Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Fake Microsoft websites!! Can't update Windows!


  • Please log in to reply
6 replies to this topic

#1 aSILENTfire

aSILENTfire

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:54 AM

Posted 28 March 2013 - 11:27 AM

I'm running Windows 8 with Avira, Comodo Firewall, and WinPatrol. I have been suspicious of my Windows update for a while but had no good info to go off. The best evidence I had before was a "glitch" in WinPatrol that allowed me to see some otherwise hidden software entries for a day, such as:

 

image.jpg

 

and

 

image.jpg

 

and

 

image.jpg I describe the how I ran into these here

 

Moving on...

 

So today I downgraded from Secunia PSI (checks to make sure your software is up to date etc.) from version 3 to version 2 as about a month ago it simply stopped allowing me to open the interface.. I have to admit I like version 2 better anyway.

 

Here's the thing:

 

Secunia PSI patched 147 programs, but tells me that Google Chrome 25.x "25.0.1364.172" is at "End-of-Life" and has 4/5 threat rating.

 

 

If I try to install Chrome, I get this message:

000ccc.jpg Installation failed.. requires update to Windows.. via Windows Update

 

That's just fine, but its been 10 days since my last update, and it says "no updates are available", I'm thinking I may have a malicious Windows Update.. this website: https://windows.microsoft.com/en-us/windows/help/windows-update has untrusted certifications..

 

and this website: https://update.microsoft.com/windowsupdate/v6/default.aspx?ln=en-us connects without any certificate warnings, but there is a questions mark if I click the little lock icon in IE, and If I click on "Microsoft Update" I get [Error number: 0x8007007E]

 

 

 

I've used IE10, Firefox, Comodo Dragon, Opera... can't get a secure connection, this is common on many websites, even google.com has a "?" next to its security thing in IE and a "!" under "basic constraints", saying: Subject Type=End Entity, Path Length Constraint=None

 

How can I update Windows and get https to work on most websites? 

 Thank you!



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • BC Advisor
  • 13,007 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:54 AM

Posted 28 March 2013 - 12:11 PM

For what it is worth....When clicking on the second link Firefox reports this:

This Connection is Untrusted
      
      
      
      
        
          You have asked Firefox to connect
securely to update.microsoft.com, but we can't confirm that your connection is secure.
          Normally, when you try to connect securely,
sites will present trusted identification to prove that you are
going to the right place. However, this site's identity can't be verified.
        
        
        
          What Should I Do?
          
            If you usually connect to
this site without problems, this error could mean that someone is
trying to impersonate the site, and you shouldn't continue.
            
          
        
        
        
        
          
        
        
        
        
          
      


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 aSILENTfire

aSILENTfire
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:54 AM

Posted 28 March 2013 - 06:17 PM

Just for consistency and to rule out compatibility errors, I will be using IE10.. Although I have certificate problems on all browsers, I mentioned certificate problems before and the conclusion was that it was because I was not using IE :lmao:

 

Here is a typical scenario:

 

IE connects to https://www.google.com/, but still has certificate problems:

 

00gp.jpg

 

 Interestingly, if I click on the "Should I trust this site?" link, I get this: (http://windows.microsoft.com/en-US/internet-explorer/certificate-errors-faq?ocid=IE10_trustbadge_valid#ie=ie-10)

 

3333.jpg

 

 now, when I try to connect securely by making the address, I get this: (https://windows.microsoft.com/en-US/internet-explorer/certificate-errors-faq?ocid=IE10_trustbadge_valid#ie=ie-10)

 

2222.jpg

 

The FAQ for invalid certificates has an invalid certificate!!! WTF???

I'd say over 99% of my certificates are invalid, so this isn't normal, and I don't think there is a big certificate conspiracy with all websites... so I'd say I have a problem somewhere, I just have no idea where to start.. am I being redirected? how can I tell? HELP PLEASE!

 

*also, why doesn't bleeping computer have https://www.bleepingcomputer.com/?

 

* I cannot connect to eBay either, I get this error message:

 

This page can't be displayed
  • Make sure the web address https://www.ebay.com is correct.
  • Look for the page with your search engine.
  • Refresh the page in a few minutes.
  • Make sure TLS and SSL protocols are enabled. Go to Tools > Internet Options > Advanced > Settings > Security

 


Edited by aSILENTfire, 28 March 2013 - 06:31 PM.


#4 buddy215

buddy215

  • BC Advisor
  • 13,007 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:54 AM

Posted 28 March 2013 - 08:54 PM

QUOTE: Make sure the web address https://www.ebay.com is correct.

 

Drop the s......  http://www.ebay.com


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#5 aSILENTfire

aSILENTfire
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:54 AM

Posted 29 March 2013 - 12:18 AM

These kind of responses are not helpful, and I am no closer to securing by certificates than I am to windows update and chrome...

 

QUOTE: Make sure the web address https://www.ebay.com is correct.

 

Drop the s......  http://www.ebay.com

 

 

For what it is worth....When clicking on the second link Firefox reports this:

This Connection is Untrusted
      
      
      
      
        
          You have asked Firefox to connect
securely to update.microsoft.com, but we can't confirm that your connection is secure.
          Normally, when you try to connect securely,
sites will present trusted identification to prove that you are
going to the right place. However, this site's identity can't be verified.
        
        
        
          What Should I Do?
          
            If you usually connect to
this site without problems, this error could mean that someone is
trying to impersonate the site, and you shouldn't continue.
            
          
        
        
        
        
          
        
        
        
        
          
      

 

I see you just got off other account, but when you get back on, please don't try to troll or minimize the issue with distractions..

 

...but I am curious, why did you took the time to post blank space on my thread?

 

11111.jpg


Edited by aSILENTfire, 29 March 2013 - 12:18 AM.


#6 aSILENTfire

aSILENTfire
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:54 AM

Posted 29 March 2013 - 01:10 AM

Secunia is warning me:

 

Important Note: "Microsoft Update" not found

"Microsoft Update" was not found on your PC, which is required for correct reports on security issues affecting Microsoft product. Update now.

 

*when I click Update now, it sends me to: http://update.microsoft.com/microsoftupdate/v6/muoptdefault.aspx?ln=en&returnurl=http://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-US, which just loads a blank white page...


Edited by aSILENTfire, 29 March 2013 - 01:12 AM.


#7 aSILENTfire

aSILENTfire
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:54 AM

Posted 29 March 2013 - 01:22 AM

Ok I'm baffled, that website I just mentioned, when I clicked on Update now, was blank.. but there was a picture of a ripped paper by the refresh button in the address bar, and it connected me to this!:

 

image.jpg

 

And I don't know what inspired me to do this, but I got pissed and started smashing the back button, and to my amazement, I saw a flash of something different, but it always went back to the page I posted above in about 1/4 of a second. I put my finger on the Print Screen button and started clicking the back button, took me probably 40 refreshes but it came up again!

 

66666.jpg

 

As anyone reading this can tell, I am very confused.. for a rootkit/redirect issue like this you would think there would be a better way to find information on its sympoms...


Edited by aSILENTfire, 29 March 2013 - 01:26 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users