I'm on OSX on a Macbook Air. For a few days now, .app installation files for Flash (which I already have installed) have been turning up unbidden on my desktop at a rate of a few every hour, until they litter the desktop. I don't remember the update process being anything like this in the past, though I can't recall how it usually works. Is there anything legit about this, or is it a virus? I've tried to attach screenshots, but they seem to be too large.
There is no such thing as a virus for OS X. I absolutely DO NOT CARE what anyone else says, or who they are. There is no such thing.
The DMG for Flash will only "show up" on your desktop if you download it. That can happen when you click on a link disguised as a video, or an image, but Adobe doesn't download them automatically. If your Flash Player is up to date, you can delete any DMG that does download. You don't need it.
Thanks Mike. So, how might I prevent them from continuing to appear?
Be careful what you click... especially on sites you don't trust?
It's hard to say without knowing the source of the downloads. Safari will show you when something is downloading.
There are literally thousands of fake Flash Player download sites. Most disguised as video pages. Vigilance is your best protection.
I don't recall visiting any sites that I thought were suspect. Does anyone have any advice on how to proceed from here?
It would be very useful if someone from Adobe could confirm whether this is, or is not, the normally way for updates to be distributed. I still have a desktop covered in .dmg files.
If this is legit, it's still very annoying.
Adobe does not, and never has, automatically downloaded installation files, for any product. It is and always has been a "user initiated" process. That's for Reader, Flash Player, Shockwave, AIR, and ANY paid software, such as Creative Suites.
ANY legitimate Adobe download will only be started by a notification appearing that the download is available, and then you must click a link to either begin the download, or go to the page containing the download, and click a link there.
The only possible exception to this rule (and even this is a long shot) is certain Windows updaters that will download McAfee Security Scan along with the requested update, and there's no opt out... BUT
1. The end user had to initiate the download that contained the unwanted add-in
2. It wouldn't affect you because you have a Mac, and your updater links to a different page.
First, trash ALL of the Flash Player DMGs on your desktop.
Then, go to Mac HD/Library/Internet Plug-ins.
Trash the Flash Player,pliugin and flashplayer.xpt files from there.
Go to: Mac HD/Library/Application Support/Adobe.
Trash the Flash Player and Flash Player Install Manager folders (the entire folders)
Also, in the Mac HD/Library/Application Support, trash the Macromedia folder (the entire folder)
In Mac HD/Library/PreferencePanes, trash the Flash Player.prefPane
Empty the trash
That, will remove anything and everything that is Flash Player, or controls any downloading of files related to Flash Player.
Open Safari, and browse sites as you normally would.
The first time you see ANY download activity
IF it's another Flash Player DMG, note what address you were on when it appeared. Post that address back here.
Many thanks, Mike, I appreciate it - I will try all this.