Options
Winflashplayer.com - Chrome Problems - Should I Be Worried?
peterfoster
Posts: 781
Forum Member
✭✭
Two of the windows pcs on my home network (one XP, one W7) are exhibiting similar symptoms in Google Chrome.
A few times a day a new tab is opened in Chrome on the following site-
www.winflashplayer.com
and the page on the site states-
WARNING! Please update plug-in to continue
Followed by an "OK" button.
The other tabs I have open in Chrome are frozen.
If I click the "ok" button on the www.winflashplayer.com page I see the following page in www.winflashplayer.com -
http://www.winflashplayer.com/flashlp.html?type=launcher&version=1.1.5.55&ci=4003&ti1=118470781
Can anyone please offer an explanation as to why Chrome is behaving in this way and whether I should be worried?
I notice, as an aside, that when I run chrome on the two pcs in question I see TWO tabs open when I used to only see one. Here are the addresses of the two tabs which open in Chrome on the XP PC when I run it-
https://www.google.co.uk/?gws_rd=cr&ei=5k19Uuy-IKil0QXS_oHwDg
https://www.google.co.uk/?gws_rd=cr&ei=6E19UpPcEora0QXnwYDgBQ
The two addresses that I see when I run Chrome on the W7 pc are slightly different to the above two.
Thanks.
A few times a day a new tab is opened in Chrome on the following site-
www.winflashplayer.com
and the page on the site states-
WARNING! Please update plug-in to continue
Followed by an "OK" button.
The other tabs I have open in Chrome are frozen.
If I click the "ok" button on the www.winflashplayer.com page I see the following page in www.winflashplayer.com -
http://www.winflashplayer.com/flashlp.html?type=launcher&version=1.1.5.55&ci=4003&ti1=118470781
Can anyone please offer an explanation as to why Chrome is behaving in this way and whether I should be worried?
I notice, as an aside, that when I run chrome on the two pcs in question I see TWO tabs open when I used to only see one. Here are the addresses of the two tabs which open in Chrome on the XP PC when I run it-
https://www.google.co.uk/?gws_rd=cr&ei=5k19Uuy-IKil0QXS_oHwDg
https://www.google.co.uk/?gws_rd=cr&ei=6E19UpPcEora0QXnwYDgBQ
The two addresses that I see when I run Chrome on the W7 pc are slightly different to the above two.
Thanks.
0
Comments
"WARNING! Please update plug-in to continue"
screen, other than to go into Task Manager, is to press the
"OK" button.
download, install, run and tell us what you get. You've certainly got some kind of 'virus' hijacker.
http://s21.postimg.org/sljnrgx2v/dodgy.jpg
did you install anything from there, such as the 'flash player update' it offers? If so your PC could be rather compromised, do no banking or anything on it as there are probably keyloggers installed, enter no passwords, etc.
I've gone to a system restore date of September 06 on the XP pc, which is well before the start of the current problem, but I note that this hasn't resolved matters and that the problem persists.
PUP.Optional.InstallMonetizer
looks like it's a downloader, which starts downloading various programs, hijacking your browser so they get advertising revenue from fake clicks, etc, try this link for help perhaps ?
http://malwaretips.com/blogs/pup-optional-installmonetizer-a-removal/
good luck...
It's clear, then, that www.winflashplayer.com is an undesirable location.
So I suppose my question is this. Is it damaging the security of my pcs, per se, to be prompted to visit the site. If it is damaging, what is the best way to solve the problem. Avast, MSE, Malwarebytes and Superantispyware scans do not flag up the problem. System restore does not solve it.
Thanks.
Thanks. I'm pleased to say that I didn't install anything from the website. I'm currently working through the suggestions you kindly provided in your most recent post.
http://www.bleepingcomputer.com/download/adwcleaner/
Make sure you click the big blue 'Download Now @ BleepingComputer' button and ignore all the sponsored adverts.
Thanks for this. I've run the AdwCleaner which has picked up and removed 14 files and folders, 4 registry items and 2 browser items. The Junkware removal tool removed one folder.The Malwarebytes scan was clear as was the HitmanPro scan.
Thanks. The only extensions I have are Adblock on Chrome and Kotato, Adobe, Google, Microsoft and Java on IE.
Thanks. I'll make sure I include a AdwCleaner in my future maintenance routines. I flagged the problem on the BeepingComputer site yesterday and posted some files there for analysis.
Message from Webpage.
WARNING! Please update plug-in to continue.
http://www.spyrider.com/remove-win-flash-player-com-virus
Disclaimer: I found the following by googling the 'winflashplayer' link n the OP - I have no idea whether mitechmate are trustworthy or reliable but they are quoted and linked to widely on this issue, so you might want to investigate:
http://blog.mitechmate.com/remove-www-winflashplayer-com-redirect-fake-flash-player-download-removal/
FWIW it might be advisable for mods to alter the links to the dodgy sites so they don't allow clicks to open them - they are hosts for malware.
Click on the icon at the top right-hand corner of Chrome, with the three bars. Click on Settings. Look for the item "On Start-up". At the bottom right, you will see some tiny words in blue: "set pages." Click on the blue words. You will get a new window showing all the pages that are set to open and hopefully you will find your rogue pages in there. Just highlight them and delete them by clicking on the X in the top right corner. You can then re-start if it makes you feel better!
Hope this helps - I'm certainly no expert.
Thanks for your suggestion, rwtomkins. I've removed the one URL which I found when I clicked "set pages" which was Google. As the problem only arises from time to time I'll need to wait to see if it is a permanent fix. Is there a similar adjustment I can make in Internet Explorer as I receive the rogue invitation to update plug-ins in that browser too?
Hmm, that doesn't sound too promising - I hoped you'd find an unfamiliar page or two there. I think if I were in your place and it was still happening, I'd delete all the browsing history (temp files, cache, the lot), uninstall Chrome and then go into my hidden app data folder and find the Chrome folder and make sure that's deleted, and then reinstall Chrome. (Same for Explorer.) But now I'm just guessing - I only really had that one suggestion which seems to have worked for me so I think I'd better leave it to more knowledgeable people.
Many thanks for bringing those links to my attention. I now know a lot more about the problem. At the moment I've got my fingers crossed that my pcs are clear following scans and deletions I have run at the suggestion of a member of the Bleeping Computer forum team using a tool called Roguekiller....
Exactly, I suspect it's something really simple and not a virus at all - I think it's just a case of deleting all plugins, extensions and set pages, deleting all browsing history and deleting the user/appdata/local file that holds your browser settings. Delete that lot, reinstall and I'm sure that would be the end of it. It was for me.