Forum Thread: v 202.235 NOT signed by Adobe??

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:

Relating to this vendor:
Adobe Systems
And, this specific program:
Adobe Flash Player 11.x

This thread has been marked as locked.
DaaBoss v 202.235 NOT signed by Adobe??
Member 8th May, 2012 02:07
Ranking: 0
Posts: 8
User Since: 31st Aug, 2011
System Score: N/A
Location: US
Last edited on 8th May, 2012 02:25

I hit the "Install Solution" button, which generally takes me to an Adobe site and downloads the file. This time, my browser simply downloaded the file, and then I ran it after downloading manually. But, this time, the W7 UAC told me it was "Publisher Unknown", which I didn't take note of at the time. But, when I ran it, nothing visible happened. I ran it again, and watched process explorer while opening it, and then exiting a few seconds later, with no UI showing.

Next, I ran FileAlyzer2 to see if anything was strange. I found only one noticeable item, shown after the hashes below.
Here are the hashes for the file as reported. Can someone verify if this is truly the right file and it is from Adobe??

CRC-32: 99203A17
CRC-16 (Standard): 052C
MD4: 2CD3401D9ADA79B3BC4A406CE67A064A
ed2k: 3498A729A59C73FB4A69FFB0E44A466D
MD5: 449736049E0C845474C07F6A873740D8
SHA-0: 2DA0B8929808A502693CB4BDDAD8BDE19BC0203F
SHA-1: 51E31B70B3E934EC03CFB35FFD4BB5B1CD4086A7

The anomoly is this:
PE checksum does not match content
The checksum calculated for this file (00443CB2) does not match the checksum stored inside the PE header (000365A5).

Next I noticed that it was downloaded from DL.SECUNIA.COM and not Adobe. And, it was HTTP and not HTTPS So, one of my questions is: What happens if someone somehow places a different file on that server with the same file name?

This is the first time I've posted out here for quite some time. I'm not generally paranoid, or, at least I don't usually worry because I've been paranoid at the right times. But this is a bothersome problem for me, and need to know how to have confidence that the install files I'm running are the right ones.

Post here if you need more details. Here is the log file for the install of the Flash file:


Program Name:
Adobe Flash Player 11.x

Security State:

Download Link:

Instances Found:
C:\Windows\SysWOW64\Macromed\Flash\Flash11f.ocx, version: (ActiveX)
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_20 2_228.dll, version: (NPAPI)

Last System Scan (localtime):
3. May 2012, 23:01

Operating System:
Microsoft Windows 7, Microsoft Windows 7


This user no longer exists RE: v 202.235 NOT signed by Adobe??
Member 8th May, 2012 09:46

As you can see, it was a file downloaded from "".

Any package found here is a "Secunia Packaging System" package. This means that we repack the binary (Without altering the contents) to make silent installation simpler.

The contents themselves, however, are unmodified - We only provide a binary wrapper around the vendor installer.

hope this helps.
Was this reply relevant?
ddmarshall RE: v 202.235 NOT signed by Adobe??
Dedicated Contributor 8th May, 2012 11:02
Score: 1250
Posts: 992
User Since: 8th Nov 2008
System Score: N/A
Location: UK
You also seem to be suffering from the previously noted phenomenon of PSI 2.0 failing to update both the Flash Player ActiveX and Netscape Plugin simultaneously. The ActiveX is version 11.1 and the Plugin is 11.2.

I recommend that you go to with Internet Explorer and another browser such as Firefox to verify that you have the latest versions installed. If not, download from here: .

The latest version of the Flash Player Updater will update both versions automatically if you set the Flash Player options to check for updates and install them automatically.

Was this reply relevant?

This thread has been marked as locked.