SSL crossed out on websites like google, facebook..etc

[freak180]

I installed some stupid exe file that was for windows 8 modding and it secretly installed some tool bar crap and other stuff without my knowledge...was using the built in antivirus windows 8 offers which is crap..I'm using something else now..

However, Now I notice all my sites that require me to log in is saying HTTPS is crossed off with a red slash.. Please I tried googling it and still no fix :\

I forgot to say I'm using chrome

[Bi4me]

Okay, let's start from where we're supposed to. Is your PCs date up-to-date?

[freak180]

Yes it is

[incendy]

Can you do a system restore back to before you installed the program? It won't delete your documents etc, just reset your registry and system setting back to before that program existed.

 

Seems they changed the way you open system restore in WIndows 8.1 but to get there, search / open System and then Click on System Protection, System Restore. To see older restore points chose the checkbox to show more at the bottom of the window.

[+BudMan MVC]

"some tool bar crap and other stuff without my knowledge...was using the built in antivirus windows 8 offers which is crap..I'm using something else now.."

 

So YOU RAN an EXE!!!  But its MS fault for not stopping you?  Or Warning you?  What exe do you have - does it report that its infected at totalvirus website?

 

You do understand that there is really fine line between virus and crapware/malware -- even if everyone thinks that X software is crapware/malware - if they tell you they are going to install something - no matter how tiny the fine print, and the user says OK!!  It is not legal for other antivirus/crapware/malware to stop this or uninstall it, etc.

 

If user ran it, and accepts the legalize quite often there is Nothing antivirus software can do about it.  So don't go blaming MS for something you clear did yourself.

 

Now to clear up your mess - can you point to where you downloaded this exe, can you share it via dropbox or something so we can take a look at what it did via installing on a VM, etc.  Then again are you 100% sure this exe actually messed up your box?

[sc302 Veteran]

I have seen chrome cross out the https. This seems to be a chrome only thing. Usually get it with self signed. It could be anything from java script being disabled to your date/time being off or invalid/unknown cert authority providing the https cert.

[freak180]

"some tool bar crap and other stuff without my knowledge...was using the built in antivirus windows 8 offers which is crap..I'm using something else now.."

 

So YOU RAN an EXE!!!  But its MS fault for not stopping you?  Or Warning you?  What exe do you have - does it report that its infected at totalvirus website?

 

You do understand that there is really fine line between virus and crapware/malware -- even if everyone thinks that X software is crapware/malware - if they tell you they are going to install something - no matter how tiny the fine print, and the user says OK!!  It is not legal for other antivirus/crapware/malware to stop this or uninstall it, etc.

 

If user ran it, and accepts the legalize quite often there is Nothing antivirus software can do about it.  So don't go blaming MS for something you clear did yourself.

 

Now to clear up your mess - can you point to where you downloaded this exe, can you share it via dropbox or something so we can take a look at what it did via installing on a VM, etc.  Then again are you 100% sure this exe actually messed up your box?

First off Im not here to be Lectured by YOU!!! SO stop your BS

I download it off Deviant Art and the comments seem fine from what I read  And holy sh**. I know this is the reason why chrome is acting up the way it is now. So stop acting you you know everything!

[Dick Montage]

So stop acting you you know everything!

 

He's not infected...

[sc302 Veteran]

First off Im not here to be Lectured by YOU!!! SO stop your BS

I download it off Deviant Art and the comments seem fine from what I read  And holy sh**. I know this is the reason why chrome is acting up the way it is now. So stop acting you you know everything!

Couple of things with this, he is trying to help you understand that you did this by accepting whatever agreement/install blindly.  While he doesn't know everything, he knows enough to read what is on the screen before hitting yes/ok/I agree/etc, not waiting until after the fact to understand or read up on it...after the fact is too late.  You blame the "built in antivirus windows 8 offers" and call it "crap" when you don't understand or know what YOU did to YOUR system.  Now you are reading wtf it is after the fact and all of a sudden you are ok with it.  

 

Lesson to be learned, before you hit OK or check off things or leave things checked off, read what it is next to the check mark before hitting the allow/ok/yes/open buttons.  Toolbars do not get installed without you knowing, I have not seen one in recent times that do so.

[freak180]

Couple of things with this, he is trying to help you understand that you did this by accepting whatever agreement/install blindly.  While he doesn't know everything, he knows enough to read what is on the screen before hitting yes/ok/I agree/etc, not waiting until after the fact to understand or read up on it...after the fact is too late.  You blame the "built in antivirus windows 8 offers" and call it "crap" when you don't understand or know what YOU did to YOUR system.  Now you are reading wtf it is after the fact and all of a sudden you are ok with it.  

 

Lesson to be learned, before you hit OK or check off things or leave things checked off, read what it is next to the check mark before hitting the allow/ok/yes/open buttons.  Toolbars do not get installed without you knowing, I have not seen one in recent times that do so.

Why do you assume I did not check it off? I check up that crap during the installation processes and it still manage to install 5 different toolbar crap on there. Thats what pisses me off. I dont even know why the member on DA uploaded this crap on that site.

[+Warwagon MVC]

A good way to go about finding what stuff it installed is by going into programs and features and arranging by the install date. That should bring all the crap to the top. I would recommend uninstalling each one individually. Then run a program called adwcleaner which will get rid of the left overs.

 

http://www.bleepingcomputer.com/download/adwcleaner/

 

I would then recommend going into your chome settings / extensions and seeing what extensions the crap also installed and remove those as well.

 

In the future you may want to invest in a program called sandboxie http://www.sandboxie.com which lets you try programs out in a sandboxed environment. This way even if it did install X number of toolbars, you just terminate all sandboxed processes and then delete the sandbox and it's as if nothing ever happened.

[badb0y]

Just Re-install Windows 8..Other wise it could also steal your log ins/ credit cards/ bank info.

 

Up to you now!

[sc302 Veteran]

I can assure you that toolbars do not get installed unless you are not paying attention. If and when I have this issue, I uninstall everything, slow down and go back through I pick it up where I stupidly missed it. I do this so that when I do go to reinstall it I don't make that stupid mistake again. It doesnt happen often any more because I am very careful but if it does happen it is because I am not paying attention.

[xendrome]

System restore point?

[Anibal P]

First off Im not here to be Lectured by YOU!!! SO stop your BS

I download it off Deviant Art and the comments seem fine from what I read  And holy sh**. I know this is the reason why chrome is acting up the way it is now. So stop acting you you know everything!

 

He may not know "everything" but BudMan earned that MVC title, and everything I've seen him post has been 100% spot on and accurate, the best thing you can do is pay attention to what the MVCs post and learn from your obvious mistake

[watkinsx2]

Browser add-on breaking the SSL cert. Shopping tool bars often do this because they try and intercept the traffic.

[freak180]

I can assure you that toolbars do not get installed unless you are not paying attention. If and when I have this issue, I uninstall everything, slow down and go back through I pick it up where I stupidly missed it. I do this so that when I do go to reinstall it I don't make that stupid mistake again. It doesnt happen often any more because I am very careful but if it does happen it is because I am not paying attention.

BS  I Made sure to pay attention when doing this. I saw when it ask me if i want to install this crap or not. I took it off and finished installed. I then decided to uninstall it and saw that 5 other apps were installed during the same time. I experience this in the past so I make sure I look for anything like that.

 

A good way to go about finding what stuff it installed is by going into programs and features and arranging by the install date. That should bring all the crap to the top. I would recommend uninstalling each one individually. Then run a program called adwcleaner which will get rid of the left overs.

 

http://www.bleepingcomputer.com/download/adwcleaner/

 

I would then recommend going into your chome settings / extensions and seeing what extensions the crap also installed and remove those as well.

 

In the future you may want to invest in a program called sandboxie http://www.sandboxie.com which lets you try programs out in a sandboxed environment. This way even if it did install X number of toolbars, you just terminate all sandboxed processes and then delete the sandbox and it's as if nothing ever happened.

I'll check that out and thanks for the recommendation man! :)

[sc302 Veteran]

I have not seen anything like this in recent times care to send the link to the install over. I have seen this with torrent files that auto install crap. I tend to extract what I can out of the "installs" that I torrent due to the fact that many of them are self extracting zip or rar files that install crapware/malware/viruses as well as the program you are trying to install. Perhaps this is the type of install you ran.

If I had a copy of said program I could see what it is doing and exactly where it is installing to.

[StarkWiz]

Is this happening for all SSL websites or just few ?

Can you please check if your system time and date is accurate ?

[+BudMan MVC]

so this is the virustotal report on that exe you linked too

https://www.virustotal.com/ro/file/cf3cb4ae05af1e4ab37b17fdd05bb02642362e291e1379b33321c02bdcebf9f9/analysis/1382251738/

 

SHA256: cf3cb4ae05af1e4ab37b17fdd05bb02642362e291e1379b33321c02bdcebf9f9 File name: Windows-8-Start-Screen-Customizer_1.4.1.dl.exe Detection ratio: 5 / 48 Analysis date: 2013-10-20 06:48:58 UTC ( 0 minute ago )

[nabz0r Veteran]

First of all I hope you sort your problem out and fix it asap.

 

Second of all, I really suggest to calm down and not start fighting with people that are actually trying to help you out to sort out the problem. There was a reason that you have started to post here and that you knew that there are people that can and know much more than yourself and therefore you've posted to get help. So stop this "BS" thingy that you have in every reply and listen to what they have. Again best of lucks in sorting it out!

[sc302 Veteran]

So this start screen customizer made by a random person loaded on malware.

Don't trust things from random sites unless it comes directly from the manufacturer. Ie downloading stuff from adobe or microsoft. If they include toolbars they tell you about it. Sandboxie would be good for you or perhaps a vm where you can test installs of random origin.

Again I have not seen toolbar that installs without telling you. But let me be a little more clear in that, I have not seen a toolbar that has randomly installed without telling you from a legit site.

Torrenting is not a legit site, deviant art is not a legit site (they are a art site, I would not trust anything else from that site). Use some common sense. If it looks or sounds shady it is. I can't say this enough, if you are going to play with this stuff, we all do, setup a space that can be easily defaulted (vm or physical machine) if something goes wrong. If you cant do this then dont play with fire.

[ashpowell]

Id uninstall the software, if it has an uninstall option, if not then remove the files manually (check that they are removed anyway)

 

Run CCleaner, within that make sure you remove things from the startup related to this software. Also Start > search > msconfig and run that, then go to services and tick hide ms services. Then untick that software if it's there.

 

Then run malwarebytes or something to double check & antivirus

 

On chrome, tools > settings and restore browser defaults & check your extensions and addons

 

 

Some people may do things different ways, that's the procedure i'd follow

[+BudMan MVC]

"setup a space that can be easily defaulted (vm or physical machine) if something goes wrong. If you cant do this then dont play with fire."

 

QFT!!!

 

This exactly to my original point -- YOU RAN the exe!!  It was not a drive by, be it was crap you can not expect every antivirus tool to warn/stop you from installing bad stuff.  Look at the report 5 out of 48 reported something up with that exe..  Not 40 out of 48 or something -- then you might have some complaining about crappy antivirus that came with your OS for free.

 

Didn't ms come out and say a while back that their stuff was a "base line" not a get all  to end all solution..

 

Sc302 has it right - have a playbox to play with "possible" fire then have the fire extinguisher ready..  Just run a VM with your OS that doesn't save changes, or take a snapshot of it before running something questionable.  See how it behaves anything seem funny with it?  Do any antimalware tools now detect anything?  If not then your prob ok to install on your normal system.

 

If me - if you feel your box has been compromised - NUKE IT FROM ORBIT!!!  It is the only way to be sure ;)

 

I don't know why anyone ###### with this stuff any more when you should be able to put your system back to how it was from your last clean backup image you took last week?  Or better yet before you installed any questionable or even just new software ;)