amyakatrinity

Q: New Adobe_Flashplayer malware

I have OS X Yosemite. I just hit a news site off cnn.com with a popup for the Adobe_Flashplayer_e2c7b_Setup-2.dmg malware.This has a different graphical interface than the prior Adoble malware I've seen.

 

I cannot find, delete or stop the file via Activity Monitor. 

 

I downloaded the standalone Mac update, but am not seeing any results? Is there an Update for this?

 

How do I remove both: a) the Mac standalone fix (I can't find where it installed) and b) the malware itself?

Posted on Sep 11, 2015 8:54 AM

Close

Q: New Adobe_Flashplayer malware

  • All replies
  • Helpful answers

  • by JimmyCMPIT,

    JimmyCMPIT JimmyCMPIT Sep 11, 2015 9:32 AM in response to amyakatrinity
    Level 5 (7,466 points)
    Mac OS X
    Sep 11, 2015 9:32 AM in response to amyakatrinity

    flash should only be installed and obtained from one site:

    https://get.adobe.com/flashplayer/

    if you are using ANY url besides this one it is not necessarily anything but garbage bundled under the name "flash" and trying to mimmic the install procedure and fool you into thinking you have a legitimate copy of Flash.

     

    did you install a bogus flash or just get a pop-up?

    the software can not install itself without your permission.

     

    to verify your flash player is legitimate

    • Launch Terminal.app from /Applications/Utilities
    • At the prompt type: codesign -vdv /Applications/Utilities/Adobe\ Flash\ Player\ Install\ Manager.app
      • You can type codesign -vdv and then drag the AdobeFlashPlayerInstallManager.app file onto the Terminal window
    • The results should have 'Authority=Developer ID Application: Adobe Systems, Inc

     

    for further information on the subject see this article by a frequent contributor to this form and anti-malware software developer for the mac

    http://www.reedcorner.net/mmg/

  • by amyakatrinity,

    amyakatrinity amyakatrinity Sep 11, 2015 9:41 AM in response to JimmyCMPIT
    Level 1 (4 points)
    Apple Watch
    Sep 11, 2015 9:41 AM in response to JimmyCMPIT

    I did not download this in an attempt to update Flash whatsoever. I was viewing a page linked off CNN.com when a pop-up appeared that looked suspicious. I immediately Force Quit Safari. When I re-launched, it -- without my permission - sent the .dmg file to my Downloads. I was able to move the file out of Downloads into Trash, but now I cannot permanently remove from Trash. Also, AVG antivirus alerted me.

  • by BobTheFisherman,

    BobTheFisherman BobTheFisherman Sep 11, 2015 9:41 AM in response to amyakatrinity
    Level 6 (15,324 points)
    Sep 11, 2015 9:41 AM in response to amyakatrinity

    Remove AVG

  • by JimmyCMPIT,

    JimmyCMPIT JimmyCMPIT Sep 11, 2015 9:47 AM in response to BobTheFisherman
    Level 5 (7,466 points)
    Mac OS X
    Sep 11, 2015 9:47 AM in response to BobTheFisherman

    Yes, remove that disaster of an application as Bob pointed out. It is riddled with false positive information and misleading finds. AVG makes an amazing Windows product but their Mac offering is a train-wreck of epic proportions. It causes more problems that it purports to fix on the mac.

     

    the application downloaded but it did not install, you can safely trash it before you inadvertently go through all the steps to install by accident.

  • by amyakatrinity,

    amyakatrinity amyakatrinity Sep 11, 2015 10:01 AM in response to JimmyCMPIT
    Level 1 (4 points)
    Apple Watch
    Sep 11, 2015 10:01 AM in response to JimmyCMPIT

    ok, AVG removed. But the malware still won't let me delete it from Trash. Is it just going to sit there forever? Nothing to Force Quit, can't find anything in the Activity log.

    virus.png

  • by Linc Davis,Solvedanswer

    Linc Davis Linc Davis Sep 12, 2015 9:56 AM in response to amyakatrinity
    Level 10 (207,963 points)
    Applications
    Sep 12, 2015 9:56 AM in response to amyakatrinity

    You have to unmount the disk image before you can delete it. Look for it in the sidebar of a Finder window, under Devices. Click the eject button.

  • by amyakatrinity,

    amyakatrinity amyakatrinity Sep 12, 2015 9:57 AM in response to Linc Davis
    Level 1 (4 points)
    Apple Watch
    Sep 12, 2015 9:57 AM in response to Linc Davis

    Done. Thank you. Hadn't expanded my Finder window and the Devices were hidden.