Fake Adobe Flash Player install (Removal Instructions) - updated Nov 2017

Fake Adobe Flash Player install Removal Guide

What is Fake Adobe Flash Player install?

Fake Adobe Flash Player install spreads malicious programs

Fake Adobe Flash Player install scam alerts

Fake Adobe Flash Player install or update pop-up might show up on the screen out of nowhere. While Flash Player is a legit application, cybercriminals often take advantage of it to spread malicious programs. There are several versions of this cyber threat that is used for spreading malware, such as Locky[1] and Bad Rabbit ransomware.[2]

Warning messages of the fake Adobe Flash Player update virus are usually filled with stolen logos and similar content that can easily deceive you into thinking that the offer is real and comes from a well-known company – Adobe Systems. Unfortunately, these fake alerts have nothing to do with this tech giant and must be avoided.

In reality, such pop-ups come from unreliable web sources that try to trick unaware PC users into downloading dubious software that might be supplemented with computer threats as Trojan horses, ransomware, adware, browser hijackers and other noxious or potentially unwanted programs (PUPs).

Usually, the fake warning message appears on the screen and starts offering such files as adobeflashplayerinstaller.dmg right after clicking on some suspicious link online. It can also show up after falling for a sensationalist headline of a click bait article that was shared on Facebook[3] or other social media page. Another method used for spreading Adobe Flash Player install virus relies on adware viruses and browser hijackers that have become very popular during the last days.

Unfortunately, Mac OS X is as vulnerable as Windows operating system. If you think that you may have installed a fake update, you should scan the computer with a powerful anti-malware software. We recommend using tools such as FortectIntego or Malwarebytes to remove Adobe Flash Player trojan from your PC.

Fake Adobe Flash Player updates spread ransomware, including Bad Rabbit virus

One of the most malicious viruses, which is reportedly spread with the help of a Fake Adobe Flash Player install manager, is Trojan.Ransomware. This trojan horse is an extremely hazardous virus because it can easily block the computer system down and encrypt personal files. Besides, victims are asked to pay an enormous ransom in order to get the decryption key which is not recommended to do.

Authors of ransomware use this distribution method at least since 2013. One of the biggest campaigns was detected in November 2016 to spread Locky ransomware. However, on October 2017 a new version of Petya virus was also noticed being spread with the help of fake Adobe Flash Player update.

Known as the Bad Rabbit ransomware, the virus is spreading via compromised websites.[4] When users visit a hacked site, they received a pop-up window informing about available Flash Player update. However, if you read the alert carefully (screenshot below), you should see that it provides irrelevant information and differs from the legit notification a lot.

Fake Adobe Flash update spreads Bad Rabbit ransomware

Mac OS X users are in the target eye as well

It was discovered that the cyber-criminals aim to attack Mac users with these dubious “Update Adobe Flash Player” alerts, too. It appears that after user agrees to install this corrupted Adobe Flash update, a real update is installed alongside a scareware program that usually tries to frighten the computer user by displaying messages that your computer is badly infected with malicious programs and to fix it you have to buy some sort of suspicious software.

You might also end up with a professionally programmed malware software by downloading such bogus Adobe Flash Player update, too. Computer experts say that such malicious programs are professionally programmed, and they can download other malicious programs to the infected computer. To avoid installing such cyber-threats, stay away from fake Adobe Flash Player update alerts!

Tips to recognize a fake Flash Player update

Security experts from Les Virus[5] prepared three main tips how to spot and avoid fake Flash Player install:

  1. Make sure that you have Adobe Flash Player on your computer and that you have been using it in the past.
  2. Always check the latest updates on publisher’s website. Make sure you visit it to see what is offered to you.
  3. Read the entire warning message which presents itself as a valuable alert from Adobe Systems. You should pay attention to such details as logos, spelling and grammar mistakes, links that are displayed in the message and similar content. Of course, we do NOT recommend clicking links but hovering your mouse over them and checking the address. If it is not adobe.com, then, most probably, you are dealing with scammers.
  4. Enable automatic Adobe Flash updates in order to avoid misleading pop-ups. Once you receive such alert, you can be sure that it’s not real.

Examples of Fake Adobe Flash Player installFake Adobe Flash Player install and update offers might pop up any time you browse the web.

Methods used to spread Fake Adobe Flash update (virus)

Mostly, computer threats that are spread via Fake Adobe Flash Player update installer get inside the system as soon as the user clicks the “download now,” “I agree,” “Update now” or a similar button that can be found on a misleading notification. That is why we want to encourage you NOT to click this button.

Besides, make sure you ignore such and similar alerts that may pop up on your screen asking to install software updates as you browse the Internet. If an alert tells you that one of your programs is out of date, it would be wiser to visit the official website of the suggested software and see what it offers for you. That is the safest way to update such programs as Adobe Flash Player, Java, Google Chrome, or other well-known programs.

Otherwise, you risk infecting your computer with unexpected PC threats such as Trojans, ransomware, browser hijackers and adware type software.

Getting rid of Fake Adobe Flash Player install

If you have already received these bogus offers to update software that is showing up on your computer’s screen during your browsing sessions, you should run a full system scan with an updated anti-malware software. We highly recommend using such programs as FortectIntego, or Malwarebytes for Fake Adobe Flash Player install removal.

Such programs can detect and terminate numerous computer threats with ease. Please, do not try to deal with dangerous viruses on your own as your good intentions may do more harm than good. It’s unknown what malware may have been downloaded to your device, so you should remove Fake Adobe Flash Player install with the help of powerful security software.

Getting rid of Flash Player virus on Mac operating system

To remove fake Adobe Flash update virus on Mac, you need to scan it with computer repair software. You can use programs mentioned above to find malicious files that you were tricked into installing by this scam. Typically, such scams lead users into installing one main file, like player.dmg, and some other components.

As we have already mentioned, the fake Flash Adobe Player version was noticed on both, Windows OS and Mac OS X. Dealing with such scams is dangerous and can lead you to the same result – installation of another, usually much more dangerous, malware. Keep in mind that Macs are not immune to viruses – they keep appearing each day.

do it now!
Fortect Happiness
Intego Happiness
Compatible with Microsoft Windows Compatible with macOS
What to do if failed?
If you failed to fix virus damage using Fortect Intego, submit a question to our support team and provide as much details as possible.
Fortect Intego has a free limited scanner. Fortect Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Fortect, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

Getting rid of Fake Adobe Flash Player install. Follow these steps

Manual removal using Safe Mode

If you cannot install, update or run security software to remove a malicious program, please reboot the computer to Safe Mode with Networking. This should help to disable the malware that was brought by Fake Adobe Flash Player install.

Important! →
Manual removal guide might be too complicated for regular computer users. It requires advanced IT knowledge to be performed correctly (if vital system files are removed or damaged, it might result in full Windows compromise), and it also might take hours to complete. Therefore, we highly advise using the automatic method provided above instead.

Step 1. Access Safe Mode with Networking

Manual malware removal should be best performed in the Safe Mode environment. 

Windows 7 / Vista / XP
  1. Click Start > Shutdown > Restart > OK.
  2. When your computer becomes active, start pressing F8 button (if that does not work, try F2, F12, Del, etc. – it all depends on your motherboard model) multiple times until you see the Advanced Boot Options window.
  3. Select Safe Mode with Networking from the list. Windows 7/XP
Windows 10 / Windows 8
  1. Right-click on Start button and select Settings.
  2. Scroll down to pick Update & Security.
    Update and security
  3. On the left side of the window, pick Recovery.
  4. Now scroll down to find Advanced Startup section.
  5. Click Restart now.
  6. Select Troubleshoot. Choose an option
  7. Go to Advanced options. Advanced options
  8. Select Startup Settings. Startup settings
  9. Press Restart.
  10. Now press 5 or click 5) Enable Safe Mode with Networking. Enable safe mode

Step 2. Shut down suspicious processes

Windows Task Manager is a useful tool that shows all the processes running in the background. If malware is running a process, you need to shut it down:

  1. Press Ctrl + Shift + Esc on your keyboard to open Windows Task Manager.
  2. Click on More details.
    Open task manager
  3. Scroll down to Background processes section, and look for anything suspicious.
  4. Right-click and select Open file location.
    Open file location
  5. Go back to the process, right-click and pick End Task.
    End task
  6. Delete the contents of the malicious folder.

Step 3. Check program Startup

  1. Press Ctrl + Shift + Esc on your keyboard to open Windows Task Manager.
  2. Go to Startup tab.
  3. Right-click on the suspicious program and pick Disable.

Step 4. Delete virus files

Malware-related files can be found in various places within your computer. Here are instructions that could help you find them:

  1. Type in Disk Cleanup in Windows search and press Enter.
    Disk cleanup
  2. Select the drive you want to clean (C: is your main drive by default and is likely to be the one that has malicious files in).
  3. Scroll through the Files to delete list and select the following:

    Temporary Internet Files
    Recycle Bin
    Temporary files

  4. Pick Clean up system files.
    Delete temp files
  5. You can also look for other malicious files hidden in the following folders (type these entries in Windows Search and press Enter):


After you are finished, reboot the PC in normal mode.

Remove Fake Adobe Flash Player install using System Restore

This method might also help to remove malware with antivirus or malware removal program.

  • Step 1: Reboot your computer to Safe Mode with Command Prompt
    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Command Prompt from the list Select 'Safe Mode with Command Prompt'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Command Prompt in Startup Settings window. Select 'Enable Safe Mode with Command Prompt'
  • Step 2: Restore your system files and settings
    1. Once the Command Prompt window shows up, enter cd restore and click Enter. Enter 'cd restore' without quotes and press 'Enter'
    2. Now type rstrui.exe and press Enter again.. Enter 'rstrui.exe' without quotes and press 'Enter'
    3. When a new window shows up, click Next and select your restore point that is prior the infiltration of Fake Adobe Flash Player install. After doing that, click Next. When 'System Restore' window shows up, select 'Next' Select your restore point and click 'Next'
    4. Now click Yes to start system restore. Click 'Yes' and start system restore
    Once you restore your system to a previous date, download and scan your computer with FortectIntego and make sure that Fake Adobe Flash Player install removal is performed successfully.

Finally, you should always think about the protection of crypto-ransomwares. In order to protect your computer from Fake Adobe Flash Player install and other ransomwares, use a reputable anti-spyware, such as FortectIntego, SpyHunter 5Combo Cleaner or Malwarebytes

How to prevent from getting trojans

Choose a proper web browser and improve your safety with a VPN tool

Online spying has got momentum in recent years and people are getting more and more interested in how to protect their privacy online. One of the basic means to add a layer of security – choose the most private and secure web browser. Although web browsers can't grant full privacy protection and security, some of them are much better at sandboxing, HTTPS upgrading, active content blocking, tracking blocking, phishing protection, and similar privacy-oriented features. However, if you want true anonymity, we suggest you employ a powerful Private Internet Access VPN – it can encrypt all the traffic that comes and goes out of your computer, preventing tracking completely.


Lost your files? Use data recovery software

While some files located on any computer are replaceable or useless, others can be extremely valuable. Family photos, work documents, school projects – these are types of files that we don't want to lose. Unfortunately, there are many ways how unexpected data loss can occur: power cuts, Blue Screen of Death errors, hardware failures, crypto-malware attack, or even accidental deletion.

To ensure that all the files remain intact, you should prepare regular data backups. You can choose cloud-based or physical copies you could restore from later in case of a disaster. If your backups were lost as well or you never bothered to prepare any, Data Recovery Pro can be your only hope to retrieve your invaluable files.

About the author
Gabriel E. Hall
Gabriel E. Hall - Passionate web researcher

If this free guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Gabriel E. Hall
About the company Esolutions

Removal guides in other languages