Jump to content

File is digitally signed by Adobe, but OA detects it as dangerous


Hanziness
 Share

Recommended Posts

Hi everyone!

I just ran an update from Photoshop, and there were 4 updates. I selected all of them, the Adobe Application Manager downloaded all of them, but at around 98% of the progress, Online Armor popped up with a file that "may be a virus or a dangerous program". I saw that it's digitally signed by Adobe, so the file may be legal and perhaps it's a false positive - I allowed it.

Oh, this also happens when I try to start the Flash installer (FlashUtil[...].exe)

So, is this a false positive?

DangerousAdobeFile.jpg

Link to comment
Share on other sites

Hi Hanziness,

There a few threads where people have commented on similar popups for Adobe http://support.emsis...meire-elements/ , here http://support.emsis...gerous-program/ and here http://support.emsis...es-notifierexe/

The Adobe signature is blacklisted as a precaution as malware is known to abuse it. This article http://blogs.mcafee....gned-installers explains how malware can use signed installers to infect a computer. What isn't explained in the article though, is how a malicious dll would get on your system in the same directory as the legitimate signed program in the first place. There is a thread here on Wilders http://www.wildersse...ad.php?t=313426 where people have speculated on possible ways it could happen (social engineering, drive-by download etc).

Basically, if you are downloading Adobe products from the official Adobe website or installing them from a cd you have purchased, you shouldn't worry and just let the installation continue. Same could apply to using the Updater in your example (after you have allowed it, you can locate it in the Program's list and mark it as Trusted to avoid further popups like this)

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...