Skip to main content
S
seymourh84108098
Participant
September 12, 2020
Question

Adobe Flash Update Concerns

  • September 12, 2020
  • 0 replies
  • 1059 views

I've posted on this before and there was some exchange, but I can't findthe thread on this site. Anyhow, got a notice to update and becasue of prior issues went first to Adobe.com, but couldn't find any new update. However, found a link to a post that casued me to do a bit of checking and now I'm not sure if I mihgt have installed malware. Extensive details below. Myapologies for length and complexity.

 

I got another Adobe Flash Update and decided to see if there was something new. So, I went to Adopbe.com and checked. Looks like last security bulletin (?update) was June 2020.  Says version 32.0.0.330.  I seem to have 32.0.0.414  Not sure why. I suspect it means that I have a later version than

At the moment, I opened other things to check and so I’m a bit confused, but will try to put things in order.

This was URL

https://helpx.adobe.com/globalsearch.html?q=flash+updater&start_index=0&country=US&activeScopes=%255B%2522helpx%253Alearn%2522%252C%2522helpx%253Ahelp%2522%252C%2522helpx%253Acommunities%2522%252C%2522adobe_com%253Aproduct%2522%252C%2522adobe_com%253Ablog%2522%252C%2522adobe_com%253Athought-leadership%2522%252C%2522adobe_com%253Apartner_extensions%2522%252C%2522adobe_com%253Aevents%2522%252C%2522adobe_com%253Acorporate%2522%255D&scopeConfigs=%255B%257B%2522value%2522%253A%2522helpx%253Alearn%2522%252C%2522renderStyle%2522%253A%2522horiz%2522%252C%2522seeMoreLink%2522%253Anull%252C%2522isSelectable%2522%253Atrue%257D%252C%257B%2522value%2522%253A%2522helpx%253Ahelp%2522%252C%2522renderStyle%2522%253A%2522vert%2522%252C%2522seeMoreLink%2522%253Anull%252C%2522isSelectable%2522%253Atrue%257D%252C%257B%2522value%2522%253A%2522helpx%253Acommunities%2522%252C%2522renderStyle%2522%253A%2522vert%2522%252C%2522seeMoreLink%2522%253Anull%252C%2522isSelectable%2522%253Atrue%257D%252C%257B%2522value%2522%253A%2522adobe_com%253Aproduct%2522%252C%2522renderStyle%2522%253A%2522vert%2522%252C%2522seeMoreLink%2522%253Anull%252C%2522isSelectable%2522%253Atrue%257D%252C%257B%2522value%2522%253A%2522adobe_com%253Ablog%2522%252C%2522renderStyle%2522%253A%2522vert%2522%252C%2522seeMoreLink%2522%253Anull%252C%2522isSelectable%2522%253Afalse%257D%252C%257B%2522value%2522%253A%2522adobe_com%253Athought-leadership%2522%252C%2522renderStyle%2522%253A%2522horiz%2522%252C%2522seeMoreLink%2522%253Anull%252C%2522isSelectable%2522%253Afalse%257D%252C%257B%2522value%2522%253A%2522adobe_com%253Apartner_extensions%2522%252C%2522renderStyle%2522%253A%2522horiz%2522%252C%2522seeMoreLink%2522%253Anull%252C%2522isSelectable%2522%253Afalse%257D%252C%257B%2522value%2522%253A%2522adobe_com%253Aevents%2522%252C%2522renderStyle%2522%253A%2522vert%2522%252C%2522seeMoreLink%2522%253Anull%252C%2522isSelectable%2522%253Afalse%257D%252C%257B%2522value%2522%253A%2522adobe_com%253Acorporate%2522%252C%2522renderStyle%2522%253A%2522vert%2522%252C%2522seeMoreLink%2522%253Anull%252C%2522isSelectable%2522%253Afalse%257D%252C%257B%2522value%2522%253A%2522adobe_com%2522%252C%2522renderStyle%2522%253A%2522vert%2522%252C%2522seeMoreLink%2522%253Anull%252C%2522isSelectable%2522%253Afalse%257D%255D&filters=%257B%2522products%2522%253A%255B%255D%257D&banners=%257B%2522aboveResults%2522%253A%257B%2522count%2522%253A3%252C%2522ids%2522%253A%255B%2522auto%2522%255D%257D%252C%2522sidebar%2522%253A%257B%2522count%2522%253A0%252C%2522ids%2522%253A%255B%255D%257D%257D

 

I clicked on item about Malware and how to remove.

https://community.adobe.com/t5/flash-player/adobe-flashplayer-update-malware-how-do-i-remove-it/td-p/11131261?page=1

Partial except:

I was prompted to update my Adobe Flashplayer on 13 May 2020.  I allowed the download, ran a Bitdefender scan on the executable (it was clean), and then permitted the installation (it appeared legitimate) ; however I became suspicious as soon as the update completed because the executable file did not disappear from my download directory, as it usually does.  I don’t think it typically does in mine. I then researched the name, and it is malware.  I checked the properties, and it wasn't a system file like usual.  The fake file is called flashplayer32au_a_install.exe (I believe the legitimate file is flashplayer32_a_install.exe). 

 

My question for the community is how do I remove this from my system?  Is there a fix?   I uninstalled Flashplayer, deleted the executable, ran a full system scan with Bitdefender, but there is still malware on my computer.  It keeps launching an update process in the background, and I end the task each time it restarts.  I get notice to update – not sure if talking about same thing. There are 3 fake folders (as far as I know) that have been created and I can't delete them - a popup asks for admin details to change permissions, but I definitely won't provide anything.  Two folders associated with the fake Adobe program appear in the top level of the  Program Data directory (I used CCleaner to empty them, but I can't delete the folders) and the third is called Update6 and appears in Program Data / Adobe.    I am presently working offline because I think the virus is a browser hijacker adware program.     I don't know how to remove the malware and would greatly appreciate some guidance.  (lesson learned - in the future I will block Flashplayer).  Thank you in advance.  

 

I then checked my Edge downloads although I never installed with Edge. Here’s what I found:

9/10 https://admdownload.adobe.com/bin/live/flashplayer32au_ha_install.exe  canceled

8/1   https://admdownload.adobe.com/bin/live/flashplayer32ppau_ha_install.exe

7/20  https://admdownload.adobe.com/bin/live/flashplayer32ppau_xa_install.exe  and

                https://admdownload.adobe.com/bin/live/flashplayer32au_ha_install.exe

 

I went back to my Firefox to check downloads and found

8/16  flashplayer32au_ha_install(2).exe 

I put this into my Edge search and got to https://www.bing.com/search?q=flashplayer32au_ha_install%282%29.exe&form=ANNNB1&refig=bec45aa03d26479baa7866d422d50764&sp=-1&pq=flashplayer32au_ha_install%282%29.exe&sc=0-33&qs=n&sk=&cvid=bec45aa03d26479baa7866d422d50764  

Choose one option   “Download flashplayer 32au.ha.install.exe/fileninja.net  When I clicked for info was blocked as malicious site.

There was another item “”flashplayer32au_ha_install.exe – Free Automated malware – I did not try this one.

8/18 flashplayer32ppau_ga_install.exe

When I tried this se4arch, I got

https://www.bing.com/search?q=flashplayer32ppau_ga_install.exe&form=ANNNB1&refig=74be58a8be1147f88aa1b884fbc1b93e&sp=-1&pq=flashplayer32ppau_ga_install.exe&sc=1-32&qs=n&sk=&cvid=74be58a8be1147f88aa1b884fbc1b93e

I did not click on any of the options, but these two may be relevant:

What is flashplayer23_ga_install.exe?

https://www.freefixer.com/library/file/flashplayer23_ga_install.exe-255545

What is flashplayer23_ga_install.exe? flashplayer23_ga_install.exe is part of Adobe Download Manager and developed by Adobe Systems Incorporated according to the flashplayer23_ga_install.exe version information.. flashplayer23_ga_install.exe's description is "Adobe Download Manager"flashplayer23_ga_install.exe is digitally signed by Adobe Systems Incorporated.

 

Download flashplayer_32_sa.exe Free - Adobe Flash Player ...

https://www.download3k.com/Install-Macromedia-Flash-Player-IE-AOL.html

Download locations for Adobe Flash Player 32.0.0.433, Downloads: 961252, Size: 15.24 MB. View the best animation on web.

 

Not sure which may have installed.

I installed only with Firefox and Norton said was “safe”.

Do the differences in the URLs have any significance?

Is there someway I can check if I installed Malware?

 

    This topic has been closed for replies.
    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices