Don’t Be Cheated by Fake Adobe Player Install Pack
Recently, Baidu Antivirus Security Center has detected a new malicious plug-in called "Search Protect" that is using Adobe Player's name to promote itself. Once infected with this plug-in, users' homepages will be changed to "trovi.com". Baidu Antivirus security experts add that malicious plug-ins like "Search Protect" change users' browser use habits and typically pose a risk to users' private information security.
According to Baidu Antivirus security experts, when users search for Adobe Player and other keywords, the first result is a promotion link related to Search Protect (they buy search engine ads to increase their own ranking).
Users will then be led to a fake Adobe Player download site meticulously created by cyber criminals.
After users download an install pack from this website and check the "Search Protect" related options unconsciously, this malicious plug-in will be installed in the background. The plug-in can now maliciously modify users' browsers and search engines. These resident malicious processes can lead to the theft of users' private data. By installing the "Search Protect" plug-in, you can see that the process and server establish a large number of network requests (shown below).
Baidu Antivirus Security Center would like to remind users that, in order to protect their private data and browser experience, they should install multi-functional security software and promptly update it to the latest version. Infected users can use Baidu Antivirus 2015's quick scan function to restore their security and remove any potentially malicious programs. Users that do not have Baidu Antivirus yet can download and install it from our official website.
Baidu Antivirus official Facebook: https://www.facebook.com/BaiduAntivirusEN