Best answer by RetiredTripleHelixView original
I keep getting messages about updating Adobe but when I go to down load it says I have the latest
I keep getting messages to update my Adobe Flash player yet when I do I get a potential virus message so I abort has anyone else gotten these?
Already have an account? Login
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
Yes it's common many malware writers like to use Fake Adobe Flash to try to trick people to installing it but if WSA is blocking them that is the reason, you should only download from Adobe please see here: https://community.webroot.com/t5/Security-Industry-News/Adobe-Flash-Player-15-0-0-189-amp-Adobe-Air-15-0-0-293/m-p/158899#M9426
EDIT: To add this link How not to install Adobe Flash Player
Scanned agin with both and came up clean but it still happens, notably on the huffington post site only.
Could the problem be on their servers>
Welcome to the Community!
Please make sure you are using the correct Adobe by going to this thread,
Well this very well could be a bad PUA and you could try following these instructions below and if you aren't confindent then please issue a Support Ticket and they will help you resolve this issue.
What you are seeing and describing sounds like it may be what we on the Community refer to as a PUA. (Potentially Unwanted Application) These are very annoying at best in that they cause pop-us, redirect your browser home page, and other behavior that may slow down the computer and direct ads your way, but they are not actually doing anything bad like damaging files or stealing information. Often they are installed intentionally by you the user as browser add-ons for various tasks such as quick search tools.. but they also come with the result of added annoying pop-ups and ads. Other times they 'piggy back' with other software that you installed, or try to 'sneak' onto your system entirely.
WSA does detect and remove many PUA's, and more are being added, but WSA does not detect all of them. A simple browser add-on with PUA behavior that is easy to identify and easy to remove is not likely to be detected and removed by WSA. Those that are intentionally difficult to locate and remove are. Please see THIS LINK for more information regarding Webroot's stance on these annoying programs.
For those that are not detected by WSA, please see this KB Article. It has some easy to follow directions on locating and removing PUA's. You may also want to submit a Trouble Ticket, especially if you cannot remove it easily from the directions in the KB Article.
For those that ARE detected by WSA, but cannot be removed automatically, you can submit a Trouble Ticket. Webroot Support will help you get these annoying 'crapware' off your computer at no extra charge, and the additional examples may help to better automatic removal of that particular PUA for all users in the future.
To make sure that your WSA is checking for PUA's with the best proficiently, it sometimes helps to reset the PUA detection within WSA's settings. For PUA's that had previously been scanned and determined to be OK, but have since been added to detection/removal, you may want to complete the following steps:
I hope this helps you both understand, and resolve the problem and if not please let us know!
Also, it is rather common, with ANY AV product, to have a False Positive. We dont like to admit it, but it happens and some AV's solutions have a lot more problems with this than others.
My guess is that the huff post site is merely using a tracking cookie that your other scanner just does not like. Many scanners to report pretty much every cookie they can, along with a LOT of other things that are quite harmless such as registry keys leftover from a removed program, as harmful. They do this just to make themselves look good to the user.
Followed your directions, and got a result, Thanks for the advice.
Boondabah! Great to hear that we were able to help!
Please come on back anytime to join in to all the fun and learning that we have on this Forum.
Have a great day!:D
I know tracking cookies are not all bad but they can clog things up a bit,
The fact that the other AV found a trojan is not to me a strike in any way against WR, as it probably piggy backed with a program I wanted.
It's a bit of a belt and braces approach, but harmless for all that.
You can of course submit a Trouble Ticket here to have Webroot Support take a look and make sure as to if it was a trojan or not. I would, in fact, rather suggest it 🙂
It's back on Huff post and Scottish herald pages.
I wind up here:-
And I downloaded the installer and on VirusTotal 1/55 scanners pick it up: https://www.virustotal.com/en/file/383ca2d1205adebeace89dd327b49dd12c3865f34eeca2b0b83ebad11d46324e/analysis/1416436927/
Also checked the MD5 Hash with Webroot and it says it's Good.
scottish herald link
scottish herald link
I have already checked the extentions, but cannot find anything untoward.
Hopefully it has been nailed, which come to think of it is what I would love to see happen to the people that come up with this garbage.