Flash Player Update Virus?

Question

My apologies if this has been discussed before, but I could not find an exact match.

Not exactly sure how it happened, but my "FlashPlayerUpdateService" was installed in Windows/System32/Macomed/Flash folder and harbored a nasty virus that put files in prefetch and executables (Oie7ij01.exe) in the scheduled tasks list that kept respawning, also put entries in the Registy "Run" key and effectively shut down my computer. Took me a day to find the root cause and have not seen this mentioned on any virus sites.

I figured out it was respawning every hour, so I took a look at the scheduled tasks. Once I paused them, the spawning stopped. I disabled the Flash Player Update and restarted the other scheduled tasks and all seemed OK all day. Still thought there were other remenants around, so I decided it was time for my "once very 2 years" rebuild.

Below is a picture of the Flash directory before I wiped the machine. The files with an ".eee" extension were originally .exe executables. The 3 files with a similar name look suspicious. I still have this directory saved to an off-line drive if someone wants to take a close look.

Thanks!

pwillener · Answer

This topic explains the automated background update mechanism http://forums.adobe.com/thread/981567However, I have no idea what "Oie7ij01.exe" is; that is not part of Flash Player or the updater.

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded