Anna_noyed

Thanks exile for the reply, Ill post the java box that poped up what does this mean ? what is this telling me :::::::::::: security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio. security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.javaws security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.javaws security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.javaws,com.sun.deploy security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.javaws,com.sun.deploy security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.javaws,com.sun.deploy,com.sun.jnlp security: property package.definition value null security: property package.definition new value com.sun.javaws security: property package.definition value com.sun.javaws security: property package.definition new value com.sun.javaws,com.sun.deploy security: property package.definition value com.sun.javaws,com.sun.deploy security: property package.definition new value com.sun.javaws,com.sun.deploy,com.sun.jnlp security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.javaws,com.sun.deploy,com.sun.jnlp security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.javaws,com.sun.deploy,com.sun.jnlp,org.mozilla.jss security: property package.definition value com.sun.javaws,com.sun.deploy,com.sun.jnlp security: property package.definition new value com.sun.javaws,com.sun.deploy,com.sun.jnlp,org.mozilla.jss basic: Added progress listener: sun.plugin.util.ProgressMonitorAdapter@63a8af network: Connecting hxxp://www.beipwas.c...rybMzoavb.class with proxy=DIRECT network: Connecting hxxp://www.beipwas.com:80/ with proxy=DIRECT Java Plug-in 10.2.0.13 Using JRE version 1.7.0_02-b13 Java HotSpot™ Client VM User home directory = C:\Documents and Settings\SurfSafe ---------------------------------------------------- c: clear console window f: finalize objects on finalization queue g: garbage collect h: display this help message l: dump classloader list m: print memory usage o: trigger logging q: hide console r: reload policy configuration s: dump system and deployment properties t: dump thread list v: dump thread stack x: clear classloader cache 0-5: set trace level to <n> ---------------------------------------------------- network: Connecting hxxp://www.beipwas.c...rybMzoavb.class with proxy=DIRECT network: Connecting hxxp://www.beipwas.com:80/ with proxy=DIRECT basic: Applet loaded. basic: Applet resized and added to parent container basic: PERF: AppletExecutionRunnable - applet.init() BEGIN ; jvmLaunch dt 3049243 us, pluginInit dt 4860685 us, TotalTime: 7909928 us network: Connecting hxxp://www.beipwas.c...twgpXrepz.class with proxy=DIRECT network: Connecting hxxp://www.beipwas.com:80/ with proxy=DIRECT network: Connecting hxxp://www.beipwas.com/053/217.php with proxy=DIRECT network: Connecting hxxp://www.beipwas.com:80/ with proxy=DIRECT basic: Applet initialized basic: Starting applet basic: completed perf rollup basic: Applet made visible basic: Applet started basic: Told clients applet is started :::::::::::::::::::::::::::::::::::::::::::::: is that anything I should worry about ? what is this telling me ??? How is this connected to that exploit.drop9????? thanks in advance

I when to a site that I guess was posiioned and MB pop up and stated it stopped loading page and catutured this Exploit.drop9, now as I was telling MB to quaretine it my java poped up and leftsome comandes on it... If Im allowed to post it I will... just dont want to break rules and such, so tell me I can and I will... any who, it looks like it alot of words string with ending of " Proxy = Direct" Now I dont surf on an admin account, so nothing can install, or shouldnt [ i could be wrong] correct me if Im wrong [my websurf account has the premission of a child [limited] O/S =XP Now do to have had some mean happi scrappy redirct bug, that I fixed and cleaned [ easy peezy - read my other thread] I did not have any plugins outside of adobe stuff any ideas on what it could be ??? I removed java from my browsers, and while there it look like Microsoft foundation wanted to be updated too in FF, which I have disabled. any way, any ideas... FYI it doesnt seem that my PC is having problems now and MByte gave an all clear... Should there be something to look out for ??

ok depends on the day for me... today was Hawaiian station 105 - wish I could speak the lauguage http://streaming.hawaiian105.com/_players/coxradio/index.php?callsign=KINEFM peace all and thanks for the ear and share

Update and [maybe]solution [time will tell]While I ran this software and Micro and super anti... in that time, I surfed on FF, since chrome was redircting me everywhere, and after a while, gues what FireFox got it too... and the redirects where to the same IP bounce sites. Now that extention in FireFox was called "performance cache 1.0" by Identity ltd. that too if I deleted it from extention would pop back in the list when I restarted my FF browser. GRR So solusion In chrome >> settings >>> Personal stuff >>> delet this user >>> [yes] when I did that all extensions and setting where deleted. I closed browser cleaned drive, open FF removed/deleted performance and it too stayed gone ... and so far that "default" hasnt come back, well that is what I have found to work. I'll post if it comes back and if you ask Ill post that redirect string, I did find it[the string] posted on a maleware connect page with a list of bad yuk - about 8 things that where trogen assosated that the page from the redirect... But I only have one extention, and redirects are "ask me first" setting so that may be why I did not get infected [??] It is the only reason I found that extention, it was the second one in my list... not hard to find. well I hope this help someone else, and that my wasted day from some POS laying maleware eggs on the net allowed me to meet you all, and maybe help some one .

1.) Thanks bunches for replying back 2,) Maleware says im not infected and Micro Essensial too agrees. --question: Can I have both running in the background protecting or what ?? do I turn off one or the other ??? can it cause issues with two of the same programs working at the same time... or something on that line ?????? 3.) I think it is a Browser Highjack, seem [ reading on this board] many others too. --- but I only have browser problem - search engine redirect - I locaded it to Default Extension1.0 (unpacked) ---- I posted in this forum to see how a.) can I delet this offending redireing chrome extention and b.) would malewarebyte find bad extentions ????? PS sorry I did not mean to seem to be bumping thread, I wanted to add PS to the OP but there was not edit to the OP. ---------- FYI Forum Mod called [prevent Double Posts] that would stop double posts and you would not have to allowed edit still.

PS. I tryed doing a flash scan, [trial] and my PC shut down and restarted with a chndk check not sure what that was about.

help, me plz... this" Default Extension1.0(Unpacked)" is in my chrome extentions, i can delet it when i do it returns upon restart of chrome . So I deleted chrome, wipe the free drive, waited a week and then install chrome again... not there... a week later its back... in the extentions list. and again cant delete It highjackes any google search pages links, messes with typing, so I came here to use this software , did not find anything... and yet it is still there. so it seem this is just something in chrome, and no where else ??? according to malwarebyts, but it cant find that its [pc/chrome] is doing something wrong When I try to shut down the PC rundll32.exe has to be forced to close so to shut down. ​i use micr essentialls - can i run both at same time or do i shut down one for the other ? any help plz would be great