Jump to content

Adobe Flashplayer 11.7 - Backdoor.Bot


Dator01

Recommended Posts

I downloaded Adobe Flash version 11.7.700.202 straight from the Adobe website and after running a scan, it says it is a Backdoor.Bot virus. I'm hoping this is a false positive...

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Database version: v2013.05.29.01

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

mike :: MIKE-PC [administrator]

5/29/2013 1:08:33 AM

MBAM-log-2013-05-29 (01-19-52).txt

Scan type: Full scan (C:\|E:\|F:\|G:\|H:\|M:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 340428

Time elapsed: 9 minute(s), 37 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

E:\my stuff\install_flashplayer11x32_mssd_aih.exe (Backdoor.Bot) -> No action taken. [eafbaa6a016b5fd7798c7eb0946d8f71]

(end)

Flashplayer.zip

Link to post
Share on other sites

I downloaded Adobe Flash version 11.7.700.202 straight from the Adobe website

Hello, where exactly did you download this file from? I just visited Adobe's site and it gave me a different 11.7.700.202 file.

http://get.adobe.com/flashplayer/download/?installer=Flash_Player_11_for_Other_Browsers&os=Windows%207&browser_type=Gecko&browser_dist=Firefox&d=McAfee_Security_Scan_Plus_FireFox_Browser&dualoffer=false

Link to post
Share on other sites

Hello, where exactly did you download this file from? I just visited Adobe's site and it gave me a different 11.7.700.202 file.

http://get.adobe.com...dualoffer=false

http://get2.adobe.com/flashplayer/download/?installer=Flash_Player_11_for_Other_Browsers&os=Vista&browser_type=Gecko&browser_dist=Firefox&d=Google_Drive_FireFox_Browser&dualoffer=false

I also noticed the file name changed. Not sure why.

Link to post
Share on other sites

Thank you for entertaining my curiosity. I didn't find anything particularly wrong with the file you uploaded earlier but unlike typical Adobe files, this one has it's digital signature revoked.

post-2164-0-20602300-1369808463.jpg

To be doubly safe, I advise getting a fresh copy from Adobe again.

Link to post
Share on other sites

I'm probably bringing coals to Newcastle, but I've had Flash Player 11.7.700.202 (Win) (both ActiveX and plug-in versions) in my downloads folder and installed on all 3 of my rigs since it was shipped earlier this month, and it was never hit by MBAM.

I always get my installers here:

http://www.adobe.com...tribution3.html

Kindly excuse my intrusion on this thread if the above info is neither helpful nor relevant, :)

daledoc1

Link to post
Share on other sites

Thank you both for your responses. I'll be sure to get a fresh copy of flash. But would you be confident in saying that this is just an issue with the digital signature and I haven't been infected?

On a side note, do you have any idea why a digital signature would be revoked? Just curious.

Link to post
Share on other sites

would you be confident in saying that this is just an issue with the digital signature and I haven't been infected?

Fairly easy to find out. Do a quick scan with malwarebytes. Even if we may miss the dropper, we'll still hit the fallout. If anything's there, it shall alert you.

On a side note, do you have any idea why a digital signature would be revoked? Just curious.

That's a question that only Adobe can answer. If not mistaken, large corps like that aren't that forthcoming with sharing such information.
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.