Fake Adobe Flash Player install. How to remove? (Uninstall guide)
Fake Adobe Flash Player install spreads malicious programs
Fake Adobe Flash Player install or update pop-up might show up on the screen out of nowhere. While Flash Player is a legit application, cybercriminals often take advantage of it to spread malicious programs. There are several versions of this cyber threat that is used for spreading malware, such as Locky[1] and Bad Rabbit ransomware.[2]
Warning messages of the fake Adobe Flash Player update virus are usually filled with stolen logos and similar content that can easily deceive you into thinking that the offer is real and comes from a well-known company – Adobe Systems. Unfortunately, these fake alerts have nothing to do with this tech giant and must be avoided.
In reality, such pop-ups come from unreliable web sources that try to trick unaware PC users into downloading dubious software that might be supplemented with computer threats as Trojan horses, ransomware, adware, browser hijackers and other noxious or potentially unwanted programs (PUPs).
Usually, the fake warning message appears on the screen and starts offering such files as adobeflashplayerinstaller.dmg right after clicking on some suspicious link online. It can also show up after falling for a sensationalist headline of a click bait article that was shared on Facebook[3] or other social media page. Another method used for spreading Adobe Flash Player install virus relies on adware viruses and browser hijackers that have become very popular during the last days.
Unfortunately, Mac OS X is as vulnerable as Windows operating system. If you think that you may have installed a fake update, you should scan the computer with a powerful anti-malware software. We recommend using tools such as Reimage or Plumbytes Anti-MalwareMalwarebytes Malwarebytes to remove Adobe Flash Player trojan from your PC.
Fake Adobe Flash Player updates spread ransomware, including Bad Rabbit virus
One of the most malicious viruses, which is reportedly spread with the help of a Fake Adobe Flash Player install manager, is Trojan.Ransomware. This trojan horse is an extremely hazardous virus because it can easily block the computer system down and encrypt personal files. Besides, victims are asked to pay an enormous ransom in order to get the decryption key which is not recommended to do.
Authors of ransomware use this distribution method at least since 2013. One of the biggest campaigns was detected in November 2016 to spread Locky ransomware. However, on October 2017 a new version of Petya virus was also noticed being spread with the help of fake Adobe Flash Player update.
Questions about Fake Adobe Flash Player install
Known as the Bad Rabbit ransomware, the virus is spreading via compromised websites.[4] When users visit a hacked site, they received a pop-up window informing about available Flash Player update. However, if you read the alert carefully (screenshot below), you should see that it provides irrelevant information and differs from the legit notification a lot.
Mac OS X users are in the target eye as well
It was discovered that the cyber-criminals aim to attack Mac users with these dubious “Update Adobe Flash Player” alerts, too. It appears that after user agrees to install this corrupted Adobe Flash update, a real update is installed alongside a scareware program that usually tries to frighten the computer user by displaying messages that your computer is badly infected with malicious programs and to fix it you have to buy some sort of suspicious software.
You might also end up with a professionally programmed malware software by downloading such bogus Adobe Flash Player update, too. Computer experts say that such malicious programs are professionally programmed, and they can download other malicious programs to the infected computer. To avoid installing such cyber-threats, stay away from fake Adobe Flash Player update alerts!
Tips to recognize a fake Flash Player update
Security experts from Les Virus[5] prepared three main tips how to spot and avoid fake Flash Player install:
- Make sure that you have Adobe Flash Player on your computer and that you have been using it in the past.
- Always check the latest updates on publisher’s website. Make sure you visit it to see what is offered to you.
- Read the entire warning message which presents itself as a valuable alert from Adobe Systems. You should pay attention to such details as logos, spelling and grammar mistakes, links that are displayed in the message and similar content. Of course, we do NOT recommend clicking links but hovering your mouse over them and checking the address. If it is not adobe.com, then, most probably, you are dealing with scammers.
- Enable automatic Adobe Flash updates in order to avoid misleading pop-ups. Once you receive such alert, you can be sure that it’s not real.


Select 'Safe Mode with Networking'

Select 'Enable Safe Mode with Networking'

Select 'Safe Mode with Command Prompt'

Select 'Enable Safe Mode with Command Prompt'

Enter 'cd restore' without quotes and press 'Enter'

Enter 'rstrui.exe' without quotes and press 'Enter'

When 'System Restore' window shows up, select 'Next'

Select your restore point and click 'Next'

Click 'Yes' and start system restore
Methods used to spread Fake Adobe Flash update (virus)
Mostly, computer threats that are spread via Fake Adobe Flash Player update installer get inside the system as soon as the user clicks the “download now,” “I agree,” “Update now” or a similar button that can be found on a misleading notification. That is why we want to encourage you NOT to click this button.
Besides, make sure you ignore such and similar alerts that may pop up on your screen asking to install software updates as you browse the Internet. If an alert tells you that one of your programs is out of date, it would be wiser to visit the official website of the suggested software and see what it offers for you. That is the safest way to update such programs as Adobe Flash Player, Java, Google Chrome, or other well-known programs.
Otherwise, you risk infecting your computer with unexpected PC threats such as Trojans, ransomware, browser hijackers and adware type software.
Getting rid of Fake Adobe Flash Player install
If you have already received these bogus offers to update software that is showing up on your computer’s screen during your browsing sessions, you should run a full system scan with an updated anti-malware software. We highly recommend using such programs as Reimage, or Plumbytes Anti-MalwareMalwarebytes Malwarebytes for Fake Adobe Flash Player install removal.
Such programs can detect and terminate numerous computer threats with ease. Please, do not try to deal with dangerous viruses on your own as your good intentions may do more harm than good. It’s unknown what malware may have been downloaded to your device, so you should remove Fake Adobe Flash Player install with the help of powerful security software.
Getting rid of Flash Player virus on Mac operating system
To remove fake Adobe Flash update virus on Mac, you need to scan it with computer repair software. You can use programs mentioned above to find malicious files that you were tricked into installing by this scam. Typically, such scams lead users into installing one main file, like player.dmg, and some other components.
As we have already mentioned, the fake Flash Adobe Player version was noticed on both, Windows OS and Mac OS X. Dealing with such scams is dangerous and can lead you to the same result – installation of another, usually much more dangerous, malware. Keep in mind that Macs are not immune to viruses – they keep appearing each day.
To remove Fake Adobe Flash Player install, follow these steps:
Remove Fake Adobe Flash Player install using Safe Mode with Networking
If you cannot install, update or run security software to remove a malicious program, please reboot the computer to Safe Mode with Networking. This should help to disable the malware that was brought by Fake Adobe Flash Player install.
-
Step 1: Reboot your computer to Safe Mode with Networking
Windows 7 / Vista / XP- Click Start → Shutdown → Restart → OK.
- When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
-
Select Safe Mode with Networking from the list
Windows 10 / Windows 8- Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
- Now select Troubleshoot → Advanced options → Startup Settings and finally press Restart.
-
Once your computer becomes active, select Enable Safe Mode with Networking in Startup Settings window.
-
Step 2: Remove Fake Adobe Flash Player install
Log in to your infected account and start the browser. Download Reimage or other legitimate anti-spyware program. Update it before a full system scan and remove malicious files that belong to your ransomware and complete Fake Adobe Flash Player install removal.
If your ransomware is blocking Safe Mode with Networking, try further method.
Remove Fake Adobe Flash Player install using System Restore
This method might also help to remove malware with antivirus or malware removal program.
-
Step 1: Reboot your computer to Safe Mode with Command Prompt
Windows 7 / Vista / XP- Click Start → Shutdown → Restart → OK.
- When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
-
Select Command Prompt from the list
Windows 10 / Windows 8- Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
- Now select Troubleshoot → Advanced options → Startup Settings and finally press Restart.
-
Once your computer becomes active, select Enable Safe Mode with Command Prompt in Startup Settings window.
-
Step 2: Restore your system files and settings
-
Once the Command Prompt window shows up, enter cd restore and click Enter.
-
Now type rstrui.exe and press Enter again..
-
When a new window shows up, click Next and select your restore point that is prior the infiltration of Fake Adobe Flash Player install. After doing that, click Next.
-
Now click Yes to start system restore.
-
Once the Command Prompt window shows up, enter cd restore and click Enter.
Finally, you should always think about the protection of crypto-ransomwares. In order to protect your computer from Fake Adobe Flash Player install and other ransomwares, use a reputable anti-spyware, such as Reimage, Malwarebytes MalwarebytesCombo Cleaner or Plumbytes Anti-MalwareMalwarebytes Malwarebytes
About the author
References
- ^ David Bisson. Locky ransomware spreads through phony Flash update site. FightRansomware. The website about ransomware and its prevention.
- ^ Matt Burgess. The Bad Rabbit malware was disguised as a Flash update. Wired UK. Future science, culture and technology news and reviews.
- ^ Wang Wei. Malware Poses as Flash Update Infects 110,000 Facebook Users within 2 Days. The Hacker News. Cyber Security and hacking news.
- ^ Lorenzo Franceschi-Bicchierai. Infrastructure for the ‘Bad Rabbit’ Ransomware Appears to Have Shut Down. Motherboard. News and entertainment website.
- ^ Les Virus. Les Virus. French cyber security news.