Solved

Get rid of Fake Flash Popup in IE

Posted on 2014-09-15
16
400 Views
Last Modified: 2014-09-24
Hi,

I've got 2 different clients who have been getting these annoying fake Flash update popups in IE 11:
 Fake Flash Popups
So far I have tried:
-Running multiple Full Scans with MalwareBytes (which have all come up with 0 threats found)
-Clearing all browsing history
-Resetting Internet Explorer
-Reformatted and Reinstalled Windows

It makes absolutely no sense to me.   How could I possibly reformat the entire machine, re-install from Windows 7 from scratch, and the moment that I launch IE to go to a web page, the popup comes back??

Usually, MalwareBytes takes care of this kind of thing, but this time even MalwareBytes can't find anything.

I'm completely baffled.   Anyone got any ideas?
0
Comment
Question by:Justin Goo
  • 8
  • 3
  • 2
  • +3
16 Comments
 

Author Comment

by:Justin Goo
ID: 40322618
And yes... the latest version of Adobe Flash IS installed...
0
 

Expert Comment

by:Aamir Ahmed
ID: 40322631
look in the MANAGE ADD-ONs and try to remove/disable any suspicious ones.
0
 
LVL 17

Expert Comment

by:Lior Karasenti
ID: 40322639
You can use Adwcleaner to remove it, check here for instructions how to get rid of it:
http://www.pcinfected.com/axp-zedo-com-virus-removal/
0
 

Expert Comment

by:ALAA NABIH
ID: 40322642
Hello,

check the add-ons manager is there any  toolbars unknown or can not be disabled.

if you find it please take snapshot.
0
 

Author Comment

by:Justin Goo
ID: 40322646
Here is another popup:
Fake Flash Popup 2
0
 

Author Comment

by:Justin Goo
ID: 40322647
I've looked in the Add-ons.   There's nothing suspicious:
Add-ons
0
 

Author Comment

by:Justin Goo
ID: 40322648
What concerns me the most is that I have completely reformatted the machine.   I did a completely clean/fresh Windows install, and the moment I launched IE it came back.   How can this possibly be??
0
 
LVL 88

Expert Comment

by:rindi
ID: 40322790
What AV tool are you running? Did you run malwarebytes like it should run, in standard mode and not in safe mode, where lots of problems can't be found? Have you scanned all PC's on the LAN to make sure it isn't caused by another PC? Have you updated the router's firmware. and reset it to factory defaqults?
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 3

Expert Comment

by:Stef95
ID: 40322792
Install Ad blocker for IE: https://adblockplus.org/releases/adblock-plus-11-for-internet-explorer-released

This has always worked for me
0
 

Author Comment

by:Justin Goo
ID: 40323404
He's got Symantec Endpoint Protection 12.1 installed for A/V.    
Yes we ran MalwareBytes in normal mode.
For 1 client, that is the ONLY PC on the network.   There are no others.

If his computer is infected, I don't just want to block popups, I want to make sure it's clean.
0
 
LVL 88

Accepted Solution

by:
rindi earned 500 total points
ID: 40323522
What about the router? Have you reset it and checked for firmware upgrades?
0
 
LVL 3

Expert Comment

by:Stef95
ID: 40323550
Are they connected to a domain or a workgroup ?
0
 

Author Comment

by:Justin Goo
ID: 40323593
Haven't reset the router yet.  But these are 2 different clients in 2 different companies.

Neither is in a domain.   Both workgroup environments.
0
 

Author Comment

by:Justin Goo
ID: 40331276
Okay.   I reset the router for one of my clients to factory defaults, updated the firmware, and changed the admin password.  
So far no popups yet.    I'm hoping this is actually the fix.
0
 
LVL 88

Expert Comment

by:rindi
ID: 40331296
There is some malware that can affect routers.
0
 

Author Closing Comment

by:Justin Goo
ID: 40342366
Been a couple of days, and so far so good.  Never would've guessed it was the router.  Thanks!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I annotated my article on ransomware somewhat extensively, but I keep adding new references and wanted to put a link to the reference library.  Despite all the reference tools I have on hand, it was not easy to find a way to do this easily. I finall…
#Citrix #Internet Explorer #Enterprise Mode #IE 11 #IE 8
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now