Highlighted

Adobe Flash Player Update

Community Beginner ,
Sep 01, 2016

Copy link to clipboard

Copied

I repeatedly get a web page popping up in IE that says "Adobe Flash Player - Your Flash Player may be out of date" which triggers an IE pop up asking what I want to do with FlashPlayer.hta.

The website is   ohcoyinfotraxsys.org

Is this really from Adobe and legitimate?

TOPICS
Download install

Views

14.6K

Likes

Translate

Translate

Report

Report
This conversation has been locked.

Adobe Flash Player Update

Community Beginner ,
Sep 01, 2016

Copy link to clipboard

Copied

I repeatedly get a web page popping up in IE that says "Adobe Flash Player - Your Flash Player may be out of date" which triggers an IE pop up asking what I want to do with FlashPlayer.hta.

The website is   ohcoyinfotraxsys.org

Is this really from Adobe and legitimate?

TOPICS
Download install

Views

14.6K

Likes

Translate

Translate

Report

Report
Sep 01, 2016 1
Adobe Employee ,
Sep 01, 2016

Copy link to clipboard

Copied

No,  That is not legitimate.  FlahsPlayer.hta is not a valid Flash Player installer file name.

Can you please confirm the website, and provide the entire website URL (e.g. http://...)?  I tried going to the website you posted and got an error that the page cannot be displayed.

Can you please post a screenshot of the pop-up, and the website?

I recommend updating your virus/malware/adware/etc software and running a complete scan on your system.

Likes

Translate

Translate

Report

Report
Sep 01, 2016 0
Community Beginner ,
Sep 01, 2016

Copy link to clipboard

Copied

I restricted the site in IE.  This is the address that shows up in the Restricted Sites list:

          https//*.ohcoyinfotraxsys.org

I can un-restrict the sight and see if the page pops up again, then send a screen shot if that will help you.

Likes

Translate

Translate

Report

Report
Sep 01, 2016 0
Adobe Employee ,
Sep 01, 2016

Copy link to clipboard

Copied

unfortunately, I can't find information on that domain and when I try to navigate to it I get a server not found error.

It'd be great if you could provide a screenshot that I can forward to our fraud department for follow-up.

Likes

Translate

Translate

Report

Report
Sep 01, 2016 0
Community Beginner ,
Sep 01, 2016

Copy link to clipboard

Copied

OK.  I'll un-restrict the site and capture a screen shot the next time it appears.

Likes

Translate

Translate

Report

Report
Sep 01, 2016 0
Community Beginner ,
Sep 12, 2016

Copy link to clipboard

Copied

Just got this again.  It is not truly a "pop-up".  It literally replaces the web page I'm on.  Seems to occur when I'm on Yahoo.

Hope this helps.

Bob

https://foopointeresante.org/9301111029799/a1e0275a028584d02574c25304ff46a5.html

https://foopointere9799/a1e0275a028584d02574c25304ff46a5.html

Likes

Translate

Translate

Report

Report
Sep 12, 2016 0
Adobe Employee ,
Sep 12, 2016

Copy link to clipboard

Copied

Thank you for reporting.  I have forwarded your post to the fraud department for follow-up. This isn't Adobe doing this.  Adobe is in no way involved.  If you haven't done so completely scan your system for viruses/malware/adware/etc.

How do you access the internet?  Do you  use a router?  If so, which one (make/model)?

Likes

Translate

Translate

Report

Report
Sep 12, 2016 0
Community Beginner ,
Sep 12, 2016

Copy link to clipboard

Copied

I access the Internet via cable modem using Time Warner Cable.

I do use a wireless router.  It is a Linksys WRT 1900 ACS utilizing WPA2 encryption.

I also run Norton Internet Security and their Deep Scan did not reveal any issues, nor did Malware Bytes.

Likes

Translate

Translate

Report

Report
Sep 12, 2016 0
Adobe Employee ,
Sep 12, 2016

Copy link to clipboard

Copied

Linksys routers had an issue some time back where they were getting infected with a worm, but a Google search didn't return your particular model as being injected.  This was a long-shot, since it was some time ago.

Essentially, the browser is being hijacked to a malicious site.  This is something on your system, not Adobe related.  The page lists the file name as FlashPlayer.hta.  Searching for this returns an issue with pop-ups from a few years ago.  It's possible it's related and the method since you indicate yours isn't a pop-up, but a browser redirect (hijack).  Unfortunately, troubleshooting these sorts of issues on your computer is beyond the scope of these forums.  It's also been my personal experience that some anti-virus/malware/etc programs find things while others don't.  Malware Bytes is a solid program and usually catching many things.  You may want to try something else like AdWCleaner, HitManPro, and/or any myriad of other programs available.

Likes

Translate

Translate

Report

Report
Sep 12, 2016 0
Community Beginner ,
Sep 13, 2016

Copy link to clipboard

Copied

Thank you for your insights and advice.

If I turn up anything else on this, I'll post it.

Likes

Translate

Translate

Report

Report
Sep 13, 2016 0
New Here ,
Nov 26, 2016

Copy link to clipboard

Copied

I got the same thing today when I tried to open at article on att.net while using Microsoft Edge.  Instead of the article, the page told me I had to update Adobe Flash.  I downloaded it, but did not install it.  I then ran Norton antivirus and Ccleaner, but it was not flagged as a virus or malware.  I don't recall the site now, but the file is FlashPlayer.htaFlashPlayer hta do not install Nov 27 2016.png

Likes

Translate

Translate

Report

Report
Nov 26, 2016 0
New Here ,
Nov 26, 2016

Copy link to clipboard

Copied

I decided to go to the Adobe site to make sure I have the most current version.  It wants to know if I have foxfire or Opera / Chromium.  I have Microsoft Edge open, so which do I pick?  When I tried it on my Google browser, I got a message that I already have the most current.  Thank you.

Likes

Translate

Translate

Report

Report
Nov 26, 2016 0
Adobe Employee ,
Nov 28, 2016

Copy link to clipboard

Copied

Hi,


To see which version you have, go to Flash Player Help and click the 'check now' button.  The widget will auto-detect the OS, browser, and Flash Player version installed (if any).  If you use multiple browsers you'll want to repeat as different browsers use different plugin types (e.g. IE/Edge use Flash Player ActiveX Control, Firefox uses NPAPI plugin, Chrome/Opera and Chromium-based browsers use PPAPI plugin).

--

Maria

Likes

Translate

Translate

Report

Report
Nov 28, 2016 0
New Here ,
May 05, 2017

Copy link to clipboard

Copied

today I got the fake Adobe update, I immediately took a printscreen then used task manager to end the internet which closed the fake site and update popup. Heres the snapshot.

After opening a new tab for a site from a bing search I was redirected from that site to the one shown(agaiktexalyser.org), as you can see the left arrow is highlighted blue. Yesterday I also had a redirect so ran Malwarebytes, adwcleaner, avast browser cleanup, Hitman, tdskiller, rkill, and Zemana Antimalware. Nothing was found on any of these programs. If I have something its hiding real good.

adobe fake popup.jpg

Likes

Translate

Translate

Report

Report
May 05, 2017 0
Adobe Employee ,
May 07, 2017

Copy link to clipboard

Copied

Hi,

Thanks for reporting the issue. I will forward the url to the phishing team.

Thanks!

Likes

Translate

Translate

Report

Report
May 07, 2017 0
New Here ,
Sep 07, 2016

Copy link to clipboard

Copied

I have received the same message from this address: https://quibutonyluvgeraldine.org/1733338642150/f83e6d5a9f6905f9112ef7914491b91d.html

Screen shot...note the Adobe icons.

Likes

Translate

Translate

Report

Report
Sep 07, 2016 0
Adobe Employee ,
Sep 08, 2016

Copy link to clipboard

Copied

Thank you.  I have forwarded your post to our fraud department for follow-up.

Likes

Translate

Translate

Report

Report
Sep 08, 2016 0
New Here ,
Sep 20, 2016

Copy link to clipboard

Copied

Likes

Translate

Translate

Report

Report
Sep 20, 2016 0
Adobe Employee ,
Sep 20, 2016

Copy link to clipboard

Copied

Thank you.  I have forwarded the URL to the fraud department.

Likes

Translate

Translate

Report

Report
Sep 20, 2016 0
Community Beginner ,
Nov 03, 2016

Copy link to clipboard

Copied

I got the same deal when I was reading this article: Apple is facing several big iPhone 7 problems | ZDNet

I clicked on this link in the article, and that's when I got the phony Flash Player offer: Rare reports of poor image quality on iPhone 7 Plus circulate, no root cause known

Here's the screenshot: flash player malware.png

Likes

Translate

Translate

Report

Report
Nov 03, 2016 0
New Here ,
Apr 10, 2017

Copy link to clipboard

Copied

I get:

What do you want to do with Flashplayer.hta?

from: iuyeeonline-red.com

Open or Save.

I tried to add a screen shot but your system would not allow that kind of image.

I think this is fraud.

Lori

Likes

Translate

Translate

Report

Report
Apr 10, 2017 0
Adobe Employee ,
Apr 10, 2017

Copy link to clipboard

Copied

Hi lorio81025281

Yes, this is a malicious Flash Player installer. If you have the entire URL to the page that has this installer, please private message it to me and I'll forward it to our fraud department.  To send a private message, click on my user name link and the on the 'Message' button link.

--

Maria

Likes

Translate

Translate

Report

Report
Apr 10, 2017 0
New Here ,
Apr 10, 2017

Copy link to clipboard

Copied

I have attached a screen shot but I do not have the entire URL at the top

of this image.

When it pops up again I will get it.

Lori​

Likes

Translate

Translate

Report

Report
Apr 10, 2017 0
New Here ,
Apr 10, 2017

Copy link to clipboard

Copied

How do I get rid of it?

I have ran CCleaner and Malwarebytes.

Lori

Likes

Translate

Translate

Report

Report
Apr 10, 2017 0
Adobe Employee ,
Apr 10, 2017

Copy link to clipboard

Copied

Hi,

There is no screenshot attached.  If you're replying via email, the forums software blocks all email attachments.  Please try to get the entire URL.  From previous experience, the fraud team really does need this to follow-up properly and issue a cease and desist to take down the malicious installer.

Unfortunately, I can't provide information on how to stop this from happening as it could be any number of things, ranging from a malicious ad on a page to something more nefarious.  If you perform an internet search for FlashPlayer.hta it'll return many search results, so it's really hard to give you a proper solution.

--

Maria

Likes

Translate

Translate

Report

Report
Apr 10, 2017 0
New Here ,
Apr 10, 2017

Copy link to clipboard

Copied

who it is from does not help??

from: iuyeeonline-red.com

Likes

Translate

Translate

Report

Report
Apr 10, 2017 0
Adobe Employee ,
Apr 10, 2017

Copy link to clipboard

Copied

when I've sent just a domain, like you have provided, they've asked for the entire URL.  Going to that website actually returns a server/site not found error:

Likes

Translate

Translate

Report

Report
Apr 10, 2017 0
New Here ,
Apr 10, 2017

Copy link to clipboard

Copied

Thank you.

If it pops up again I will capture the url.

Likes

Translate

Translate

Report

Report
Apr 10, 2017 0
New Here ,
Apr 11, 2017

Copy link to clipboard

Copied

Likes

Translate

Translate

Report

Report
Apr 11, 2017 0