Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AdobeFlashPlayer.exe malware


  • Please log in to reply
1 reply to this topic

#1 heavydude

heavydude

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:06:27 AM

Posted 19 February 2012 - 01:28 PM

Posting this as a heads up to others who might get the same message.

While on the internet I suddenly got a flashing message on my task bar about AdobeFlashPlayer.exe requesting permission to continue.

I opened my User Account Control and saw the following message:

A program needs your permission to continue.
If you started this program, continue.
Adobe Flash Player
Adobe Systems Incorporated
"C:\Users\Me\AppData\Local\Temp\InstallFlashPlayer.exe"

Two options: Continue or Cancel

I looked in the specifed temp folder and the file wasn't there.

With my suspicions arouse I clicked Cancel.

In a moment the flashing notice on the task bar returned and continued to return each time I clicked Cancel.

A quick googling confirmed that this could be malware.

Malwarebytes found four items in that same temp folder:

Rootkit.0Access - File - xsnaomwrce.exe
Rootkit.0Access - Memory Process - xsnaomwrce.exe - 4456
Rootkit.0Access - File - msimg32.dll
Trojan.FakeAlert - File - o8GFGT8rE4gWoT.exe.tmp

During the Malwarebytes scan, MS Security Essentials detected a Trojan: Win32/FakeSysdef

All items were removed from my computer and when I rebooted the flashing notice did not come back.


So, if you find flashing notices on your task bar that come up suddenly, make sure you check them carefully before OKing them.

BC AdBot (Login to Remove)

 


#2 keyboardNinja

keyboardNinja

    Bleepin' Ninja


  • BC Advisor
  • 4,813 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:teh interwebz
  • Local time:08:27 AM

Posted 22 February 2012 - 01:43 PM

Yes, fake Flash player installers are a very common source of infections in Windows. As always, practice safe browsing, run an antivirus, and keep your software up to date.
PICNIC - Problem In Chair, Not In Computer

Posted Image Posted Image

20 Things I Learned About Browsers and the Web




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users