[Q] Virus/Malware: Download Flash Player on Google sites

Search This thread

naishe

Member
Feb 21, 2014
5
1
naishe.in
Hi,

I am on Android 4.0.4 Cyanogen Mod. Recently, whenever I open google.com or any google website, I get this popup that asks me to download Flash Player and redirect me to some website that has a link to download. It basically blocks all the routes to google related websites.

This is exactly the same issue described here: bleepingcomputer.com/forums/t/526069/warning-your-flash-player-may-be-out-of-date-redirect-on-both-pc-and-tablet but the solution is basically for a Windows machine.

After this started to happen, I:
1. cleared all applications cache data
2. Installed AVG antivirus and scanned the phone


This does not seem to be a problem with router because there I do not see the problems on computers and phones connected to the same router.

Can someone help me to solve this problem?

Attached is the screenshot.


Thanks

PS: I cannot post a link yet, so I removed the protocol and www prefix.
 

Attachments

  • Screenshot_2014-04-11-13-44-01.png
    Screenshot_2014-04-11-13-44-01.png
    26.2 KB · Views: 131
Last edited:

IndianHacker

Senior Member
Oct 14, 2012
55
11
Hi,

I am on Android 4.0.4 Cyanogen Mod. Recently, whenever I open google.com or any google website, I get this popup that asks me to download Flash Player and redirect me to some website that has a link to download. It basically blocks all the routes to google related websites.

This is exactly the same issue described here: bleepingcomputer.com/forums/t/526069/warning-your-flash-player-may-be-out-of-date-redirect-on-both-pc-and-tablet but the solution is basically for a Windows machine.

After this started to happen, I:
1. cleared all applications cache data
2. Installed AVG antivirus and scanned the phone


This does not seem to be a problem with router because there I do not see the problems on computers and phones connected to the same router.

Can someone help me to solve this problem?

Attached is the screenshot.


Thanks

PS: I cannot post a link yet, so I removed the protocol and www prefix.

I have the exact same issue as above. I am on 4.4.2 (CM v. 11-20140405-SNAPSHOT-M5-i9300)
What I observed is, when I am connected to my home wireless, neither the internet browsing works nor the play store. But when I shift to 3G, my play store works but with the browser I still get that flash warning.

I have not got any information from elsewhere how to fix it (on phone).
 
  • Like
Reactions: naishe

was12

Senior Member
Jul 23, 2013
191
54
istanbul
Hi,

I am on Android 4.0.4 Cyanogen Mod. Recently, whenever I open google.com or any google website, I get this popup that asks me to download Flash Player and redirect me to some website that has a link to download. It basically blocks all the routes to google related websites.

This is exactly the same issue described here: bleepingcomputer.com/forums/t/526069/warning-your-flash-player-may-be-out-of-date-redirect-on-both-pc-and-tablet but the solution is basically for a Windows machine.

After this started to happen, I:
1. cleared all applications cache data
2. Installed AVG antivirus and scanned the phone


This does not seem to be a problem with router because there I do not see the problems on computers and phones connected to the same router.

Can someone help me to solve this problem?

Attached is the screenshot.


Thanks

PS: I cannot post a link yet, so I removed the protocol and www prefix.


I think it is a virüs and your system is effected. Maybe there is easy way to fix that problem but i suggest you to backup your datas and make full wipe (system, data, cache) and install your rom. For me it is definitely solution.
 
  • Like
Reactions: naishe

naishe

Member
Feb 21, 2014
5
1
naishe.in
I think I got the problem when another computer connected to the router got the same issue.

Basically, my modem/router was bugged. There is a virus that performs DNS injection. DNS of my network adapter had been changed to 68.168.98.196, which in turn was redirecting all the traffic from my devices to the attacker's website.

So, I called the phone company and got the modem reset. Updated the settings. The problem was fixed.

If you have the same problem,

1. Check the DNS setting in your modem/router. You may need to log into the router gateway like HTTP : / / 192.168.1.1 or something.
2. If it is 68.168.98.196, you will have to reset the router.
3. Note that if you are bugged, you might not log into the router though. So, you cannot see the DNS. Probably, you should probably check in your system. For example, I do this Ubuntu,

Code:
~$ nm-tool | grep DNS
    DNS:             192.168.1.1
    DNS:             125.22.47.125
    DNS:             125.22.47.100
    DNS:             8.8.8.8

4. Reset the router. Before you start doing that make sure you have all the information, id and password for your connection provided by the ISP.

Once this is done, you can see Google and sister websites load pretty well.
 
  • Like
Reactions: IndianHacker

IndianHacker

Senior Member
Oct 14, 2012
55
11
I think I got the problem when another computer connected to the router got the same issue.

Basically, my modem/router was bugged. There is a virus that performs DNS injection. DNS of my network adapter had been changed to 68.168.98.196, which in turn was redirecting all the traffic from my devices to the attacker's website.

So, I called the phone company and got the modem reset. Updated the settings. The problem was fixed.

If you have the same problem,

1. Check the DNS setting in your modem/router. You may need to log into the router gateway like HTTP : / / 192.168.1.1 or something.
2. If it is 68.168.98.196, you will have to reset the router.
3. Note that if you are bugged, you might not log into the router though. So, you cannot see the DNS. Probably, you should probably check in your system. For example, I do this Ubuntu,

Code:
~$ nm-tool | grep DNS
    DNS:             192.168.1.1
    DNS:             125.22.47.125
    DNS:             125.22.47.100
    DNS:             8.8.8.8

4. Reset the router. Before you start doing that make sure you have all the information, id and password for your connection provided by the ISP.

Once this is done, you can see Google and sister websites load pretty well.

I think you nailed it down. Indeed my wireless router (which is physically connected to my ISP's modem) had one of the DNS set to 68.168.98.196. I now changed them manually to google DNS servers, had my phone forget the network and added it again. Looks like it is working for me too..

Thanks a lot for posting it! I will update here if I see the issue again or anything else indicating similar issue.
 

Top Liked Posts

  • There are no posts matching your filters.
  • 1
    Hi,

    I am on Android 4.0.4 Cyanogen Mod. Recently, whenever I open google.com or any google website, I get this popup that asks me to download Flash Player and redirect me to some website that has a link to download. It basically blocks all the routes to google related websites.

    This is exactly the same issue described here: bleepingcomputer.com/forums/t/526069/warning-your-flash-player-may-be-out-of-date-redirect-on-both-pc-and-tablet but the solution is basically for a Windows machine.

    After this started to happen, I:
    1. cleared all applications cache data
    2. Installed AVG antivirus and scanned the phone


    This does not seem to be a problem with router because there I do not see the problems on computers and phones connected to the same router.

    Can someone help me to solve this problem?

    Attached is the screenshot.


    Thanks

    PS: I cannot post a link yet, so I removed the protocol and www prefix.

    I have the exact same issue as above. I am on 4.4.2 (CM v. 11-20140405-SNAPSHOT-M5-i9300)
    What I observed is, when I am connected to my home wireless, neither the internet browsing works nor the play store. But when I shift to 3G, my play store works but with the browser I still get that flash warning.

    I have not got any information from elsewhere how to fix it (on phone).
    1
    Hi,

    I am on Android 4.0.4 Cyanogen Mod. Recently, whenever I open google.com or any google website, I get this popup that asks me to download Flash Player and redirect me to some website that has a link to download. It basically blocks all the routes to google related websites.

    This is exactly the same issue described here: bleepingcomputer.com/forums/t/526069/warning-your-flash-player-may-be-out-of-date-redirect-on-both-pc-and-tablet but the solution is basically for a Windows machine.

    After this started to happen, I:
    1. cleared all applications cache data
    2. Installed AVG antivirus and scanned the phone


    This does not seem to be a problem with router because there I do not see the problems on computers and phones connected to the same router.

    Can someone help me to solve this problem?

    Attached is the screenshot.


    Thanks

    PS: I cannot post a link yet, so I removed the protocol and www prefix.


    I think it is a virüs and your system is effected. Maybe there is easy way to fix that problem but i suggest you to backup your datas and make full wipe (system, data, cache) and install your rom. For me it is definitely solution.
    1
    I think I got the problem when another computer connected to the router got the same issue.

    Basically, my modem/router was bugged. There is a virus that performs DNS injection. DNS of my network adapter had been changed to 68.168.98.196, which in turn was redirecting all the traffic from my devices to the attacker's website.

    So, I called the phone company and got the modem reset. Updated the settings. The problem was fixed.

    If you have the same problem,

    1. Check the DNS setting in your modem/router. You may need to log into the router gateway like HTTP : / / 192.168.1.1 or something.
    2. If it is 68.168.98.196, you will have to reset the router.
    3. Note that if you are bugged, you might not log into the router though. So, you cannot see the DNS. Probably, you should probably check in your system. For example, I do this Ubuntu,

    Code:
    ~$ nm-tool | grep DNS
        DNS:             192.168.1.1
        DNS:             125.22.47.125
        DNS:             125.22.47.100
        DNS:             8.8.8.8

    4. Reset the router. Before you start doing that make sure you have all the information, id and password for your connection provided by the ISP.

    Once this is done, you can see Google and sister websites load pretty well.