Isn't that because you got your copy from a 3rd party site instead of downloading from one of the adobe installer packages?
I just checked mine and it doesn't have that account unknown thing.
Well shit. I was doing some actual digging on my Flash.ocx because I always took it as is. The fact is I obtained it two weeks after Flash officially shutdown. From a site that held so many "clean variants" it was unreal. For those wondering, no its all gone now they removed the files from their servers shortly after for safety/EoL.
The problem I have is this....
Now this maybe normal...................but I honestly don't know enough to tell if someone has written a bd via redirecting the OCX server/etc...
I cannot by default remove the user account until disabling inherited permission.
NOTE: this is permissions on the HKEY_CLASSES_ROOT\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}
or maybe in your case:________HKEY_CLASSES_ROOT\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}
Please help me understand if you do. I have an uneasy feeling, as I've never ran into any problems except for the first ocx to register becoming undeletable even via separate OS. Let me know, because if so the bad file will need to go :/ genuinely sorry if this is the case,
@meme If I'm way wrong and its some default account/etc please let me know asap, stupid flash.
Edit: nvm I can't even touch the original Reg settings permission denied.
Edit 2: lol I selected the wrong reg smh I removed the account from both of my registries.
Edit 3: I suppose we could just teach users to remove the account right after install:
This could be added to the end of the Flash Fix Thread.
NEEDED REMOVAL BELOW DON'T SKIP
Extra Security Steps:
1: Download This program (32-bit) will require some scrolling.
2: Open the program as administrator.
3: Find the registered Flash.ocx in the list, click on it.
4: Below under Class ID there should now be two options
5: Right-click the top one and choose "open in regedit"
6: Now another program should open and have a panel with tons of numbers and letters on the left.
7: Look for the two that match your Flash.ocx Class ID. Note: It should be rather easy one should already be highlighted.
8: You need to right click on them in the lefthand panel of regedit and choose permissons...
9: Next click Advanced
10: At the bottom left choose Disable Inheritance and then confirm that's what you want.
11: Now find the Unknown-Account user and click on them
12: In the bottom left choose Remove
13: Once the user disappears save the permission settings
14: Do steps 8-13 again for the other Class ID listed
15: You MUST do this for both or its pointless.
16: THESE STEPS AREN'T REQUIRED PER SAY BUT I WOULDN'T LEAVE IT AS IS.
I'm unsure think it may just be a windows thing to be honest. Still I removed it.
Last edited by IfOnlyYouKnew; 02-22-2022 at 10:50 AM.
Isn't that because you got your copy from a 3rd party site instead of downloading from one of the adobe installer packages?
I just checked mine and it doesn't have that account unknown thing.
The Cash Must Flow
Looks like it's just the user of the person who released the Flash file, like if you removed an account on Active Directory but they still had ownership over a file. I think it shows like that because Windows can't locate the user information, because it's located on the other person's PC.
Don't think it's a problem.
IfOnlyYouKnew (03-10-2022)
I know this is late but....for anyone wandering about the 50+ flags on the akamaized.net Domains.
They are verified to be used by Microsoft. https://answers.microsof*****m/en-us/...0-897d71d9a78b
Because if you look on your own this is what you see and it may look unsafe but shouldn't be.
See I'm still having trouble believing it's safe......I DONT TRUST FLASH.....Communicating Files
Scanned Detections Type Name
2022-05-10
53
/ 69 Win32 EXE snmptrap.exe
2022-05-07
60
/ 68 Win32 EXE csrss.exe_
2022-05-04
0
/ 66 Win32 DLL osbaseln.dll
2022-05-09
56
/ 69 Win32 EXE dmadmin
2022-04-07
62
/ 68 Win32 EXE lujset.exe
2022-03-04
63
/ 70 Win32 EXE IcVsBsWXYrktdCh9iWT5pOoa4TviBVQwfoYRw-m6_7AqYOHZBw2Ve8fFNklZOBxwkig5ceknUBjYcO6WlaR5tNBv wGRVKy0dT201m89ViCRJ6oPDufgM7Zem1EGU69L2?sbb=y04Qj bBh59ekOaaibcMh9waeCOpuACBwHVmgWthaz6draTYu60wAsvh gXS8ge8V9EvJaKGj8JBRYtw72ZwD1p7nhToBWJf6Epo
2022-05-12
46
/ 69 Win32 EXE minidumper.exe.tmp
2022-05-03
58
/ 69 Win32 EXE Uploading.exe
2022-03-04
39
/ 70 Win32 EXE PIC00771
2022-04-09
2
/ 68 Win32 EXE 00001160dff7c6f7db07a267fc3f6b034dcba1a0b3c0ee09e2 4297bf30624aa4.file
2022-04-04
57
/ 70 Win32 EXE clt0wakuc.dll
2022-05-11
0
/ 67 Win32 DLL smjt542ui
2022-04-14
54
/ 70 Win32 EXE 0000168b62a47fd2a418490547019f5ba14d2e1b92e7a35257 031313a0121e66
2022-05-10
51
/ 66 Win32 EXE vt-upload-8FNPv
2022-02-11
0
/ 64 Win32 EXE monitor.exe
2022-03-02
61
/ 72 Win32 EXE cup.exe
2022-05-07
43
/ 67 Win32 EXE 4f5309d50611f200d0169c901c3fff53.virus
2022-05-03
58
/ 69 Win32 EXE firseria_setup.exe
2022-05-09
52
/ 69 Win32 EXE 00001c7808ffd8b0cfad4e26126e7b5f06d5306f84e9c831f2 ba2d621fd4dc4b
2022-05-11
52
/ 69 Win32 EXE 19091499
================================================== ==================
Files Referring
Scanned Detections Type Name
2022-05-12
21
/ 61 Win32 EXE 3.tmp
2022-05-12
28
/ 66 Win32 EXE B9A1.tmp
2022-05-12
57
/ 69 Win32 EXE file250_bxvbdx.sys
2022-05-12
3
/ 68 Win32 EXE bea46500682076b7b477d4538b4be1df86c36c0df4f86c807e c97355b4493102
2022-05-12
3
/ 59 JavaScript unknown
2022-05-12
55
/ 69 Win32 EXE 368d417f9dc3ca43dbdb7696e53aa39144e60cd9ded79031c1 f8e03c84c93a39
2022-05-12
55
/ 69 Win32 EXE f2b69af377f8f7593a419cc00b2eac8e.virus
2022-05-12
56
/ 69 Win32 EXE ea88dc8477d142f8b6e5ba0b3a505.virus
2022-05-12
58
/ 69 Win32 EXE bf6d2bcbd92b4e8b5612ecf067b21667.virus
2022-05-12
31
/ 69 Win32 EXE bf155c05ff4588e05ca7eeab5f06f1fb7e8063cf722fac7c2b 682930d49777d4
Based on what this site says about this Domain and Siblings.Jason, Akamaized.net is a dubious site and is not in any way connected to Akamai.
Yet safe????? I may be done here soon with flash actually. In which case if I decide to do, I'll compile and release what I have Source-Code wise for anyone "Willing" to keep swimming in the ocean. As for me, I don't like seeing the 50/50 information. I also have had someone near me get information stolen, granted they may just have gotten some malware by not being good with computers :/
Well I guess the question is ...
...no question....safe enough I guess....but I still might be done soon.MarkMonitor is what Facebook, Google, Apple, Microsoft and other huge companies use. They don't take small accounts, though. Google is a registrar themselves... Do you mean they use someone else for their own domains?
Just to clarify I'm 90% certain its just Microsoft using the third party servers and REGISTRARS and you should be just fine . I'm just leaving this information out and about because I get mixed answers online yet Microsoft answers says its safe and etc. and based on my research a lot of bigger companies use akamai related linking and servers.
Last edited by IfOnlyYouKnew; 05-12-2022 at 04:34 PM.
Contributor: March 14'th, Minionforce: March 15'th, Minion Plus: May 30'th, Former Staff: September 9'th, 2023
Coding Hobbyist | - Current Activity | BattleOn | RotMG |
Want to make my life better? <3 BTC: 3JoQRjwK28DVGTzL4mYkpjHRBeoFwNFVe7