I noticed a bunch of computers reporting install_flash_player.exe as a Trojan Horse this morning. My first stop was the Symantec Forum where a bunch of users were already discussing this.
Since it appeared to be a false positive in an older install file for Adobe Flash, I set out to see which version of Flash was getting hit. Adobe has a archive of Flash players. I downloaded a zip with every version of Flash 10 and unzipped it to my hard drive. I got a detection on flashplayer10r22_87_win.exe. Once that was quarantined the easiest thing to do was go into my local quarantine, right-click and submit to Symantec.
A Symantec support employee points out the KB for false positives and the virus submission website https://submit.symantec.com/websubmit/gold.cgi. To use that I would have had to disable real-time protection, and unquarantine the file. So it was easier to submit from within Symantec. I’m running 1/27 r49 definitions.