Hello! Just a quick post on a file named installer_adobe_flash_player_Swedish.exe signed by Sanflex. The following screenshot shows the User Account Control dialog when running the Sanflex file:
By looking at the certificate we can see that Sanflex appears to be located in San Fransisco, United States of America.
The problem here is that if installer_adobe_flash_player_Swedish.exe really was a setup file for the official Adobe Flash Player, it would be digitally signed by Adobe Systems Incorporated and not by some unknown company. This looks very suspicious.
If you are considering to run the Sanflex signed file, I’ll advice you not to. Delete it instead. Just check out detection list by some of the anti-virus program. Big thanks to VirusTotal for the scan result.
F-Secure detects installer_adobe_flash_player_Swedish.exe as Adware:W32/WebInstallBundle, Fortinet reports Riskware/DownloadAdmin, Malwarebytes classifies it as PUP.Optional.DownloadAdmin and McAfee detects it as Artemis.
Did you also find a Sanflex file? What kind of download was it?
Thanks for reading.
Hi Roger,
File Viewer Lite 1.2 by Sharpened Productions also use a Sanflex signed installer file (fileviewerlite12-setup.exe). Should I avoid installing it? By the way, today I received an alert from SEP (Symantec) protection software that fileviewer_d5023377.exe had been removed and quarantined. I believe it was the installer file for my previous version of the program (1.1.1.0). Should I uninstall this version?
Cheers
L-G
Hello L-G,
Here’s the detection results for fileviewerlite12-setup.exe. I would not install it.
http://www.freefixer.com/library/file/fileviewerlite12-setup.exe-152347/
I don’t know about the previous version of the software. You can see what the anti-virus scanners say about the file by uploading it to VirusTotal:
http://www.freefixer.com/b/scan-files-for-viruses-virustotal/