Tech Problem Aggregator

some sort of flash player exploit found by avg when visiting imgur.

Q: some sort of flash player exploit found by avg when visiting imgur.

i clicked an imgur link this evening and avg popped open with an alert that it had detected and deleted some sort of exploit, in a panic i didnt get the full name of it. simple as that really, thought it would be best to check with you guys to make sure it isnt hiding, or anything else is cheekily hiding too.
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17041  BrowserJavaVersion: 10.45.2
Run by mykie at 3:03:52 on 2014-06-06
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.3020.716 [GMT 1:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
C:\Users\mykie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mykie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mykie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mykie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mykie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - 
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - 
uRun: [Google Update] "C:\Users\mykie\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [AVG-Secure-Search-Update_0913b] C:\Users\mykie\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid 66276cdfd38847d191a21d1be94566cd-8432e76a3661af319bf62f11500f574ac1cfa34b --CMPID 0913b
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Magic Desktop for HP notification] "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{345DE2E7-2C6D-48C5-9862-DEEDB9141FC2} : DHCPNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - 
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - 
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - 
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-10-23 45880]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-25 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2014-4-15 240952]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-8-30 46368]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-11-20 283136]
R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-6 291896]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-2-15 34872]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-5-26 13592]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-5-26 2372096]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-27 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-17 701512]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-5-26 2656280]
R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2011-5-26 344616]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-5-26 39464]
R3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-9-13 1098296]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-4-12 317440]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-10-20 25928]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-2-8 565352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560]
S3 Desura Install Service;Desura Install Service;C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2013-6-2 131912]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-8 111616]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-5-26 335464]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-7-15 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2014-05-16 00:17:03 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-16 00:17:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-16 00:09:59 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-05-16 00:09:59 39936 ----a-w- C:\Windows\System32\wincredprovider.dll
2014-05-16 00:09:59 35328 ----a-w- C:\Windows\SysWow64\wincredprovider.dll
2014-05-16 00:09:59 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-05-16 00:09:59 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-05-16 00:09:59 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-05-16 00:09:59 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-05-16 00:09:59 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-05-16 00:09:59 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-05-16 00:09:59 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-05-12 01:08:45 -------- d-----w- C:\Users\mykie\AppData\Local\{E4570145-2AD3-46AD-8C50-2918778BD45B}
.
==================== Find3M  ====================
.
2014-05-17 20:32:41 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-17 20:32:41 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-09 06:14:03 477184 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-09 06:11:23 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-04-15 12:35:26 240952 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
.
============= FINISH:  3:04:38.44 ===============
 
 
 

A: some sort of flash player exploit found by avg when visiting imgur.

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/536803 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.Please do this even if you have previously posted logs for us.If you were unable to produce the logs originally please try once more.If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available. Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.
Thank you for your patience, and again sorry for the delay.
***************************************************
We need to see some information about what is happening in your machine. Please perform the following scan again: Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.DDS.com Download LinkDouble click on the DDS icon, allow it to run. A small box will open, with an explanation about the tool. No input is needed, the scan is running. Notepad will open with the results. Follow the instructions that pop up for posting the results. Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control can be found HERE.As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

15 more replies
Answer Match 72.24%

New Exploit Masquerades As Flash Player Upgrade.

Phishing campaign has hit more than 3.5 million mailboxes, researchers say

-- Tom
 

More replies
Answer Match 72.24%

Currently, it is known that Angler Exploit Kit is exploiting this Flash Player vulnerability. As we have mentioned previously, it is becoming a growing trend for exploit kits to drop Java, Internet Explorer, and PDF exploits in favor of the more successful Flash and Silverlight exploits. Utilizing vulnerabilities in these popular applications provides attackers with a large surface area of vulnerable clients.Click to expand...

see this for details:
http://community.websense.com/blogs...-being-distributed-by-angler-exploit-kit.aspx
 

More replies
Answer Match 71.4%

Hello, since the past 10 day I keep getting the Exploit Fake Flash Player (type 1747). This happens whenever i try using Facebook, Google, Youtube or Gmail. When i try accessing these sites any page of the site won't load immediately after which my AVG anti-virus will pop-up with the Exploit Fake Flash Player (type 1747) notification. Mostly it occurs just for one of the 4 sites although at times multiple sites won't work. As per my knowledge it happens only with these 4 sites.
 
Details of my Laptop:
Manufacturer: Dell
Model: N5110
Processor Intel® Core™ i5-2450M CPU @ 2.50GHz
Installed memory (RAM): 4.00 GB
System type: 64-bit Operating System
Operating Systems: Dual-boot
Windows 7 Home Basic Service Pack 1 (Pre-installed at time of purchase)
Ubuntu (Don't remember which version as i use it 2-3 times a year)
Windows Firewall enabled
AVG AntiVirus Free Edition 2014
 
 
I have tried solving the problem on my own couple of times. When I first came across the problem i figure it must be a malware so i ran a MalwareBytes Anti Malware scan on my laptop. Here are the results of the scan. I have quarantined everything that was detected.
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 25-08-2014
Scan Time: 08:27:03
Logfile: mbam 25-8-2014.txt
Administrator: No
 
Version: 2.00.2.1012
Malware Database: v2014.08.24.07
Rootkit Database: v2014.08.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: D... Read more

A:Exploit Fake Flash Player (type 1747)

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/546368 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

9 more replies
Answer Match 71.4%

My AVG keeps identifying and "securing" this Exploit Fake Flash Player.  I read an earlier log about it and I think the router is probably infected but I want to take the proper steps to correct things.
 
I have two problems with that right now.  I've been trying to download dds from bleepingcomputer.com and I wait and wait but my computer has not even loaded the page.  (The problem is on my desktop PC.  I'm typing this on my MacBook).  Is there another, better, faster way to get what I need? 
 
Also, I expect I will need the correct settings for my router to complete this process but I don't know what those settings are (or what they look like when I see them) or where to get them.
 
I thank you for your help.
 
**UPDATE** I went ahead and reset the router (Belkin F9K1103v1) to its default state using the little button in back.  Things seem to be working much better but I'd still like to make sure everything gets cleaned up properly if someone can help me with that.

A:Exploit Fake Flash Player (type 1747)

**ANOTHER UPDATE**  The Exploit Fake Flash Player has returned so I guess I fixed nothing.  I did manage to run the DDS report:
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17280
Run by Steidtman at 16:09:05 on 2014-10-07
Microsoft Windows 7 Enterprise   6.1.7601.1.1252.1.1033.18.8191.3132 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\B... Read more

28 more replies
Answer Match 71.4%

Details here; http://isc.sans.org/ No patch yet, Firefox users should use NoScript (you mean you don't already?). It has been confirmed that the version of this exploit aimed at IE does work.

Adobe advisory here; http://www.adobe.com/support/security/advisories/apsa09-03.html
 

A:New Zero day exploit affects Adobe Reader and Flash player!!

The latest Windows Secrets newsletter suggests that NoScript may not in fact provide complete protection against the Flash exploit aimed at Firefox, but it's obviously better than nothing.

Meanwhile, US Cert has posted a workaround for the Adobe Reader problem; http://www.kb.cert.org/vuls/id/259425 as well as advising users to disable Flash in browsers.
 

1 more replies
Answer Match 71.4%

Hello.
I have 64-bit win7 ultimate OS.
I'm getting "Exploit Fake Flash Player [Type 1747]" pop-up every time I go to youtube website.
Symptoms started from last 5-6 days.
It blocked all the Google services.
My AVG Anti-virus pops up every time I use ay Google services.
So, I formatted my C drive and re-install the win7.
Now I'm getting AVG pop-up only when I try to use youtube website.
It's showing the error: Exploit Fake Flash Player [Type 1747]
Still I'm getting this pop-up or whatever it is called
 

 avg.png   14.61KB
  0 downloads
AdwCleaner scan log is:-
# AdwCleaner v4.207 - Logfile created 02/07/2015 at 12:21:44
# Updated 21/06/2015 by Xplode
# Database : 2015-07-02.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : KinG - KING-PC
# Running from : C:\Users\KinG\Downloads\adwcleaner_4.207.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
... Read more

A:Exploit Fake Flash Player [Type 1747]

Someone help!!

10 more replies
Answer Match 71.4%

Hi,
I am not sure how it started, but since yesterday my AVG antivirus keeps popping up saying it has blocked an "Exploit Fake Flash Player (type 1747)" threat.  I have scanned the computer with AVG and it said it has healed 7 files.  However, the malware still exist and the "Exploit Fake Flash Player" message keeps popping up.  My computer has slowed down due to this and my google chrome cannot access Gmail and Yahoo.
 
I have tried using Lenovo's Rescue and Recovery to restore the computer back to a month ago, but unfortunately the attempt doesn't kill the malware.  Would you please advise how I can remove it? 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17207  BrowserJavaVersion: 10.55.2
Run by GALLANT at 22:03:52 on 2014-08-01
Microsoft Windows 7 Professional   6.1.7601.1.1252.61.1033.18.7757.5471 [GMT 8:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetw... Read more

A:Exploit Fake Flash Player (type 1747)

Hi there,my name is Marius and I will assist you with your malware related problems.Before we move on, please read the following points carefully. First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding. Perform everything in the correct order. Sometimes one step requires the previous one. If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem. Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me. Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts. If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed. Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean. My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.  Which router model do you use? Tell me the vendor and the exact model number.Also, do the following:  Scan with Gmer rootkit scannerPlease download Gmer from here by clicking on the "Download EXE" Button.Double click on the randomly named GMER.exe. If asked to allow gmer.sys ... Read more

15 more replies
Answer Match 70.56%

I was watching a video online using flash player, running in firefox with noscript and adblockplus running as extensions. I had disabled adblockplus on the webapge because the video refused to function if I did not, I had allowed most of the scripts on the page (including one from google) within noscript.
I started playing the video (it was on a large legitimate site http://yesterday.uktv.co.uk/shows/ but I'm concerned about malvertising here so that fact doesn't make much difference) and moments later a window (I'm pretty sure it was a window not a pop-up designed to look like one because it appeared in my taksbar too)appeared saying something about a runtime error in windows C++ (I'm afraid I cannot remember the exact message), and another window also appeared with a mesage saying flash had crashed and whether I wanted to stop it or try and continue. I stopped it, disconnected from the internet and closed the browser. I went back to the same site a little later after reconnecting and this time the video played.
I would like help in working out if this was an exploit performed against me, if it has put a viurs onto my machine.
What can I check to know if that has happened?
I've noticed flash player was acting a little differently to normal after I went back to watch the video (if I paused the video in fullscreen mode then seconds later it came out of fullscreen mode until I resumed playing the video).
This is what I have done so far to try and work out if an exploit... Read more

A:I need to work out if a crash in Flash Player was caused by an exploit attack

From Mozilla / Firefox Help pages, this check list is a place to start .........Not sure of any other ideas at this time ...
Testing Flash
Updating Flash
Uninstalling Flash
Troubleshooting
Flash plugin not working
The Adobe Flash plugin has crashed
Unresponsive plugin warning
Playing Flash videos makes Firefox hang
Cannot view full screen Flash videos
Flash does not work properly and/or will not update
Flash doesn't load video
Flash works in Internet Explorer or Chrome but not in Firefox

10 more replies
Answer Match 69.72%

Ive installed, clean installed and nothing. it still tells me i dont have Flash player active X installed.

And now I cant view SWF files with irfanview.

A:Flash player Active X not found, irfanview SWF player dont work right

Open Internet Explorer and visit this link: Adobe - Install Adobe Flash Player uncheck any box that offers you anything you're not looking for before downloading Flash.

13 more replies
Answer Match 62.16%

So i did a scan with AdwCleaner and in the "Scheduled task" i had Adobe flash player updater and i have no idea what it is and im afraid it might be something harmful
adwcleaner didnt find anything else besides what i mentioned in the scheduled task tab

A:Adwcleaner found adobe flash player updater in scheduled task

Hello FrankerZi and welcome to Bleeping Computer.
My name is Satchfan and I would be glad to help you with your computer problem.
We’ll have a better look at you system and discover the problem but first:Please read the following guidelines which will help to make cleaning your machine easier:
please follow all instructions in the order posted
please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
if you don't understand something, please don't hesitate to ask for clarification before proceeding
the fixes are specific to your problem and should only be used for this issue on this machine.
please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!
IMPORTANT:
Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested
===================================================Run Farbar Recovery Scan Tool
Please download Farbar Recovery Scan Tool and save it to your Desktop.Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right versi... Read more

4 more replies
Answer Match 60.48%

My father in law has quite a mess on his pc. I know there are several viruses and he has installed a program called TrustedAntiVirus. I can't access the Control Panel, no icon anywhere. Can't even reset the clock, I get an error stating "This operation has been cancelled due to restrictions on this computer. Please contact your system administrator".

He has Norton 360 installed but it wouldn't run until I turned off some startup items in msconfig. I'm including a HijackThis log and Kapersky log. Thanks in advance for any help.



Here is the HijackThis log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:39:28 PM, on 12/24/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\Creati... Read more

A:Visiting inlaws. Found major issues on their computer

Hi, welcome to TSF.

Can you post a fresh HijackThis log? The log you posted is 6 days old.

3 more replies
Answer Match 60.48%

My infected computer is in real bad shape. All of a sudden my "security" system detects theres a virus and a whole different anti virus application pops up saying i should download it, trying to push me to pay. It infected everything, i mean EVERYTHING. I can't run a single application without it interrupting and telling me to buy buy buy. I managed to track it and i tried to delete but it needs the administration's permission which is me (I have vista) and i continue and it still can't delete it. I know its the Rogue Scanner. I can't delete anything or get on the internet or anything. I hope you guys can help Im on the other computer in the house posting this because its that bad.

I have AVG, thought it could protect but I guess not. I read that the Exploit Rogue Scanner makes additional virus to be a diversion for it to work behind the security systen and then acts like the new security system.

If you need anymore information I'll try to answer them.

Please help.

A:Exploit Rogue Scanner of some sort

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

1 more replies
Answer Match 60.48%

My infected computer is in real bad shape. All of a sudden my "security" system detects theres a virus and a whole different anti virus application pops up saying i should download it, trying to push me to pay. It infected everything, i mean EVERYTHING. I can't run a single application without it interrupting and telling me to buy buy buy. I managed to track it and i tried to delete but it needs the administration's permission which is me (I have vista) and i continue and it still can't delete it. I know its the Rogue Scanner. I can't delete anything or get on the internet or anything. I hope you guys can help Im on the other computer in the house posting this because its that bad.

I have AVG, thought it could protect but I guess not. I read that the Exploit Rogue Scanner makes additional virus to be a diversion for it to work behind the security systen and then acts like the new security system.

If you need anymore information I'll try to answer them.

Please help.
 

More replies
Answer Match 57.96%

There is this fake flash player thing on my toolbar (a white "f" inside a red box) and when I click on it, no flash player update window pops up. It's just plain weird. I am having trouble with Internet Explorer lately probably because of this. Every time I close the IE window, I always get that "Windows IE stopped from working" thing.

A few days ago, I had a blue screen. I restarted my laptop and it's working fine lately but that fake player virus/trojan keeps on appearing on my toolbar and I am scared. Kaspersky 2003 didn't work. I ran it (normal and safe mode) but it didn't remove it. Here is the DDS log:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_35
Run by Rev at 12:41:43 on 2012-09-16
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.2038.585 [GMT 8:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Tencent\QQPCMgr\6.8.2387.401\QQPCRTP.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkServic... Read more

A:FAKE flash player appearing on my toolbar. Flash player virus? Help!

Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Do you use conduit engine?

Was kingsoft antivirus a previous install?

------------------------------------------------------

Please download aswMBR.exe to your desktop. Double-click aswMBR.exe to run it.
When prompted to download the latest Avast! virus definitions, please choose Yes
Click the Scan button to start scan.
Wait until it says, 'Scan finished successfully'. ( Note - do not select any Fix at this time)
Click Save log, and save it to your desktop.
Click Exit.
Please post the contents of that log, aswMBR.txt, in your next reply.
There shall also be a file on your desktop named MBR.dat. Right-click that file and select Send To > Compressed (zipped) folder. Please attach that zipped file in your next reply.

------------------------------------------------------

When you run this tool, remember to choose 'Skip' not 'Cure' if it finds something. We just want a scan, not a fix.

Download tdsskiller.exe and Save it to your Desktop.

Double-click tdsskiller.exe and click... Read more

2 more replies
Answer Match 57.96%

This pop-up is driving me crazy! It pops up on the video screen I want to watch in Fox News website -- I haven't noticed it popping up on other sites as yet. It will list the site asking for permission to store information on my computer. The link I have attached below gives instructions on how to remove this pop-up. Is this flash player thing safe or is it some kind of virus or malware? The attached link refers to it as spyware. If I were to remove the Flash player program, will it affect playing games or whatever on my laptop. I need help, please.

Dynamic Spyware - Windows Techies

Thank you.

A:Adobe Flash Player - Local Storage-Flash Player Settings

The link above is just another ad-site trying to get you into buying spyhunter. I would not do what they recommend. Can you provide the link where you get the pop up so I can try it. In addition, what browser are you using ?

7 more replies
Answer Match 57.12%

We have IE 6. Say a user goes to MSN.com. The ad on the right is a Flash object. Some of our users will see that object flickering when scrolling up or down on the page or when hovering their mouse over it. It's quite annoying. Almost all users are running Adobe Flash Player 9, but I think I've seen this happen on systems with Macromedia Flash Player 8 as well. Other systems don't have the problem. I've seen this happen on one system and not another while both seemed to have the same Flash objects installed.

Uninstalling all Flash players using Adobe's prescribed Flash Player uninstall tool seems to work at first, but users later complain again. Note that they just about always end up installing Flash Player 9 again, because sites ask for it. I don't believe I've seen this on any XP systems at all, including my own, but most of our users have Win2K.

Does anybody know why this happens or how to permanently fix it?

Thanks,
Hotshot309

A:Ie 6 - Flash Objects Flickering - Using Adobe Flash Player 9 Activex R28 (shockwave Flash Object V. 9.0.28.0)

More info: Adobe Flash Player 9, Macromedia Flash Player 8, and Macromedia Flash Player 10 all produce the same result--Flash objects that flicker when you put your mouse over any part of them. Moving Flash objects will flicker constantly while moving and stop flickering when the animation is done. SWF files (at least the one at www.stormwerks.com/linked/stuf/AYB2.swf) work without a problem when using Adobe Flash Player 9.

If I don't have Adobe Flash Player 9 installed, the Win2K machines prompt me to install them for almost any site that uses Flash (I guess most recent Flash objects cannot be viewed with the older Macromedia Flash Players).

Any suggestions?

11 more replies
Answer Match 56.7%

I get a message when viewing certain web pages that I need to install Adobe Flash Player. I install it, restart the browser and/or restart the computer and get the same message again to install Flash Player. The result is the same with IE7, FireFox and Chrome.

I've installed Adobe Flash Player several times. Finally, I found a site from which I could download the installer and run it from my desktop. That didn't help either.

I have disabled antivirus and all internet security programs. I also recently formatted the only partition on the only hard disk, restored the computer to its original factory configuration due to malware infestation. I am certain there is no malware involved. I also enabled scripting in IE7.
 

A:Installed Flash Player and still getting messages to install Flash Player

Check your current version of Flash, assuming there is one, by going to this page;http://kb.adobe.com/selfservice/viewContent.do?externalId=tn_15507&sliceId=2 Unless your 'restoration' has left you with a really old version, you may have to run the Adobe uninstaller first (unless you have already!);http://kb.adobe.com/selfservice/viewContent.do?externalId=tn_14157&sliceId=1

This will remove the Flash plugin from every browser you have installed, so you will have to reinstall the Active X version for IE and the non Active X one for the others. These links work for me if I use the relevant browser to d/l them, but if I click on the IE link using Opera, I get the version for Opera;

IE : http://www.adobe.com/shockwave/download/static/styx/English.html (read the installation instructions carefully)

Firefox, Opera etc.:http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash
 

2 more replies
Answer Match 56.7%

Hello to all of www.TechGuy.org members!
Please, help me on with solving my problems with Adobe Flash Player 9.0.124.0.
First of all - I have an old computer with Microsoft Windows XP Professional (32-bit) with SP2 (the reason, why I don't want to install a SP3, is that my computer is old and it will take half a day); I'm also using Kaspersky Internet Security 2009.
The problems - when I'm finishing installation of FP9, it always ends up with errors of internet explorer (like "send an error to Microsoft or no"); I also can't view Flash content on different sites (what ends up with a same errors)... but, I DO can view YouTube content (videos).
Maybe it's all because of my Anti-Malware protection software, but I'm not sure, if I can configure it correctly. Please, help me on with this one and I will be very thankful for that!
Thank you, guys!
P.S. Just imagine a web browsing without all that flash content (plus - errors with IE7 shut downs)...
 

A:Flash Player 9.0.124.0 problems! Cant view Flash Player content!

If you uninstalled a version of the Adobe flash plugin with Add/Remove there could be some traces left behind. Adobe provide an uninstaller which you run, reboot and then reinstall the plugin. Have a look here (and note the info for IE users): http://kb.adobe.com/selfservice/viewContent.do?externalId=tn_14157&sliceId=1 (Note that this uninstaller will remove the flash plugin from all browsers installed on the system so, if you have Firefox, Opera or Netscape, you will have to reinstall their version of the plugin as well).

If you don't have it handy, here's the link for the Active X version of the plugin (I think you have to be online while it installs, check the instructions before you start); http://www.adobe.com/shockwave/download/static/styx/English.html
 

1 more replies
Answer Match 54.18%

Reason for concern. I do training on a Ford Motor site and the site indicates that I must have Macromedia flash player and I have Adobe flash player not Macromedia flash player. My understanding is that they are both the same. Is that correct.

A:Macromedia flash player/ Adobe flash player

The site must be way out of date, Adobe acquired Macromedia in 2005.

What is the site's address?

2 more replies
Answer Match 52.92%

As of yesterday 10/6/08, my computer repeatedly tells me via McAfee that I have a virus and that it can not be cleaned. It is detected as New Malware.j and generally I get the alert a few minutes after opening a brower. Also after running spybot, it tells me that I have two malware, one call FlashExploit and the other called Win32.Banload.evb. I then select "fix selected problems" and Spybot tells me all is good and well. Unfortunaley I still the the McAfee alert. Upon running Spybot again the same two malware still apear. Any help you can offer would be wonderful and I appreciate your time in helping with this matter.

Here is the HJT log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:36:16 AM, on 10/7/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\... Read more

More replies
Answer Match 52.08%

So 8 of the top 10 are flash related. Flash needs to die. Even IE version 10 and 11 are also listed. Glad I'm using FF or Chrome.

https://www.recordedfuture.com/top-vulnerabilities-2015/
 

More replies
Answer Match 52.08%

I previously had this thread herehttp://www.bleepingcomputer.com/forums/t/562175/i-need-to-work-out-if-a-crash-in-flash-player-was-caused-by-an-exploit-attack/
On this subject but was advised to start one here instead. This comes after I experienced flash player crashing while trying to watch an online video.
I have already run several scanners and thye found nothing, I have also run MiniToolBox, FSS, r-kill and SecurityCheck, their logs are posted in the thread I have linked to. Along with unusual behaviours I have spotted described there. Please refer to that thread for that information.
Scans so far:
(came up clean)
AVG
malwarebytes
malwarebytes anti-rootkit
ESET online scanner
kasperksy virus removal tool (latest version)
(made logs which I have already posted In other thread.)
MiniToolBox
RKill
FSS
SecurityCheck
Below is my DDS log And attach.txt is waiting on my harddrive should you request it.
My browser was open and I was connected to the internet at the time I ran it. The program list contains quite a lot of pre-installed programs which I don't use but would rather leave as they are.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.17183
Run by (removed for privacy) at 15:12:57 on 2015-01-07
Microsoft Windows 8  6.2.9200.0.1252.44.2057.18.3979.2181 [GMT 0:00]
.
AV: AVG AntiVirus Free Edition 2015 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows De... Read more

A:Diagnosing If i have been infected by flash exploit

Hey my friend, I'm in the 'Malware Staff Team' and will provide you with advice:To remove Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do. just ask me! Please stay in contact with me until the problem is fixed. You must reply to posts within 4 days. If you haven't replied within 4 days your topic will be closed. If you go away for some time please let me know. Communication is a important part here! If you are unsure about something - STOP - and ask me. No need to be afraid of asking - better ask than doing a mistake. Mistakes can lead to an unbootable PC! I would recommend to follow the topic by clicking on the Follow this topic button - you will get notified when I have replied to your topic.   Below are a few tips Removing Malware is usually very difficult.We need to search and analyse a lot of files. As this is done in our free time, please be patient especially if I don't answer every day!Please follow these instructionsIf you don't follow the instructions your computer may crash. If you fix your PC by yourself, this can be very risky!Please stay in contact with me until your problem is resolvedAs Malware may not be totally removed in one session or in one day, please stay in contact with me until the problem is resolved.... Read more

22 more replies
Answer Match 52.08%

arm in sling typing one handed. i got hit with this on my cpu and can't heal it or get rid of it. i put it in the virus vault. it hit the temp internet files. what do i do? i have win xp pro. thanks for the help.

A:Virus Found Exploit

Can be you more specific on the type of exploit as there are many of them?For example, many users have reported "Java/ByteVerify.Exploit.Trojan - Virus found in Java Runtime Environment (JRE) cache".Java.ByteVerify is actually a method to exploit a security vulnerability in the Microsoft Virtual Machine that is stored in the java cache as a java-applet. The vulnerability arises as the ByteCode verifier in the Microsoft VM does not correctly check for the presence of certain malformed code when a java-applet is loaded. The solution for a lot of these exploits are to:Follow the instructions here to clean your JAVA cache.Follow the instructions here to clean your your Web Browser Cache: IE, Netscape, Mozilla, Opera, AOL.

10 more replies
Answer Match 52.08%

arm in sling typing one handed. i got hit with this on my cpu and can't heal it or get rid of it. i put it in the virus vault. it hit the temp internet files. what do i do? i have win xp pro. thanks for the help.

A:Virus Found Exploit

I have already responded in your other thread here. Please do not duplicate postings as this causes confusion and makes it more difficult to get the help you need to resolve your issues. Thanks for your cooperation.This thread is closed.

1 more replies
Answer Match 52.08%

Ok I usually keep my computer cleaned out and try to stay away from sites that may cause it harm. While I was away my son got on here and tried watching tv shows and I think thats when it got infected. It's really slow, mouse arrow will freeze and not move I have to restart to get it back. Tried downloading a new antivirus because mine was not finding it but it kept saying error and would not let me. I finally got one call bull guard which I had never heard of and all it found was cookies. Went to bitdefender an ran the online scanner and I have included the log from that and a hijack this log. Any help at all would be appreciated, thanks.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:15:55 PM, on 12/5/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdkserv.exe
C:\WINDOWS\s... Read more

More replies
Answer Match 52.08%

I was visiting this site I go to on a daily basis and today this random window popped up saying that a virus has been detected and it tried to download to my computer but I canceled it. I've attached my HijackThis log so if someone could please take a look at it and let me know what I need to do in order to remove it. Thanks in advance.
 

A:exp.wmf/Bloodhound.Exploit.56 found! Plz help!

7 more replies
Answer Match 52.08%

Today i decide to run a mse full scan and it found Exploit:Java/CVE-2011-3544 and Exploit:Java/CVE-2010-0840.OO. I removed both of them and ran a malwarebytes scan and found nothing and removed java and reinstalled it. i was just wondering if i should do anything else.

Thanks in advance!!

A:MSE found Exploit:Java

Please download and run Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.

6 more replies
Answer Match 51.66%

I posted previously about some perceived connection compromises. Just got some extra info and re-added to post.I run windows XP. Have two machines one wired ethernet & other picking up wireless connection off my router - BT HOme Hub. I have been suspicions about someone remotely accessing my pcs /newtork. I have a home newtork -but really dont understand that much about it apart from allowing my two machines to share certain files/folders. on Wireless connected machine after clearing a lot of malware I am left with "Flash installer" upgrade failure constantly popping up - cant track it down or get rid of it? . Any ideas?. Run Mcafee on this machine - which eventually has started working but SuperAntispyware did the majority of tracing / quarantine as Mcafee appeared to have been compromised. I am left with "Flash installer" upgrade constantly popping up - cant track it down or get rid of it? . Any ideas?For info: Virus /Malware removed from Wireless connected PC by SAS ( I will add I unwittingly clicked on FedEx false invoice email!!!! - we were having a lot of deliviries at the time, what an idiot!). Also keep getting redirects from google search results. This after remvoing all those malwares etc below - but suspect thers more still there. Gratfeul for help. 1)HKLM\SOFTWARE\MICROSOFT\SCEURITY CENTRE#ANTIVRUSDISABLENOTIFY HKLM\SOFTWARE\MICROSOFT\SCEURITY CENTRE#FIREWALLSABLENOTIFY TRACE.KNOWN THREAT SO... Read more

A:Anyone know how to sort out google search re-direct / flash pop up / other issues

JS /Obfuscator.AG still present - found by Microsoft scanner.What is Microsoft scanner?I also noticed that in my device driver settings (network adaptor) was set to "wake" against various actions. I was unaware of this. Did this mean that somone could turn my PC on remotely ? or access it if left on overnight?No, this simply means that activity from this device, if enabled, would wake the computer.If you have any other questions, let me know. But for now, let's run through some scans to see if you're infected with anything.After performing these scans, enter the results in your next post and also update me on the status of the PC.Note: You may have to perform some or all of the following in Safe Mode With Networking, depending on if you have internet access while in the normal Windows environment.================================================================================Download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.================================================================================Please download and scan with SUPERAntiSpyware FreeDouble-click SUPERAntiSypware.exe and use the default settings for installation.
For instructions with screenshots, please refer to the How to use SUPERAntiSpyware to scan and remove ma... Read more

5 more replies
Answer Match 51.66%

Details here; http://www.adobe.com/support/security/advisories/apsa11-01.html Not a lot users can do about it at the moment except to take even more care with email attachments. Official 'fix' due next week.
 

A:Solved: New Zero day exploit for Adobe Flash (and maybe Reader)!!

Flash version 10.2.153.1 is now available; http://get.adobe.com/flashplayer/ Don't forget to run the uninstaller first!; http://kb2.adobe.com/cps/141/tn_14157.html

The first link will provide the version needed by whichever browser you use to access it (an .exe version for Opera and Firefox). In the case of IE I always reject the Google toolbar, allow the Adobe Download Manager to be installed and then follow the onscreen prompts to complete the installation. Some sites have an .exe version for IE which other people here seem to have used without problems.

I believe that a new version of Adobe Reader has also been released to deal with the latest security issues.
 

1 more replies
Answer Match 51.66%

Hi,

My friend recently asked me to help her download some music video flv files from the website MTVIggy. I normally use Orbit Downloader for saving flv's I like from youtube but it doesn't seem to work on this site. I've tried a program called Replay Media Catcher but ut also doesn't work. Does anyone know of a program/tool that is actually capable of downloading the flv files from MTVIggy?

Thank you for your help. It is greatly appreciated.
Ice

A:How to record rtmp:// flash video .flv stream from embedded Adobe Flash Player

As the site is owned by Viacom/MTV, my guess is that it is DRM (Digital Rights Management) protected and videos can't be downloaded. I normally use Real Player when I need to download embedded videos but I don't think it will work and I'm not aware of a free product that will download DRM protected videos.

5 more replies
Answer Match 51.66%

Quote:
A large number of users, who regularly upgrade their Flash Player installations, remain exposed to Flash-based attacks, because the Flash plug-in bundled in Adobe Reader is not updated at the same time.


Yet another reason to use an alternative to Adobe Reader.

A:Users Remain Vulnerable to Flash Exploits After Upgrading Flash Player

Just in case there may be someone out there who hasn't heard of it, Foxit Reader is a free alternative to Adobe. Been using it for a couple of years and haven't found any PDF files it couldn't read.

Foxit Software - Foxit Reader 4.1 for Windows

2 more replies
Answer Match 51.66%

I uninstalled Adobe Flash with their uninstall tool because I read somewhere you needed to update it because of major security flaw. I went over to the Adobe website to try and find an update, as well as a tutorial on how to update, as I had no idea what version I had. Their website is a mess unless you want to purchase something, and then you can find whatever your want. Since I had no idea what version of player, I just DL their uninstall tool, then DLed their new flash. I used their uninstall tool, and then reinstalled the new Adobe Flash Player. The only PU that came up was that it couldn't install in Opera. I went looking to try and configure it, then I read in the post below, you had to go to the link, http://www.adobe.com/shockwave/welcome/ for shockwave, and figured it would lead me to flash and all that crap. I remembered what a PIA it was. I went over there, and it says flash works, but I still don't know if it's the latest flash or not. On the right it says I need to install "other sw", but that probably because I don't have shockwave installed. BTW, when I used their uninstaller from an administrator account, it completely wiped out my FX profile in the limited user account for some reason. It didn't do anything to the FX profiles in the administrator's accounts. I keep an updated copy of the limited user account's FX profile, and just reinstalled it, but I'm sick and tired of adobe flash and all the BS your have ... Read more

A:Adobe Flash uninstall tool,& is there a better/safer flash player w/o the hassles?

The flash player for IE and Firefox is in C:\Windows\System32\Macromed\Flash. The IE one is called Flash9f.ocx and for Firefox its NPSWF32.dll.

You can view current version, by going to a page with a flash object on the web page, right click on the Flash object and select About Adobe Flash Player 9 and it will take you to Adobe site and display version.
You can also get version from the files about on the Version or Details tab of its properties.

As for removal, just either use the Uninstall tool in the same folder (See above) or delete all the files in the folder to remove it.
 

2 more replies
Answer Match 51.66%

Bazooka found this can you have a look at log please
Logfile of HijackThis v1.99.1
Scan saved at 12:34:01, on 07/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Filseclab\xfilter\xfilter.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Voyager100Test\fts.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\AOL 9.0a\aoltray.exe
C:\Program Files\Common Files\AOL\1132916045\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\1132916045\ee\AOLServiceHost.exe
C:\Program Files\AOL\Broadband CheckUp\bin\mpbtn.exe
c:\program files\common files\aol\1132916045\ee\services\antiSpywareApp\ver2_0_12\AOLSP Scheduler.exe
C:\Program Files\Common Files\AOL\1132916045\ee\AOLServiceHost.exe
C:\Program Files\Common Files\Fi... Read more

A:Bazooka found exploit-beehappyy

****************************************
Bazooka Scanner v1.13.03
http://www.kephyr.com/spywarescanner/
http://www.kephyr.com/spywarescanner/library/
[email protected]
Log created 13:00:38.
OS: Windows NT 5.1
Database version: 3.110000
Database format version: 1.020000
Database date: 20051204
Current date: 2005-12-07 13:00
****************************************
Result when scanning:

Exploit Beehappyy.biz 544.734.001 %WinDir%\tempf.txt
C:\WINDOWS\tempf.txt
http://www.kephyr.com/spywarescanner/library/exploit-beehappyy.biz/index.phtml

****************************************
Auto start entries:
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AOL 9.0 Tray Icon.lnk
C:\Program Files\AOL\Broadband CheckUp\bin\matcli.exe -boot
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
C:\Program Files\Common Files\Filseclab\FilMsg.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AOL 9.0 Tray Icon.lnk
C:\Program Files\AOL\Broadband CheckUp\bin\matcli.exe -boot
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
C:\Program Files\Common Files\Filseclab\FilMsg.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Documents and Settings\Mr Wright\Start Menu\Programs\Startup\desktop.ini
C:\... Read more

2 more replies
Answer Match 51.66%

Hi Quevvy,I will be handling your log to help you get cleaned up. Please give me some time to look it over and I will get back to you as soon as possible. Thanks!
 
Oseyerus13

A:Exploit.JS.Pdfka.ggk found by Kaspersky

Are there any other scans that I should perform in the meantime?

10 more replies
Answer Match 51.66%

Hey guys,
So a few hours ago i downloaded a file which wasnt what i thought it was it was a exe that when i run did nothing so suspecting something fishy i run a AVG scan and it picked up a Trojan horse generic and 6 of these. I managed to move them all to the viru vault and delete them all. I ran another scan nothing came up. Now i seem to be getting alerts from AVG every once in a while saying threat Detected or something along them lines with this Script/Exploit virus below. How serious is the matter will this course damage to my computer if not dealt with?

Infection Virus found

Script/Exploit
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B3K7V0B4\adserver[1].htm";"";"16/10/2009, 23:51:02"
 

A:Virus Found Script/exploit

bump
 

1 more replies
Answer Match 51.66%

Hi,

Windows Live OneCare popped up a warning message on my Vista PC earlier, but the message disappeared before I could read it.

I checked OneCare and there were no alerts, but when I reviewed the Event Log, it listed two occurrences of Exploit:HTML/Repl.D, found one minute apart.

Does anyone know what this is and what I should do to remove it?

The link from Event Viewer states that it is a low risk exploit, but gives no details on how to recover (http://www.microsoft.com/security/e...?name=Exploit:HTML/Repl.D&threatid=2147600073).

However, when I Google 'Exploit:HTML/Repl.D', Sophos say that this exploit can result in code being downloaded to my PC (it links to the following: http://www.sophos.com/security/analyses/trojrexploa.html)!!

No dodgy sites have been browsed and the only software installed recently, was Spybot.

The exploit was found in the Temporary Internet Files.

Please help!
Thanks in advance.
 

A:help: AV found... Exploit:HTML/Repl.D

FYI

Vista is fully patched and OneCare is up-to-date with the latest definitions.

I've just run a full scan with OneCare and it says that it removed Exploit:HTML/Repl.D, but I'm still concerned about how it installed on the machine in the first place and whether or not it's really gone.

Any advice would be appreciated.
Thanks.
 

1 more replies
Answer Match 51.66%

Hello , I am trying to help someone fix their system.. I know that this is a dell dimension b110 less than one yr old.
The lady updated Mcaffe, and i guess ie 7.. she cannot surf the net... her browser window doesnt even show page cannot be verified. or the progress bar.. it is simply a open blank window.. it is not set to open blank page or work offline..
When i ran her anti-virus software.. it showed two infected files.. Both infected by the Exploit ByteVerify trojan virus.. It apparently hijacks the start page. The Mcaffee ( UGHGH) refered me to MS03-011
No instructions on how to manually remove or anything.. it said update dat files.. install path.. thats it.. the browser still is not functional.. we tried dell support they used remote support and basically emptied the temp folder and deleted the temp internet files and deleted the system restore.. and refered her to paid for tech support to remove thevirus.. i did quarantine the files but dell recommended to restore them..Can anyone here help?I would like to be able to fix this properly without having to pay Dell.. I can give more info about system.. but.. Thank you all. (K

A:Trying To Help Virus Found.. Exploit Byteverify

Your friend or you need to1)Disable restore pointGuide on how to disable restore points.2) download updates here.3) Startup in Safe mode4) Scan and have the trojan be removed.5) After removal start up in normal mode and enable restore point againPleae make sure that her computer is upto date with latest patches

4 more replies
Answer Match 51.66%

Firstly I'd like to say I'm a complete novice and don't have a clue about how to fix this so your help is crucial to me right now, and I'll need taking through any process in simple easy to understand steps please. Sorry if I'm not following the right protocol for this board, I'm a new user and quite clueless!
Last night I lost all my MSN and messenger settings, couldn't get into any of my emails or any msn secure pages. So naturally realised something was wrong. To begin with I did a system restore to take the pc back to when I knew that the settings for MSN were there and I now have all that working, but I knew something must've made it go wrong.
I ran norton av (I have Norton AV {updated before each use}, Int.Sec and Prot.Centre and I run regular AV checks twice a week) which found nothing. I ran adaware and spybot. Spybot found something called smitfraud and between them they found dozens of threats and instances of spyware and adware which needed attention. I dealt with it, and ran them again, but some of the problems still showed up. So then I ran panda scan which found it again and also found exploit.byteverify and dialer.hcc, but didn't eradicate them, so since then I've run AVG Anti-Spyware and SuperAntiSpyware but these haven't fixed my problems either.

Can or more to the point will one of you please help me to sort this? I am dreading having to wipe my OS out and start again.

A:Smitfraud And Exploit.byteverify Found

The first step that I would recommend would be to download superantispyware look here:http://www.bleepingcomputer.com/forums/topic3616.htmlcompletely update the program, run a full scan, restart the program to let it remove any problems that it finds, then post a hijack this log here:http://www.bleepingcomputer.com/forums/topic3616.htmlthese are the instructions on what to do before you post the log, how to post, etc.The team members are very busy, so do not post any repliesuntil one of them answers your post. If you have not had an answer after five days post here:http://www.bleepingcomputer.com/forums/topic3616.htmlsas updates constantly, so updating is important, as are the restarts (dont worry about protocol, all of us were new at one time)OF

8 more replies
Answer Match 51.24%

I picked up at least two items on Saturday.

The first my antivirus declared to act like a worm. It said it was classifying it into my low restricted access area. I was quickly able to open my anti-virus and move it to untrusted. Unfortunately it is still on my machine and trying to run. My anti-virus provides pop-up showing me all of the system processes it is trying to access but are being blocked.

The second item is redirecting my Google searches. I haven't tried other search engines, I'll try those tonight. I couldn't get to this site on my home pc through Google so I am reporting this from work.

I saw a program called VCIM.exe load into my low restricted. I did a search for the file to try and stop/delete it but my computer could not find it.

I would apreciate the help.
Thank you in advance,
Log file starts:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:49:54 PM, on 6/12/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\PROGRA~1\Verizon\SMARTB~1\MotiveSB.exe
C:\HP\KBD\KBD.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\Syste... Read more

A:Two Issues Found Some Sort of Worm and Google Redirect

16 more replies
Answer Match 50.82%

Got an email - thought it was from a known source - it wasn't - and it replaced my home page with the shady site address.. have gone into the registry and forced it back to my usual default... and cleaned out my Temp folder...
Now.
In >Tools>Internet Options> General Tab my whole home page section of this tab is unavailable (greyed out buttons and field).
And:
In >Tools>Internet Options> Security Tab my Custom Security area is also greyed out.
This is a problem for me as it relates to my need to get ActiveX working on my laptop to view reports for one of our products.

After having quarantined the js.exception.exploit virus from
these files: 22116[1].js & startpage.js & illegal.js.
And upgrading installing and ininstalling IE from ie5.0 to 6 to 5.5 and upgrading sp2 - the problem still persists.
I'm running Win2000 Prof WinME.

Anyone know a fix for me?

Loads of thanx in advance!
 

A:js.exception.exploit virus found and quarantined

6 more replies
Answer Match 50.82%

Not sure if you guys saw it yet, but apparently a security flaw makes it easy for eval hackerz to compromise your system. Ubuntu and Debian users are at risk here *_*Note: 2^128 is about 3.4 with 38 0s after it.2^15 is 32 768. Imagine that.Check out the news here.

More replies
Answer Match 50.82%

Hi, I am running McAfee on Windows XP and it found 6-7 trojans named exploit-cve2008-5353 today. I don't seem to be having any issues pertaining to internet surfing yet but I don't believe that's a good indicator of how bad my situation may be. My laptop seems to be running fine for now. I looked into my running processes via "ctrl-alt-delete" and found 2 processes that are unfamiliar to me. They are "jqs.exe" and "plugin-container.exe". I don't know if these are bad or not...

I appreciate any help!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:30:32 PM, on 8/13/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17080)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\TpShocks.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\THI... Read more

A:Exploit-Cve2008-5353 trojan found

Hello ChargingUp,

Nothing showing up in the HJT log. Let's try a wider look.

Download OTL to your Desktop

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Under the Custom Scan box paste this in
Code:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\system32\*.wt
%systemroot%\system32\*.ruy
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%|bak;true;false;false /fp
%systemroot%\system32|bak;true;false;false /fp
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

Click the Run Scan button. Do not change any settings unless otherwise told to do so.

o When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
o Please copy (Edit->Select All, Edit->Copy) the contents of these f... Read more

1 more replies
Answer Match 50.82%

System is a Lenovo Model: 10AA002SUS
ThinkCentre,ThinkCentre M93 M93p Tiny,Model:10AA002SUS

Event log
Log Name: System
Source: Microsoft-Windows-WER-SystemErrorReporting
Date: 10/18/2016 10:22:40 AM
Event ID: 1001
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: USRIVD036
Description:
The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0x0000000000000008, 0x0000000000000002, 0x0000000000000000, 0xfffff88001b53a1d). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101816-21933-01.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-WER-SystemErrorReporting" Guid="{ABCE23E7-DE45-4366-8631-84FA6C525952}" EventSourceName="BugCheck" />
<EventID Qualifiers="16384">1001</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2016-10-18T14:22:40.000000000Z" />
<EventRecordID>90010</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>System</Channel>
<Computer>USRIVD036</Computer>
<Secu... Read more

A:BSOD using Flash Training Website (IE 11, Flash Player 23.0.0.185)

Hi Bedell,
That version is now out of date >>> 205

Roy

2 more replies
Answer Match 50.82%

Hi all. I'm using WMP 9. Whenever I drag some files from Windows Explorer to the playlist in WMP, the order gets all shuffled. (ie I drag Track 1-13 and the playlist shows 13,12,11,1,2,3,...) This causes me to have to manually sort the files out, which does get a bit tedious from time to time. Is there a way to arrange the files by name, filename, or any of the other options available when you alternate click on a folder in Windows Explorer? Is there an option in the software b/c I can't seem to find it. I took a look at the Microsoft support site but I didn't find anything. Anyone have any suggestions? Greatly appreciate any help.
 

A:Windows Media Player sort issue

Check out the last from this link.
 

2 more replies
Answer Match 50.82%

I have an Asus A8N-E mobo and want to flash my bios, however like I said, the Award flash utility is nowhere to be found. So how do I do it?
 

A:Award flash is nowhere to be found. So how do I flash the bios?

6 more replies
Answer Match 50.82%

Hi,

I've been having problems listening to music on windows media player and watching flash videos. The playback is choppy (sometimes gets stuck and generally bounces around) but also my system seems to take an age to start up and is slow.

I've run disk-defragmentor, scandisk, spybot, adaware, AVG etc. But no luck.

This has come about since I've put about 20GB of music onto my laptop (I still have around 47GB of 70GB free). However, when Windows Media Player is not open the system still runs slowly and I have no luck running flash videos.

The only possible solution I can think of is deleting the music but I'm a bit hesitatant to do so because it took me ages to put it on!

Anyway, thanks very much for any help you can give me!
 

A:Solved: Windows Media Player & Flash Player choppy playback

10 more replies
Answer Match 50.4%

Symantec Endpoint Protection keeps detecting this exploit. It says it is quarantined everytime, but almost everyday it keeps saying it found Bloodhound.Exploit.166, sometimes 3 files at a time. All of the time these files are found in the "C:\Users\Keston\AppData\Local\Temp" folder. I now have about 20+ of these in quarantine.Could you please help me get rid of this virus. Any help would be appreciated.Attached is a copy of my HijackThis log.ThanksLogfile of Trend Micro HijackThis v2.0.2Scan saved at 12:52:55 PM, on 6/1/2008Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Synaptics\SynTP\SynTPStart.exeC:\Program Files\HP\QuickPlay\QPService.exeC:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exeC:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exeC:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeC:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exeC:\Program Files\Lexmark X1100 Series\LXBKbmgr.exeC:\Program... Read more

A:Bloodhound.exploit.166 Found By Symantec Endpoint Protection

Hi kesso,I'm sorry it's taken so long for you to get a response, if you still need help please do as follows:Download Deckard's System Scanner (DSS) to your Desktop (right-click the link, select Save Target As..., select your Desktop and press Save)Close all applications and windows.Double-click on dss.exe to run it, and follow the prompts.When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt<-this one will be minimizedMake sure Format->Word Wrap is uncheckedCopy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt and extra.txt in your replyOnce complete, please post both DSS logs, you won't need to produce a new HijackThis log as DSS produces one for you.Please do not attach logs unless directed to do so, thank you.

3 more replies
Answer Match 50.4%

Hi
Would be greateful for help
I found I'm unable to delete records from StartUp menu. System reported Access Denied
 
Windows System Restore after selecting restore point doing nothing.
 
I tried to upgrate Nvida Graphic card driver but Installer finish with error unfortunately deleted first exisiting driver.
Windows now every restart reports Cant install this hardware.
 
I run full scan by my DrWeb 8.1 antivirus and it found and removed these
Trojan.Downloader 9.50761
Java.Dropper 10
Exploit.Java 309
Exploit CVE2011 3544.121
Exploit CVE2012 0507.9
also reported
DFH:HOSTS.corrupted

Windows Mailciouse Removal tool full scan found nothing
MBAM Pro full scan - nothing
 
Antivirus and Windows update works ok
 
I still unable to install Nvida driver and delete Startup items even if safe mode as Admin. Tried create new admin account and work from it but prob almost the same.
 
Thanks for the help!
----------------------
This is dds.txt
 
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 1.6.0_13
Run by Ser at 16:36:03 on 2013-08-17
Microsoft Windows XP Professional  5.1.2600.3.1251.7.1033.18.3582.2821 [GMT 1:00]
.
AV: Dr.Web Anti-virus *Enabled/Updated* {3454C8F1-ECBC-4180-A6F4-04632FBA762B}
FW: Dr.Web Firewall *Enabled*
.
============== Running Processes ================
.
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardS... Read more

A:Found Trojan.Downloader, Java.Dropper 10, Exploit

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.Please download AdwCleaner by Xplode onto your Desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Click the Report button and the report will open in Notepad.IMPORTANTIf you click the Clean button all items listed in the report will be removed.If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Check off the element(s) you wish to keep.Click on the Clean button follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).=== Please downloadJunkware Removal Tool to your Desktop.Please close your security software to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.The tool will open and start scanning your system.Please be patient... Read more

7 more replies
Answer Match 50.4%

Microsoft Essentials detected what it reported as Exploit:JS/Blacole.O and i promptly removed it using Essentials. Since then the computer has not worked properly. The cursor has virtually stopped responding when i try and use the touchpad on my laptop. The cursor takes forever to respond when it does and it keeps going round spinning when i click on something. Web pages are taking very long to load and the computer keeps freezing and sometimes pages i am using just refresh for no apparent reason
The computer is almost unusable now. I have used Malwarebytes and Superantispyware and both are finding nothing. please help me

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.1.0
Run by Tendai at 22:34:38 on 2011-10-26
Microsoft? Windows Vista? Home Basic 6.0.6002.2.1252.44.1033.18.1917.438 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32&#... Read more

A:Found Exploit:JS/Blacole now computer virtually unusable

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/425205 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

27 more replies
Answer Match 50.4%

It started about 3 wks ago, desktop started acting up. Noticed svchost was constantly using 50-80% cpu. Desktop screen flickers and appears to get hijacked.. (not sure). Ran Eset scan and found Java exploit and was removed. Feeling very uneasy using this machine. Running Win XP os on Uverse wireless dsl line. Also, it works so very different while in safe mode, much quicker and svchost issue seems to stop. I could really use some assistance with removing this nasty virus/trojan. I suspect this was a result of using outdated Java 6, but not sure. Thanks in advance for your time!!ZsnapEdit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum, due to the absence of any malware logs included in the topic. ~ Animal

A:Java Exploit trojan found, comes back after removal-please help!

Same computer?
http://www.bleepingcomputer.com/forums/t/505084/alureon-was-found-but-keeps-coming-back-is-there-any-hope/

40 more replies
Answer Match 50.4%

   I have recently been getting a message to update to adobe flashplayer pro to view site and have been also getting a message to update the media player. I looked at the versions  I am running and they are the latest. I was told to do the Adobe while I was navigating to this page just a moment ago. When I am at some sites I have also gotten a box that says my media player is infected and needs to clean files. While in MSN.com home page I have gotten a poor pc performance box that comes up and it is kind of shaking when it appears. I don't know if this is an infection or what but am very wary of this type of stuff after fighting with other infections in the past. I posted this in another forum and was instructed to possibly try this one. Please let me now if you may need more information and I will reply. Thank you for your time and efforts. Jack Perrin.

A:told to install flash player pro and update media player

Hello -Download Security Check by Screen317* Save it to your Desktop.* Double-click SecurityCheck.exe* Follow the onscreen instructions inside the black box.* A Notepad document should open automatically called checkup.txt; please post the contents of that document.Note: If any security program requests permission to access the Internet, allow it to do so.  Download MiniToolBox, Save it to your desktop and run it.Checkmark the following boxes:•Flush DNS•Report IE Proxy Settings•Reset IE Proxy Settings•Report FF Proxy Settings•Reset FF Proxy Settings•List content of Hosts•List IP configuration•List last 10 Event Viewer log•List Installed Programs•List Users, Partitions and Memory size.•List Minidump FilesClose any Firefox browsers you may have open when running Reset FF Proxy SettingsClick Go and copy / paste the result (Result.txt).  Please download Rkill (courtesy of BleepingComputer.com) to your desktop.There are 2 different versions. If one of them won't run then download and try to run the other one.You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/* Double-click on the Rkill desktop icon to run the tool.* A black DOS box will briefly ... Read more

2 more replies
Answer Match 50.4%

I am in big problem I will go mad soon..the situation is so - my girlfriend always watches previews of housewives at abc http://abc.go.com/primetime/desperate/index.html ; and there you need the newest adobe flash player installed...and so every time she wishes to watch it I must install adobe flash player again and again...and I check if there is something wrong with the web page, so I go to test my adobe schockwave player and adobe flash player there...and every time I see I really dont have this two on my system..so I am doing something very wrong..One day it works and then the next day I must install again..and so on..and on..

http://www.adobe.com/shockwave/welcome/

After I uninstall and install again everything is fine...It goes on my nerves, cause I many times install also yahoo toolbar with it..and then I have problems uninstalling this toolbar... I must then again install yahoo toolbar and then many times the uninstallation is not ok...and then again install yahoo and uninstall.. soon you will be able to visit me just in mental institution...
I dont know - is there any setting in explorer that deletes this two?...I use also regCure registry cleaner..maybe I really went mad

In short - why is adobe flash and schockwave escaping from my system..am I too ugly!? or I know too little about explorer settings ?

Thanks for your help and time

leroyas
 

A:Solved: adobe flash player and schockwave player must be installed over and over again :(

8 more replies
Answer Match 50.4%

Hi! Everybody,

I would like to ask your help in two parts about problems I am facing with my Windows Media Player WMP.

PART1:

1) Add-Remove programs of Control Panel indicate ?WMP version 11? and ?Windows Media Format 11 runtime? installed. When click to remove for ?Windows Media Format 11 runtime? a message says I have to remove ?WMP version 11? first. When click to remove for ?WMP version 11? pup up window of ?Windows Media Player 9 Series? appears and says ?Setup can not continue: More recent player already installed. Windows Media Player 9 Series setup will now exit?.

2) When I click on WMP logo on my task bar WMP11 video screen appears all right. A little later a pup up window of ?Windows Media Configuration Manager? appears and says ?A Windows Media update is currently available. Would you like to update now?? I click on Yes, then ? Setup can not continue? message of ?Windows Media Player 9 Series? appears and says the same thing as 1 above ? Setup can not continue: More recent player already installed. Windows Media Player 9 Series setup will now exit?.

I couldn?t figure out where from and why this ?Windows Media Player 9 Series setup? is appearing instead of ?Windows Media Player 11 Series setup??
What is Windows Media Player 9 Series any way? Can Windows Media Player 11 do every thing Windows Media Player 9 Series does? Do I need to keep both Windows Media Player 9 Series and Windows Media Player 11 in my computer?

I will very much appreciate if o... Read more

More replies
Answer Match 50.4%

i have WMP 11,

does anybody know how i can turn off the auto sort for the song files in the WMP library ?

it drives me crazy, everytime i edit something like the album, artist or song, as soon as i'm finished i get shot to a completely different part of the media library, and then i have to find my way back to where i was,

should i go back to WMP 10 ?

More replies
Answer Match 50.4%

How do I get Windows Media Player Series 10 to set the sort default to filename. I have to go in and manually sort by filename every time I play more than one file. I could save the playlist, but I change what I want to hear from day to day

Thanks
 

More replies
Answer Match 49.98%

Well i recently had to reinstall XP (didn't crash we had other reasons)(We had visual problems) well after reinstalling XP I downloaded Firefox and a 2 other programs... Well i was going to Youtube.com and it gave me errors saying to downloaded the newest version of Flash Media Player...no problem right? So i did on firefox... well i reboot my computer and try again to play Youtube videos... Well this time it works but after 2 seconds the video stops. Thinking that youtube was just down i tried 7 different sites... none worked. All of them stomped at 2 seconds it freezes again... Thinking it was flash i tryed some of tried some Flash Games.... those worked fine

Well i tried to uninstall Windows Media Player and reinstall it but of course it will only let me Downgrade so i tryed downgrading from 11 but it still doesnt work. Anyone have any ideas? If you have any questions or suggestions post them below and i will get reply (tommorow) with my results

Anything helps!

(BTW... It doesnt work on ie either, but yet once again the Flash Games work...)

A:Flash Player Problems? Or Windows Media PLayer?

When you reinstalled everything...did you also reinstall your motherboard drivers that come on the cd?

If not, could you post ypur mobo and chipset details here please..

http://www.cpuid.com/pcwizard.php

1 more replies
Answer Match 49.98%

Hi

I am totally new to computers and I am using xp. I have a new dell computer and have charter security suite as my security system. Anyway, occassionally I will get pop-ups saying I have a virus, but I can't remove it using charter security suite. I scan and it says infection Exploit.HTMl.Mht and location C:\DOCUM.. and also 10 infections. Like I said I have very little computer experience so I need lots of help. Can anyone tell me how to get started removing this? I have noticed no problems so far with my computer, except my screen saver won't kick in. Sounds similiar to a problem college girl posted in here.

Thank you anyone who can point me in the right direction.
 

A:Solved: Exploit.HTML.Mht My charter security suite found this

16 more replies
Answer Match 49.98%

First, thanks for taking a look at my problem.  Your attention and time are appreciated!
 
The machine in question is a Dell Precision M6600 running Windows 7 Pro.  A scan with Vipre from ThreatTrack Security discovered a file it called Lookslike.swf.malware.h which it quarantined and eventually deleted.  Subsequent deep scans with Vipre came up clean.  However, Microsoft Safety Scanner came back with 12 files infected, calling the malware Exploit.Java/Obfuscator.w.  The MS scanner said it could not do anything about the matter.
 
All updates to Windows, Vipre, Java and Adobe products have been made and the machine is currently not displaying any strange behavior.  However, since it is a machine that gets heavy use on very important, time-sensitive projects, I would like to get ahead of the issue and do anything I can to remove the threat entirely.  Normally I would just back up the data and do a clean reinstall of Windows but this particular machine is chock full of difficult to reinstall software that I would much rather leave in place.
 
Any assistance is very much appreciated.
 
-Scott

A:Exploit:Java/Obfuscator.w found by MS Safety Scanner - Help Removing, Please

Hello mudhustler and welcome to BleepingComputer!       
 
My name is Sirawit and I'm here to help you.
 
Please note that I'm currently in training and my fixes need to be approved first, that may delay our fix a bit, but I will normally reply back in 24 hours.
 
If I don't reply after 3 days, feel free to PM me.        
==========================================================================Some points for you to keep in mind:
Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I wi... Read more

15 more replies
Answer Match 49.98%

When backing up to my external hd using WIN7 Action center I am getting a backup failure because MS security Essentials is picking up

Exploit:Java/CVE-2010-0094.DZ

somewhere in a shadow copy.

The precise details from MSSE on what it finds are :

file:\Device\HarddiskVolumeShadowCopy12\Users\Martin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\1cb65bc4-42c2ffb0->dostuff.class

MS Security Essentials removes it but when I try and backup again it reappears.
Any ideas ?
The MS website has no additional info on Exploit:Java/CVE-2010-0094.DZ as far as I can see.

Edit - - separate MSSE scan on external hd has identified and removed the same threat ....external hd is now clean but backup still fails for the same reason .....regular MSSE and Spybot scans of onboard hard drive when not trying to backup reveal no issues or threats.

Edit 2 - in fact the MSSE quick scan didn't pick up the problem. A Full Scan finally found the offending item and renoved it from the internal hd. Bacckup subsequently ran successfully.
 

More replies
Answer Match 49.56%

Why on earth..?

I stick in a blank CD, and am prompted to pick a Win8 app. I select Windows Media Player (and am thankful Windows includes something so basic native vs. having to go find some unknown app somewhere.)

Per the prompt, I drag and drop files from Explorer to the box on the right of Media Player, creating a ?Burn list?.

Happy days. All is good.

But WHY does it not sort by file name!! I have no idea what the sort is based on. I have to reorder them every time. I have my files named in the correct order thus:

01_Favorite song this week
02_the next song
03_some song I liked on the last mix burn
04_still stuck on the CD-medium blues, in my truck, by Wes Montgomery Jr.
05_the shred of etc.

To be fair, I think Nero on my XP machine was the same way.

Any insight as to why the random sort (NOT in the order above after you drag and drop the group?) Any tricks to alleviate this silly little conundrum?

Appreciated.

A:Burning a CD w/ Media Player – miffed by random sort order

I have a recording studio and use Nero, which will set the songs in the sequence that you drag (add) them to the burn window or after dragging them to the burn window you can rearrange them as desired If you just drag all the songs from a folder to Nero they will be in alphabetical order (as set by Windows).

I've never liked the WMP for burning. ImgBurn is a very popular (free), burning program that is used by many. The Official ImgBurn Website

CDBurnerXP is another freebie that I like better than ImgBurn for audio CD's. It sort of has an old Roxio feel to it. https://cdburnerxp.se/en/home

2 more replies
Answer Match 49.56%

 
Updated Two more serious security holes in Adobe Flash that let miscreants hijack vulnerable computers have emerged from the leaked Hacking Team files – and crooks are apparently already exploiting at least one of them to infect machines.
The use-after-free() programming flaws, for which no patches exist, are identified as CVE-2015-5122 and CVE-2015-5123. They are similar to the CVE-2015-5119 Flash bug patched last week. The 5122 and 5123 bugs let malicious Flash files execute code on victims' computers and install malware. The bugs are present in the Windows, Linux and OS X builds of the plugin.
The 5119, 5122 and 5123 vulnerabilities were documented in stolen copies of files leaked online from spyware maker Hacking Team. The Italian biz's surveillance-ware exploits the vulnerabilities to infect computers, and these monitoring tools are sold to countries including Saudi Arabia, Sudan, Russia and the US.
Everyone with Flash installed should remove or disable the software until the critical security bugs are patched, or at least enable "click to play" in their browsers so that you know exactly what you're running on your system rather than letting websites play malicious Flash files silently in the background without warning or permission.
Adobe said on Saturday that the newly discovered flaws will be patched sometime next week:

http://www.theregister.co.uk/2015/07/12/adobe_flash_zero_day_cve_2015_5122/

A:TWO MORE Flash zero-days emerge in Hacking Team leak – crims exploit holes

Adobe is on it. Hopefully they'll deliver an update fast.
http://www.zdnet.com/article/adobe-promises-patch-for-latest-wave-of-critical-hacking-team-zero-day-exploits/

20 more replies
Answer Match 49.56%

When backing up to my external hd using WIN7 Action center I am getting a backup failure because MS security Essentials is picking up

Exploit:Java/CVE-2010-0094.DZ

somewhere in a shadow copy. MS Security Essentials removes it but when I try and backup again it reappears.
Any ideas ?
The MS website has no additional info on Exploit:Java/CVE-2010-0094.DZ as far as I can see.
Normal MS SE scan picks up no issues.
 

A:Exploit:Java/CVE-2010-0094.DZ found whan backing up to external hd

Closing duplicate.

Please do not start more than one thread for the same issue.
 

1 more replies
Answer Match 49.56%

AVG keeps on detecting "virus found exploit" with the file extensions of .htm/.html. while in the healing process, it would result in error along in the process...
i dunno what to do but here is the HiJackThis log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 947 PM, on 12/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Hp\HP Software Update\HPWuSch... Read more

More replies
Answer Match 49.56%

Hi, I am new here and found you when searching for above topic (unfortunately that case was closed-unfinished) So I am bringing i´t up again. My security program-Microsoft security essentials found: Exploit:Win32/Pdfjsc.ALC and it was put in carantin. I was told to remove the program immediately, but am unable to do so. I have runned several other scans, such as Malware bytes-Anti malware, Ad-Aware antivirus and a safety scanner from Microsoft and nothing was found. However my computor is very sluggish and I suspect there are something installed that should not be around. What to do next?

A:Exploit:Win32/Pdfjsc.ALC found by my security program, unable to remove it.

Hi Annie,,, Let's see how it is after running these.By the way, an item put in Quarantine can no longer harm your computer.MiniToolBoxPlease download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:Flush DNSReport IE Proxy SettingsReset IE Proxy SettingsReport FF Proxy SettingsReset FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory size.Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.TDSSKillerDownload TDSSKiller and save it to your desktop.Extract (unzip) its contents to your desktop.Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.If an infected file is detected, the default action will be Cure, click on Continue.If a suspicious file is detected, the default action will be Skip, click on Continue.It may ask you to reboot the computer to complete the process. Click on Reboot Now.If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.AdwCleanerPlease download AdwCleaner by Xplode ... Read more

19 more replies
Answer Match 49.14%

I am running Vista home premium with firefox. I have tried Cureit, McAfee, Malwarebytes, manual in safemode, Cureit in Safemode, Malewarebytes in Safe Mode. It always shows clean but when I start up windows it says StService .exe error. Then STLog.dll error. Then Mcafee proceeds to pop up all the files they have "fixed". They're always there and I'm frustrated.
Thank you,
Dana

A:exploit CVE2007-0071, JS/Generic exploit.i, exploit PDF.f, and more

Hello.
I have run Cureit, Malwarebytes, mcafee and they find a clean system but there is obviously some trojans hanging around. I have tried safe mode and normal. At startup, the error: STService.exe unable to locate component. Failed to start because STLog.dll was not found. Then it proceeds to give error MOM.EXE application error. Then I get my trojan error for Exploit CVE2007-071 and the JS/Generic exploit.i error. It follows with internet explorer script error mentioning jl.chura.pl/rc/ (I use firefox and vista home premium)

Thank you in advance!
DDS (Ver_09-06-26.01) - NTFSx86
Run by gingereva at 8:00:44.40 on Tue 07/21/2009
Internet Explorer: 8.0.6001.18783 BrowserJavaVersion: 1.6.0_14
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.3326.2170 [GMT -4:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32&#... Read more

3 more replies
Answer Match 49.14%

Hey guys. As of about a week ago, I'm repeatedly getting an alert on an
Exploit Fake Video Player Type 1750 that's being blocked.
Any idea what this is? Any idea on how to remove it? The constant notification is driving me crazy.

A:Help removing Fake Exploit Video Player Type 1750

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/554230 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

2 more replies
Answer Match 49.14%

I've been having problems on Facebook and playing games for some time now. I get a lot of script errors, and am wandering with the issues I've been having, Does a computer have to have, Adobe Flash player, Real Player, Quick Time, and Windows Media to run properly? I don't have much experiance with these programs, and it seems to me that I have way to many of these programs on my computer and am wandering if one program is clashing with another, which ends up giving me these script errors. Any idea's on this?


Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
Processor: Intel(R) Celeron(R) CPU 2.66GHz, x86 Family 15 Model 3 Stepping 4
Processor Count: 1
RAM: 759 Mb
Graphics Card: Intel(R) 82845G/GL/GE/PE/GV Graphics Controller, 64 Mb
Hard Drives: C: Total - 476929 MB, Free - 442517 MB;
Motherboard: MICRO-STAR INTERNATIONAL CO., LTD, Gamila/Giovani/Neon series
Antivirus: PC Cleaners, Updated: Yes, On-Demand Scanner: Disabled
 

A:Real Player, Adobe Flash player etc

10 more replies
Answer Match 48.3%

My PC's been running wierd for about a week now and in that time numerous infections have been found, quarantined and removed. Last virus scan came back clear 'hooray!'... or so i thought...I use AVG free 8.5 and within the space of 45 mins i have received two seperate threat alerts. The first one was exploit phoenix exploit kit type 1112and the second one was exploit rogue scanner type 1148 The next step was unplugging it and drop kicking it out the window until these threat alerts popped up as it proves the machine is still under the influence of something. Can someone please advise me on the 'whats', 'hows' and 'whens' to restore my PC back to how it should be?Many much thanks in advance!

More replies
Answer Match 48.3%

hello,

i scanned my computer with microsoft securtiy essentials and two things were quarinted, i deleted them but i am not sure if they caused problems to my computer or not. the names of the items were Exploit:Java/CVE-2011-3544.FM and Exploit:Java/CVE-2011-3544.FL. should i download the TSG SysInfo or since they are no longer on my computer, should i skip it.

i just wanted to know more about them and if they have caused any problems. thank you so much in advance.

ps. i was a little nervous to download tsg sysinfo. i am chicken to download certain things to my computer. ive never had a virus before.
 

A:Exploit:Java/CVE-2011-3544.FM and Exploit:Java/CVE-2011-3544.FL found on computer

SysInfo is clean. However, it's not necessary for a virus removal problem. The programs you'd need to download and run are listed here:
http://forums.techguy.org/virus-other-malware-removal/943214-everyone-must-read-before-posting.html

I'd hope that MSE caught the whole infection anyway, but it may be safer to check.
 

2 more replies
Answer Match 48.3%

Hey guys. So I have been having some issues recently. I posted my issue on Reddit, but I will give this site a try since you guys have been more than helpful in the past and way smarter than me! So here it goes:

A few days ago, my browser was unable to reach imgur.com. Usually I browse Reddit with the extension HoverZoom and it doesn’t load images anymore. The site itself doesn’t respond either. I have done the following:

*Restarted router
*Changed to OpenDSN and Google DSN
*Changed browser and device (everything that uses the wireless connection has the problem too. Even the Iphone app)

Im using Chrome on Windows 7

I’m out of ideas, any ideas as to what is going on and how I can fix it?

Thanks in advance!
 

A:Imgur wont load

If all the devices in your home are having this problem, then the problem is with your router.
Turn off your router, so your iphone uses the mobile network. Does that site now work on the iphone?
Try removing Open and Google DSNs from your router config and reboot the router. Test again.
 

1 more replies
Answer Match 48.3%

About half an hour ago, I opened an imgur link and as I scrolled down to the comments, an ad popped up in the bottom right corner of the page. I refreshed several times, and although the ad changed each time, each one was in a window with "ads by ZINC" on top. Sometimes, there are ads for website called en.ilove*.tv (replace* with sports, fashion, etc.) that try to open a pop-up when I hover over them, but are blocked. These ads appear about six times before stopping until I remove individual cookies (I keep a few for websites I visit frequently).

I'm going to run scans with AdwCleaner and the free versions of Avira and Malwarebytes, and I'll report back with results for each scan when they finish. In the meantime, here's a screenshot showing an example of what I'm seeing, and the address for the gallery I'm seeing them on.

Update: AdwCleaner didn't find anything out of the ordinary. I'm going to run a Malwarebytes scan now.

A:Ads by ZINC on imgur...is this normal?

Do you have adblock, or adblock plus? That should help ... also, if you don't pay for imgur, you get the ads!

6 more replies
Answer Match 47.88%

Greetings;. Are these the same thing or two different things.?

A:Adobe flash player Adobe flash player active x

Adobe Flash Player has several variants for different operating systems and browsers and is now on version 11.9.  The active-x variant is used with Windows Internet Explorer.  There is another Windows variant for plugin based browsers, such as Firefox.  There are variants for Mac OS X and Linux, although the last version produced for Linux was 11.2.

1 more replies
Answer Match 47.46%

Hi!
I have an ancient Photobucket account from like 2003 with several hundred images.
After realizing they still downsize pictures even now I want to move my images to imgur ASAP (unless you know a better free image hosting site).

My problem is that I don't know a way to move the images aside from manually copying every image url in Photobucket and then pasting it into the imgur uploader.

Is there a faster way?
 

More replies
Answer Match 47.46%

Up until yesterday i've never had problems viewing images on imgur, all of a sudden last night whenever i try to view an image, it will either come up with google cannot find it, or imgur will load with the little "can't find image" icon in the picture area. If i click on imgur's icon to be taken to the main page, it will tell me i have cookies disabled and need them enabled (i've checked, they're enabled). Also, the thumbnails load for the pictures on the main page of reddit, but they don't work when opened.

I found this article http://forums.techguy.org/networking/1042817-solved-img-hosting-sites-not.html and it's solved, though the person with the issue just had to remove and re-add their network, which i tried. Google didn't bring up much else.
Also, this persists through all of my browsers, it's not just chrome specific. Any ideas?

Edit: I tried it on a different machine on the same network and it doesn't work there either. Has to be a router problem, maybe if an admin sees this they could move it to the networking subforum?
 

More replies
Answer Match 47.46%

Recently I noticed all of my screenshots for the last 10 days have disapeard.  This is further complicated that Imgur has changed/updated their website. So I am not shure what is responsible for what. I think I need a realy experienced Imgur guru for help.Edit: Moved topic from Linux & Unix to the more appropriate forum. ~ Animal

A:Screenshots hosted at Imgur have disapeared.

I prefer tinypic.com, no account needed.

37 more replies
Answer Match 47.46%

Occasionally when I'm using imgur.com or browsing reddit and finding links to imgur, Google Chrome alerts me that the certificate issued is from a.sni.fastly.net, and not imgur.com. The 'https://' in the url is also slashed out. Is my connection being tampered with like it says might be happening or is it something on imgur's end?
 

A:Certificate issued by a.sni.fastly.net instead of imgur?

It may be an image or some kind of link that is not providing the correct information. This would be on imgur side. The HTTPS being crossed out is due to that certificate error.
 

1 more replies
Answer Match 47.04%

Hi all,

I've just purchased an online course for Solidworks which set me back $190. The only thing is that the videos are playing at twice or three times nornal spped on Flash. How can I slow them down to normal speed does anybody know?

God bless,

Phil.
 

More replies
Answer Match 47.04%

All of a sudden I am unable to access these sites (megaupload.com / imgur.com) and possibly many others, yet most other sites work as normal. I have checked my hosts file and it has not been messed with. I ahve tried to ping these sites and receive time out responses. When I try to hit the sites with another computer they load without issue.

I have ran Malwarebytes and it found Trojan.FakeAlert. It asked me to reboot to remove, and it removed it. Doesn't look like its related.

I have ran GMER and it detected rootkit activity. But need expert guidance as I do not know how to read the logs and do not want to make my situation worse.

One of my 2 CPUs goes to near 100% at times for long stretches of time where my computer becomes near unresponsive without any program warranting or showing that kind of CPU activity in the task manager's performance monitor.

I'm on Windows XP SP3. Need help, please advise.

Edit: After near an hour of 100% cpu activity, my cpus came back to normal and now miraculously I am able to browse these sites. Rootkit going into some sort of stealth mode? http://www.virustotal.com is still unresponsive from the infected machine.

More replies
Answer Match 46.62%

Basically I get a BSOD - ndis.sys - triggered by uploading on Imgur and Youtube ONLY using Google Chrome. minidump and other bits and pieces are attached.

A:BSOD - ndis.sys - Triggered by uploading on Imgur and Youtube

Welcome to the Forum.

Please update these older drivers. Links are included to assist in looking up the source of the drivers. If unable to find an update, please remove (un-install) the program responsible for that driver. DO NOT manually delete/rename the driver as it may make the system unbootable!:-

ASACPI.sys Mon Mar 28 08:30:36 2005 (42476C4C)
Asus ATK0110 ACPI Utility (a known BSOD maker in Win7 and Win8). Also a part of many Asus utilities (Win8 versions available from Windows Update as an Optional Update - but check Asus first!)
Driver Reference Table - ASACPI.sys

GizmoDrv.SYS Sun May 18 11:24:02 2008 (482FBD72)
Gizmo Project - Arainia Solutions
Driver Reference Table - GizmoDrv.SYS

AtiPcie.sys Tue May 5 21:00:22 2009 (4A005486)
ATI PCIE Driver for ATI PCIE chipset or [br] ATI PCI Express (3GIO) Filter[br]Found in my ATI video drivers (I have an Intel chipset)
Driver Reference Table - AtiPcie.sys

PxHlpa64.sys Wed Jun 24 05:16:35 2009 (4A416253)
Sonic CD/DVD driver (used by many different CD/DVD programs)
Driver Reference Table - PxHlpa64.sys

L1E62x64.sys Sun Aug 23 11:08:09 2009 (4A90CEB9)
Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller (NDIS6.20)
Driver Reference Table - L1E62x64.sys

Daemon Tools/Alchohol is known to cause BSODs:
How to remove sptd.sys from system
Registry and SPTD problems | DAEMON Pro Help

sptd.sys Mon Oct 12 02:55:14 2009 (4AD24632)
SCSI Pass Through Direct Host - Daemon Tools (known BSOD issues with Win7)
Driver ... Read more

5 more replies
Answer Match 46.62%

Let the debates begin.Reddit topic: https://www.reddit.com/r/techsupport/comments/3m1uwh/malwarebytes_antimalware_mbam_started_blocking/MBAM topic: https://forums.malwarebytes.org/index.php?/topic/173238-malwarebytes-blocking-imgur/

A:Malwarebytes is blocking Imgur links. Which affects Reddit as well.

I would side with Malwarebytes on that one. Patching a vulnerability is one thing, not knowing what caused it and if it's still open to be exploited is another.

4 more replies
Answer Match 46.62%

I'm unable to access dropbox and imgur (from what I've noticed). Neither on my laptop nor my android.
Have tried

Different browsers.
Deleted cache, cookies (ccleaner cleaned basically)
Switched off my modem+router, laptop, android.
What did work was changing my DNS to 8.8.8.8 and 8.8.4.4 (google's DNS) under IPv4 protocols, but I don't really understand why this worked (no technical knowledge, just remembered doing this years back for such a problem).
Anyway, by changing DNS I can access said sites on my laptop, but still my android is unable to connect (Both site & application).
Additionally, I can access both the sites without changing DNS if I use a proxy.
So can you decipher what exactly is the issue and how do I get it fixed?
 

A:Unable to access some sites & their apps (Imgur & Dropbox)

The DNS is a server which looks up the name you type - ie dropbox.com and converts to a number
Domain Name Server

You may have an issue with the ISP DNS or it maybe the router

I would power off the router and switch back on and see what happens
 

2 more replies
Answer Match 46.62%

This is gonna sound stupid but at this point I can't think of anywhere else to go. I simply cannot access imgur.com. I can't load pictures, but I can load .gifs or .gifvs. I cannot view albums. 
 
All I get is a "err_connection_timed_out" when I try to go there. The same thing happens for any imgur links that are not direct i.imgur image links or .gifs. Any other website I have no issues.
 
This has been getting worse through last year. I used to be able to do things like delete the https:// on the start of a link and an image that wouldn't load, now would. I could browse albums, and such freely.
 
This makes using something like using reddit, all but impossible. 
 
The things I have tried to solve this issue are:
Reinstalling Chrome
Used Googles open DNS
Deleted all the imgur related data in the browser
Enabled/disabled all of my firewalls and malwarebytes.
Reset my modem/router
Enabled/disabled all extensions within chrome
Tried flipping the links to .filmot links. 
Using other browsers such as Firefox/IE with same results.
 
 
 
 
 
 
 
 
 
I am on windows 7 home premium. My internet itself works great, I can stream, play online games, etc. Zero issues. It's strictly imgur.com.

More replies
Answer Match 46.62%

Sorry, this might not be the right sub forum to post this but I'm trying to find out if there's any way to locate previously uploaded images on imgur (uploaded without an account), perhaps based on my IP or something like that? I've lost some originals that I'm fairly sure I've previously uploaded off-account. Thanks!

A:[SOLVED] Find previously uploaded imgur images

Buried deep in imgur, every transaction they handle is kept. Unfortunately, they're not going to do a painstaking search for you.

3 more replies
Answer Match 46.2%

QUICK THING BEFORE STARTING
I original posted this to reddit.com in /r/techsupport but soon realized that was fruitless. I am replacing all the links up here so anywhere you see 'here's a link' just ignore it and think I'm a dumbass

Imgur album: http://imgur.com/a/TSj0x#0
D-link stick: http://www.dlink.com/ca/en/home-solutions/connect/adapters/dwa-130-wireless-n-usb-adapter
Laptop: http://www.futureshop.ca/en-ca/prod...spx?path=6c390155f74f95f993fc777f863f2405en02 (not touchscreen)

My problem: My internet connection is not stable and I have tried everything. I stutter when playing games which allows my team to lose and I can't have a skype conversation because people cut out every 10-15 seconds.
Computer Specs: I don't have a great laptop, to put it blunt. Here is the link to it on future shop. It says windows 8, but I have windows 7 running on this.

What I've done: The wifi card in the laptop is terrible, it is the worst. So I went out and bought This . The first thing I tried was connecting both the original wifi on my laptop and the d-link stick to the wifi. It didn't help. So I used only the stick and it got a bit better, but ultimately it is still unusable. I have tried other things like deleting cookies and what not, but they're not the problem. Here is the link to the stick specs

The router: Here is where I think the problem lie. My router Seen here . Is positioned right here . Could the interference from the Tv signals ... Read more

A:Very unstable internet. Full imgur album and specs inside

6 more replies
Answer Match 46.2%

For the past two weeks this weird problem has gotten both weirder and worse. First I'd get the lock screen "your connection is not private" and I could click advanced and proceed. Telling me the SSL from cloudflare was unable to be verified. 
 
I've googled the crap out of this problem and I just get general "SSL certificate fixes" None of which have solved the problem. If I load the image as straight imgur.com image link ,it will load just fine.
 
Now the problem has evolved further to the point where it just straight refuses to load the image telling me the same error and giving me a windows box to detect problems with my network connection instead of letting me "proceed" or letting me click the little lock with the red slash through it and say "stop using an invalid certificate" 
 
It's not a virus or trojan, or browser hijacker as it's 100% isolated to imgur. Their tech support have blatantly ignored me and won't answer my quires about it, instead just closing the ticket.

More replies
Answer Match 45.78%

http://www.adobe.com/support/security/bulletins/apsb11-21.htmlAffected software versions Adobe Flash Player 10.3.181.36 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems Adobe Flash Player 10.3.185.25 and earlier versions for Android Adobe AIR 2.7 and earlier versions for Windows, Macintosh, and AndroidTo verify the version of Adobe Flash Player installed on your system, access the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe (or Macromedia) Flash Player" from the menu. If you use multiple browsers, perform the check for each browser you have installed on your system.To verify the version of Adobe Flash Player for Android, go to Settings > Applications > Manage Applications > Adobe Flash Player 10.x.SolutionAdobe recommends all users of Adobe Flash Player 10.3.181.36 and earlier versions for Windows, Macintosh, Linux and Solaris upgrade to the newest version 10.3.183.5 by downloading it from the Adobe Flash Player Download Center.Windows users and users of Adobe Flash Player 10.3.181.16 or later for Macintosh can install the update via the auto-update mechanism within the product when prompted.http://www.adobe.com/support/security/bulletins/apsb11-19.htmlAffected software versionsShockwave Player11.6.0.626 and earlier versions for Windows and MacintoshSolutionAdobe recommends users of Adobe Shockwave Player 11.6.0.626 and earlier versions upgrade to the newest version 11.6... Read more

More replies
Answer Match 45.36%

So the other day my browser was being redirected when clicking on my search results. The browser would also shut off automatically. I downloaded MalwareBytes, AVG and SuperAnti Spyware the only thing they found was Exploit.PDF. Now the AVG components have been removed, so nothing is running that can really protect me, Ive run Highjack this so i have the log files for that. I can log into windows in normal mode, i can browse the internet, after "removing" Exploit.PDF the browser re-direction has been reduced but still occurs as well as shutting down firefox.Any help would be great. ThanksEdit: Moved topic from XP to the more appropriate forum. ~ Animal

A:Found Exploit.PDF, browser re-directing, browser closing automatically, AVG components stopped

I would try installing Avira Free, updating same...then running a complete scan.http://www.softpedia.com/progDownload/Anti...nload-6527.html Click on the Softpedia Secure Download (US) button.Although Malwarebytes is a good tool, it cannot find/remove everything that might cause such problems (IMO).Louis

2 more replies
Answer Match 45.36%

I typically use AVG to scan for viruses and have had a virus for a couple months without being able to get rid of it. The file path is

C:\documents and settings\all users\application data\symantec\norton antivirus corporate edition\7.5\APTemp\AP2.htm

The result message says "Virus found Exploit - infected" but AVG is unable to remove this virus.

I get 1 other result with AVG - C:\\WINDOWS\system32\kernal32.dll - result: Change - Status: Changed

My computer has been running slower and somewhat "choppy" since I got this virus. I also recently had problems booting up.

Here's a summary of the 5 steps when I went through them:

1. Add/remove programs - nothing found that needed to be removed
2. Panda ActiveScan - Report is attached
3. Spyware Blaster - couldn't run this, got an error message stating "Cannot find import; DLL may be missing, corrupt, or wrong version File "MSVBVM60.DLL" error 126. I tried unistalling and re-downloading from a different site, with the same results.

IE-Spyad - downloaded but couldn't install/run - all of the files that I unzipped were text files, nothing to run.

4. I have SP2 - all critical updates have been installed.
5. Deckard's Scan - main text is below, extra.txt is attached.

Deckard's System Scanner v20070826.66
Run by Administrator on 2007-08-29 17:29:24
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System R... Read more

A:"Virus Found: Exploit" when scanning with AVG - computer slow

-Bump

19 more replies
Answer Match 45.36%

Once you have setup your named groups in the Start Menu is there a way to sort them alphabetically? Also, can you sort each item with a group as well?

Thanks!

More replies
Answer Match 45.36%

I just finished cleaning up my sister's computer and decided that I should run scans on mine. Norton Antivirus shows no infections, however etrust anitvirus and panda activescan show infections. Don't want to mess things up by just deleting files. Here is my HI Jack this log and the logs from the two virus scanners.

Logfile of HijackThis v1.99.1
Scan saved at 11:26:50 AM, on 9/5/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINNT\System32\CTsvcCDA.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINNT\wanmpsv... Read more

A:Found Java/ByteVerify!exploit & Java/Shinwow.AB on computer

Oops, forgot to add that I've been having IE crashes every now and then.
Thanks again!

12 more replies