Q: FlashPlayer Virus

Yes, it's a trojan, and this is why you can't rely on any automated protection from malware -- neither Apple's nor anyone else's. The attackers are always ahead of the defenders. The XProtect database doesn't yet include this item. The only effective defense against malware is common sense, which is what saved you in this case. I'm not aware of any way you can report malware to Apple.

I clicked on a adobe flash pop up offering an update and gave my authorisation when prompted! Just read that it may have been a Trojan! Went to software update and installed 3 updates including a java one. Do I need to do anything else? or can I relax? Please help as not very tech savvy!

I clicked on a adobe flash pop up offering an update and gave my authorization when prompted!

The people spreading the Trojan make it somewhat difficult to figure out real from fake. Adobe's real Flash player will pop up an almost identical looking updater when a new version is available. It is real and intentional.

If you check the System Preferences, you'll see a Flash Player icon in the bottom row. Click on its Advanced tab. You'll see that you can change the radio button to "Never check for updates (not recommended)". But really, it's safer to use that one and check manually with the "Check Now" button underneath that. Then you will know if you see a pop up saying you need to update Flash, it's fake.

The one shown above is the most common of this Trojan going around. Two big things really give it away. One, the author can't spell worth beans. Unless "Update fix a crush of Adobe Flash player." is some new form of proper English. Also note what URL it went to. The .nu domain is particularly used in Sweden, Denmark, Norway, the Netherlands and Belgium. So the Flash player being downloaded from there sure the heck isn't from Adobe.

I do wish these users would stop crying Wolf. There is no such thing as a MacDefender Virus. A malware trojan is another thing.  A virus would have to be self-replicating. MacDender had to rely on both compromised servers, AND have you visit them, AND have you gullible enough to fall for 10 basic NO-NO steps.

But that didn't answer Marckopolo's question, which is the same situation I have.  Once I've installed Apple's updates, am I safe?  If not, is there a way to find and erase the trojan from my download files? 

Mea culpa - I admit my stupidity.  No one has yet answered the question of what to do AFTER one has mistakenly given the authorization to download the trojan.

Read this article to understand what is going on and

how to fix it:

http://reviews.cnet.com/8301-13727_7-57410096-263/how-to-remove-the-flashback-ma lware-from-os-x/?tag=txt;title

But that didn't answer Marckopolo's question,

Sure it did. He stated:

I clicked on a adobe flash pop up offering an update and gave my authorisation when prompted! Just read that it may have been a Trojan!

I pointed out two of the differences in the fake Flash update (per the image in the first post). Also how to turn automatic updating of the real Flash player off, so if you see any type of popup after that, you know it's a scam. Seems like an answer to me.

One, the author can't spell worth beans. Unless "Update fix a crush of Adobe Flash player." is some new form of proper English.

LOL @ Kurt.

Yes, I've noticed over the years, there are so many malware creators that spend their whole scammy career tweaking out fake update apps, and tend to never catch on to the fact they are giving themselves away half the time by not being able to avoid simple typos and basic linguistics.

It should be mandatory for scammers to take a few courses of english at least... considering most the world either speaks English or Chinese. It's a good thing they don't!

Thank you, woodmeister. 

So the answer to Marckopolo's question, "Went to software update and installed 3 updates including a java one. Do I need to do anything else? or can I relax? " is yes, we need to do something else, and no, we can't relax.

Further action must be taken in addition to downloading the latest Apple updates, and woodmeister has kindly supplied a link to that further action.  I'm not very computer savvy (case-in-point, I okay'd the malware in the first place), but I will follow carefully the instructions from the link.

That is what we need to know.  The rest of you can enjoy your diatribes about us dumbunnies who didn't notice the misspelling.  You are right, though, I should have known better, and, in fact, I knew the minute I clicked okay that I shouldn't have done it.  Now I'm scared to check my bank account, etc.

Its almost as if they purposefully leave a breadcrumb trail with these update mistakes. There are two obvious ones in there, the first being "update to a latest version" (should be "the latest"), and the second being "fix a crush" and the whole structure of the second sentence. Quite amusing indeed.

Bingo! You hit the nail on the head.

Most spam, trojans, phishes etc. are so poorly spelled that anyone with a highschool education can tell that they are fake.

Look for the obvious (loose instead of lose; its confused with it's; using an 's to denote a plural) and other such bad spelling. It's not nit-picking to notice poor spelling. Most hackers are poorly educated.

I always got a kick out of those phishing sites that try to immitate Amazon, and despite copying everything down to a T (must have taken them ages to do that), they still spelt the big title as Ammazon.

LOL.

Now let's forget all the other nit-picking on the page..... when you can't even get the headline right..............

The rest of you can enjoy your diatribes about us dumbunnies who didn't notice the misspelling.

Diatribes? Calling anyone dumbunnies? Where did you see either of those? That I can see, everyone presented straight forward facts with clear explanations.

Sorry Kurt, you are correct.  I feel really stupid about clicking okay to the malware, and I know I would not have done so back when I was using a non-Apple PC.  Will never again get complacent as a user of Apple products. 

Those of us who did allow the fake "update" are desperate to know what to do next.