Solved

I keep getting messages about updating Adobe but when I go to down load it says I have the latest

  • 9 November 2014
  • 19 replies
  • 136 views

I keep getting messages to update my Adobe Flash player yet when I do I get  a potential virus message so I abort has anyone else gotten these?
icon

Best answer by RetiredTripleHelix 20 November 2014, 01:15

View original

19 replies

Userlevel 7
Badge +56
Hello and Welcome to the Webroot Community!
 
Yes it's common many malware writers like to use Fake Adobe Flash to try to trick people to installing it but if WSA is blocking them that is the reason, you should only download from Adobe please see here: https://community.webroot.com/t5/Security-Industry-News/Adobe-Flash-Player-15-0-0-189-amp-Adobe-Air-15-0-0-293/m-p/158899#M9426
 
Thanks,
 
Daniel ;)
 
EDIT: To add this link How not to install Adobe Flash Player
Userlevel 5
Badge +16
I am currently getting this with an intel site, I scanned with WB which came up zero but another program found a trojan and a shed load of tracking cookies.
 
Scanned agin with both and came up clean but it still happens, notably on the huffington post site only.
 
Could the problem be on their servers>
 
 
Userlevel 7
Badge +62
Hello moonzero2,
 
Welcome to the Community!
 
Please make sure you are using the correct Adobe by going to this thread,
 
Well this very well could be a bad PUA and you could try following these instructions below and if you aren't confindent then please issue a Support Ticket and they will help you resolve this issue.
 
What you are seeing and describing sounds like it may be what we on the Community refer to as a PUA. (Potentially Unwanted Application) These are very annoying at best in that they cause pop-us, redirect your browser home page, and other behavior that may slow down the computer and direct ads your way, but they are not actually doing anything bad like damaging files or stealing information. Often they are installed intentionally by you the user as browser add-ons for various tasks such as quick search tools.. but they also come with the result of added annoying pop-ups and ads. Other times they 'piggy back' with other software that you installed, or try to 'sneak' onto your system entirely.
 
WSA does detect and remove many PUA's, and more are being added, but WSA does not detect all of them. A simple browser add-on with PUA behavior that is easy to identify and easy to remove is not likely to be detected and removed by WSA. Those that are intentionally difficult to locate and remove are. Please see THIS LINK for more information regarding Webroot's stance on these annoying programs.
 
For those that are not detected by WSA, please see this KB Article. It has some easy to follow directions on locating and removing PUA's. You may also want to submit a Trouble Ticket, especially if you cannot remove it easily from the directions in the KB Article.
 
For those that ARE detected by WSA, but cannot be removed automatically, you can submit a Trouble Ticket.  Webroot Support will help you get these annoying 'crapware' off your computer at no extra charge, and the additional examples may help to better automatic removal of that particular PUA for all users in the future.
 
To make sure that your WSA is checking for PUA's with the best proficiently, it sometimes helps to reset the PUA detection within WSA's settings. For PUA's that had previously been scanned and determined to be OK, but have since been added to detection/removal, you may want to complete the following steps:
 
  • Open Webroot SecureAnywhere
  • Click on ‘Advanced Settings’ from the top right
  • Select ‘Scan Settings’ from the left side
  • Unselect the option “Detect Potentially Unwanted Applications”
  • Click on the Save button (you may have to enter in a CAPTCHA)
  • Reselect the option to “Detect Potentially Unwanted Applications”
  • Click on the Save button
  • Run another scan with Webroot and remove any items that get detected.
To help avoid PUA's in the future, remember to read all of the information when installing or updating software (Adobe downloads often have those "extra special offers"attached... PUA'S!: often the PUA included will be mentioned, and you can opt out of installing it.  Those check boxes you see? Usually only one of them is for the User Agreement of the software you want, the others are for the junk you don't.
 
 I hope this helps you both understand, and resolve the problem and if not please let us know!
 
 Best Regards,
 
 
 
Userlevel 7
One thing to remember is that tracking cookies are not actually malicious... WSA does not detect them.  (It can remove them in IE via the System Optimizer for those that have that feature, but it does not detect them during a scan.)  Tracking cookies generally only are used to serve up ads, and do not do anything harmful.
 
Also, it is rather common, with ANY AV product, to have a False Positive.  We dont like to admit it, but it happens and some AV's solutions have a lot more problems with this than others.
 
My guess is that the huff post site is merely using a tracking cookie that your other scanner just does not like.  Many scanners to report pretty much every cookie they can, along with a LOT of other things that are quite harmless such as registry keys leftover from a removed program, as harmful.  They do this just to make themselves look good to the user.
Userlevel 5
Badge +16
 Hello Sherry
 
Followed your directions, and got a result, Thanks for the advice.
 
Moonzero2.
Userlevel 7
Badge +62
Hello moonzero2,
 
Boondabah! Great to hear that we were able to help!
 
 
Please come on back anytime to join in to all the fun and learning that we have on this Forum.
 
 
Have a great day!:D
 
 
 
 
 
Userlevel 5
Badge +16
 
Hi David
 
I know tracking cookies are not all bad but they can clog things up a bit,
 
The fact that the other AV found a trojan is not to me a strike in any way against WR, as it probably piggy backed with a program I wanted.
 
It's a bit of a belt and braces approach, but harmless for all that.
 
 
Userlevel 7
@ wrote:
 
Hi David
 
I know tracking cookies are not all bad but they can clog things up a bit,
 
The fact that the other AV found a trojan is not to me a strike in any way against WR, as it probably piggy backed with a program I wanted.
 
It's a bit of a belt and braces approach, but harmless for all that.
 
 
Quite so!  WIth regards to that trojan detection, it could be a False Positive on the other AV, and it could also be a missed detection by WSA.
 
You can of course submit a Trouble Ticket here to have Webroot Support take a look and make sure as to if it was a trojan or not.  I would, in fact, rather suggest it 🙂
Userlevel 5
Badge +16
24 hours later, and I'm back to square 1. I went through the process again but no luck this time.

It's back on Huff post and Scottish herald pages.

I wind up here:-
http://em.naolabo.com/intel/gb/index.html?sid=300&dv1=ad294-gb&kw1=ad294-gb-qyc-intel&uuid=325caa1c-d357-4e9d-519f-15c8aa2135d5
Userlevel 7
Badge +56
It's a redirect and on which Browser? Do you use another Browser open it and see if that is alright? Also post the link your trying to use!
 
Thanks,
 
Daniel
 


 
 
 


 
And I downloaded the installer and on VirusTotal 1/55 scanners pick it up: https://www.virustotal.com/en/file/383ca2d1205adebeace89dd327b49dd12c3865f34eeca2b0b83ebad11d46324e/analysis/1416436927/
 
Also checked the MD5 Hash with Webroot and it says it's Good.
 

Userlevel 5
Badge +16
Surprisingly both OK on IE
 
scottish herald link
 
 
 http://r.search.yahoo.com/_ylt=A9mSs2NwE21UzxQAlE9LBQx./RV=2/RE=1416463345/RO=10/RU=http%3a%2f%2fwww.heraldscotland.com%2fpolitics%2fwider-political-news%2fwarsi-comes-under-attack-after-tweets.25910810%3futm_source%3dwww.heraldscotland.com%26utm_medium%3dRSS%2520Feed%26utm_campaign%3dScottish%2520Political%2520News/RK=0/RS=8qa9W8CE6PQN4O6ei5CzQEw8TcE-
 
Huff Post
 
http://r.search.yahoo.com/_ylt=A9mSs3Q1H21UACUAwPBLBQx.;_ylu=X3oDMTByaGwzcXNvBHNlYwNzcgRwb3MDOARjb2xvA2lyMgR2dGlkAw--/RV=2/RE=1416466358/RO=10/RU=http%3a%2f%2fwww.huffingtonpost.co.uk%2f2014%2f11%2f18%2falistair-darling-european-union_n_6176396.html/RK=0/RS=uGinnGewDB7eAXKTIQS5kgmsKpA-
 
chrome browser.
 
Userlevel 5
Badge +16
Surprisingly both OK on IE

scottish herald link

http://r.search.yahoo.com/_ylt=A9mSs2NwE21UzxQAlE9LBQx./RV=2/RE=1416463345/RO=10/RU=http%3a%2f%2fwww.heraldscotland.com%2fpolitics%2fwider-political-news%2fwarsi-comes-under-attack-after-tweets.25910810%3futm_source%3dwww.heraldscotland.com%26utm_medium%3dRSS%2520Feed%26utm_campaign%3dScottish%2520Political%2520News/RK=0/RS=8qa9W8CE6PQN4O6ei5CzQEw8TcE-

Huff Post

http://r.search.yahoo.com/_ylt=A9mSs3Q1H21UACUAwPBLBQx.;_ylu=X3oDMTByaGwzcXNvBHNlYwNzcgRwb3MDOARjb2xvA2lyMgR2dGlkAw--/RV=2/RE=1416466358/RO=10/RU=http%3a%2f%2fwww.huffingtonpost.co.uk%2f2014%2f11%2f18%2falistair-darling-european-union_n_6176396.html/RK=0/RS=uGinnGewDB7eAXKTIQS5kgmsKpA-

chrome browser.
 
I have already checked the extentions, but cannot find anything untoward.
Userlevel 7
Badge +56
Is this the address? http://www.heraldscotland.com/politics/wider-political-news/warsi-comes-under-attack-after-tweets.25910810?utm_source=www.heraldscotland.com&utm_medium=RSS%20Feed&utm_campaign=Scottish%20Political%20News
 

Userlevel 7
Badge +56
I'm not having any issues with the Links and Chrome have you tried to clear all history and restart Chrome? 
 
Daniel
 


 
 
 


 
 
 

Userlevel 5
Badge +16
Just did that and the browser crashed, had to reboot to get it working.
Userlevel 5
Badge +16
Yep thats the one
 
Userlevel 7
Badge +56
So where are you now and do you need further help?
 
Thanks,
 
Daniel 
Userlevel 5
Badge +16
went back to one of the offneding pages and it now seems ok.
 
Hopefully it has been nailed,  which come to think of it is what I would love to see happen to the people that come up with this garbage.
Userlevel 7
Badge +56
@ wrote:
went back to one of the offneding pages and it now seems ok.
 
Hopefully it has been nailed,  which come to think of it is what I would love to see happen to the people that come up with this garbage.
If you continue to have issues and it's only Chrome you might want to try to do a clean Reinstall of Chrome and if that doesn't help then it would be Best to Submit a Support Ticket and they will help you out as a few of us don't see the issues that you are having.
 
Thanks,
 
Daniel 😉

Reply