Tech Problem Aggregator

Solved: Getting Security Alert - Certificate Pop Up when visiting Webpages - Malware?

Q: Solved: Getting Security Alert - Certificate Pop Up when visiting Webpages - Malware?

I keep getting a Security Certificate Alert Popup when using Internet Explorer and a webpage loads. The options are Yes/No/Cancel. It seems like I have some sort of malware/adware installed as there are some weird ads appearing on the page. How can I remove the malware/adware?

Here is the Hijack this log:

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:21:11 AM, on 3/6/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Users\Owner\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Owner\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.com/?fr=hp-avast&type=agc511
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo.com/yhs/search?type=agc511&hspart=avast&hsimp=yhs-001&p={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/?fr=hp-avast&type=agc511
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.com/?fr=hp-avast&type=agc511
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo.com/yhs/search?type=agc511&hspart=avast&hsimp=yhs-001&p={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/?fr=hp-avast&type=agc511
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O2 - BHO: fastusalEr - {e5305bce-05d9-45f5-b93d-fa8231003e60} - C:\Program Files (x86)\fastusalEr\pffwGjxvPBZNeo.dll
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [FUFAXRCV] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
O4 - HKLM\..\Run: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000003] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJHE.EXE /EPT "EPLTarget\P0000000000000003" /M "WF-3540 Series"
O4 - HKCU\..\Run: [Super Optimizer] C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_72163ED846C662263823BD18C10D98A7] "C:\Users\Owner\AppData\Local\Vosteran\Application\vosteran.exe" --auto-launch-at-startup --profile-directory="Default"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:/PROGRA~3/{90DA7~1/171~1.0/teco.dll

O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)

O23 - Service: EPSON V3 Service4(05) (EPSON_PM_RPCV4_05) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)



--

End of file - 8847 bytes















  • Sponsor






















  • flavallee




    flavallee
    Frank
    Trusted Advisor




    Joined:

    May 12, 2002



    Messages:

    69,387










    HiJackThis doesn't work or display properly with a 64-bit version of Windows, so your log is pretty much useless.



    -----------------------------------------------------------



    Go http://www.bleepingcomputer.com/download/adwcleaner/" target="_blank" class="externalLink" rel="nofollow">here, then click the large blue "Download Now @ Bleeping Computer" button to download and save AdwCleaner.exe to your desktop.



    Close all open windows first, then double-click AdwCleaner.exe to load its main window.



    Click the "Scan" button, then allow the scanning process to finish.



    Click the "Logfile" button.



    When the log appears, save it.



    Return here to your thread, then copy-and-paste the ENTIRE log here.



    -----------------------------------------------------------













  • flavallee




    flavallee
    Frank
    Trusted Advisor




    Joined:

    May 12, 2002



    Messages:

    69,387










    AFTER you complete post #2, do the following.



    ----------------------------------------------------------



    Download and save and then install the free version of SUPERAntiSpyware 6.0.1170



    Make sure to update its definition files during the install process.



    Make sure to uncheck and decline to install any extras, such as toolbars and homepages, it may offer.



    Make sure to uncheck and decline to use the "Pro" or "Trial" version, if it's offered.



    After it's installed and updated, DON'T do anything else with it yet.



    ----------------------------------------------------------













  • bigredo



    bigredo
    Thread Starter




    Joined:

    Mar 6, 2015



    Messages:

    4










    Thanks Frank! Below is the Adwcleaner that I ran. I also installed SuperAntiSpyware and updated the definitions and did not do anything else with it (per your instructions):



    # AdwCleaner v4.111 - Logfile created 06/03/2015 at 12:16:18

    # Updated 18/02/2015 by Xplode

    # Database : 2015-03-05.1 [Server]

    # Operating system : Windows 7 Home Premium Service Pack 1 (x64)

    # Username : Owner - OWNER-PC

    # Running from : C:\Users\Owner\Downloads\AdwCleaner.exe

    # Option : Scan



    ***** [ Services ] *****



    Service Found : APNMCP

    Service Found : {29b8df85-56af-474f-9022-e376793679f9}Gw64

    ***** [ Files / Folders ] *****

    File Found : C:\Users\Owner\AppData\Local\Temp\DriverSupport.exe
    File Found : C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vosteran.lnk
    File Found : C:\Windows\System32\drivers\{29b8df85-56af-474f-9022-e376793679f9}Gw64.sys
    Folder Found : C:\Program Files (x86)\aappsavee
    Folder Found : C:\Program Files (x86)\AskPartnerNetwork
    Folder Found : C:\Program Files (x86)\buYYfast
    Folder Found : C:\Program Files (x86)\dollairsaver
    Folder Found : C:\Program Files (x86)\Dollarssaever
    Folder Found : C:\Program Files (x86)\Driver Support
    Folder Found : C:\Program Files (x86)\fastusalEr
    Folder Found : C:\Program Files (x86)\nitrrodEal
    Folder Found : C:\Program Files (x86)\oafferssale
    Folder Found : C:\Program Files (x86)\oofferDeal
    Folder Found : C:\Program Files (x86)\ooffersale
    Folder Found : C:\Program Files (x86)\prizecOUponn
    Folder Found : C:\Program Files (x86)\rocckeTaSaLLe
    Folder Found : C:\Program Files (x86)\roccKetsale
    Folder Found : C:\Program Files (x86)\rocucuketsaLe
    Folder Found : C:\Program Files (x86)\Solution Real
    Folder Found : C:\Program Files (x86)\Super Optimizer
    Folder Found : C:\Program Files (x86)\WSE_Vosteran
    Folder Found : C:\ProgramData\22a16ff26053c4da
    Folder Found : C:\ProgramData\2495398755328836826
    Folder Found : C:\ProgramData\apn
    Folder Found : C:\ProgramData\AskPartnerNetwork
    Folder Found : C:\ProgramData\Driver Support
    Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
    Folder Found : C:\ProgramData\roCckeetsaluE
    Folder Found : C:\ProgramData\shoppi
    Folder Found : C:\ProgramData\shoppi
    Folder Found : C:\ProgramData\shopshop
    Folder Found : C:\ProgramData\Yahoo! Companion
    Folder Found : C:\Users\Owner\AppData\Local\AskPartnerNetwork
    Folder Found : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
    Folder Found : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdphflffppgmeoeoiohflnbdidnbggo
    Folder Found : C:\Users\Owner\AppData\Local\Temp\apn
    Folder Found : C:\Users\Owner\AppData\Local\Temp\Solution Real
    Folder Found : C:\Users\Owner\AppData\Local\Vosteran
    Folder Found : C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Driver Support
    Folder Found : C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vosteran
    Folder Found : C:\Users\Owner\AppData\Roaming\WSE_Vosteran

    ***** [ Scheduled tasks ] *****

    Task Found : Driver Support-RTMRules
    Task Found : Driver Support-RTMScan
    Task Found : Driver Support-RTMUpdater
    Task Found : WSE_Vosteran

    ***** [ Shortcuts ] *****
    ***** [ Registry ] *****

    Key Found : HKCU\Software\APN PIP
    Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Found : HKCU\Software\AskPartnerNetwork
    Key Found : HKCU\Software\CoinisRS
    Key Found : HKCU\Software\DriverSupport
    Key Found : HKCU\Software\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce
    Key Found : HKCU\Software\InstallCore
    Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
    Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\delta.com
    Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\homelandstores.mywebgrocer.com
    Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mywebgrocer.com
    Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ohsweetbasil.com
    Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
    Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.ask.com
    Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.delta.com
    Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{274b66fa-c6b8-4e04-9602-fce9f364ed3a}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{495daa7b-0a2a-4db3-b821-d603d62ed053}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{cce631db-ebeb-4c99-a0d9-e95e30e67a4a}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{e0ccffbc-c29a-46fc-bd5c-fa3be01202b5}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{e5305bce-05d9-45f5-b93d-fa8231003e60}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{274b66fa-c6b8-4e04-9602-fce9f364ed3a}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{495daa7b-0a2a-4db3-b821-d603d62ed053}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{cce631db-ebeb-4c99-a0d9-e95e30e67a4a}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{e0ccffbc-c29a-46fc-bd5c-fa3be01202b5}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{e5305bce-05d9-45f5-b93d-fa8231003e60}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DriverSupport
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran
    Key Found : HKCU\Software\Solution Real
    Key Found : HKCU\Software\Super Optimizer
    Key Found : HKCU\Software\Vosteran
    Key Found : HKCU\Software\Vosteran Browser
    Key Found : HKCU\Software\WSE_Vosteran
    Key Found : [x64] HKCU\Software\APN PIP
    Key Found : [x64] HKCU\Software\AskPartnerNetwork
    Key Found : [x64] HKCU\Software\CoinisRS
    Key Found : [x64] HKCU\Software\DriverSupport
    Key Found : [x64] HKCU\Software\InstallCore
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
    Key Found : [x64] HKCU\Software\Solution Real
    Key Found : [x64] HKCU\Software\Super Optimizer
    Key Found : [x64] HKCU\Software\Vosteran
    Key Found : [x64] HKCU\Software\Vosteran Browser
    Key Found : [x64] HKCU\Software\WSE_Vosteran
    Key Found : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    Key Found : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
    Key Found : HKLM\SOFTWARE\AskPartnerNetwork
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{274b66fa-c6b8-4e04-9602-fce9f364ed3a}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{495daa7b-0a2a-4db3-b821-d603d62ed053}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{cce631db-ebeb-4c99-a0d9-e95e30e67a4a}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{e0ccffbc-c29a-46fc-bd5c-fa3be01202b5}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{e5305bce-05d9-45f5-b93d-fa8231003e60}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
    Key Found : HKLM\SOFTWARE\Classes\P274b66fa_c6b8_4e04_9602_fce9f364ed3a_.P274b66fa_c6b8_4e04_9602_fce9f364ed3a_
    Key Found : HKLM\SOFTWARE\Classes\P274b66fa_c6b8_4e04_9602_fce9f364ed3a_.P274b66fa_c6b8_4e04_9602_fce9f364ed3a_.9
    Key Found : HKLM\SOFTWARE\Classes\P495daa7b_0a2a_4db3_b821_d603d62ed053_.P495daa7b_0a2a_4db3_b821_d603d62ed053_
    Key Found : HKLM\SOFTWARE\Classes\P495daa7b_0a2a_4db3_b821_d603d62ed053_.P495daa7b_0a2a_4db3_b821_d603d62ed053_.9
    Key Found : HKLM\SOFTWARE\Classes\Pcce631db_ebeb_4c99_a0d9_e95e30e67a4a_.Pcce631db_ebeb_4c99_a0d9_e95e30e67a4a_
    Key Found : HKLM\SOFTWARE\Classes\Pcce631db_ebeb_4c99_a0d9_e95e30e67a4a_.Pcce631db_ebeb_4c99_a0d9_e95e30e67a4a_.9
    Key Found : HKLM\SOFTWARE\Classes\Pe0ccffbc_c29a_46fc_bd5c_fa3be01202b5_.Pe0ccffbc_c29a_46fc_bd5c_fa3be01202b5_
    Key Found : HKLM\SOFTWARE\Classes\Pe0ccffbc_c29a_46fc_bd5c_fa3be01202b5_.Pe0ccffbc_c29a_46fc_bd5c_fa3be01202b5_.9
    Key Found : HKLM\SOFTWARE\Classes\Pe5305bce_05d9_45f5_b93d_fa8231003e60_.Pe5305bce_05d9_45f5_b93d_fa8231003e60_
    Key Found : HKLM\SOFTWARE\Classes\Pe5305bce_05d9_45f5_b93d_fa8231003e60_.Pe5305bce_05d9_45f5_b93d_fa8231003e60_.9
    Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
    Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{079E2F0F-FCA0-4163-BC82-5355B879E86E}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{41F978F3-431A-4464-A789-5C0692D562FB}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{89310413-97E0-4F09-AA75-390A7F4D4918}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce
    Key Found : HKLM\SOFTWARE\InstallCore
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e5305bce-05d9-45f5-b93d-fa8231003e60}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{274b66fa-c6b8-4e04-9602-fce9f364ed3a}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{495daa7b-0a2a-4db3-b821-d603d62ed053}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{cce631db-ebeb-4c99-a0d9-e95e30e67a4a}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e0ccffbc-c29a-46fc-bd5c-fa3be01202b5}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e5305bce-05d9-45f5-b93d-fa8231003e60}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1E38F0E0-5499-CDAF-F946-BA3D053AABC2}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{20188537-BC86-1F4B-6B72-1AA2EC4E9C93}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6AEC2288-82D5-C6CE-CC6F-213FE715E4E5}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6E3B2E00-8ADC-98BD-428C-13CEC2925F29}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{78B72F2B-0468-A7AC-ECEE-02C79EC3EF0B}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{78B72F2B-0468-A7AC-ECEE-02C79EC3EF0B}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC799F5F-37C9-ACBB-BE51-805992C10610}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CF663D34-D239-8E23-0994-A44C0EC65ADE}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D790D3FB-670B-6EF4-3686-4CB69E4ADE96}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D9EFCE2A-396E-AAA0-9D20-896DE2ECF595}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSE_Vosteran
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
    Key Found : HKLM\SOFTWARE\Solution Real
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{274b66fa-c6b8-4e04-9602-fce9f364ed3a}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{495daa7b-0a2a-4db3-b821-d603d62ed053}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{cce631db-ebeb-4c99-a0d9-e95e30e67a4a}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{e0ccffbc-c29a-46fc-bd5c-fa3be01202b5}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{e5305bce-05d9-45f5-b93d-fa8231003e60}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
    Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
    Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e5305bce-05d9-45f5-b93d-fa8231003e60}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
    Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
    Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Super Optimizer]
    Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]

    ***** [ Web browsers ] *****

    -\\ Internet Explorer v11.0.9600.17631
    -\\ Google Chrome v39.0.2171.95

    [C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : aaaaaiabcopkplhgaedhbloeejhhankf
    [C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : oilkkkefbalmbfppgjmgjoefbclebkce
    [C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : kpdphflffppgmeoeoiohflnbdidnbggo
    [C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Homepage] : hxxp://www.search.ask.com/?gct=hp
    [C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Homepage] : hxxp://Vosteran.com/?f=1&a=vst_coinis_15_01_ch&cd=2XzuyEtN2Y1L1Qzu0FtDyB0B0C0ByCzytDtA0F0EyDyEzz0DtN0D0Tzu0StCtDzyzytN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyByC0A0DyCtCtCtDtGzz0F0E0EtGtBtA0AyEtG0ByE0CzztGyEzytByC0FyC0C0EyCyC0F0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzyEyEyB0EyD0E0DtG0FtDzztBtGyE0Czy0CtG0AyBtCyEtG0A0C0FtCyEyEtCyCzzzy0AtC2Q&cr=278088384&ir=
    [C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Startup_URLs] : hxxp://Vosteran.com/?f=7&a=vst_coinis_15_01_ch&cd=2XzuyEtN2Y1L1Qzu0FtDyB0B0C0ByCzytDtA0F0EyDyEzz0DtN0D0Tzu0StCtDzyzytN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyByC0A0DyCtCtCtDtGzz0F0E0EtGtBtA0AyEtG0ByE0CzztGyEzytByC0FyC0C0EyCyC0F0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzyEyEyB0EyD0E0DtG0FtDzztBtGyE0Czy0CtG0AyBtCyEtG0A0C0FtCyEyEtCyCzzzy0AtC2Q&cr=278088384&ir=
    [C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Homepage] : hxxp://Vosteran.com/?f=1&a=vst_coinis_15_01_ch&cd=2XzuyEtN2Y1L1Qzu0FtDyB0B0C0ByCzytDtA0F0EyDyEzz0DtN0D0Tzu0StCtDzyzytN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyByC0A0DyCtCtCtDtGzz0F0E0EtGtBtA0AyEtG0ByE0CzztGyEzytByC0FyC0C0EyCyC0F0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzyEyEyB0EyD0E0DtG0FtDzztBtGyE0Czy0CtG0AyBtCyEtG0A0C0FtCyEyEtCyCzzzy0AtC2Q&cr=278088384&ir=
    [C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Startup_URLs] : hxxp://Vosteran.com/?f=7&a=vst_coinis_15_01_ch&cd=2XzuyEtN2Y1L1Qzu0FtDyB0B0C0ByCzytDtA0F0EyDyEzz0DtN0D0Tzu0StCtDzyzytN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyByC0A0DyCtCtCtDtGzz0F0E0EtGtBtA0AyEtG0ByE0CzztGyEzytByC0FyC0C0EyCyC0F0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzyEyEyB0EyD0E0DtG0FtDzztBtGyE0Czy0CtG0AyBtCyEtG0A0C0FtCyEyEtCyCzzzy0AtC2Q&cr=278088384&ir=
    *************************

    AdwCleaner[R0].txt - [16732 bytes] - [06/03/2015 12:16:18]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [16792 bytes] ##########

    A: Solved: Getting Security Alert - Certificate Pop Up when visiting Webpages - Malware?

    Do the following in the order that they're listed.

    Note: You might want to print off these instructions before you start so they're easier to follow.

    -----------------------------------------------------------

    Close all open windows first, then double-click AdwCleaner.exe to load its main window.

    Click the "Scan" button, then allow the scanning process to finish.
    (Note: Several seconds may pass before the scanning process starts, so be patient.)

    Click the "Cleaning" button, then click "OK".

    Allow the cleaning process to finish.

    When it's finished, click "OK" in each window that appears.

    The computer will restart.

    When the log appears during restart, save it.

    Return here to your thread, then copy-and-paste the ENTIRE log here.

    -----------------------------------------------------------

    Start SUPERAntiSpyware.

    Click "System Tools".

    Click "Preferences", then uncheck "Run in the background (system tray)", then click "Done".

    Click "Advanced Settings", then uncheck "Follow shortcuts (*.lnk) during scan", then click "OK - Done".

    Click "Click here to check for updates".

    When the definition files have updated, click "OK".

    Click "Scan This Computer", then click Quick Scan.

    If problems are found during the scan, the number of them will be highlighted in red.

    When the scan is finished, click "Continue".

    Make sure that EVERYTHING in the list is selected, then click "Continue".

    When the removal process is complete, click "Continue".

    If you're prompted to restart to finish the removal process, do so.

    Start SUPERAntiSpyware again.

    Click "System Tools", then click "Scan Logs".

    Select the most current scan log, then click on its magnifying glass icon so it can open and be viewed, then save it on the desktop.

    Return here, then copy-and-paste its ENTIRE contents here.

    -----------------------------------------------------------

    Go here, then click the large blue "Download Now @ Author's Site" button to download and save TFC.exe (Temp File Cleaner by OldTimer) to your desktop.

    After it's downloaded and saved, close all open windows.

    Double-click it to load its main window.

    Click the "Start" button.

    If there are a large number of temp files or if there are multiple user accounts, the temp file deletion process may appear to freeze and may take a few minutes, so don't interfere with or abort it.

    After it's finished, restart the computer.

    -----------------------------------------------------------

    7 more replies
  • Answer Match 78.54%

    Windows XP home
    Internet Explorer 8
    sev. pack 3
    desk top

    Try logging in accout on a site that I vist weekly and it come across top of screen Security Alert, Problem with sites security certificate. Ask if I would like to proceed anways, and still pops up over and over. I have tried adjusting in internet option in security, trusted sites but still does same thing. Called Dell said I have a virus but not coverd $$$. Have McAfee Security Center says everthing ok. Go to McAfee site try to get tec. support by e mail it will not let the Go Assist connect to talk to them. Tried to do a system restore but it says it is unable to do it. Any ideas
    Thanks
    carpfish

    A:Security Alert (Problem with sites security certificate)

    Have you tried scanning your machine with Malwarebytes or SuperAntiSpyware? Another good program is HitmanPro. This may fix your issue as these programs are effective in detection of sneaky viruses.

    Malwarebytes- www.malwarebytes.org
    SuperAntiSpyware- www.superantispyware.com
    Hitman Pro- www.surfright.nl/en/downloads

    If you are able, also scan your computer with ESET online scan. www.eset.com/us/online-scanner

    1 more replies
    Answer Match 78.54%

    I keep getting security alert pop ups regarding an expired certificate. HOWEVER, there are not any internet or chrome pages open when this happens! I click "no" or the X and it just comes right back...

    I just don't know what to do or how to get rid of it... especially because it keeps coming back and I don't even have any internet pages open..

    The pop up says:

    The identity of this we site or the integrity of this connection cannot be verified.

    Green check beside that it is from a trusted certifying authority.
    Alert beside The certificate has expired or is not yet valid.
    Green check that the certificate has a valid name matching the name of the page you are trying to view

    Do you want to proceed?
    Yes. No. View Certificate.

    Any help is appreciated!!
     

    A:Security Alert - Certificate Pop Up

    13 more replies
    Answer Match 77.7%

    I just reinstalled Win XP and now when I try to sign on to Hotmail and several other sites I get the following message:

    login.live.com uses an invalid security certificate.

    The certificate is not trusted because the issuer certificate has expired.
    The certificate will not be valid until 6/18/2008 5:00 PM.

    (Error code: sec_error_expired_issuer_certificate)
    What gives?

    Michael
     

    A:Solved: "Invalid Security Certificate" alert when I try to open hotmail, others

    Check your Windows Time & Date
     

    2 more replies
    Answer Match 77.7%

    I have a Windows XP SP2 and everytime I restart right after the desktop icons load a pop up displays about security certificates, which I have attached a picture of. If I click yes or no it goes away and the computer seems to work normally but its really annoying. If anyone can help I really appreciate it. Thanks guys.
     

    A:Security Certificate Alert on Boot Up

    1. When did this start? If suddenly with no previous software changes, do a thorough anti-virus/spyware check at once. 1st item on the 'security and the web' forum here.

    2. Oh, might sound stupid, but is the computer date and time correct?

    3. Maybe you have installed some software which uses security certificates, and which you have neglected to stop 'phoning home' for an update every time the PC boots. If you do not have an internet connection at boot time, the certificate cannot be validated. Run msconfig and see what is in the startup and services tabs.

    4. On the other hand, I seem to vaguely remember this can be something stupid like an overloaded temp directory, or internet explorer cache. Run drive cleanup from the general tab of your hard drive properties panel. Clear the explorer cache.

    5. The worrying thing is why at boot time ? Usually this sort of thing only occurs when you access certain websites with your web browser, or maybe your ISP has failed to update their certificate. What internet connections do you open along with Windows startup ? Do you have email/chat/AOL/ etc etc starting with Windows?
     

    1 more replies
    Answer Match 76.02%

    Hey all,
    From just this morning I started getting this annoying window each time I boot up my computer. I can't remember having done anything that would have caused this. Anyone know how I can stop it or figure out why it's happening?
    Thanks!


     

    A:Generic Security Alert for mismatched web certificate at boot up

    Investigate your network places. Investigate events logs. Investigate startup programs. HiJackThis (HJT) is an excellent tool for this.

    There are plenty of fake alerts. I would have expected your description to have implicated a browser. If your AV and/or FW protection is current, there is a small risk to inspecting the certificate to further analyze the source.
     

    1 more replies
    Answer Match 73.08%

    I noticed problems after I visited a website that was associated with 'Zango'. A box with an agreement was required to be acted on in order to continue to the website. The options were backwards, the 'ok' button would close the window and the 'cancel' button would download the Zango software. Quickly acting, I made the mistake of clicking 'ok' and within a few minutes my firewall had unexpectedly turned OFF.

    Then shortly after, my virus protection (McAfee VirusScan Enterprise 8.50i) automatically turned OFF. I quickly went into Windows Security and turned both back on. Then I opened McAfee and ran a scan on 'Local Drives', several detections as trojans (I don't have the names) came up, they were shown to be cleaned and deleted. However, that did not solve the problem.

    I restarted and another Window Security Alert popped up as Automatic Updates as OFF. I tried several different ways to enable this, all of them failed. I ran another scan with McAfee, this time a full scan and nothing came up. Meanwhile, windows with advertisements were popping up.

    I have WinXP SP3, any help would be extremely appreciated.

    I followed the instructions below.



    DDS (Version 1.1.0) - NTFSx86
    Run by Owner at 0:29:38.20 on Sun 12/21/2008
    Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.551 [GMT -6:00]

    ============== Running Processes ===============

    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\s... Read more

    A:[SOLVED] Windows Security Alert/Malware

    Hello, and welcome to TSF.

    I am currently reviewing your log. I will be back with a fix for your problem as soon as possible.

    Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

    Please be patient with me during this time.

    12 more replies
    Answer Match 71.82%

    Fake Alert, Ultimate windows security alert malware just to name a few of the names of the pop up windows i saw. I am using XP SP3 and have successfully used Combofix on another machine at the advise of a network admin friend. This time however i wanted to have this log reviewed by the pros on here because the malware on this machine was formidable! The windows security alert popped up and my spouse unknowingly clicked yes on it. Things just went down hill from there. We disconnected the internet cable and started the process.

    As i mentioned before I have used combofix however this time every time i tried to click it the malware would pop up and say this "combofix" file is infected would you like to start the antivirus download? So i couldn't get it to start. I downloaded combofix w/ different machine and changed the name to combo-fix during the download, then used jump drive to put it on the infected machine. Since either combofix nor malwarbytes anti-malware would execute when clicked due to pop ups i restarted the system in SAFE MODE. The microsoft recovery console is already installed on this system. Once in safe mode i clicked on the renamed combo-fix file and it then started, during the start up it stated there are "CD emulators" running on this system and comobfix must disable them before continuing which casued it to re-start the computer and then it completed it's scan. So i have a log to post if you would allow me. Also, af... Read more

    A:Fake Alert, Ultimate windows security alert malware Help needed

    "Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored."So are you saying there is no one here willing to help me?

    4 more replies
    Answer Match 68.04%

    Lately, every time I boot up my computer, I'm getting a Security Alert on a certificate because "the name on the security certificate is invalid or does not match the name of the site."

    If I view the certificate, I can see it was issued by GTE CyberTrust Global Root to "a248.e.akamai.net".

    I've done some poking around on the web, and I've found that Akamai is a company that does Internet caching and that it's not uncommon for internet requests to be rerouted through an Akamai server.

    However, I'm not using a browser when this happens. It just pops up as soon as the computer is booting up. So I'm thinking that some program on my computer is trying to access the internet on boot-up (possibly to check for updates), and there's this bad certificate.

    My question is: How do I find the program that is causing this certificate to appear? Maybe I can reinstall it, or tell it to stop looking for updates or something. This happens every time on boot-up. If I don't accept the certificate, it reappears the next time on boot. If I do accept it, it reappears next boot anyway. Kinda annoying.

    Any thoughts?

    Thanks!
     

    A:Security Alert for "a248.e.akamai.net" Certificate

    7 more replies
    Answer Match 64.26%

    I've been getting the following balloon messages on my taskbar:

    pic link 1

    pic link 2

    Along with these many balloon messages, I've been getting random pop-ups for spyware & virus programs, as well as the occasional other site. I ran Spybot, Spyware Terminator, Ad-Aware, and AVG Anti-Spyware 7.5.

    After reading through the forums, I also ran them all in safe mode, and ran SDFix in safe mode as well.

    I don't seem to be getting the pop-ups anymore, but the shield on my taskbar (in pic 1) is still there and the balloon message still comes up every few minutes.

    This is my latest HijackThis Log:

    Logfile of HijackThis v1.99.1
    Scan saved at 4:43:19 PM, on 9/26/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
    C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINDOWS\System32\cisvc.exe
    C:\WINDOWS\system32\drivers\KodakCCS.exe
    C:\WINDOWS\system32\nvsv... Read more

    A:Solved: System Alert & Security Alert Spyware

    9 more replies
    Answer Match 63%

    Malware has attacked my computer and gives that red shield in the bottom that says something like "You have a security alert!" and makes many pop ups and takes over internet. I deleted ~tmpa.exe and ~tmpd.exe. But it comes back when I reboot. Log below.You help is greatly appreciated. I am sure if I delete the correct things, I can lick this.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:25:06 PM, on 1/15/2009Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\taskeng.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\HP\HP Software Update\hpwuSchd2.exeC:\Program Files\McAfee.com\Agent\mcagent.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exeC:\Program Files\Skype\Phone\Skype.exeC:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exeC:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exeC:\Windows\system32\ctfmon.exeC:\Program Files\Internet Explorer\ieuser.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exeC:\Program Files\Tr... Read more

    A:Malware removal Help - Security alert!

    Hi, allingtonj Welcome. Please download Malwarebytes' Anti-Malware from Here or HereDouble Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Quick Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.Please download ComboFix from Here or Here to your Desktop.**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**Please, never rename Combofix unless instructed.Close any open browsers.Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.... Read more

    2 more replies
    Answer Match 63%

    I saw another thread on this, I don't see the process name that the previous person had, so I ran a scan and heres the log...

    I'm not looking for love in the neighborhood, but seems somebody thinks I am. I did download a codec file, which is where this whole thing started I think... Now, I'm feeling pretty stupid.

    Logfile of HijackThis v1.99.1
    Scan saved at 9:07:13 AM, on 11/27/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
    C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton A... Read more

    A:MalWare/Popup/Security alert...

    I tried deleting the following, but no luck... I'm sure its more complicated than it appears...

    O2 - BHO: (no name) - {192c5b4a-3efd-40c7-9f99-c472deb8efc0} - C:\Program Files\Perfect Codec\isaddon.dll

    6 more replies
    Answer Match 63%

    Hi, i've got the Secruity Alert: Spyware Found: PSW etc, aswell as a free others and IE pop-ups alot. I don't really want to format my system at the moment, so i did a search and came across similar problems on here, and following what was said there i've downloaded Hijack This and post the following log from it, if anyone could be so kind as to run me through what i should do next for my problem i would be very grateful, also soonier the better, i'm sure your all busy and all, but i've got web design and database work i must do, aswell as playing poker (part of my work ), and this is making it very annoying to work with.

    Don't be surprised if this log shows alot of rubbish, i haven't cleared this pc out for along while and i think i've had alsorts of rubbish forceable downloaded too it, i'll be sure to implment proper sercurity once this is sorted, thanks.

    The next step of the guys post i was reading was to get SmitfraudFix, and i expect mine will be the same but i just wanted to check, thanks.

    HJT Log:

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 11:28:13, on 10/07/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\sy... Read more

    A:Security Alert, Malware etc, HJT Log included, please help.

    You should print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.

    Please download SmitfraudFix (by S!Ri)
    Extract the content (a folder named SmitfraudFix) to your Desktop.

    Next, please reboot your computer in Safe Mode by doing the following :
    Restart your computer
    After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
    Instead of Windows loading as normal, a menu with options should appear;
    Select the first option, to run Windows in Safe Mode, then press "Enter".
    Choose your usual account.
    Once in Safe Mode, open the SmitfraudFix folder again and double-click smitfraudfix.cmd
    Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.

    You will be prompted: "Registry cleaning - Do you want to clean the registry?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.

    The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".

    The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart it into Normal Windows.

    A text file will appear onscreen, with results from the cleaning pr... Read more

    3 more replies
    Answer Match 63%

    Sir...m deeply annoyed with the constantly appearing security sign. It just says.. that the computer is at the risk of Mailicious attack, backdoor Trojans.

    I am new to all this.. please help me.. i've run a Hijackthis check and below is the log.. pl guide me to completely remove the malware from my System.. pl

    Logfile of HijackThis v1.99.1
    Scan saved at 12:57:34 AM, on 1/5/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\Program Files\Common Files\Virtual Token\vtserver.exe
    C:\WINDOWS\System32\ibmpmsvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\WINDOWS\system32\S24EvMon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
    C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    C:\Program Files\Network Associates\VirusScan\Mcshield.exe
    C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
    C:\Program Files\Prevx1\PXAgent.exe
    C:\WINDOWS\System32\QCONSVC.EXE
    C:\WINDOWS\system32\RegSrvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\TpKmpSVC.exe
    C:\Program Files\Venturi Client\Client\ventc.exe
    C:\Program Files\Venturi Client\squid\squid.exe
    C:\WINDOWS\system32\fxssvc.ex... Read more

    A:Security Alert : Malware Threat

    8 more replies
    Answer Match 63%

    Every 5 minutes a pop up keeps showing up saying "Windows Security Alert" Then in the Body it says "Warning! Potential Spyware Operation! Your computer is making unauthorized copies of your system and Internet files. Run full scan now to pervent any unauthorised access to your files! Click YES to download spyware remover..." All of this is even with the misspelling - Click to expand...

    I found other threads with this problem but it seems each user has a unique solution? Is that right?

    What should I do first?

    Many thanks.
     

    A:Windows Security Alert Pop Up Malware

    16 more replies
    Answer Match 63%

    i get this pop up balloon that says security alert:malware threat and ive tried mcafee/avg/adaware and nothing works!
    any solutions?
     

    A:security alert: malware threat!!!! help!

    Hi and welcome to TSG,

    Click here and then scroll down to and click on hijackthis self installer to download HJTsetup.exe

    Save HJTsetup.exe to your desktop.
    Double click on the HJTsetup.exe icon on your desktop.
    By default it will install to C:\Program Files\Hijack This.
    Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
    Put a check by Create a desktop icon then click Next again.
    Continue to follow the rest of the prompts from there.
    At the final dialogue box click Finish and it will launch Hijack This.
    Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
    Click Save to save the log file and then the log will open in notepad.
    Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    Come back here to this thread and Paste the log in your next reply.
    DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.

     

    1 more replies
    Answer Match 62.58%

    hello sir, good morning
    when i try to access gmail, it will show "There is problem with security certificate"
    how can i rectify this problem please tell
     

    A:Solved: about security certificate

    hello sir, good morning
    when i try to access gmail, it will show "There is problem with security certificate"
    how can i rectify this problem please tell
     

    1 more replies
    Answer Match 62.58%

    Can someone please check out my Hijackthis log? Thanks so much.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 6:37:10 PM, on 8/16/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16674)Boot mode: NormalRunning processes:C:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.exeC:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXEC:\Program Files\McAfee\Common Framework\UdaterUI.exeC:\WINDOWS\system32\lphc3ofj0e91e.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\drivers\svchost.exeC:\Program Files\McAfee\Common Framework\McTray.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\LEXPPS.EXEC:\WINDOWS\system32\spoolsv.exeC: ... Read more

    A:Infected With Bogus Security Alert Malware

    Hello. I'm Extremeboy and I will be helping you with your log.I will need some time to look over your computer's log. You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic. The topics you are tracking can be found here. Please take note of a few guidelines for this fix:Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself. Finally, please reply using the button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Thanks With Regards,Extremeboy

    7 more replies
    Answer Match 62.58%

    I'm using McAfee VirusScan Enterprise 8.5.0i

    Windows tells me "McAfee VirusScan Enterprise is on but is reporting its status to Windows Security Center in a format that is no longer supported. Use the program's automatic updating feature, or contact the program manufacturer for an updated version."

    I've tried updating it 3 times so far, and it tells me everything is up to date. I'm unsure as to why this problem is persisting.

    A:Windows Security Alert - Malware Protection

    Don't worry about it, as long as you know that McAfee is running correctly, disregard Windows Security center. It is probably a bug. I had that problem when I first installed Avira.

    1 more replies
    Answer Match 62.58%

    Started getting 2 different popups today. One is a malware defense installer message, the other is a secuirty center alert wanting me to enable protection.DDS (Ver_09-12-01.01) - NTFSx86 Run by Dale at 22:46:17.11 on Mon 01/11/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1534.300 [GMT -5:00]AV: avast! antivirus 4.8.1368 [VPS 100111-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}============== Running Processes ===============C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupsvchost.exesvchost.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exeC:\Program Files\Common Files\Acronis\Schedule2\schedul2.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\WINDOWS\system32\fsproflt.exeC:\Program Files\Common Files\LogiShrd&... Read more

    A:Security center alert and Malware defense HELP

    Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Please download OTL from following mirror:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedIn the upper right hand cor... Read more

    2 more replies
    Answer Match 62.58%

    This malware program called XP Total Security has taken over the computer and of course wants me to buy there program to remove infections
    .
    DDS (Ver_11-03-05.01) - NTFSx86
    Run by bsearls at 9:51:28.40 on Fri 04/29/2011
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.5.0_17
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.80 [GMT -4:00]
    .
    AV: eTrust ITM *Enabled/Outdated* {33EA71EA-56CF-40B5-A06B-BD3A27397C44}
    AV: *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
    FW: *Disabled*
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    C:\WINDOWS\system32\svchost -k rpcss
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files\Starfield\offSyncService.exe
    C:\Program Files\Intel\Intel Matrix Storage Manag... Read more

    A:XP Total Security Firewall Alert (Malware)

    Good evening.

    This machine has got so much slime onboard you wouldn't believe, far more than I would expect with proper security programs installed on it.
    According to the DDS log your AV is eTrust ITM and although it's enabled, it's also outdated. How long has it been since your anti-virus program has been updated?
    Also, is this a business machine, as the video conferencing software suggests?

    5 more replies
    Answer Match 62.58%

    On Sept. 24 my Windows XP PC began flashing "pop-up" boxes resembling Windows security system, but also simultaneously screensaver page porn icons appeared, random tv-radio sounding audio runs, and security system/protection system icons appear on screensaver page and lower right bar.

    I am not a tech-savvy user. I have researched and read some other users' experience with the same, both in the past and in the past week.

    I am not tech-savvy. Does anyone know how to permanently remove this spyware/malware program/

    Thanks.
     

    More replies
    Answer Match 61.74%

    Booted up this morning and went to check my mail and got this message with a red bar running across the top of the page.



    There is a problem with this website's security certificate.


    The security certificate presented by this website has expired or is not yet valid.

    Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.
    We recommend that you close this webpage and do not continue to this website.
    Click here to close this webpage.
    Continue to this website (not recommended).
    More information


    If you arrived at this page by clicking a link, check the website address in the address bar to be sure that it is the address you were expecting.
    When going to a website with an address such as https://example.com, try adding the 'www' to the address, https://www.example.com.

    For more information, see "Certificate Errors" in Internet Explorer Help.

    A:[SOLVED] Security certificate block

    Replaced the battery and everything is working ok..

    1 more replies
    Answer Match 61.74%

    I can't believe there are not more posts about this issue. I am on Windows XP and I use IE but also have Google Chrome and FoxFire for browsers.
    On all 3 browsers when I try to get to my gmail I'm getting a message that says:

    " There is a problem with this website's security certificate.
    The security certificate presented by this website was issued for a different website's address.
    Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server."'

    Is this my problem only or is this something that is happening with gmail website? Is there something I can do besides wait till they get their security certificate changed? or fixed?
     

    A:Solved: gmail security certificate

    8 more replies
    Answer Match 61.74%

    OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 32 bit

    I have been getting this pop up box. Saying Internet Explorer blocked this website from displaying content with security certificate errors.

    Is there a way to stop this pop up box from coming up with every page I browse on the web?
    It's driving me crazy and I don't have far to go.

    handy man
     

    A:Solved: Security Certificate Errors

    16 more replies
    Answer Match 61.74%

    Several security certificates were posted on my new windows 8 pc today.... I managed to get rid of a couple of them by opening in a new window for AOL and other email accts... Remaining is the certificate warning for Google... Any suggestions for easy removal?

    Tnx

    Oneoldman
     

    A:Solved: Security certificate removal

    How did you get to know about these certificates ? If they are Certificate Revocation List then you should keep them, CRL notifies all participants that about bad certificates. E.g. if someone impersonated a Google server and Google gets wind of this, then it sends out a revocation.
     

    2 more replies
    Answer Match 61.74%

    "There is a problem with this website?s security certificate.
    The security certificate presented by this website was not issued by a trusted certificate authority.
    Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.
    We recommend that you close this webpage and do not continue to this website. "

    This is happening more and more and is a great nuisance. I am using Win 7, IE 11 64bit.

    A:[SOLVED] security certificate problems

    Double-check and make sure your Date and Time are set correctly.

    19 more replies
    Answer Match 61.74%

    Hi Folks

    I've had to use rkill 3 times in the last year to get rid of that awful malware which says I have viruses installed and wants me to pay to get 'nothing' fixed - you know the one.

    My current security suite is about to expire - ESET Nod32 - so I'm looking to find something which will actually stop the above from getting onto my system in the first place. ESET is great for everything else, just won't stop this one, and they don't seem to have the answer.

    So, my question for this post: is the PCTools SpywareDoctor you show banners for do the job, or is it the sort of problem which nothing picks up?

    I have had a good look through this forum, but so far haven't found anything which seems to address prevention - perhaps someone could point me in the right direction if I've missed it.

    Thanks in advance.

    Lyn

    A:How to stop the dreaded 'Windows Security Alert' Malware

    <<My current security suite is about to expire - ESET Nod32 - so I'm looking to find something which will actually stop the above from getting onto my system in the first place.>>You cannot rely on any one item...AV, firewall, other malware-defense program...to protect a system from today's malware. Cold and simple truth.Combine that with the fact that...no matter how well-protected a system might be...it's really the user who is the weak link in protecting a system. A user who doesn't understand the importance of safe surfing...will undo any program that may have been installed for protective purposes.FWIW: Windows Security Alert...is only one of a truckload of such programs. To be concerned with it...seems overly simplistic to me.Sometime...you might take a look at the BC stable of current removal guides for this and similar types of malware, http://www.bleepingcomputer.com/forums/forum55.html .There is not necessarily any defense known today...for what may come our way tomorrow or the future. All defense measures that users take...are pretty much reactive in developnebt. That means that...we come up with ways of defeating/overcoming it after it has been recognized as something new that is not necessarily neutralized by the "old cures".In spite of the rhetoric used by vendors/developers to make users think otherwise...it's a very uphill battle, which is why our malware forums are so overworked with malwaare situations.When I w... Read more

    2 more replies
    Answer Match 61.74%

    Hello!

    I am a new and reluctant member of the trojan/malware/virus world and certainly appreciate your assistance!

    Suddenly, Firefox kept opening on its own, either as a tabbed page or its own window, and would open to some seemingly random advert.

    The bug is bringing up a "Windows security alerts" red shield with an x on it on my icon tray (lower right of the start bar). Clicking on the icon brought up a faux-microsoft page telling me that my computer was infected and that it wanted me to download a file to fix the problem. I did not do so.

    Also, Windows Automatic Updates is switched off when I click on the red x-shield icon on my start bar, BUT when I check Windowns Automatic Updates via the Control Panel, it looks as if they are on...

    Following the instructions on another thread in this forum, I ran Malwarebytes and Spybot multiple times, fixing the errors after each run. HOWEVER,
    I still have the red-x-shield on my icon tray.

    I am running Windows XP Home Edition Version 2002 Service Pack 2.

    HERE IS THE LOG FROM MALWAREBYTES RUN #1.Malwarebytes' Anti-Malware 1.31
    Database version: 1550
    Windows 5.1.2600 Service Pack 2

    12/28/2008 5:15:46 PM
    mbam-log-2008-12-28 (17-15-30).txt

    Scan type: Full Scan (C:\|)
    Objects scanned: 269614
    Time elapsed: 3 hour(s), 58 minute(s), 12 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 3
    Registry Keys Infected: 11
    Registry Values Infected: 0
    Registry Data Items Infected: 3
    Folders Infected: 0
    Files Inf... Read more

    A:fake Windows Security Alert - Trojan/Malware

    16 more replies
    Answer Match 61.74%

    Hi AllI am yet again asking for help to remove spyware from his system, this computer was infected 4 - 5 weeks ago and with you help i manged to remove all traces. However, my freinds brother is a Porn monster, anything that stats free porn is clicked on i imagine!! After the last infection, i have installed spyware blaster, super anitspyware and trend internet security and still it gets in!!!Please find below hijackthis logs, you help is appreciated.JasonLogfile of Trend Micro HijackThis v2.0.2Scan saved at 09:07:23, on 08/11/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16544)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Ahead\InCD\InCDsrv.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Common Files\Sitecom Shared\PnP Universal Installer\DevNotifySvc.exeC:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeC:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exeC:\... Read more

    A:Internet Security Alert And Privacy Protection Malware

    Welcome to the BleepingComputer HijackThis Logs and Analysis forum maxHyper My name is Richie and i'll be helping you to fix your problems.Your version of Sun Java is out of date.Older versions have vulnerabilities that malware can use to infect your system.Please follow these steps to remove older versions of Sun Java,and then update.1. Download the latest version of Java Runtime Environment (JRE)2. Scroll down to where it says 'Java Runtime Environment (JRE) 6 update 3'.3. Click the "Download" button to the right.4. Check the box that says: "Accept License Agreement".5. The page will refresh.6. Click on the link to download 'Windows Offline Installation, Multi-language' and save to your desktop.7. Close any programs you may have running - especially your web browser.8. Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.9. Check any item with Java Runtime Environment (JRE or J2SE) in the name.10. Click the Change/Remove button.11. Repeat as many times as necessary to remove each Java version.12. Reboot your computer once all Java components are removed.13. Then from your desktop double-click on jre-6u3-windows-i586-p.exe to install the newest version.Download SDFix.exe and save it to your desktop:http://downloads.andymanchesta.com/RemovalTools/SDFix.exe* Double click on SDFix on your desktop,and install the fix to C:\ Please then reboot your computer into Safe Mode by doing the following:* Rest... Read more

    17 more replies
    Answer Match 61.74%

    The malwarebytes antivirus did not remove the winweb pop up security alert. When I run the scan it does not detect any malicious items. The only malware quarantined was from the vendor Adware.Zango. The item is very long. I would cut and paste it here but can't seem to do that. It starts with HKEY_CURRENT_USER. This was the only one found in the registry of malware antivirus. There are many other items in the winweb security alert like trojans and others. should I write these down in the postings? The pop up Lsas.keylogger keeps coming up too.I did switch to firefox. Before winweb was on my screen I used Internet explorer. I'm not sure if the browser matters. I've used firefox eversince winweb has been popping up. Also, I could not run kapernsky's free scan for some reason. I did download the new runtime JAva but I still couldn't get a scan.I will cut and paste the reports from RSITLogfile of random's system information tool 1.04 (written by random/random)Run by sam pratt at 2008-12-03 10:43:54Microsoft Windows XP Home Edition Service Pack 3System drive C: has 258 MB (3%) free of 8 GBTotal RAM: 254 MB (27% free)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:44:46 AM, on 12/3/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS&... Read more

    A:Malware removal request( winweb security alert)

    Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_ScanFollow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable ... Read more

    3 more replies
    Answer Match 61.74%

    Hi ?I am new to this forum and have joined up to get some expert help with a Malware problem.In looking for a site in which to send a large 1-gig file to a friend, I became infected. I now get a fake pop-up Security Center Alert saying my firewall has detected unauthorized activity, etc?.. It shows Trojan.Zlob.G as the purported infection. Connectivity to the web is now also very intermittent and was unable to perform a Kaspersky scan as a result. I am using another system to post this message.I?ve tried a number of Malware removal programs, but the problem remains. I have attached my HiJackThis log in hopes that someone can spot the culprit and offer a fix.Thank you lenv________________Logfile of random's system information tool 1.04 (written by random/random)Run by lvisconti at 2008-12-06 18:43:11Microsoft Windows XP Professional Service Pack 3System drive C: has 119 GB (91%) free of 131 GBTotal RAM: 2031 MB (73% free)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 18:43:17, on 12/6/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16735)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC... Read more

    A:Malware causing Fake Security Alert Popup

    We apologize for the delay in responding to your request for help. We are volunteer staff at Bleeping Computer and get overwhelmed at times with the large number of users seeking help. We are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate your letting us know. If not, please perform the following steps so we can have a look at the current condition of your computer. If you have not done so, include a description of your problem along with any steps you may have performed so far.When you have completed the steps below, a staff member will review the log and provide instructions for you to get your computer clean and free of malware.Thanks and we apologize for the delay.We need to see current information on what is happening in your computer. Please perform the following scan: Please download DDS by sUBs from one of the following links. Save it to your desktop.DDS.com DDS.scr DDS.pif After downloading the tool: Disconnect from the Internet. Disable all antivirus/anti-spyware protection. If needed, please read How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs. Double click on the DDS icon, allow it to run. Please note: If the scan fails to run, you may have to dis... Read more

    2 more replies
    Answer Match 61.74%

    I'm a newbie,
    I have the fake windows security alert popping up. I usually close it by going to task manager and stopping it with end process. But it obviously comes back. Not every time I reboot, but when a friend uses the system to surf, that is when I got it and it just so happens TONIGHT it appeared for the first time in weeks after he was online. I believe he goes to EBAY and other auction type sites, I don't know where he got it but I am certain it is on my system due to his surfing.
    Attached is my Hijack this log, I also have Norton on my system and find it to be useless. If it is in fact less than optimal to have it on my computer I would also like to find a way to get it OFF my computer.
    Thank you in advance,
    ktkia

    Hijack this log:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 3:42:18 AM, on 4/1/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\S... Read more

    A:fake windows security alert malware/virus

    16 more replies
    Answer Match 61.74%

    Hi all

    Recently've had a piece of spyware that gives me a message box from the system tray saying things like "Security Alert: Spyware Found" or "System Alert: Malware Threats". It's bvious it's spyware cos it's trying to flog a removal tool and the spelling isn't all there...

    After searching the foums for a solution, and going on what's been done on previous, similar cases, i've tried what's been said to them (HijackThis, SmitFraudFix & Spy Sweeper) All to no avail. Below are the results of Hijack this and SmitFraudFix respectively. Can anyone give me an idea of how to get rid of this?

    Thanks

    Logfile of HijackThis v1.99.1
    Scan saved at 12:41:03, on 14/10/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    C:\WINDOWS\Explorer.EXE
    c:\program files\common files\mcafee\mna\mcnasvc.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    C:\PROGRA~1\McAfee\MSC\mcpromgr.ex... Read more

    A:Security Alert: Spyware/Malware/Trojan Found

    NOTE: If you have downloaded ComboFix previously please delete that version and download it again!

    Download this file :
    http://download.bleepingcomputer.com/sUBs/Beta/ComboFix.exe

    Double click combofix.exe & follow the prompts.
    When finished, it shall produce a log for you. Post that log

    Note:
    Do not mouseclick combofix's window while its running. That may cause it to stall

    =====================
    Download Superantispyware (SAS) free home version

    http://www.superantispyware.com/superantispywarefreevspro.html

    Install it and double-click the icon on your desktop to run it.
    · It will ask if you want to update the program definitions, click Yes.
    · Under Configuration and Preferences, click the Preferences button.
    · Click the Scanning Control tab.
    · Under Scanner Options make sure the following are checked:
    o Close browsers before scanning
    o Scan for tracking cookies
    o Terminate memory threats before quarantining.
    o Please leave the others as they were.
    o Click the Close button to leave the control center screen.
    · On the main screen, under Scan for Harmful Software click Scan your computer.
    · On the left check C:\Fixed Drive.
    · On the right, under Complete Scan, choose Perform Complete Scan.
    · Click Next to start the scan. Please be patient while it scans your computer.
    · After the scan is complete a summary box will appear. Click OK.
    · Make sure everything in the white box has a check next to it, then click Next.
    · It will quarantine what it found a... Read more

    1 more replies
    Answer Match 61.32%

    I keep getting the message: "There is a problem with this website's security certificate." when I try to access certain website which I know are good, e.g., a US Govt. site for job hunting. I believe this has something to do with IE 7's "Phising Filter." I have tried dropping the "s" from web addresses, i.e., changing "https://" to "http://" with no success. This has been very frustrating. I have called in ISP with no success and Microsoft's telephone help costs. Has anyone else had this problem and if so, were you able to solve it? Thanks in advance.
     

    A:Solved: There is a problem with this website's security certificate.

    16 more replies
    Answer Match 61.32%

    this is what I get when trying to get onto Google home page.. and every site there after.

    Problems started immediately after I un-installed Nortons free trial. Since then I have not been able to update windows, certain sites are showing as not available..

    I have scanned my computer for viruses and malware, everything comes up clean... I also get messages about my computers clock time is wrong; but when I update it, it says everything is correct

    I am computer illidiot, so please type slowly and simply as I do not understand most terms and phrases

    Any help would be very appreciated

    Bethany

    A:[SOLVED] Sites security certificate has expired

    Hi welcome to TSF

    did you use the norton uninstaller to remove it completly. https://support.norton.com/sp/en/us/...rProfile_en_us

    13 more replies
    Answer Match 60.9%

    Hi there,

    Hope you guys can help. I am cleaning up an infected laptop as a favor for a friend. When I got it from him, it was infected with numerous trojans/viruses. I have downloaded and run Malwarebytes, Adaware, and CCleaner. These came up clean on last scans. System still has issues however. Most noticeable among them are Fake Secrity Center alerts, and Pornotube/Nudetube etc. links that keep appearing on desktop.

    Laptop is running Windows XP Media Center, service pack 3.
    I have disabled system restore. When I try to boot into Safe Mode computer shuts down after entering login username.

    Hijackthis log appears below - Any help is greatly appreciated. When I am done here, I will likely have to repeat much of this on their desktop at home!

    Dave

    Forgot to mention I have also downloaded and run AVG. Initial scan cleared out 100+ infections. Win32 cryptor now being reported in a file installer.exe in user temp folder. This recurs despite moving to vault.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:56:53, on 10/29/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\AVG\AVG9\avgchsvx.exe
    C:\Program F... Read more

    A:Fake Security Center Alert, Pornotube and other malware on laptop

    OK, threw another rock at this one while I was waiting for a post. I downloaded Counterspy free trial and ran it. Found a handful of infections and I let it clear them.

    After reboot and rescan - no more Fake alerts, and no more obvious problems. Here is a new HJT log - see what you think...

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 01:58:42, on 10/30/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\AVG\AVG9\avgchsvx.exe
    C:\Program Files\AVG\AVG9\avgrsx.exe
    C:\Program Files\AVG\AVG9\avgcsrvx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\AVG\AVG9\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ares Ultra\Jeaks Music\JeaksSvr.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\AVG\AVG9\avgnsx.exe
    C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    C:\Program Files\Common Files\Microsoft Shared\V... Read more

    1 more replies
    Answer Match 60.9%

    I used Avast, Malwarebytes Anti-Malware, and Spyware Doctor to get rid of Malware Defender and Security Center Alert. After I ran the scans, though, Avast, Open Office, and Firefox all started to use A LOT of memory, and my laptop began to run slower. Firefox and Google Chrome frequently stall and need to be closed. I re-installed Avast and uninstalled Open Office, so, temporarily at least, they're OK. Svchost.exe is also taking up more memory than it used to. A friend of mine recommend I run a hijackthis log to see if there was something I could do to fix some of the problems I didn't have before MD and SCA as the after-effects could be related to the infections.I appreciate the help!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:33:15 PM, on 1/20/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16945)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\Program Files\Intel\Wireless\Bin\WLKeeper.exeC:\... Read more

    A:Problems after removing Malware Defender and Security Center Alert

    Hi,My name is Extremeboy (or EB for short), and I will be helping you with your log.We apologize for the delay of response. If you still require assistance we would like to see the current condition of your system so please post a new set of DDS Logs as well as a RootRepeal log and a description of any remaining problems or symptoms you may still have please.If for any reason you did not post a DDS log or RootRepeal log please refer to this page and in step #6 and Step #7 for further instructions on downloading and running DDS & RootRepeal. If you have any problems when running the tools or unable to produce a report for any reason, just let me know in your next reply.For your next reply I would like to see:-The DDS logs---DDS.txt and Attach logs-RootRepeal logs-Description of any remaining problems you may still have.Thanks again and we apologize for the delay.With Regards,Extremeboy

    19 more replies
    Answer Match 60.48%

    ARGGHH

    This is really starting to piss me off. I'm been trying to log onto Manheim.com but this keeps on coming up. I tried installing a new certficate but it did nothing. I really want to get rid of this, please help!
     

    A:Solved: IE7 Error - There is a problem with this website's security certificate

    8 more replies
    Answer Match 60.06%

    I've searched through the forums and there's just SO MUCH information. I'm SO overwhelmed. I need someone straight forward (not TOO many "or you could..."s) and simple to lead me.

    Here's the deal...I have windows 7 and my Bitdefender just ran out. I let it go, downloaded several of the free suggestions that I found in various places but feel like I must need a tried-and-true, most have heard of it and validated that it's good stuff, household name kinna stuff to ease my worries. (I know that's silly...you don't have to tell me.) I kept getting alerts of free version ending, messages about needing a secondary "this" to make the current work properly, etc. etc. So I've been getting all of that off my computer and now need advice.

    I use my computer for various internet "stuff" (email, researching info---Googlologist, online bills, general browsing, etc.) all day, every day. Using it is easy...keeping it NOT bogged down (which I feel Bitdefender slowed things significantly) and safe is less user friendly IMO. I don't want any viruses, spyware, malware (tho I'm not 100% sure what that actually IS but hear it often enough to know it's bad) or anything else that might be trouble. I'm not working for NASA or anything earth shattering but do want to keep what's mine, MINE and keep my computer running smoothly. Because of my lack of understanding, I need something USER FRIENDLY that a monk... Read more

    A:Solved: PATIENCE NECESSARY ALERT...Security for Dummies not enough need Security for

    12 more replies
    Answer Match 60.06%

    Every access attempt for any google site gets directed to a porn site! Same one every time. Can get to google groups through ask.com but when I 'sign in' to my account I get the following window message, "You have attempted to access 'www.google.com' however, the security certificate belongs to 'plesk' ??! Same happens for any google site using ask.com search. Adware, Spybot, and Avast virus scans come back clean, BUT 2 days ago i got hit by a virus, Sality.J and Hidrag? Those are now gone but problem continues with all google sites. Have contacted google concerning this but no reply. I'm using the newest version of Window XP woth the FF2 browser. Thanks for any help or suggestions!
     

    A:Solved: Invalid Security Certificate when accessing any google site

    * Click here to download HJTsetup.exe.
    Save HJTsetup.exe to your desktop.

    Double click on the HJTsetup.exe icon on your desktop.
    By default it will install to C:\Program Files\Hijack This.
    Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
    Put a check by Create a desktop icon then click Next again.
    Continue to follow the rest of the prompts from there.
    At the final dialogue box click Finish and it will launch Hijack This.
    Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
    Click Save to save the log file and then the log will open in notepad.
    Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    Come back here to this thread and Paste the log in your next reply.
    DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
     

    3 more replies
    Answer Match 60.06%

    I hope I posted this in the correct forum. I think this may have something to do with a program I recently installed - IObit Advanced System Care. I ran a "Deep Care" and when I restarted and tried getting onto facebook, it gave me 3 security certificate errors. now I'm down to one error and facebook still looks all messed up. I used the "Rescue Center" and undid changes but that didn't help.

    attached image to show the error and what facebook looks like.

    Any help would be greatly appreciated!
     

    More replies
    Answer Match 59.64%

    Hello wise ones,

    I often have guests staying w/ me from around the world that I know little about other than intuition, what is on their profile and written references from other hosts. Through www.couchsurfing.com

    I am very concerned letting them use my PC as they may download a virus or install a key logger. (Kapersky is installed and shows up under the guest identity on XP. But I think perhaps they could turn it off and bypass it?)

    What would be the best way to allow them computer access?

    1. Get an old PC for them to use? (if they are on my router can they access my other PC's personal information? If so how do I limit them from accessing my PC info?)

    2. Install a software program like used at a Internet Cafe?

    Any other ideas?

    Kind Thanks!
     

    A:Best PC Security with Visiting Guests?

    8 more replies
    Answer Match 59.64%

    A review and preview: Malwarebytes, certainly a rip-off!!  “Crushes Malware. Restores Confidence.”   Maybe the team of Malwarebytes was not very sure afore they could fine-tune the above punch line on their site, instead if you opt for culling Malwarebytes the below will explicate your situation quite well that will let you regret forever.   “Crushes Confidence, Restores MALWARE.”    Such an awful brand image to engender when promotions campaigns and big promises are made to collect a bunch of target audience and just crack that immense sale!  I've only been bitten by one piece of malware recently. It was those fake antivirus things that were sent to me from a friend's infected machine. It instantly infected when it hit my inbox. The very next thing I could look for was to surf on net to get some recommendations that would help me to choose the right Anti-malware kit, to my surprise Malwarebytes is such a fake company that has actually filled in fake reviews and great comments for publicity, well I did land up in that trap. Checking out the flashy and so fresh reviews I did get my hands on Malwarebytes, the product was totally and utterly ineffective against the infection.   Not really writing this to pan the product, but just to describe my experience with it, and but know from other people's experience that Antiviruses or malware can't always detect and eliminate most of ... Read more

    A:Scam Alert : A Leading Anti-Malware Security Giant Malwarebytes Tricks You

    Sorry to hear about you back experience with Malwarebytes. No single product is 100% foolproof and can prevent, detect and remove all threats at any given time.As for their Tech Support, myself and many others feel much differently. Some of the employees involved with Malwarebytes Anti-Malware product development, research and technical support are well known security experts who have volunteered their personal time to assist victims of malware infection long before their program was created. They still stay personally involved with helping victims on Internet forum boards as well as provide individual support services to users of their products. This means they are personally tuned into the day to day analysis of active malware and any reported issues with their software so they are able to respond quickly to them."I used to volunteer for years on malware removal forums where I helped people to clean up malware, teach people how to prevent malware and made some of my own small removal tools to deal with malware. This was (and still is) my passion. Malwarebytes was built out of people from the same community, who share the same passion. A great product can only exist if there are passionate people behind it, and I wanted to become a part of this."Mieke, Director of Research, EuropeMalwarebytes Management TeamHow pathetic it is that in the name of consumer support, all I get is never-ending lies, abusive emails, and false claims that my computer optimization utility RegCure Pr... Read more

    29 more replies
    Answer Match 59.22%

    QUOTE(ewu @ Oct 14 2010, 05:25 PM) I am running XP and it seems to function well with the exception of multiple mshta.exe incidences. I fell victim to the security essentials trojan but Avast was able to catch it before my system was substantially compromised. It seems like most items have been removed aside from the mshta.exe issue.Exactly every hour, Avast alerts to mshta.exe accessing a location and blocks it. When I check the task manager it sometimes comes up many times. I have taken to ending mshta.exe whenever I see it.I have run quick and full scans with Avast, Malwarebytes, SuperAntiSpyware, and Spybot. I booted up into safe mode and ran quick scans with all four. I also ran a boot-time scan with Avast. All these scans have come up with no infected files.I also downloaded and ran panda anti-rootkit both regularly and in safe mode.Please advise as to how I can resolve this issue.Thanksas per boopme instructed:DDS (Ver_10-10-10.03) - NTFSx86 Run by Eric at 10:11:55.64 on Fri 10/15/2010Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_19Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.782 [GMT -7:00]AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}============== Running Processes ===============C:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.ex... Read more

    A:driver/service protection of malware - mshta.exe and "Microsoft Security Essentials Alert" attack

    Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
    The ... Read more

    14 more replies
    Answer Match 58.38%

    A friend recently started getting 'Windows Internet Security' popups when she visits Myspace that say the following:

    "Your browser is under the threat of infection. Windows requires your permission to install online protection tool.

    Your browser is run in unsafe mode. Running the protection mode will help you to keep your computer safe. Staying at the suspicious website in unsafemode may lead to the loss of personal data and computer breakage. To run the web browser in protected mode Windows requires installing the antivirus scanner software and online protection tool.

    Name: Online Protection Tool
    Publisher: Microsoft Windows"

    Ends with an Allow or Don't Allow option.

    She has been hitting Don't Allow since the message has terrible grammar and doesn't look legit. She ran scans with Malwarebytes and AVG and found a couple trojans and they were deleted without any problems but this message is still popping up every time she goes to Myspace. Any help will be appreciated.

    A:Weird security popups when visiting myspace

    Hello, please post the MBAM log.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.Next run ATF and SAS:Note.. SAS doesn't open the registry hives for other user accounts on the system, so scans should be done from each user account.Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".From your regular user account..Download Attribune's ATF Cleaner and then SUPERAntiSpyware , Free Home Version. Save both to desktop ..DO NOT run yet.Open SUPER from icon and install and Update itUnder Scanner Options make sure the following are checked (leave all others unchecked):Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program. DO NOT run yet.Now reboot into Safe Mode: How to enter safe mode(XP)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mod... Read more

    1 more replies
    Answer Match 57.96%

    Hello,
     
    So I've always wondered if you can get a virus/malware just by visiting a website?
     
    I always thought this was a No, because I believe a user is only infected when he/she opens up that malware/virus FILE, once you open it up and install it then you are infected.
     
    I know there are drive by downloads, but your anti-virus or anti-malware program should detect the file and automatically delete it.
     
    Malware/virus can't infect your computer unless you open the file, right?

    A:can you get a virus/malware just by visiting a website?

    Hi NEMS Yes, it's entirely possible to get infected by simply visiting a website. Most commonly via what we call "Exploit Kits". Right now, EK are used to deliver a lot of dangerous malware (such as banking trojans and Cryptoware) to computers worldwide. So using a standard Antivirus and Antimalware won't cut it. Using a program that protects your web browser against such threats, like Malwarebytes Anti-Exploit will. but your anti-virus or anti-malware program should detect the file and automatically delete it.This is assuming that the file pushed on your system is already known to your Antivirus or Antimalware (in its database). If it's not, it won't do anything. And we all know that no products have a 100% detection ratio.Edit: For more information on Exploit Kits and how they work, see the article below.Tools of the Trade: Exploit Kits

    27 more replies
    Answer Match 57.12%

    Hello,

    I am trying to resolve an issue where multiple client computers in the organisation are using an internally deployed Root CA certificate (before my time and no longer required) to sign the end entity certificate for external websites, google.co.uk
    for example. All SSL sites appeared to be affected by this.




    However this is not the case as sub domains of sites with issues show the correct cert chain, the below is for mail.google.com




    Removing or untrusting this root ca cert breaks access to these sites.

    I have reset root certs in various ways, removed machines from the domain, applied no GPOs, manually updated CRL and pulled down updated certs with rootsupd.exe.
    It always attempts to use this rouge CA cert to sign the websites cert.

    Any assistance would be much appreciated.

    More replies
    Answer Match 56.7%

    Hi guys, I'd like to help clean up unused programs and malware, super slow .  I will be unable (she is unwilling) to take Mcafee off -she unfortunately decided to buy it for a year. Can someone run me through and help clean up? I ran adwcleaner but have not yet followed through, hope someone can help me this evening, i'm pretty quick if needed. Thanks!

    A:Visiting my Aunt, pretty sure she's got some malware and i'm leaving tomorrow

    If I understand you, you have scanned with AdwCleaner but haven't chose to click on the Clean button...if so, rerun and do that.
    Post its log per instructions.
     
    Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the
    Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.
    After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.
    CCleaner - PC Optimization and Cleaning - Free Download
     
    Download Malwarebytes' Anti-Malware from Here
    Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
    Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
    Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
    Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
    Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
    If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
    When MBAM is finished scanning it will display a screen that displays any malware that it has detected.
    Click the Remove Selected button.
    MBAM will now... Read more

    35 more replies
    Answer Match 56.7%

    Upon visiting websites, a pop up comes up (screenshot available upon request) informing me to contact my ISP (which is the correct one) and a phone number to call. Some annoying voice also speaks this and can only be terminated via the task manager. Everything that has been done so faris outlined in previous correspondence here: http://www.bleepingcomputer.com/forums/t/590600/possible-malware-informs-me-to-contact-isp-when-visiting-websites-to-remove-it/
     
    All browsers are affected and seems to be triggered mostly by stream2watch.com but is not limited to there as I get the message randomly on other sites (ESPN, CNN, Bleeping computer included)
     
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
    Ran by justin (administrator) on ROCKHOUSE-PC (20-09-2015 05:23:17)
    Running from C:\Users\justin\Downloads\Virus Removal Tools 9.16.15 in order
    Loaded Profiles: justin &  (Available Profiles: justin & Administrator)
    Platform: Windows 10 Pro (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
    ==================== Processes (Whitelisted) =================
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (Codebox Software) C:\Program Files (x86)\C... Read more

    A:Possible malware informs me to contact ISP when Visiting websites to remove it

    Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Press the windows key + r on your keyboard at the same time. This will open the RUN BOX.Type Notepad and and click the OK key.Please copy the entire contents of the code box below to the a new file.

    start

    CreateRestorePoint:
    EmptyTemp:
    CloseProcesses:

    (@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
    (Ammyy LLC) C:\Users\justin\Downloads\AA_v3.exe
    HKLM\...\Policies\Explorer\Run: [Mpk.exe] => C:\Program Files (x86)\KGB\Mpk.exe
    GroupPolicyScripts: Restriction <======= ATTENTION
    GroupPolicyScripts\User: Restriction <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
    CHR HKU\S-1-5-21-1106552174-2026213447-2673983111-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-1106552174-2026213447-2673983111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
    OPR Extension: (No Name) - C:\Users\justin\AppData\Roaming\Opera Software\Opera Stable\Extensions\mhgklikgljbhnomlmhmondmafldgmojo [2015-08-31]
    R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe &... Read more

    16 more replies
    Answer Match 56.7%

    OS = Windows 10, effects all browsers used (slimbrowser, slimjet, IE11, Firefox w/noscript running, Chrome, Opera, these are the only ones i tried)
     
    When browsing to a website (typically seems to be stream2watch) but others randomly trigger a message that informs me to call my ISP to remove malware, and a fake blue screen error withing a browser windows behind that. This can only be terminated by ending the task within task manager. ALT+F4 does nothing, just sends it repeating.
     
    I have Secure A Plus running along with Superantispyware, both have run a full scan and to no avail minus piddly tracking cookies in SAS. ADW cleaner also has been run after the fact. No repeat customer seem to appear.
     
    I have a screen capture if you would like to see it, and hope to get this resolved, it gets very irritating. Thank you
     
     

    A:Possible malware informs me to contact ISP when Visiting websites to remove it

    Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
    Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeList Restore PointsClick Go and post the result. Please download Malwarebytes Anti-Malware (MBAM) to your desktop.NOTE. If you already have MBAM 2.0 installed scroll down.Double-click ... Read more

    20 more replies
    Answer Match 56.7%

    Hi,
    I am trying to install CA root certificate on Windows 7, IE 9.
    Encounter error: "Untrusted Certificate".  "This certificate cannot be verified up to a trusted certificate authority."
    I have tried to install the certificate to Trusted Root Certificate Authorities->local computer and import was successful. BUT on IE->Internet Options->Certificate->Trusted Root Certificate Authorities, I am unable to find this root CA on
    the list.
    On mmc->Certificates->Trusted Root Certificate Authorities->certificates, I am able to view this root CA.
    I then restarted the IE and view the ssl site again but failed too, "Untrusted Certificate".
    Anyone, any idea ?
    Regards,
    Eye Gee

    A:Unable to Install Root CA Certificate - Certificate cannot be verified up to a trusted certificate authority.

    May the following workarounds work for you:
    Workaround 1:
    Modify the Windows settings to allow the Update Root Certificate feature to update the root certificates automatically. For details, see the following Microsoft TechNet article:
    Certificate Support and Resulting Internet Communication in Windows Server 2008
    http://technet.microsoft.com/en-us/library/cc771121(WS.10).aspx
    Workaround 2?
    If the Update Root Certificate feature cannot automatically update the root certificates, you may contact the website vender to see if there is a hotfix can fix the issue.

    8 more replies
    Answer Match 56.7%

    Hello I have Trend Micro Security Pro in my desktop. the past couple of days I have been getting an infected file alert about an infection in Disk/DIScover.exe it was of low risk so i figure it was ok but it did allow DISK/DIScover.exe and the detected resource or process ID was from HKLM/SYSTEM/currentcontrolset/services/Cdrom

    ??????
    "DISCover.exe was blocked according to the extention list specified under preven unauthorized changes"

    it said it was a user defined exception.

    what should I do about this, and how?

    any help is appreciated

    Thank-You
     

    A:Solved: security alert. please help.

    Dear 88Jonsson,
    Run your anti-malware tool(MBAM) and see if it detects and quarantines the file. If not, delete the file. Can't take a backup now as you already have an"infected"file in your system. If deletion is O.K,then GO for a backup and restore utility(Macrium Reflect Free version). Best wishes and welcome to the site!
     

    3 more replies
    Answer Match 56.7%

    Hey guys, I have not posted in a while since my computer is running ship-shape. However, last few weeks have been driving me absolutely nuts. I've been getting unsolicited email, related to pornographic garbage, sexual recants, all the hoopla you could expect. IDK how these idiots got my data, but its flooded my email from yahoo with complete nonsense and garbage which is consuming excessive amounts of time out of my day. I've tried to set crazy filters and spam setting, to some avail.
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 3:35:00 PM, on 9/19/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\hp\support\hpsysdrv.exe
    C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
    C:\Program Files\AVG\AVG8\avgtray.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Windows\V0500Mon.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.E... Read more

    A:Solved: Security Alert??

    16 more replies
    Answer Match 56.7%

    I am all of a sudden gettting these and don't know why or how to get them to stop popping up. You have to say yes about 3x or try to close out 3x. Why and how do I stop them???

    Thanks,
    Rosemary
    Security Alert

    Information you exchange with this site cannot be viewed or changed by others. However, there is a problem with the site's security certificate.

    Do you want to proceed?
    Yes No View certificate
     

    A:Solved: Security Alert Pop-Ups

    Check your system date to see if it is correct. Certificates have a valid time period and if your PC date is not accurate, it will think there is a problem with the cert.
     

    2 more replies
    Answer Match 56.7%

    So for some idiotic reason I ran a program I downloaded off the internet - I really needed it - too bad it gave me the "Security ALert! System encountered..." virus and porn and random popups.

    If someone could help me that would be greatly appreciated

    Here's the hijackthis log:

    Logfile of HijackThis v1.99.1
    Scan saved at 11:31:18 AM, on 7/25/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    C:\WINDOWS\system32\dllhost.ex... Read more

    A:Solved: The security alert bug got me

    11 more replies
    Answer Match 56.28%

    Outlook 2010 Security warning upon opening Outlook:
    Initial problem: Work email from home computer stopped sending (had been working fine), though I have no problem receiving email. (Note: Home email account continues to work fine.) Email host Support (Comcast) worked me through finding the right Outgoing port to change to, but ...
    Now upon opening Outlook - "Internet Security Warning - Security Certificate cannot be verified" pops up. "Continue?" "Yes" works, but it has become a "nag window" every time I open Outlook.
    This may not be a Windows 7 issue, but would appreciate any suggestions. /jd
    --
    Windows 7 Professional, Ver 6.1 (Build 7601: SP1)
    (Office Pro Plus 2010) MS Outlook 2010 Ver 14.-0.6129.5000 (32-bit)

    A:Outlook 2010 - Internet Security Warning - Security Certificate cannot

    HI,

    This problem is caused when the POP3 address (email collection) doesn’t match the SSL certificate that is being used. try following steps to resolve the error:

    Open Outlook > Click ‘Tools’ from the top menu > Select ‘account settings’ from the ‘tools’ menu > Highlight the email account you are having trouble with and press ‘Change’ > From the ‘Change e-mail account’ page click on ‘More settings’ >From the ‘Internet email settings’ page choose the ‘advanced’ tab >Un-tick the ‘This server requires authentication’ option > click ‘OK’, then ‘next’ then ‘Finish’

    3 more replies
    Answer Match 55.86%

    I have an older computer that is not connected to the internet. I am running XP pro sp2. I use it for storing pictures and home movies.The Windows security alert down in the lower right hand corner continues to pop up telling me my pc might be at risk. This is a nuisance. Can you tell me how to prevent this from popping up?

    A:[SOLVED] Security alert nuisance

    hello welcome to the forum and hope i can help

    this as far as i know will be solved as soon as you turn of autoupdate
    this is done when goto configuration screen trough start /settings / configuration screen / system propperties / autoupdate tab and then there choose dont auto update ever ,

    please let us know how it turn out

    greetz

    5 more replies
    Answer Match 55.86%

    Hello all,
    this is driving me crazy--
    i used use Iolo system mechanic pro. didnt like it and tried to uninstall it as per there instructions.
    decided to try avg. it wont install because it says iolo is still there.
    Windows security alerts says
    Iolo antivirus is on but is reporting its status to windows security center in a format that is no longer supported..
    ive tried to find any files related to this and deleted the ones i saw.
    im worried about not having any antivirus protection.. i dont what to do..
    i am using a dell laptop inspiron 1525
    vista home.all up to date on windows updates..
    ive read related posts nothing has worked for me.
    can someone please help me.
    thank you.
     

    A:Solved: Windows security alert

    12 more replies
    Answer Match 55.86%

    I have this security icon in my taskbar tray next to the time. It pops up when I have set Security Updates to off. How do I get THAT to go Off? It seems to use resources to notify and update, which i dont want it to do cuz it eats up bandwidth right?
    Anyway, right click gives two options: 1)go to micro web site and 2) open security center.

    Going to Security Center, it just gives me the option to turn it back on or go to auto updates.

    So is there a way to get rid of it?
     

    A:Solved: Getting rid of the Microsoft Security Alert

    Open the resources box on the left hand side of the security center and click on "change the way security center alerts me"
     

    2 more replies
    Answer Match 55.86%

    This happens at random times about half a dozen times a day. All antivirus scans are clean.
    I've used ESET, Panda, McAfee, Malwarebytes, Spybot Search and Destroy, Ad-Aware, and Clamwin,
    Doctor Web and a few others I probably forgot. As I said they all come up clean, even in safe mode.
    I found this command;
    Netsh firewall set opmode enable
    and run it as a bat file on my desktop. I REALLY want to know how to run this automatically when
    the firewall is down and the security center comes up. I really don't want to know more about viruses
    and formatting my hard drive and re-installing windows. This started happening on a Tuesday right
    after running Microsoft update!? I REALLY don't think I have a virus, but think it's possible one of my
    windows files might be corrupt. Problem is SFC /Scannow won't complete because it keeps asking for
    disk 2 of Windows XP Professional (This is Media Center Edition 2005) OEM from Compaq installed
    from a second partion on the hard dirve. I haven't found ANY messages in the event log when this happens.
    So is there a really slick way to run this command when the firewall goes down, or is someone going to
    tell me all about viruses and re-installing Windows? paj692
     

    A:Solved: Win XP MCE security alert Firewall down.

    14 more replies
    Answer Match 55.86%

    I keep getting this balloon popping up in the bottom right corner but I know that I have no virus. I am using ZoneAlarm Suite and am up to date it. I just downloaded Hijack This v1.99.1

    here is the scan:
    Logfile of HijackThis v1.99.1
    Scan saved at 12:47:34 PM, on 8/26/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Video ActiveX Access\imsmain.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Video ActiveX Access\imsmn.exe
    C:\Documents and Settings\default\My Documents\Widgets\YahooWidgetEngine.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Documents and Settings\default\My Documents\Widgets\YahooWidgetEngine.exe
    C:\Documents and Settings\default\My Documents\Widgets\YahooWidgetEngine.exe
    C:\Documents and Settings\default\My Documents\Widgets\YahooWidgetEngine.exe
    C:\Documents and Settings\default\My Documents\Widgets\YahooW... Read more

    A:Solved: security alert keeps popping up - PSW.x-Vir

    6 more replies
    Answer Match 55.86%

    opened email.then screen went black big red warning from me.did all they said but it keeps coming back
    won't let me do any thing.
    hp laptop pavlion 6000 win 7 32 bit
    HELP!!!!!
     

    A:Solved: red security alert fromM.E

    12 more replies
    Answer Match 55.86%

    Hello,
    A few minutes after starting my computer I get a pop up that reads:
    ----------------------------------------------------------------------------------------------------
    Windows Security Alert
    Warning! Potential Spyware Operation!
    Your computer is making unauthorized copies of your system and Internet files. Run full scan now to prevent any unathorized access to your files! Click YES to download spyware remover...
    -----------------------------------------------------------------------------------------------------
    I can not close it and it remains on top of anything on the screen. I have tried ctrl+alt+delete to get the task manager to end program it has no effect on the pop up.

    I need to know how to get rid of this.

    I have read some of the other posts concerning this problem and the solution seems to vary from system to system. The one thing they all had in common was to ask for a hijackthis log
    So I downloaded and ran this on my computer the results follow...
    Thank you.
    ------------------------------------------------------------------------------------
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 5:29:53 PM, on 10/1/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.e... Read more

    A:Solved: Windows security alert pop up.... help

    10 more replies
    Answer Match 55.86%

    Hi. I'm not sure what I downloaded but when I started my comp this mroning, I started getting all these pop up windows that say Windows Security Alert. They range from things about Your Provacy Guard to things telling me that if my comp has been running slower than normal, it may be infected with viruses and to download something called Adware Remover. Every time I click to close the damned things, I get redirected to a website that asks me to downlaod some malware/spyware removing software. I did some searching and I found a few threads which suggested running highjackthis, which I downlaoded and ran, and then proceeded to delete certain files that others had said were dangerous. I am adding my hijackthis log so that maybe some one can help me get rid of what ever is plaguing my comp!
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 3:22:48 PM, on 25/10/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\AlienGUIse\wbload.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Commo... Read more

    A:Solved: HELP!!!! Pop ups, Window Security Alert. What do I do?

    7 more replies
    Answer Match 55.86%

    Hi

    I have a persistent pop-up which appears every couple of minutes. If anyone can help I'd be very grateful.

    The exact text in my pop up is as follows...

    Warning! Potential Spyware Operation!

    Your computer is making unauthorized copies of your system and Internet files. Run full scan now to prevent any unathorised access to your files! Click here to download spyware remover...

    There is also an icon in the task bar which shows the following message....

    Your computer is infected!

    Windows has detected spyware infection!

    It is recomended to use special antispyware tools to pervent data loss. Windows will now download and install the most up-to-date antispyware for you.

    Click here to protect you computer from spyware!

    I searched Google and it led me to this website where someone has posted a thread re a similar problem and received this response from user MFDnNC

    download HJTInstall.exe
    Save HJTInstall.exe to your desktop.
    Doubleclick on the HJTInstall.exe icon on your desktop.
    By default it will install to C:\Program Files\Trend Micro\HijackThis .
    Click on Install.
    It will create a HijackThis icon on the desktop.
    Once installed, it will launch Hijackthis.
    Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
    Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    Come back here to this thread and Paste the log in your next reply.
    DO NOT have Hija... Read more

    A:Solved: windows security alert pop-up

    16 more replies
    Answer Match 55.86%

    I recently experienced a “Windows Security Alert” pop-up.

    It listed following “Detected spyware and adware on your computer: “………….. Filename:
    ……………………Trojan.Vundo!gen5………………………………………..keyboard.sys
    [email protected]Win.exe
    ……………………Suspicious.MLApp…………………………………………cdplayer.ini
    ……………………Trojan.Thuxeme!inf………………………………………....bootstat.dat
    ……………………Backdoor.Tidserv…………………………………………..nsreg.dat

    The pop-up was on a web page with following address…
    http://www1.firesavez6.com/~~~~~~~~ (followed by a whole bunch of characters )

    I got real suspicious when it wanted me to [remove all] and I did nothing. I exited out of the page and performed a system check with my virus program. (Found nothing!)
    Ran Spybot S&D and Ad-Aware. ( Found nothing!)

    The system is running great and haven’t had this pop-up since.

    Has anyone info on this? It’s a first for me.
     

    A:Solved: Windows Security Alert??

    You browser probably got hijacked....happens to me sometimes....just get out of it and don't click on anything

    but just to check you can post your hijackthis log

    You could post your HijackThis log and see if anything shows up
    Download HijackThis to your desktop

    Double click on HJTSetup.exe on your Desktop
    Click Run and Install
    It will install to Program files by default
    it will launch Hijack This
    Click on "scan system and save a logfile" usually in notepad
    Copy and Paste the logfile in your next post
    Using Ctrl+A to copy All and Ctrl+C to copy and Ctrl+V to paste.

     

    3 more replies
    Answer Match 55.86%

    Every time I restart I get the notice that my MSE is not turned on. It Has done this for about a year and thru two reinstalls. Nuisance). Any ideas please ?
     

    A:Solved: windows security alert

    16 more replies
    Answer Match 55.86%

    hey guys I'm new to using hijackthis but after some searching i found out it would be good to use for this situation. I keep having recurring popups titled "Windows Security Alert" and "Spyware Alert" they seem to pop up almost every minute. When i try to close them or hit "No" when they ask me to download their software, they automatically redirect me to a web site (luckily i have the network unplugged so it cant download anything silently...)

    I'm hoping you guys could help me out with discovering where the problem is... ive used msconfig to turn off anything i could find and ive run 2 antivirus programs (avast and trendmicro) and Spybot S&D and Ad-Aware... Ive also tried to turn off almost all processes in Task Manager while the system was running just to see if it would stop but i havent found out which process does it.

    Here is my HijackThis log:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:04:43 PM, on 8/30/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\RU... Read more

    A:Solved: Windows Security Alert pop ups

    11 more replies
    Answer Match 55.86%

    Hey everybody.

    I was checking my email today, and got this in the email:

    PLEASE FORWARD THIS WARNING AMONG FRIENDS, FAMILY AND
    CONTACTS:

    You should be alert during the next days:

    Do not open any message with an attached filed called "Invitation"
    regardless of who sent it.

    It is a virus that opens an Olympic Torch which
    "burns" the whole hard
    disc C of your computer. This virus will be received
    from someone who has
    your e-mail address in his/her contact list, that is
    why you should send
    this e-mail to all your contacts. It is better to
    receive this message25
    times than to receive the virus and open it.

    If you receive a mail called "invitation", though sent
    by a friend,do not
    open it and shut down your computer immediately.

    This is the worst virus announced by CNN, it has been classified by
    Microsoft as the most destructive virus ever.

    This virus was discovered by McAfee yesterday, and
    there is norepair yet
    for this kind of virus.

    This virus simply destroys the Zero Sector of the Hard
    Disc, where the
    vital information is kept.Click to expand...

    Is this a true virus that is out now? I didn't want to forward it to my friends and family, giving them something else to have to worry about, if it is just a false email sent out.
     

    A:Solved: True Security Alert?

    6 more replies
    Answer Match 55.86%

    My wife is running Windows XP, Norton Internet Security 2009 and uses Mozilla Firefox as her browser. She got an alert window from something calling itself "Windows Web Security" saying her computer was at risk, she tried to close the window but it ran a scan instead, reported that it found numerous trojans and prompted for action. She tried to close that window too with no luck.

    Also, may be related, Norton keeps alerting that the advanced protection setting is off, when turned on, it will not stay on.

    Here are the things I think you need to give me some direction on fixing this it it is indeed a problem or infection.

    Thanks,

    DDS (Ver_09-05-14.01) - NTFSx86
    Run by Owner at 13:49:00.51 on Mon 06/01/2009
    Internet Explorer: 8.0.6001.18702
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.895.332 [GMT -4:00]

    AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
    FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
    C:\WINDOWS\arservice.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program... Read more

    A:[SOLVED] Windows web Security Alert?

    Update mon the previous post - This morning her Norton Internet Security did not start and when I manually started it, reset the settings and tried to apply these changes, they all went back to the "off" position. So currently she cannot use e-mail or any other internet based process because they are not being scanned by Norton. Help!

    1 more replies
    Answer Match 55.86%

    I am working on a Windows XP Pro machine. I was getting pop up ads with a Windows security alert warning, along with a few others. My time also changed to military time. I could not run any malware programs until I ran a HJT log and corrected on of the entries, something with a ip address in it, I didn't write it down like an idiot. That then allowed me to update and run Spybot , malwarebyte and superantispyware. All came back with issues. Mywebsearch, trojan.fakealert.gen, disabled.securitycenter ,Trojan.vundo,trojan.fakealert,torjan.fakealert.gen,rogue.antivirusoft.Thank you in advance for your help!Here is the DDS report:DDS (Ver_09-12-01.01) - NTFSx86 Run by jandreozzi at 11:16:57.68 on Tue 03/09/2010Internet Explorer: 6.0.2900.2180Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1075 [GMT -5:00]AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}FW: *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}============== Running Processes ===============C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exeC:\Program Fi... Read more

    A:Windows Security Alert/Antivirus software Alert Virus

    Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

    29 more replies
    Answer Match 55.44%

    First thread

    As it seems like Emsisoft is clearly winning, I would like to present a second question.
    Hitman Pro Alert offers a deal to buy EAV + Alert for $39.95.
    EIS is $49.95, but will be discounted as the license is renewed.
    I like both but do not know which one to pick. More about the features and quality and impact, less about budget.

    Clarification: First choice is EAM + HMP.A + Windows Firewall
     

    A:Emsisoft Anti-Malware + Hitman Alert vs Emsisoft Internet Security

    Let's do math.


    Spoiler: lets do math




    Windows Firewall Control (WFC) lifetime license = $10.
    So EAM + HMP.A + WFC (lifetime) = $49.95
    On the other hand, EIS = $49.95, as mentioned by you.
    So they have the same price.
    But in my opinion, the combo EAM + HMP.A + WFC is better, because it has much more features.
     

    9 more replies
    Answer Match 55.44%

    I entered a page Google yielded as a result for a particular file I was trying to find, when my computer began to slow down considerably and my desktop got louder. I immediately hit the back button on the browser as I suspected something was possibly beginning to infect my computer, and as a Firefox popup appeared, I opened Windows Task Manager and ended firefox.exe. After this, in the tray appeared a yellow triangle with an exclamation point in the middle, and your standard virus popup claiming to be helpful and that your computer is at risk. I ended every unfamiliar process in Task Manager but the yellow triangle (that said Windows Security Alert when I hovered my mouse over it) remained in the tray. I could not find any process that would make any impact on it by being ended. It popped up again & took over when I tried to right click it in the tray (god knows why I did that) and when I tried to open Firefox.

    I got frustrated with the lack of an unfamiliar process and closed Task Manager and decided to try and 'refresh' it by opening it again and when I did so, the yellow triangle turned into a red sphere with a white X in the middle. I began to get several little popups from the tray coming from the icon telling me I had numerous critical errors to do with hard drive/RAM. I also received another popup in the form of a '[Cancel] [Try Again] [Continue]'. I was very careful never to click any of these popups; nor could I end them in Task Manager as ag... Read more

    A:Malware posing as "Windows Security Alert"

    Hi,

    Sorry for delayed response. Forums have been really busy. If you still need help with this do following, please.
    Download DDS and save it to your desktop from here or here or here.
    Disable any script blocker, and then double click dds file to run the tool.
    When done, DDS will open two (2) logs:
    DDS.txt
    Attach.txt

    Save both reports to your desktop. Post them back to your topic.

     

    1 more replies
    Answer Match 55.44%

    Hello All,

    I have been getting various baloons and pop-ups for the last day and half.
    I have ran ad-aware, spyboy search and destory, trend micro pc-cillin, and avg anti-spyware 7.5. They have removed some things found... but obivously not the main problem as I am still having issues.

    This is the most recent baloon popping up:

    Security Alert: [email protected]
    Type: Viru/Network Worm
    Damage Level: High
    Description: Virus that infects executable files.
    Recommendation: Delete/quarantine immediately
    Protection: Click this baloon to dowland certified Antivirus Software

    I have read some of the forums around and found that someone else was having the same issue. I am about to perform the HJTsetup.exe recommended. I will post my log results here when completed.

    If someone could please help me after that point I would be ever so greatful. (This is happing to my new computer just got it on x-mas)

    Thanks!
    Xandra
     

    A:Solved: Security Alert: [email protected]

    8 more replies
    Answer Match 55.44%

    Hello !

    http://imageshack.us/f/26/temppv.png/

    The image to which I've linked to above contains a security alert which has started to pop up recently. I don't remember seeing it while actually using the computer, mostly when I come back to it after a brief period of inactivity.

    I can see that it has something to do with Java, and I'm guessing that it's connected to the auto-update feature. I've never experienced this before though, and I was wondering if this was something to be worried about ?

    So far I've denied it, since I'm not sure about what's going on. If anyone knows, I'd appreciate it if you could explain it to me
     

    A:Solved: Security Alert: Explanation appreciated

    Hi There,

    This certificate is because windows doesn't recognise the certificate, not sure why since java is so popular but if you hit 'install certificate' it should remove the prompt in the future, do first make sure that it is in face java that is requesting it first, by opening task manager (Ctrl+Shift+Esc) and making sure that java is the process behind the message. after that it should be safe to install and will allow the future updating of java.
     

    2 more replies
    Answer Match 55.44%

    i got a virus acting up that was fixed for someone else so i am starting a new thread for mine...i followed the initial instructions in the other thread so mabye someone can help me from there.....
    thanks in advance and i will be heading to work soon so will check back later.

    Logfile of HijackThis v1.99.1
    Scan saved at 6:19:54 PM, on 4/10/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
    C:\Program Files\Video ActiveX Object\pmsnrr.exe
    C:\Program Files\Video ActiveX Object\isamntr.exe
    C:\Program Files\Video ActiveX Object\pmmnt.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\Digital Media Reader\shwiconem.exe
    C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
    C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
    C:\Program Files\Video ActiveX Object\isamini.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Trend Micro\Internet Security 2006\pccguide.exe
    C:\Program Files\Logitech\MediaLife\MediaLifeService.e... Read more

    A:Solved: Security Alert: Spyware found

    16 more replies
    Answer Match 55.44%

    I just purchased a laptop that comes with Windows Vista SP1. All good, right? Well, sort. I love the operating system. Pretty smooth, the looks are amazing and it runs just fine. I don't see how people are complaining about it, I love how everything is built into another thing and another and so on.

    The only thing that annoys me is the UAC, cause it asks me to run some programs that I use often, and it can get very annoying. So, I disabled UAC. All fine and dandy, except for two things:

    1. The icon still remains on those programs that have been blocked.
    2. The security center icon won't leave me alone, and I don't want to disable alerts from the security center.

    Is there anyway to fix these two problems? Thanks!
     

    A:Solved: UAC, always showing Security Center alert.

    16 more replies
    Answer Match 55.44%

    Dear Friends,

    I have Windows XP Home edition and use Microsoft Security Essentials (MSE) as my anti-virus. Recently I keep getting a security alert "Your computer might be at risk. MSE is turned off click this balloon to fix this problem" When you click the balloon it takes you to the Security Centre which states that the Anti-Virus is OFF. In the notification area there is a red shield with a white cross in it stating Windows Security Alerts. However, also in the notification area the usual green icon with the white tick says "PC statusrotected"

    If you open the MSE programme it states "Real Time Protection On : Virus and Spyware Definitions Up to Date" and there is the usual large white tick in the icon of the monitor. All of this would seem to suggest to me that MSE is turned ON and working so I am baffled as to why I keep getting the alert and that the Security Centre is showing OFF.

    Thank you,

    Red Cloud
     

    A:Solved: Microsoft Security Essentials Alert

    13 more replies
    Answer Match 55.44%

    I keep getting these bogus virus alerts from my icon tray trying to sell me bestseller antivirus software. I have kasperky and spysweeper installed and neither find this. I tried restarting in safe mode and running smitfraudfix after turning off automatic updates and here is what I got:
    SmitFraudFix v2.253

    Scan done at 15:05:06.53, Sun 11/18/2007
    Run from C:\Documents and Settings\BB\Desktop\SmitfraudFix
    OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
    The filesystem type is NTFS
    Fix run in safe mode

    »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    »»»»»»»»»»»»»»»»»»»»»»»» Killing process
    »»»»»»»»»»»»»»»»»»»»»»»» hosts
    127.0.0.1 localhost

    »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

    S!Ri's WS2Fix: LSP not Found.
    »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

    GenericRenosFix by S!Ri
    »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
    »»»»»»»»»»»»»»»»»»»»»»»» DNS

    HKLM\SYSTEM\CCS\Services\Tcpip\..\{5AE64F42-8EEE-4802-964E-D839E4387B96}: DhcpNameServer=192.168.1.254
    HKLM\SYSTEM\CS1\Services\Tcpip\..\{5AE64F42-8EEE-4802-964E-D839E4387B96}: DhcpNameServer=192.168.1.254
    HKLM\SYSTEM\CS2\Services\Tcpip\..\{5AE64F42-8EEE-4802-964E-D839E4387B96}: DhcpNameServer=192.168.1.2... Read more

    A:Solved: Security alert: spyware found

    10 more replies
    Answer Match 55.44%

    Hi, for the past couple of days I've been getting this security alert popping up on my computer. It never goes away. Also, every couple of minutes, literally, I will get popups from internet explorer for antivirus software, etc. etc. But, once this problem started, and I figured I needed new antivirus software, I purchased bitdefender, and it is now installed, but says I have no pending viruses.

    Here is the main security alert pop-up:

    Security Alert: [email protected]
    Type: Virus/Network Worm
    Damage Level: High
    Description: Virus that infects executable files.
    Recommendation: Delete/quarantine immediately.
    Protection: Click this baloon (sic) to download certified Antivirus software.

    I have seen at least one other posting about this issue, but I didn't completely understand the steps I need to take to resolve this. Any help is much appreciated!!!

    Thanks,
    Alex
     

    A:Solved: Security Alert: [email protected]

    11 more replies
    Answer Match 55.44%

    I keep getting what I believe is a fake windows security alert, which reads:
    Warning! Potential Spyware Operation!
    Your computer is making unauthorized copies of your system and Internet files ....

    I cannot access Control Panel. Cannot print and the computer does not recognize me as the administrator.

    Please HELP!!!!!!!!!
     

    A:Solved: Fake windows security alert

    15 more replies
    Answer Match 55.44%

    Hello, all

    I've got this little yellow triangle in my tray (bottom right corner) that continues to flash and tell me things like "security alert: spyware found, PSW.x-Vir trogan" .
    My browser has been hijacked, trying to sell me a cure.
    After searching these threads for a real cure, it looks as if each case is different.
    any help is welcome
    Thank You, jpass
     

    A:Solved: Security Alert: Spyware found

    16 more replies
    Answer Match 55.44%

    I turned my laptop on this morning, and updated Avira. I noticed once Avira closed that I had a security alert pop-up that said

    "You are about to view pages over a secure connection.
    Any information you exchange with this site cannot be viewed by anyone else on the web"

    It then had a box to check so that the warning would not be shown anymore, a yes button and a more information button.

    I clicked the information button and it just pops up with the Windows Help and Support page - Security and Privacy features in Internet Explorer.

    I use FireFox and do not use IE at all.

    I restarted my computer, thinking it had something to do with Avira, but it still popped back up and I dont know why.
     

    A:Solved: Security Alert when starting computer

    9 more replies
    Answer Match 55.44%

    Someone please help me! I keep recieving a n error message saying "security alert: spyware found" on my task bar, it has a little yellow triangle with an exclamation mark in the middle. It says click baloon to remove PSW.x-Vir spyware. then it opens up to Virusblast, or several different other anti virus ware. I have anti virus protection installed, spyware protection and all my scans come back clean. I've already lost one hard drive due to a virus, lost everything because I did not back up and this time I dont want to make same mistake. can anyone help me get rid of this? also, I keep getting dirty pictures that just seem to pop up on my computer, I leave the room and when I come back there it is porn pictures. I dont visit these sites. what is going on with my computer???
     

    A:Solved: Security Alert: PSW.x-vir trojan popping up!

    16 more replies
    Answer Match 55.02%

    When browsing in firefox, I suddenly got a popup in my taskbar from Windows Security Alert. Knowing that was a problem, I immediately came here and downloaded DDS and Rootrepeal. However, this malware will not let me run a program. Every time I try, I get a window popup that says "Security Warning: Application cannot be executed. The file cmd.exeis infected. Do you want to activate your antivirus software now?" And then yes/no boxes. I've since closed firefox, and can no longer open it. I get the same popup for every program I try to open. Any help would be greatly appreciated

    A:Windows Security alert/Antivirus System Pro alert

    You already stated that no matte rwhat program you try to open, you see that pop up for the scareware. You can try running Rkill first to see if you can kill some of the malware processes that are preventing you from being abel to run other security software. here are some DL links for you. LINK 1LINK 2LINK 3LINK 4Once you get it downloaded double click to launch it (With Vista you need to right click and select run as administrator). You should see a little black window open and then close. If you see that box then it worked. If you don't see the black box then delete the file and use another download link and repeat the steps.Once it runs you should be able to run MBAM and then I would run SUPERAntiSpyware as well. If all else fails try going in to safemode and install MBAM and run the scans from there to get you started.

    4 more replies
    Answer Match 55.02%

    Security Alert. Virus Alert! Application can't be started
    I am screwed...my kids got this virus on my work laptop.
    It just keeps popping up
    Windows Security Alert
    Attention Spyware alert.

    Can anyone help please get rid of this virus..
    Thanks,
    Stephen

    A:Security Alert. Virus Alert! Application can't be started

    Hello.Let's see what we're dealing with here.Please download RKill by Grinler from one of the 4 links below and save it to your desktop.Link 1Link 2Link 3Link 4Before we begin, you should disable any anti-malware software you have installed so it does not interfere with RKill running. This is because some anti-malware software mistakenly detects RKill as malicious. Please refer to this page if you are not sure how to disable your security software.Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed. If nothing happens or if the tool does not run, please let me know in your next reply***************************************************Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download linkIMPORTANT!!! - when you save the file, rename it to something random, such as bubbles.exe This must be done before beginning the download!MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install th... Read more

    1 more replies
    Answer Match 55.02%

    We just started having this problem today at one of our computers at work, we run on Windows XP. Every time I navigate to a new web page (even here), I get a pop up warning:

    Internet Explorer Warning - visiting this web site may harm your computer!

    Most likely causes:
    The website contains exploits that can launch a malicious code on your computer
    Suspicious network activity detected
    There might be an active spyware running on your computer

    What you can try:
    Activate Antivirus 360 for secure Internet surfing (Recommended).
    Check your computer for viruses and malware.
    More information

    Can you please help me get rid of this? I have tried to attach the 2 things that came up with the DDS

    A:Internet Explorer Warning - visiting this website may harm your computer Antivirus 360 Malware

    Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_Sca... Read more

    2 more replies
    Answer Match 55.02%

    I have this spyware or virus on my computer, that has created a fake System Alert. The alert constantly sends me to a virprotect webpage. This virus came from downloading an Active X Control.

    Please Help, and for your time, I thank you in advance!

    Here is my HJT Log:

    Logfile of HijackThis v1.99.1
    Scan saved at 3:34:12 PM, on 1/4/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\AT&T\AT&T Internet Security Suite\Fws.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
    C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
    C:\Program Files\Video Add-on\isfmntr.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\RunDLL32.exe
    C:\Program Files\AT&T\Internet Security Wizard\ISW.exe
    C:\Program Files\AT&T\AT&T Internet S... Read more

    A:Solved: System Alert Malware

    16 more replies
    Answer Match 54.6%

    I posted here in mid-July and MNDnNC helped me tremendously. Unfortunately, whatever source started this thing got hit again by one of my kids and I'm infected again.

    I've done the following:
    New Vundo Fix
    New ATF Cleaner
    New Combo Vix
    Run SuperAntiSpyware

    Here are the logs:

    Hijack This:
    Logfile of HijackThis v1.99.1
    Scan saved at 2:27:48 PM, on 8/5/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16473)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINNT\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\EarthLink TotalAccess\WENGINE\wmonitor.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Gateway Wireless Monitor\WLService.exe
    C:\Program Files\Gateway Wireless Monitor\WLan... Read more

    A:Solved: Its Back...The Fake Windows Security Alert

    8 more replies
    Answer Match 54.6%

    I seem to have a common problem that I think I have partly fixed but still have some problems. Here is my tale of woe.

    I had the "Windows Security Alert: Warning! Potential Spyware Operation..." popup along with the restriction of my access to the Control Panel and to Windows Updates and it changed my default browser to IE and my homepage to Google. I booted in Safe Mode and ran Spybot and AVG Antispyware and deleted whatever they found, then ran AVG Antispyware 7.5 which found a Trojan that I quarantined. I booted normally, still got the popup, still had no access to Windows Update, but gained access to Control Panel although most features were restricted. As well, during bootup I got a message in a box with a title bar of "16 Bit MS-DOS Subsystem" and the box text was
    "C:\WINDOWS\System32\command.com
    C:\WINDOWS\SYSTEM32\AUTOEXEC.NT. The system file is not suitable for running MS-DOS and Microsoft Windows applications. Chose close to terminate the application."
    I chose close and bootup continued.

    I then went to Run: gpedit.msc and was able to restore access to my Control Panel contents and to Windows Update, installed the most recent Windows updates, rebooted, and now the popup is gone. However, now every time I bootup I get a box with the title bar "C\WINDOWS\system32\printer.exe" and box text "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item." Other... Read more

    A:Solved: Bogus Windows Security Alert Popup

    16 more replies