flashplayerupdateservice.exe
Adobe Flash Player Update Service by Adobe Systems Incorporated (Signed)
Warning 54 antivirus scanners has detected malware in various versions of flashplayerupdateservice.exe.
Overview
There are 63 versions of flashplayerupdateservice.exe in the wild, the latest version being 14,0,0,136. It is started as a Windows Service called 'Adobe Flash Player Update Service' with the name 'AdobeFlashPlayerUpdateSvc' and described as “This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes.”. . In addition, it is run under the context of the SYSTEM account with extensive privileges (the administrator accounts have the same privileges). The process utilizes the Windows Task Scheduler to automatically launch the file as a process when a user logs into Windows. The average file size is about 246.07 KB. The file is a digitally signed and issued to Adobe Systems Incorporated by VeriSign. The programs Adobe Flash Player 11 ActiveX, Adobe Flash Player 11 Plugin and Adobe Flash Player 25 PPAPI have been observed as installing specific variations of flashplayerupdateservice.exe. During the process's lifecycle, the typical CPU resource utilization is less than 0.01%, the average private memory consumption is about 2.2 MB with the maximum memory reaching around 4.18 MB. Addionally, typically read and write I/O disk operations is about 1.86 KB per minute for reads and 55 Bytes per minute for writes.
What is flashplayerupdateservice.exe?
Adobe Flash Player installer and uninstaller process that runs in the background. The Adobe Flash Player is software for viewing multimedia, Rich Internet Applications, and streaming video and audio, on a computer web browser or on supported mobile devices. Flash Player runs SWF files that can be created by the Adobe Flash authoring tool, by Adobe Flex or by a number of other Macromedia and third party tools.
About flashplayerupdateservice.exe (from Adobe Systems Incorporated)
“Adobe Flash Player is the standard for delivering high-impact, rich Web content. Designs, animation, and application user interfaces are deployed immediately across all browsers and platforms, attract”
 Details
|
| File name: | flashplayerupdateservice.exe |
| Publisher: | Adobe Systems Incorporated |
| Product name: | Adobe® Flash® Player Update Service |
| Description: | Adobe® Flash® Player Update Service 11.2 r202 |
| Typical file path: | C:\Windows\System32\macromed\flash\flashplayerupdateservice.exe |
| Certificate |
| Issued to: | Adobe Systems Incorporated |
| Authority (CA): | VeriSign |
| Expiration date: | Thursday, October 1, 2015 |
| Windows Service |
| Service name: | AdobeFlashPlayerUpdateSvc |
| Display name: | Adobe Flash Player Update Service |
| Description: | “This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes.” |
| Type: | Win32OwnProcess |
Programs installed in
(Note, the programs listed below are for all versions of Adobe® Flash® Player Update Service.)
|
Adobe Systems Incorporated |
|
The Adobe Flash Player is freeware software for viewing multimedia, executing Rich Internet Applications, and streaming video and audio, content created on the Adobe Flash platform. Flash Player can r...
|
Adobe Systems Incorporated |
|
The Adobe Flash Player is freeware software for viewing multimedia, executing Rich Internet Applications, and streaming video and audio, content created on the Adobe Flash platform. Adobe Flash Player...
|
Adobe Systems Incorporated |
|
Adobe Flash Player 10 Plugin is software for viewing multimedia, Rich Internet Applications, and streaming video and audio, on a computer web browser. Flash Player runs SWF files that can be created b...
|
Adobe Systems Incorporated |
|
Adobe Flash Player 10 ActiveX is software for viewing multimedia, Rich Internet Applications, and streaming video and audio, on a computer web browser. Flash Player runs SWF files that can be created ...
|
Adobe Systems Incorporated |
|
The Adobe Flash Player is software for viewing multimedia, Rich Internet Applications, and streaming video and audio, on a computer web browser. Flash Player runs SWF files that can be created by the ...
|
Adobe Systems Incorporated |
|
Adobe Flash is a multimedia platform used to add animation, video, and interactivity to web pages. Flash is frequently used for advertisements, games and flash animations for broadcast. The Adobe Fla...
|
Adobe Systems Incorporated |
|
The Adobe Flash Player ActiveX is software for viewing multimedia, Rich Internet Applications, and streaming video and audio, on a computer web browser. Flash Player runs SWF files that can be created...
|
Adobe Systems Incorporated |
|
Adobe Flash Player 9 ActiveX is software for viewing multimedia, Rich Internet Applications, and streaming video and audio, on a computer web browser. Flash Player runs SWF files that can be created b...
|
Adobe Systems Incorporated |
|
Adobe Flash Player 11 ActiveX is software for viewing multimedia, Rich Internet Applications, and streaming video and audio, on a computer web browser. Flash Player runs SWF files that can be created ...
|
Adobe Systems Incorporated |
|
Adobe Flash Player 11 ActiveX is software for viewing multimedia, Rich Internet Applications, and streaming video and audio, on a computer web browser. Flash Player runs SWF files that can be created ...
|
Adobe Systems Incorporated |
|
Adobe Flash Player 10 ActiveX is software for viewing multimedia, Rich Internet Applications, and streaming video and audio, on a computer web browser. Flash Player runs SWF files that can be created ...
|
Adobe Systems Incorporated |
|
Adobe Flash Player 11 ActiveX is software for viewing multimedia, Rich Internet Applications, and streaming video and audio, on a computer web browser. Flash Player runs SWF files that can be created ...
|
Adobe Systems Incorporated |
|
Cross-platform plugin plays animations, videos and sound files in .SWF format. Flash is frequently used to add streamed video or audio players, advertisement and interactive multimedia content to web ...
|
Adobe Systems Incorporated |
|
“The Adobe® Flash® Player runtime lets you effortlessly reach over 1.3 billion people across browsers and OS versions with no install — 11 times more people than the best-selling hardware game console.”
|
Adobe Systems Incorporated |
|
Adobe Shockwave (formerly Macromedia Shockwave) is a multimedia platform used to add animation and interactivity to web pages. It allows Adobe Director applications to be published on the Internet and...
|
Adobe Systems Incorporated |
|
“Adobe® Flash® Player 12 drives innovation for rich, engaging digital experiences with new features for cross-platform browser-based viewing of expressive rich internet applications, content, and video...”
|
Adobe Systems Incorporated |
|
“Cross-platform plugin plays animations, videos and sound files in .SWF format. Adobe® Flash® Player is a lightweight browser plug-in and rich Internet application runtime that delivers consistent and ...”
|
Adobe Systems Incorporated |
|
Cross-platform plugin plays animations, videos and sound files in .SWF format.
|
Adobe Systems Incorporated |
|
“Adobe® Flash® Player 13 drives innovation for rich, engaging digital experiences with new features for cross-platform browser-based viewing of expressive rich internet applications, content, and video...”
|
Adobe Systems Incorporated |
|
“Adobe® Flash® Player 12 drives innovation for rich, engaging digital experiences with new features for cross-platform browser-based viewing of expressive rich internet applications, content, and video...”
Behaviors
(Note, the behaviors below are for all versions of flashplayerupdateservice.exe, select a unique version for details.)
Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
- 'AdobeFlashPlayerUpdateSvc' (Adobe Flash Player Update Service)
- AdobeFlashPlayerUpdateSvc
Scheduled tasks
- The job 'AdobeFlashPlayerUpdate 2' runs on boot in the path '\AdobeFlashPlayerUpdate 2'
- The task 'AdobeFlashPlayerUpdate' in the path '\AdobeFlashPlayerUpdate'
- The job 'Adobe Flash Player Updater' runs daily in the path '\Adobe Flash Player Updater'
- Entry path 'C:\WIN12515\Tasks\Adobe Flash Player Updater.job'
- Entry path 'C:\WINDOWS.0\Tasks\Adobe Flash Player Updater.job'
- Entry path 'K:\WINXPSP2\Tasks\Adobe Flash Player Updater.job'
- Entry path 'C:\WINDOWS1.1\Tasks\Adobe Flash Player Updater.job'
- Entry path 'C:\WINXP\Tasks\Adobe Flash Player Updater.job'
- Entry path 'D:\WINDOWS\Tasks\Adobe Flash Player Updater.job'
- Entry path 'E:\WINDOWS\Tasks\Adobe Flash Player Updater.job'
- Entry path 'C:\WINDOWS\Tasks\Adobe Flash Player Updater.job'
- Entry path '\Adobe Flash Player Updater'
Scheduled tasks startups
Set to load on user login (bypasses Windows UAC if enabled)
- Login entry path '\AdobeFlashPlayerUpdate 2'
- Login entry path 'C:\WINDOWS\Tasks\Adobe Flash Player Updater.job'
Malware detections
Based on 40+ industry antivirus scanners, 54 of them detected the following malware.
| Antivirus engine | Engine version | Detection | File version |
| Agnitum |
5.5.1.3 |
Trojan.DL.MultiDL!X2R8ab5Q6EU |
11,6,602,180 |
| AhnLab V3 Internet Security |
2013.09.30 |
ASD.Prevention |
11,6,602,180 |
| Avira AntiVir |
7.11.105.38 |
TR/Downloader.Gen |
11,6,602,180 |
| Antiy Labs AVL |
2.0.3.7 |
Trojan/Win32.Jorik |
11,5,502,135 |
| Antiy Labs AVL |
2.0.3.7 |
Trojan/Win32.MultiDL |
11,6,602,180 |
| Antiy Labs AVL |
2.0.3.7 |
Trojan/Win32.MultiDL |
11,6,602,180 |
| avast! |
8.0.1489.320 |
Win32:Agent-ARRQ [Trj] |
11,6,602,180 |
| avast! |
8.0.1489.320 |
Win32:Agent-ARRQ [Trj] |
11,6,602,180 |
| AVG |
13.0.0.3169 |
Generic34.COAU |
11,6,602,180 |
| Baidu Antivirus |
3.5.1.41473 |
Trojan-Downloader.Win32.MultiDL.d |
11,6,602,180 |
| BitDefender |
7.2 |
Trojan.Downloader.JQAC |
11,6,602,180 |
| BitDefender |
7.2 |
Gen:Variant.Graftor.107454 |
11,6,602,180 |
| CAT Quick Heal |
9.13.12.00 |
Trojan.Agent.gen |
11,6,602,180 |
| Commtouch |
5.4.1.7 |
W32/Trojan.JVTT-7664 |
11,6,602,180 |
| Commtouch |
5.4.1.7 |
W32/Trojan.VIPM-1273 |
11,6,602,180 |
| Dr.Web |
8.13.9.30 |
Trojan.DownLoad3.26006 |
11,6,602,180 |
| Emsisoft Anti-Malware |
3.0.0.589 |
Trojan.Downloader.JQAC (B) |
11,6,602,180 |
| Emsisoft Anti-Malware |
3.0.0.589 |
Gen:Variant.Graftor.107454 (B) |
11,6,602,180 |
| ESET NOD32 |
7.8856 |
Win32/Downloader.Agent.L |
11,6,602,180 |
| ESET NOD32 |
7.8785 |
a variant of Win32/Downloader.Agent.L |
11,6,602,180 |
| Fortinet |
5.1.147.0 |
W32/MultiDL.C!tr.dldr |
11,6,602,180 |
| Fortinet |
5.1.147.0 |
W32/MultiDL.D!tr.dldr |
11,6,602,180 |
| F-Prot |
v6.4.7.1.166 |
W32/Trojan3.GBS |
11,6,602,180 |
| F-Secure |
11.0.19100.45 |
Trojan-Downloader:W32/Mevade.A |
11,6,602,180 |
| F-Secure |
11.0.19100.45 |
Gen:Variant.Graftor.107454 |
11,6,602,180 |
| G Data |
13.9.22 |
Trojan.Downloader.JQAC |
11,6,602,180 |
| G Data |
13.10.22 |
Gen:Variant.Graftor.107454 |
11,6,602,180 |
| Ikarus |
T3.1.5.4.0 |
Trojan-Downloader.Win32.MultiDL |
11,6,602,180 |
| K7 AntiVirus |
9.172.9720 |
Trojan-Downloader |
11,6,602,180 |
| K7GW |
12.7.0.14 |
Trojan-Downloader |
11,6,602,180 |
| Kaspersky |
9.0.0.837 |
Trojan-Downloader.Win32.MultiDL.c |
11,6,602,180 |
| Kaspersky |
9.0.0.837 |
Trojan-Downloader.Win32.MultiDL.d |
11,6,602,180 |
| Malwarebytes |
1.75.0.1 |
Trojan.Sefnit |
11,6,602,180 |
| McAfee |
5.600.1067 |
Generic Downloader.z |
11,6,602,180 |
| McAfee Gateway Anti-Malware |
v2013-dat |
Generic Downloader.z |
11,6,602,180 |
| Microsoft Security Essentials |
1.9901.0 |
Trojan:Win32/Sefnit.AS |
11,6,602,180 |
| Microsoft Security Essentials |
1.9800.0 |
Trojan:Win32/Mevade.E |
11,6,602,180 |
| eScan by MicroWorld |
12.0.250.0 |
Trojan.Downloader.JQAC |
11,6,602,180 |
| eScan by MicroWorld |
12.0.250.0 |
Gen:Variant.Graftor.107454 |
11,6,602,180 |
| Norman |
7.01.04 |
Suspicious_Gen5.ADSFO |
11,6,602,180 |
| nProtect |
2013-09-27.03 |
Trojan-Downloader/W32.Agent.163328.AE |
11,6,602,180 |
| nProtect |
2013-09-11.01 |
Trojan-Downloader/W32.MultiDL.163328 |
11,6,602,180 |
| PC Tools |
9.0.0.2 |
Trojan.Gen |
11,6,602,180 |
| Sophos |
4.93.0 |
Troj/DwnLdr-LAZ |
11,6,602,180 |
| Sophos |
4.91.0 |
Troj/Agent-ADIX |
11,6,602,180 |
| Symantec |
20131.1.5.61 |
Downloader |
11,6,602,180 |
| Trend Micro |
9.740.0.1012 |
TROJ_DLOADE.FBV |
11,6,602,180 |
| Trend Micro |
9.740.0.1012 |
TROJ_DLOADE.FBV |
11,6,602,180 |
| Trend Micro HouseCall |
9.700.0.1001 |
TROJ_DLOADE.FBV |
11,6,602,180 |
| Trend Micro HouseCall |
9.700.0.1001 |
TROJ_DLOADE.FBV |
11,6,602,180 |
| Vba32 AntiVirus |
3.12.24.3 |
TrojanDownloader.MultiDL |
11,6,602,180 |
| Vba32 AntiVirus |
3.12.24.0 |
TrojanDownloader.MultiDL |
11,6,602,180 |
| VIPRE Antivirus |
21938 |
Trojan.Win32.Generic!BT |
11,6,602,180 |
| VIPRE Antivirus |
21364 |
Trojan.Win32.Generic!BT |
11,6,602,180 |
All file variations of flashplayerupdateservice.exe
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Home Premium |
38.75% |
|
| Windows 7 Ultimate |
15.75% |
|
| Windows 8.1 |
10.75% |
|
| Microsoft Windows XP |
8.25% |
|
| Windows 7 Professional |
5.00% |
|
| Windows 8.1 Pro |
3.25% |
|
| Windows 8.1 Pro with Media Center |
2.50% |
|
| Windows 8 |
2.50% |
|
| Windows 7 Home Basic |
2.50% |
|
| Windows Vista Home Premium |
2.25% |
|
| Windows 8.1 Single Language |
2.00% |
|
| Windows 8 Single Language |
1.50% |
|
| Windows 8 Pro |
1.50% |
|
| Windows 8 Enterprise N |
1.00% |
|
| Windows Seven Black Edition |
0.50% |
|
| Windows 8.1 Enterprise |
0.50% |
|
| Windows 8 Enterprise |
0.50% |
|
| Windows Vista Home Basic |
0.50% |
|
| Windows 7 Starter |
0.25% |
|
| Windows 8.1 Pro Preview |
0.25% |
|
Distribution by country
United States installs about 45.23% of Adobe® Flash® Player Update Service.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Dell |
20.97% |
|
| ASUS |
17.48% |
|
| Hewlett-Packard |
16.70% |
|
| Acer |
10.49% |
|
| Toshiba |
8.93% |
|
| Lenovo |
8.54% |
|
| Sony |
5.44% |
|
| GIGABYTE |
2.72% |
|
| Intel |
2.33% |
|
| Samsung |
1.75% |
|
| Medion |
1.55% |
|
| Alienware |
1.17% |
|
| Sahara |
0.78% |
|
| Compaq |
0.78% |
|
| American Megatrends |
0.39% |
|
