Jump to content

adobe Flash- trojan


Recommended Posts

I got this tonight also. I downloaded directly from Adobe's official site (unchecked the box for the toolbar) and when I tried to install Malwarebytes caught and quarantined Trojan.Agent.AI. I'm sorry I don't have the quick log but I deleted everything concerning it in a moment of panic.

I hope Adobe comes up with a fix quickly.

Link to post
Share on other sites

I had a similar thing earlier this evening. Ran a full scan and it detected trojan.agent.ai twice, both relating to Adobe Flash Installer, that I got from the adobe website. Once in downloads (where I had an old Flash Installer stored) and once in the Temp folder. I've posted the log below (like Raimy I deleted everything else when it completed). Hope this helps

Malwarebytes Anti-Malware (PRO) 1.70.0.1100

www.malwarebytes.org

Database version: v2013.01.05.01

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Protection: Enabled

5/01/2013 4:41:42 p.m.

mbam-log-2013-01-05 (16-41-42).txt

Scan type: Full scan (C:\|D:\|F:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 563354

Time elapsed: 1 hour(s), 18 minute(s), 19 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 2

C:\Users\Nick\AppData\Local\Temp\install_flashplayer11x32_mssd_aih.exe (Trojan.Agent.AI) -> Quarantined and deleted successfully.

C:\Users\Nick\Downloads\install_flashplayer11x32_mssd_aih.exe (Trojan.Agent.AI) -> Quarantined and deleted successfully.

(end)

Link to post
Share on other sites

This was a false positive and should be fixed in the current update.

My Malwarebytes is fully updated so I went to Adobe's site and tried again...same result. Found the trojan and quarantined it. I would have posted the log but it looks just like the one already posted above.

I'm getting so sick of this world. Nothing is safe anymore. :(

Link to post
Share on other sites

This was a false positive and should be fixed in the current update.

It's v2013.01.05.01 so I guess it is out of date but my update button is grayed out which is why I didn't realize that there was a new update. I was finally able to update but I had to log into the Admin account (I use a standard user account as a rule). Is there a way to be able to allow that user account to update? I really don't want to have to keep going into the admin account everytime.

Anyway, I redownloaded the flash file and it did scan clean with Malwarebytes but I'm still nervous. Why would it say it was a trojan in the first place? Is it really safe now?

Link to post
Share on other sites

  • Staff

Our definitions can hit more then one file at a time. Sometimes they can hit a legitimate file and cause a false positive in this situation. The file is safe there.

The only way to have it update under a limited account is to set it in scheduler to check for updates with the pro version from the administrator account.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.