: Falsk Adobe Flash player "uppdate now"
                          leifs79125112 Level 1

                          Maria Do you know how it works. Is it something in the browser caling for the page 194.6.232.151/en/video.php ??

                          Even my other computers working through my router have the same problem... This page just epaers randomly when you cal for a web-page...

                          Update the page/link and it goes away...

                          A browser or a router problem, HELP !! //Leif S

                          • 10. Re: Falsk Adobe Flash player "uppdate now"
                            m_vargas Adobe Employee

                            Hi leifs79125112,

                             

                            It could be the browser, or something else.  Do you have more than one computer connected to the same router?  Can you reproduce the bevahiour on more than one computer, connected to the same router?  If so, it could be that your router is infected with malware.  It could be something else entirely.  I recommend scanning your system, including the router, for viruses, adware, malware, etc.

                             

                            Cleaning/disinfecting systems is beyond the scope of this forum and I would search more appropriate forums for assistance.  I've had to clean a few personal systems that were infected with viruses/malware/etc and have always sought the expert advice of individuals in forums dedicated to such purposes.  Thankfully, I haven't yet been led astray when doing so.

                             

                            Good luck. 

                             

                            --

                            Maria

                            • 11. Re: Falsk Adobe Flash player "uppdate now"
                              leifs79125112 Level 1

                              Maria

                              tips on appropriate forums for assistance?? /Leif

                              • 12. Re: Falsk Adobe Flash player "uppdate now"
                                m_vargas Adobe Employee

                                Hi leifs79125112,

                                 

                                There are many user forum support sites that provide assistance and performing a Google search for "malware removal assistance forum" or similar terms will return many sites,  You'll need to read through the results and decide for yourself if you want to obtain assistance from one, or more, of them.  Alternatively you could take your computer to a reputable company/individual who does this sort of thing for a living.

                                 

                                --

                                Maria

                                • 13. Re: Falsk Adobe Flash player "uppdate now"
                                  leifs79125112 Level 1

                                  Helo again Maria

                                  I found som tips in a forum about hacking the router and change DNS.

                                  I just find out that my ASUS Router was hacked and the DNS value changed to 185.29.8.202!!!

                                  I have now changed it to the correct IP-number. And a stronger admin PW.

                                  I have also bocked the IP 194.6.232.151 in the router firewal.

                                  ASUS has sent me a new firmware, so i am going to upgrade the router

                                   

                                  The problem is still that i dont know how they did it when they hacked my router... my old PW was also "verystrong"

                                  Take care

                                  //Leif S

                                  • 14. Re: Falsk Adobe Flash player "uppdate now"
                                    m_vargas Adobe Employee

                                    Hi leifs79125112,


                                    I'm glad you were able to sort everything out.  It's unfortunate that there are malicious people out there doing this sort of thing and trying to trick users to install malicious software on their systems.

                                     

                                    --

                                    Maria