Results 1 to 7 of 7

Thread: Am I Infected by Adobe Flash update?

  1. #1
    oldnews Guest

    Default Am I Infected by Adobe Flash update?

    I too have this malware. I believe it came through a recent Adobe Flash update. ZA called it "Medium" threat, but instructions say all the scary stuff about how it can take over your computer, etc., etc. So far I have experienced no slow down or unresponsive programs. It just keeps turning up in my quarantine, I keep deleting, etc. and the next day it reappears.

    I recently tried deleting, then scanning with Malwarebytes, then manually turning off system restore, rebooting, and turning it back on again. But the next day there it was again. I am wondering if the instruction to reboot your computer or the software will not install (after the ZoneAlarm scan) is new and perhaps a part of the virus syndrome. I don't remember being instructed to reboot after previous scans. It certainly does behave like a reinfection.

    Like previous writer, I also am unable to update my version of ZASS from 7 to 9 (ZA says because I missed a version when I was not using this computer, it's first necessary to uninstall 7, save settings, reinstall, apply settings, etc., etc - way beyond me - and my tech is not calling me back so may be out of town.

    Wondering if I should try working through one of the other download suggestions myself...and how much danger I'm in just waiting a day or two. Also whether it matters if computer is on or off or what I do with it while waiting for his return. And whether I should change my Adobe program controls. I am not sufficiently skilled to remove parts of these - nor would I know which ones are essential to the working of the software.

    Thanks...

    For the record I have a Dell laptop,running XP, use IE, and as noted above, have all kinds of Adobe programs on my computer. I believe though it was a FLASH update I clicked on and this is what I am seeing elsewhere on the WWW when I research this particular virus.

  2. #2
    naivemelody Guest

    Default Re: Am I Infected by Adobe Flash update?

    oldnews, it is always adivisable to explain the specific/ details of any particular issue. Your using old 7.0 ZA Suite which has both av and anti-spy:
    - which exact vesrion of 7.0xxx?
    - which detection the anti-virus or anti-spy?
    - always list the name of the detection/ suspected malware and the file path it was found in - then check ZA Form to find if others have had it - sometimes they are false positives ( I've seen false positives on other Adobe updates before in this forum) [as soon as first detection - always write down 'all' info provided.]
    - XP SP2 or XP SP3? better to have SP3
    - IE 7 or 8? better to upgrade to IE8

    > Adobe Flash Player 10.45.2 - click here > http://forums.zonelabs.com/showthread.php?t=73124

    > New Security Update Bulletin for Adobe Reader/ Flash > http://www.adobe.com/support/securit...apsb10-08.html

    > if you believe you are really infected - click here > http://forums.zonelabs.com/showthread.php?t=70448

    (my guess is you have a false positive; but we'll have to wait to you post back with more details)
    __________________________________________________ _____
    NaiveMelody NYC - 3-3-10 - Ain't Nothing Like The Real Thing - Marvin Gaye & Tammi Terrell

  3. #3
    oldnews Guest

    Default Re: Am I Infected by Adobe Flash update?

    Thanks very much...

    Here is my version of ZASS:
    ZoneAlarm Security Suite version:7.0.483.000
    TrueVector version:7.0.483.000
    Driver version:7.0.483.000
    Anti-virus engine version:3
    Anti-virus SDK version:5.0.1.85
    Anti-virus signature DAT file version:1013153301
    Anti-spyware engine version:5.0.189.0
    Anti-spyware signature DAT file version:01.201002.7175
    AntiSpam version:5.0.6.8903

    Here is location:
    c:\windows\system32\macromed\Flash\FlashUtil10d.ex e

    I did absentmindedly click on the Adobe Flash updater recently. But it looked legitimate. I stopped the download because I hadn't meant to do it then.

    Name of is Win32.KSTP. It shows up as "infection" medium severity, turns up in spyware quarantine, I believe, though unfortunately, I just deleted it so can't doublecheck.

    I have found another thread on this forum for KSTP also associated with Flash and involving someone running an older version of ZA. Also one reference by someone in France, also Adobe related, appears on WWW. No Trojans of this name appear on any official lists I could find.

    Now that a guru has said it isn't necessary to save my settings, I guess I feel more confident about uninstalling version 7 and installing version 9. Assume this can be done just by going through the usual program controls from START menu? And nothing further needs to be done to my Adobe files?

    One more clarification: I did scan the whole C drive with Malware bytes and no infection showed up.

    Thanks again for your help.

  4. #4
    naivemelody Guest

    Default Re: Upgrading 7.0 to 9.1

    No, you can't just use the 'add/ remove' method, please see/ click here:

    > http://forums.zonelabs.com/showpost....59&postcount=6

    ...Before you Uninstall your current ZA, UNcheck "Load ZA... at startup" (under Overview - Preferences tab)

    3. Reboot/ restart the Computer. So that vsmon.exe/TrueVector will be removed from Memory

    4.) Now use the new ZoneAlarm Removal Tool: Click here > http://download.zonealarm.com/bin/fr...cpes_clean.exe
    ...continues...


    To download latest version ZA Suite 9.1.008 > http://download.zonealarm.com/bin/fr...seHistory.html

    The new version will be different to your old version; 'you can find info' on all changes thru out this forum and elsewhere- do not be alarmed .
    __________________________________________________ ______
    NaiveMelody NYC 3-3-10 - We Can Work It Out - The Beatles
    Last edited by naivemelody; March 3rd, 2010 at 10:14 PM.

  5. #5
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,290

    Default Re: Am I Infected by Adobe Flash update?

    Quote Originally Posted by oldnews View Post
    Name of is Win32.KSTP. It shows up as "infection" medium severity, turns up in spyware quarantine, I believe, though unfortunately, I just deleted it so can't doublecheck.
    It is a false positive, i.e. wrong detection of a harmless file. This is because the standalone antispyware engine in ZA 7 has been phased out and does not get anymore updates.

    New ZA 9 has a unified antivirus/antispyware engine, lighter and faster
    Try to keep your ZA always update and active. Also remove any other security tool installed before proceeding with the upgrade.

    Cheers,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  6. #6
    oldnews Guest

    Default Re: Am I Infected by Adobe Flash update?

    Thank you both. Will do as instructed.

  7. #7
    oldnews Guest

    Default Re: Am I Infected by Adobe Flash update?

    Thanks again to all for your advice. I have updated and scanned and ZA found one virus...but a real one this time. The ersatz bug did not show up.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. New Adobe Flash Player 10.0.45.2 and Reader
    By naivemelody in forum Off-Topic
    Replies: 0
    Last Post: February 12th, 2010, 09:59 PM
  2. Adobe Flash Player version 10.0.12.36
    By avon in forum Off-Topic
    Replies: 14
    Last Post: November 11th, 2008, 11:16 AM
  3. Adobe Flash Player links
    By jiaiello in forum General - Questions that don't fit any other category
    Replies: 2
    Last Post: June 1st, 2008, 05:46 AM
  4. ZA and Adobe Flash...
    By timfxf in forum General - Questions that don't fit any other category
    Replies: 0
    Last Post: February 25th, 2008, 08:55 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •