Skip to main content
B
Bikeape
Participant
January 1, 2015
Answered

Need help to ID possible virus or malware

  • January 1, 2015
  • 3 replies
  • 5222 views

Hello Adobe community. I'm new here and need some help. I am running a MacBook pro with Yosemite 10.10.1. This morning I received an update alert for Flash Player and followed the prompts, downloading this file: adobe_flashplayer_e2c7b_Setup.dmg.

Once I downloaded and ran it I got suspicious...hopefully not too late. I went back and looked and this is the website I think it came from:

http://sls.updatenet-check.com/?dist_id=596&channel=affl596&v=icmac&c=d333e5ab59745775ffae65b40b25740e&subid=102675_84d2…

I did upload the file to a virus scan website and it came back clean. Also ran Bit Defender and it came up with nothing. I have read that some malware can infect routers and i am wondering if this is the case with whatever I downloaded.

Still very suspicious! Is this malware? adobe_flashplayer_e2c7b_Setup.dmg

Help please!

Bikeape

This topic has been closed for replies.
Correct answer jeromiec83223024

Unfortunately, Flash Player is one of the most widely distributed pieces of software on the web, and it's a popular target for malware looking to impersonate something legitimate.  Malicious websites will throw up pop-up windows asking you to update Flash, and we've even seen some esoteric stuff, like viruses affecting home routers that throw fake update pop-up windows: There's now an exploit for 'TheMoon' worm targeting Linksys routers | Computerworld

Always download software directly from the publisher.


For Flash Player, you can always download an installer here:

http://get.adobe.com/flashplayer

3 replies

jeromiec83223024
jeromiec83223024Correct answer
Inspiring
January 8, 2015

Unfortunately, Flash Player is one of the most widely distributed pieces of software on the web, and it's a popular target for malware looking to impersonate something legitimate.  Malicious websites will throw up pop-up windows asking you to update Flash, and we've even seen some esoteric stuff, like viruses affecting home routers that throw fake update pop-up windows: There's now an exploit for 'TheMoon' worm targeting Linksys routers | Computerworld

Always download software directly from the publisher.


For Flash Player, you can always download an installer here:

http://get.adobe.com/flashplayer

A
Anonymous
January 10, 2015

I too, unwittingly took the bait and downloaded (and unfortunately ran this file) as I was distracted while "multitasking" (aka: efficient multitasking is a myth).   I canceled the install, since I grew suspicious when it asked to install Yahoo search bars and the like.  I ran a virus scan with Sophos which came back clean.  Just to be careful, I uninstalled Flash and reinstalled from Adobe direct.  I also reset my router to factory defaults to wipe any possible malware/virus/worm that may have been installed. Are there any other steps I should take to make sure I'm "safe"??   I'm hoping you won't advise me to do a factory reset on my MacBook as well, but I'm not above being paranoid.

Thanks,

SD

jeromiec83223024
jeromiec83223024
Inspiring
January 13, 2015

If you downloaded the installer but never actually ran it, you should be fine.  If you downloaded and executed a malicious installer, that's a different story and you'll need to make a judgement call about your personal paranoia level and risk tolerance.  At a minimum, a reputable antivirus and malware scan (malwarebytes.org is free and well-respected) would probably be in order, then maybe backing up your critical files to both a local and online service, and then it's your call about whether you want to wipe the machine and change all your passwords (to unique, secure passwords).  There are some good password manager options these days.

Q
qckslvrguy
Participant
January 3, 2015

I got this as well, in Chrome. Chrome does its own update of Flash.

So yes Virginia, this is most likely malware.

H
Hepcatwog
Participant
January 2, 2015

I, too, just received this same file on a Mac running Yosemite 10.10.1 and thought it looked suspicious as well.  I then checked for updates using the installed Flash Player from System Preferences and it showed that my setup was current.  I'm not trusting it!

HepCatWog

Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices