• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
Locked
0

Please help - trojan/rootkit in my auto update of latest flash player?

New Here ,
Sep 04, 2012 Sep 04, 2012

Copy link to clipboard

Copied

Hello

I would be very grateful if anyone is able to advise me about what to do.

My problem is that yesterday, after starting my computer, I was prompted to update my flash player version on startup (like is usual). I told it to do so and it opened my web browser to the following web page: https://get3.adobe.com/flashplayer/update/plugin/. Is the security certificate for this website a bit suspect or is that normal for Adobe? Legitimate site?

From there I clicked to download the latest version and got a file with this name: install_flashplayer11x32_mssd_au_aih.exe (please note the "au" - which shouldn't be there?).

Unfortunately, I went ahead and ran it, not noticing anything out of the ordinary, until after the installation. Straight away I was bombarded with about 20 program is not responding messages, which kept on reappearing even after I'd tried to close flashplayer down.

This made me look into things and I've discovered a couple of things which are of concern to me:

(1). These people are talking about how the file is a rootkit: http://www.novahq.net/forum/showthread.php?p=378847

(2). Virustotal found a trojan when I uploaded the file: https://www.virustotal.com/file/8833e31c04dfd19fc2f80edac481119ed0f3c7251a6619d40c223557e0c68b22/ana...

So.... what do I do now? I've scanned with AVG, Malwarebytes, Super Anti-adware, Trend Micro Housecall and TDSSkiller, all of which basically found nothing, apart from a locked sptd file. Apart from these scans, I have done nothing else to my computer yet, like trying to uninstall it, etc. I thought I'd best wait to hear what people have to say before taking action because I'm not sure what I should do next...

Thank you for taking your time to read this, and again, if you can help I'd be relieved!

Browser is the latest version of Firefox and I am running Windows 7. I apologise for any mistakes or rushed typing, I'm just trying to get this sorted, heh 😕


Views

5.2K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
LEGEND ,
Sep 04, 2012 Sep 04, 2012

Copy link to clipboard

Copied

I have just downloaded the installer file from the link you posted; I have analyzed it, and it is free of malware.

If your Flash Player installation is working now (check it at http://helpx.adobe.com/flash-player/kb/find-version-flash-player.html) then you don't need to do anything.

If Flash Player is not working properly, follow these instructions:

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Explorer ,
Sep 04, 2012 Sep 04, 2012

Copy link to clipboard

Copied

LATEST

Leon_88 wrote:

... Virustotal found a trojan when I uploaded the file...


That's only one scan (TrendMicro) out of 42 scanners. Not to worry - that might've been a 'false positive' from TrendMicro. What's your own 'real time protection' AV?

Do as suggested by Pat as you're surely ok.

If you still concerned try to submit the sample file to MS here >

http://www.microsoft.com/security/portal/

And run MS Safety Scanner from here >

http://www.microsoft.com/security/scanner/en-us/default.aspx

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines