Argonath RPG - A World of its own
Argonath RPG Community => Hardware/Software support => Resolved issues => Topic started by: Ragdoll on June 30, 2012, 11:13:42 am
-
Hi!
A while ago I downloaded a program from an untrusted website (silly me), and I installed it. When I did nothing happened, I couldn't open the damn thing. So I figured it was a virus. Deleted the installer, restored the system to a day before and scanned my PC (McAfee) just to be extra sure. Everything was gone. Then I wanted to open Google.com to check for any reports about it. And Chrome tells me "The site's security certificate is signed using a weak signature algorithm!", which is weird... since it's Google. Then it happened with a lot of other websites, like facebook, hotmail, youtube, etc... I read that Google takes some of its settings (I think) from IE. So I reset everything in IE, and it still happens... So.. help? :cry:
-
Apparently some people suggest that using malwarebytes fixes things others say an uninstall/install. What was the name of installer if you could provide it?
-
Apparently some people suggest that using malwarebytes fixes things others say an uninstall/install. What was the name of installer if you could provide it?
I honestly forgot, deleted it the moment I found out it did nothing.
-
Did you by any chance raise the security settings ?
-
Did you by any chance raise the security settings ?
Not at all.
-
http://superuser.com/questions/421224/the-sites-security-certificate-is-signed-using-a-weak-signature-algorithm-can (http://superuser.com/questions/421224/the-sites-security-certificate-is-signed-using-a-weak-signature-algorithm-can)
Seems to be the most useful thing. It is almost certain to be malware or some kind of keylogger.
You might not want to use Chrome to log in to any site until you manage to remove the message.
-
First of all download and install JonDoFox(an encrypted browser, dont download any other unnecessary jondo products when it prompts you to)Use jondofox till your problem is fixed to avoid you losing any more login credentials.
Now, download and run malwarebytes. Run a full scan, and if the problem isnt gone then post its log here.
If it isnt gone, google kaspersky virus removal tool, same deal, scan, post report if it aint gone.
Finally uninstall your crappy antivirus, and replace it with avast! which is a very good antivirus. Run a full system scan. Now delete all system restore points(viruses can easily infect them) and replace them with new ones.
-
Ensure you've also downloaded the latest Google Chrome update, it has various protective and security updates.
Regardless of that, the number one thing you should never do is trust a shady looking site ;). If you are unsure of a site, Google (or other search engine) the site for its reputation. Often discussion threads will come up if anyone else had a malicious experience with the site.
Malwarebyes as everyone saying is a great start, but you may want to get an antivirus such as AVG or Microsoft Security Essentials; both have the ability to detect 2 important elements 1. Rootkits, and secondly keyloggers and are a free alternative. Personally, I've used McAfee and I use to pay for it; If I could I would sue them for making me pay for such a shit product.
additionally, type this into a new window:
chrome://chrome/extensions/
Review all extensions here, that you know what they are. If you don't block the immediately and search their credibility. Do note, Google Chrome has no default extensions, so everything there you at somepoint clicked "I agree" to.
Lastly,
navigate to chrome://chrome/settings/ in the url window.
If you haven't already, click show advanced settings and find
(http://gyazo.com/04906b0850bca5a00cd553c20c7d8536.png?1341371933)
Make sure the checkbox "Check server for revocations" is checked.
hope it helps remove the current issue and then protect you from further harm :P again, the best solution is to check shady looking sites.
-
If you read the link, then you will notice that malwarebytes does not detect the problem.
Running it will show you as clean while it is not solved.
-
If you can, take a screenshot of your host files. Go to C:\Windows\System32\Drivers\etc for Windows and drag and drop a file called "Hosts" into Notepad. For Mac OS X, try "sudo nano /private/etc/hosts" in terminal.