• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

This forum thread needs a solution.
Kudos0

Adobe Flash auto download

I have not been able to duplicate a problem that occurred and showed a virus/malware called "Suspicious.Cloud.7.EB" when Adobe Flash player tried to automatically download to my computer while I was on Facebook playing a game, Farmville. It was quarantined and required no further action. After Norton identified this, Malwarebytes also quarantined a PUP. I have one Pup isolated: PUP.Optional.MindSpark, but I'm not exactly sure that it wasn't a different pup that happened after Norton quarantined the malware. It possibly occurred after the first one and I don't have that file name. The download is still being attempted. I have run full scans and Norton does not find any suspicious activity, now. This download covers the tab for the game I play, so I have to quit the download and close the browser. I use Chrome, and the built in Flash Player does not require flash to be loaded on my computer. I have no idea where the automatic download is originating from. Norton Security Tech Support ran the Power Eraser and it found no threats.

Replies

Kudos0

Re: Adobe Flash auto download

Hi,

If you think your machine could have an undetected infection you might like to visit one of the free malware removal sites for to get a thorough checkup.  Pick one only and stay with them until they say your machine is clean.

http://qmalwareremoval.freeforums.net/
http://www.bleepingcomputer.com/
http://www.geekstogo.com/forum/
http://www.cybertechhelp.com/forums/
http://forums.whatthetech.com/

A little bit of knowledge is... well a little bit of knowledge.
Kudos2 Stats

Re: Adobe Flash auto download

@chalkboard:

1. My response to "Suspicious.Cloud.7.EB". The simple fix is to perform a virus check using an up-to-date Norton Security or other older build of Norton product in Windows' Safe Mode w/ Networking. BTW, plz feel free to provide us with more specs, such as your operating system. Anyway, this link and this one (for Win 10) should be useful. For more info, you can pay a visit to this official virus study. At least, you can learn how to use multi security programs properly or your system will run into another trouble:

2. As for "PUP.Optional.MindSpark", the install should have been blocked, and your PC's still secured, temporarily unless you perform proactive security measures always. Plz make the best of the following pages: "Norton Protection Center: Protect Your PC" and "Top Prevention Tips by Norton".

My study also shows that it's just another clone install of APN Toolbar, Ask Toolbar, "Search App by Ask" even this recently found WeatherBug for Windows. Scroll for more collected variants:

(NOTE: I got an offline installer FromDocToPDF.exe (MD5, 3ddeaa9622f12b30a56ace8b282b2c58 ) from the said "fromDOCtoPDF" site. Here's the detailed specs@ https://www.virustotal.com/en/file/fea2baa5eeaef7f90b4d179a3666bcce22cb0...)

(NOTE: I found that the site had removed the said downloadable installer.)

Needless to say, conduit's custom installers bundled the known browser hijackware.

Bit blue... Avira too partnered with the APN company - just review the express (bit bloated) install of Avira Internet Security Suite 2014:

3. Then, we've come to "Adobe Flash Player". 1st, plz make sure you've landed on the OFFICIAL install page@ https://get.adobe.com/flashplayer/ . As usual, UNCHECK those safe yet potentially unused offers BEFORE you hit the "Install Now" button!

Otherwise, yr computer could be messed up with possibly undesired foistware. Well, just be very careful when installing 3rd-party program! Please learn sth from the following imgs I made 2 years ago.

(WARNING: That was an aggressive Fake Flash Player malware @1-vinstaller com's "Thank You" page.)

(NOTE: InstallX’s customized installer “adobeflashplayer.exe” (md5, d6e1de889e239495c6e3bed534dfbdff); Detected bundleware were Yahoo Toolbar, KeepMySettingsX by InstallX; )

And, you, of course, had better make it up-to-date. For more, read this New Adobe Flash Player exploit used by Magnitude and Nuclear exploit kits.

Personally, yr Norton Security had just successfully blocked that Flash malware.

Take care!

PUP Hunter PRO: Just TRYING to save the world (U) from cyber threats, A single blog post, at a time, and ONCE & FOR ALL. (A fan of Nadia_Kovacs)
Kudos0

Re: Adobe Flash auto download

Thank you for your reply. Unfortunately, I have an issue with dead pixels now; so, I will have to follow up with the manufacturer. I'm going to give the details I have found so far to 20750065's comment.

This is a picture from my phone's camera of the "dead pixels". I can add that after the quarantine of the malware by both Norton Security and Malwarebytes that the dead pixels showed up and I restarted my computer. The dead pixels were not there then. They reappeared though, and I can't explain it.  I can't find the link of the article I read, but I did make a pdf of it. Sorry, I don't seem to have the updates to save just pages 1 and 2 on my computer (pages 3-4 are junk). While searching for the link of the same article, I only found links to repair pixels. This doesn't seem wise to me. I'm not going check further until I contact the manufacturer.

File Attachment: 
Kudos0

Re: Adobe Flash auto download

@chalkboard: I read your PM.

U asked: "What does Social Media protection in Norton Security do? "

My answer: An up-to-date Norton Toolbar (aka, Norton Identity Safe) will do the trick effectively.

Take care.

PUP Hunter PRO: Just TRYING to save the world (U) from cyber threats, A single blog post, at a time, and ONCE & FOR ALL. (A fan of Nadia_Kovacs)
Kudos0

Re: Adobe Flash auto download

Hello Chaulkboard

For peace of mind, I would agree with Krusty's suggestion of paying a visit to one of the free malware removal sites. All you have to do is sign up and ask them if your computer is infected. If it isn't, then you are all done. If it is, they will help you to remove it.

Have you checked your History Logs to see if there is any record in the Resolved Security Risks or the Unresolved Security Risks around the time of the Fake Flash Download? If Norton blocked it, it should be listed in there. If Malwarebytes blocked it, there should be a record of it in their logs.

Thanks.

EDIT: On the bottom of every page of the Norton Forum, there are some links for Norton on Social..

Thanks again.

Success always occurs in private and failure in full view. Windows 10 Pro 64 bit Norton Core Security Plus 22.17.3.50 Core Firmware 282 I E 11 Chrome latest version.
Kudos0

Re: Adobe Flash auto download

@chalkboard:

1. Below are Norton's information about the said " Social Media protection in Norton Security":

Plus, If you're using Firefox as default browser, you may need to manually turn on the protection of Norton Identity Safe (2016.6.0.66) in Add-ons Manager.

And, you need to install (Norton) Chrome Protection Alert (aka, Norton Chrome extensions) to Chrome manually, as well.

2. If you're a paid Norton Security user, please feel free to re-contact Norton Support@ http://norton.com/chat for FREE, for more information.

3. I missed out on sth in your post: the game, Farmville. Please make sure you've installed the official app using its official FB page@ https://www.zynga.com/games/farmville-2 for more, you can also follow the game's FB page@ https://www.facebook.com/FarmVille

Moreover, please take a look at the app's privacy policy, such as their Permissions section, before you invite a 3rd-party app to your device. For example, the Symbaloo Bookmarker (1.4.2) can access the user's identity, location (e.g., GPS), and more. Please compare the following imgs:

PUP Hunter PRO: Just TRYING to save the world (U) from cyber threats, A single blog post, at a time, and ONCE & FOR ALL. (A fan of Nadia_Kovacs)
Kudos0

Re: Adobe Flash auto download

As a matter of fact, the "dead pixels" seem to have been something else, because I tried to find a Facebook app and install it (I was mimicking a MS tech support agent). It installed but would not uninstall. So I uninstalled Chrome and re-installed. Now there isn't a dark grey LCD brightness area on my screen. I ran a full NS scan and didn't get any flags. I do see some issues that don't belong in history, but I think that is from upgrading from Windows 8.1 to Windows 10. thks 4 yr support!

Kudos0

Re: Adobe Flash auto download

@chalkboard: You can use the following comment to re-check your display:

https://www.youtube.com/watch?v=gIA_4nV-CqE (Dead Pixel Test; NOTE: that vid above contains rapidly flashing colors which may cause seizures. And, view that vid in "Full Screen")

How To Find & Fix Bad Pixels On Your LCD Screen

PUP Hunter PRO: Just TRYING to save the world (U) from cyber threats, A single blog post, at a time, and ONCE & FOR ALL. (A fan of Nadia_Kovacs)
Kudos0

Re: Adobe Flash auto download

Hello there, please let me reproduce chalkboard's adware attack simply:

1. Seems that chalkboard did not enable/ install the mentioned (Norton Security's) Chrome Protection Alert component in his/ her Chrome for Android/ iPhone.

2. And, seems that chalkboard installed a potentially unofficial Farmville game. And that game, some installed app or other site that contains drive-by was trying to download & install the flagged & blocked fake Flash Player malware, "Suspicious.Cloud.7.EB", and " PUP.Optional.MindSpark".

... in the case of a drive-by download, the website will attempt to install software on your computer without asking for permission first.

Maybe, the FB app caused yr concern above.

the "dead pixels"... because I tried to find a Facebook app and install it... It installed but would not uninstall.

Hopes the above comment removes any confusion regarding Social Media protection (in Norton Security).

Cheers! :)

PUP Hunter PRO: Just TRYING to save the world (U) from cyber threats, A single blog post, at a time, and ONCE & FOR ALL. (A fan of Nadia_Kovacs)
Kudos0

Re: Adobe Flash auto download

Somehow, your summary does not apply at all. Facebook is the Official site to the Farmville game and there are no 'fake' Farmville player sites. I didn't comment sooner about a change of 'old profile' type in the Facebook app installation during the subsequent installation of the old profile because I wasn't aware it would change when I gave permission to the pc app to change my settings. PC apps are in the Chrome Web Store. So, as to your comment 1. Seems.... 2. And, seems... I am unable to believe that these apply to my issue. The FB app did change my facebook profile picture only. (This is the main reason, I think, that players don't use this app.)

There is no mention of an Android/iphone/app to play the game, Farmville, in my issue; it is a pc game only. However, the selected Facebook apps in the Chrome Web Store dramatically changed from my first preview several weeks ago. So, perhaps your comments are warranted.

This thread is closed from further comment. Please visit the forum to start a new thread.