With all this talk about the Flashback Trojan, thought I might ask a few things... My browser: Firefox (with the NoScript extension) OSX: Snow Leopard.
- Up until now, IF there was an Adobe Flash Player update, I would simply visit youtube.com and receive a pop-up which would look like the REAL version (If I recall correctly), as explained here: Flashback Virus? How do you know? and here: Is this a flashback trojan?
In Firefox I would then open my "Add-ons Manager" tab > go to "Plug-Ins" and compare the "Shockwave Flash" version with the one shown in Adobe - Install Adobe Flash Player IF there was an update indeed (newer version available), I would proceed with the pop-up I got from youtube.com: installing, providing my admin password and so on. In recent times I have gotten the pop-up WITHOUT visiting youtube, but again, the update pop-up looks legit, so most likely they simply added an automatic check upon loading my browser. Like I mentioned I have the NoScript extension, so I would have to enable all scripts first before anything malicious can run, I think.
- UPDATE: Now in fact I just got the pop-up again (suggesting to update from version: 11.2.202.228 to version 11.2.202.233) and know it's best to get the update directly from Official Adobe Flash Player page . So how do I go about this now?: IF I get the pop-up, do I just click on "REMIND ME LATER" or close it, go to the official Adobe Flash Player page, download their OFFICIAL installer, and then just run it? or do I have to uninstall my flash player each time there's an update before running the OFFICIAL installer? Is there any danger on clicking "REMIND ME LATER" or closing it if the pop-up isn't legit?
- Under "System Preferences" > Other > Flash Player, do I have to change any settings?
-I have already made sure I have the latest "Software Update". So in a sense, IF I had Flashback, that would automatically protect AND "cure" my system?
-I checked my downloads folder: Only flash related installer I have is: "install_flash_player_osx_intel.dmg (which I obviously don't want to open), but I assume this is a legit installer from the time my Mac was new and the trojan wasn't around yet.
So:
- Is it safe to assume I do NOT have the trojan?
- How can I tell if I have it?
- The ONLY way to get it is by visiting a malicious website?
- Is this the trojan that spreads through a Chinese PDF?
I already tested for the other Flashback trojan variation (the one that spreads through a JAVA exploit), with those terminal commands, and it seems I'm clean.
Thanks for all your help!
- Up until now, IF there was an Adobe Flash Player update, I would simply visit youtube.com and receive a pop-up which would look like the REAL version (If I recall correctly), as explained here: Flashback Virus? How do you know? and here: Is this a flashback trojan?
In Firefox I would then open my "Add-ons Manager" tab > go to "Plug-Ins" and compare the "Shockwave Flash" version with the one shown in Adobe - Install Adobe Flash Player IF there was an update indeed (newer version available), I would proceed with the pop-up I got from youtube.com: installing, providing my admin password and so on. In recent times I have gotten the pop-up WITHOUT visiting youtube, but again, the update pop-up looks legit, so most likely they simply added an automatic check upon loading my browser. Like I mentioned I have the NoScript extension, so I would have to enable all scripts first before anything malicious can run, I think.
- UPDATE: Now in fact I just got the pop-up again (suggesting to update from version: 11.2.202.228 to version 11.2.202.233) and know it's best to get the update directly from Official Adobe Flash Player page . So how do I go about this now?: IF I get the pop-up, do I just click on "REMIND ME LATER" or close it, go to the official Adobe Flash Player page, download their OFFICIAL installer, and then just run it? or do I have to uninstall my flash player each time there's an update before running the OFFICIAL installer? Is there any danger on clicking "REMIND ME LATER" or closing it if the pop-up isn't legit?
- Under "System Preferences" > Other > Flash Player, do I have to change any settings?
-I have already made sure I have the latest "Software Update". So in a sense, IF I had Flashback, that would automatically protect AND "cure" my system?
-I checked my downloads folder: Only flash related installer I have is: "install_flash_player_osx_intel.dmg (which I obviously don't want to open), but I assume this is a legit installer from the time my Mac was new and the trojan wasn't around yet.
So:
- Is it safe to assume I do NOT have the trojan?
- How can I tell if I have it?
- The ONLY way to get it is by visiting a malicious website?
- Is this the trojan that spreads through a Chinese PDF?
I already tested for the other Flashback trojan variation (the one that spreads through a JAVA exploit), with those terminal commands, and it seems I'm clean.
Thanks for all your help!