Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect Virus [flickr.com]


  • This topic is locked This topic is locked
9 replies to this topic

#1 hustlejoe

hustlejoe

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:58 PM

Posted 21 May 2014 - 08:36 AM

Hello there,
 
I'm hoping someone out there can help me with an issue I'm having.
 
I have recently re-installed and reformatted my computer (Windows 7 Home 32 bit) partly due to wanting to start fresh and partly due to a pesky redirect "virus" that I couldn't seem to get rid of.
 
I use Google chrome. The "virus" I speak of would ONLY at random times not allow me to visit the flickr.com website and instead would take me to a page that Google chrome would recommend I not proceed to (I have attached a log of example messages I have been receiving in a .txt document
flickr.com was the only website which was affected
 
After deleting all partitions reformatting and installing windows fresh I expected I would have no more issues. But just now I've reinstalled google chrome and started importing my personal files from an external hard drive and the same warning page has shown up when I've tried to visit flickr.com.
 
This now makes me think my personal files (photos etc) may be carrying the virus. Either that or something to do with my google profile being infected
 
Any help would be much appreciated. Thanks in advance!
 
Joe

****

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 11.0.9600.16521
Run by Joe Nigel Coleman at 23:27:37 on 2014-05-21
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.61.1033.18.2940.806 [GMT 10:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Last.fm\Last.fm Scrobbler.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Adobe\Adobe Photoshop Lightroom 3\lightroom.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Users\Joe Nigel Coleman\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
uRun: [SkyDrive] "c:\users\joe nigel coleman\appdata\local\microsoft\skydrive\SkyDrive.exe" /background
uRunOnce: [Uninstall c:\users\joe nigel coleman\appdata\local\microsoft\skydrive\17.0.4035.0328] c:\windows\system32\cmd.exe /q /c rmdir /s /q "c:\users\joe nigel coleman\appdata\local\microsoft\skydrive\17.0.4035.0328"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [cAudioFilterAgent] c:\program files\conexant\caudiofilteragent\cAudioFilterAgent.exe
mRun: [SmartAudio] c:\program files\conexant\saii\SAIICpl.exe /t
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 10.1.1.1
TCP: Interfaces\{2F429583-EDAA-4BAA-9928-4F5279D13C66} : DHCPNameServer = 10.1.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\34.0.1847.137\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2014-1-25 231960]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2014-3-11 104264]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2011-4-19 69232]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2014-3-11 279776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-4-13 108032]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2014-4-11 14848]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2014-4-11 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 27264]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2014-4-11 1343400]
.
=============== Created Last 30 ================
.
2014-05-21 06:12:32 765968 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{eaf3bfcf-7879-4611-9840-b0cc120d4365}\gapaengine.dll
2014-05-21 06:11:14 8073384 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{c3424ee0-8a2a-4d5f-a791-b60b3e7000ea}\mpengine.dll
2014-05-20 05:40:28 8050496 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2014-05-16 23:20:22 765968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{adc31f26-8396-495c-8cf7-fea7414a1a46}\gapaengine.dll
2014-05-13 07:13:08 765968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{0bca8a3a-c0f3-44fa-9190-bff656834dad}\gapaengine.dll
2014-05-08 12:42:18 765968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{29f56a8c-e973-466a-ae83-70fa8aa86551}\gapaengine.dll
2014-05-07 11:48:31 765968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{78a451b2-c2f8-4577-9a11-65f44e7fbac4}\gapaengine.dll
2014-05-06 14:58:30 -------- d-----w- c:\windows\en
2014-05-06 14:57:52 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2014-05-06 14:57:22 -------- d-----w- c:\windows\PCHEALTH
2014-05-06 14:56:19 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2014-05-06 14:56:19 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2014-05-06 14:56:18 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2014-05-06 14:56:18 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2014-05-06 14:55:43 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2014-05-06 14:55:12 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2014-05-06 14:54:06 89944 -c--a-w- c:\program files\common files\windows live\.cache\5c7f46d1cf693b04\DSETUP.dll
2014-05-06 14:54:06 537432 -c--a-w- c:\program files\common files\windows live\.cache\5c7f46d1cf693b04\DXSETUP.exe
2014-05-06 14:54:06 1801048 -c--a-w- c:\program files\common files\windows live\.cache\5c7f46d1cf693b04\dsetup32.dll
2014-05-06 14:54:03 525656 -c--a-w- c:\program files\common files\windows live\.cache\360885a1cf693b03\DXSETUP.exe
2014-05-06 14:54:02 94040 -c--a-w- c:\program files\common files\windows live\.cache\360885a1cf693b03\DSETUP.dll
2014-05-06 14:54:02 1691480 -c--a-w- c:\program files\common files\windows live\.cache\360885a1cf693b03\dsetup32.dll
2014-05-06 14:53:55 537432 -c--a-w- c:\program files\common files\windows live\.cache\ff0d71b41cf693a01\DXSETUP.exe
2014-05-06 14:53:54 89944 -c--a-w- c:\program files\common files\windows live\.cache\ff0d71b41cf693a01\DSETUP.dll
2014-05-06 14:53:54 1801048 -c--a-w- c:\program files\common files\windows live\.cache\ff0d71b41cf693a01\dsetup32.dll
2014-05-06 14:53:46 -------- d-----w- c:\users\joe nigel coleman\appdata\local\Windows Live
2014-05-06 14:53:26 -------- d-----w- c:\program files\common files\Windows Live
2014-05-06 08:03:47 765968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{5ae9d241-33e4-49a7-8230-ddd89edfe048}\gapaengine.dll
2014-05-05 12:04:53 -------- d-----w- c:\users\joe nigel coleman\appdata\local\Skype
2014-05-05 12:04:10 -------- d-----r- c:\program files\Skype
2014-05-02 00:44:04 765968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{77a02437-f2f9-4ee6-9fb1-dbb4ce84c90f}\gapaengine.dll
2014-04-29 07:28:35 44544 ----a-w- c:\windows\system32\escwiab.dll
2014-04-29 07:28:35 -------- d-----w- c:\program files\epson
2014-04-29 07:28:08 -------- d-----w- C:\EPSON
2014-04-29 07:21:56 -------- d-----w- c:\users\joe nigel coleman\appdata\local\ElevatedDiagnostics
2014-04-29 07:20:05 -------- d-----w- c:\program files\EPSON Software
2014-04-28 02:34:52 -------- d-----w- c:\users\joe nigel coleman\appdata\roaming\OpenOffice
2014-04-28 02:02:02 -------- d-----w- c:\program files\OpenOffice 4
2014-04-26 03:18:11 -------- d-----w- c:\programdata\Last.fm
2014-04-26 03:15:01 -------- d-----w- c:\users\joe nigel coleman\appdata\local\Last.fm
2014-04-26 03:15:01 -------- d-----w- c:\program files\Last.fm
2014-04-23 13:54:32 -------- d-----w- c:\users\joe nigel coleman\appdata\local\Mixxx
2014-04-23 13:48:53 -------- d-----w- c:\program files\Mixxx
2014-04-23 13:36:40 -------- d-----w- c:\program files\CONEXANT
2014-04-23 13:36:06 -------- d-----w- c:\users\joe nigel coleman\appdata\roaming\WinBatch
2014-04-23 12:59:06 319488 ----a-w- c:\windows\HideWin.exe
.
==================== Find3M  ====================
.
2014-04-13 01:27:02 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-04-13 01:27:02 645120 ----a-w- c:\windows\system32\jsIntl.dll
2014-04-13 01:27:02 194048 ----a-w- c:\windows\system32\elshyph.dll
2014-04-13 01:27:02 182272 ----a-w- c:\windows\system32\msls31.dll
2014-04-13 01:27:01 62464 ----a-w- c:\windows\system32\tdc.ocx
2014-04-13 01:27:01 34816 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-04-13 01:27:01 337408 ----a-w- c:\windows\system32\html.iec
2014-04-13 01:27:00 24576 ----a-w- c:\windows\system32\licmgr10.dll
2014-04-13 01:27:00 139264 ----a-w- c:\windows\system32\wextract.exe
2014-04-13 01:27:00 1051136 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-04-13 01:26:59 61952 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-04-13 01:26:59 36352 ----a-w- c:\windows\system32\imgutil.dll
2014-04-13 01:26:59 151552 ----a-w- c:\windows\system32\iexpress.exe
2014-04-13 01:26:59 13312 ----a-w- c:\windows\system32\mshta.exe
2014-04-13 01:26:58 86016 ----a-w- c:\windows\system32\iesysprep.dll
2014-04-13 01:26:58 74240 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-04-13 01:26:58 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-04-13 01:26:58 111616 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-03-31 11:34:22 322248 ----a-w- c:\windows\WLXPGSS.SCR
2014-03-10 23:52:30 104264 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-03-01 04:11:20 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-03-01 04:10:48 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-03-01 03:52:43 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-03-01 03:51:53 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-03-01 03:38:26 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-03-01 03:38:23 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-03-01 03:37:35 553472 ----a-w- c:\windows\system32\jscript9diag.dll
2014-03-01 03:31:30 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-01 03:14:15 4244480 ----a-w- c:\windows\system32\jscript9.dll
2014-03-01 03:00:08 1964032 ----a-w- c:\windows\system32\inetcpl.cpl
2014-03-01 02:32:16 1820160 ----a-w- c:\windows\system32\wininet.dll
.
============= FINISH: 23:28:32.83 ===============
 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:04:58 AM

Posted 22 May 2014 - 02:08 PM

Good evening. :)

Do you have the same issue when using Internet Explorer?


So long, and thanks for all the fish.

 

 


#3 hustlejoe

hustlejoe
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:58 PM

Posted 22 May 2014 - 07:59 PM

Good evening. :)

Do you have the same issue when using Internet Explorer?

 

Hi Noviciate,

Thanks for your response. I have not been using internet explorer but I can test it out and get back to you on that one if you think it might be helpful.
It might take a little while for me to provide accurate results as the redirects I am getting while using chrome have no pattern and occur sporadically.

Cheers,

Joe



#4 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:04:58 AM

Posted 23 May 2014 - 10:41 AM

Good afternoon. :)

It is possible that these po-ups are nothing to do with your PC but to do with your choice of browser - it wouldn't be the first time that Chrome had blocked access to a legitimate site due to over-enthusiastic security. Let me know if you have issues with IE and also if there are specific sites that cause you problems and we'll take it form there.


So long, and thanks for all the fish.

 

 


#5 hustlejoe

hustlejoe
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:58 PM

Posted 24 May 2014 - 12:47 AM

Hi Noviciate,

 

Again, thanks for the response.

I'm almost certain there is something sinister at play here and it is not just an issue with chrome's security settings. The fact that it only happens sporadically reinforces that. Please refer to the the .txt file "Redirect message LOG" in my first post for some examples of the messages I receive.
Also it is worth mentioning that flickr.com is the ONLY website which I connect to that has been affected.

 

So far I've had no issues while using internet explorer. This is leading me to think that something has attached itself to my Google account (which is always signed in while I'm using chrome) as even after reformatting my entire system and re installing chrome fresh I'm still stuck with the same issue. Either that or whatever is causing the problem somehow survived the reformat?

Cheers,

Joe



#6 hustlejoe

hustlejoe
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:58 PM

Posted 24 May 2014 - 01:00 AM

UPDATE:

Just after posting my last response I've gone to try to connect to flickr.com using IE and have received the following message:
 
"There is a problem with this website’s security certificate.
 
The security certificate presented by this website was issued for a different website's address.
 
Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.  
   
We recommend that you close this webpage and do not continue to this website.  
 
Click here to close this webpage. 
Continue to this website (not recommended)."
 
This now leads me to believe the problem is not local to google chrome>
 
Please advise of how I should proceed.
 
Cheers,
Joe

Edited by hustlejoe, 24 May 2014 - 01:00 AM.


#7 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:04:58 AM

Posted 24 May 2014 - 12:04 PM

Good evening. :)

The problems looks to be nothing to do with a virus, but with the security certificate that fails browser scrutiny. For a Google Chrome specific post, see here.

 

Imagine a gym that has a membership card that prevents non-members getting in for free, and having heard that there are copies of this card available they release a new card to prevent this happening. Existing members that don't get hold of a new card will be prevented from getting into the gym, even though they have paid the fees and are in fact entitled to get in. The person on the desk doesn't know who is a paid-up member and who has a dodgy card, so they prevent entry to anyone who doesn't have an up-to-date card.

 

Your browsers are expecting a legitimate security certificate and if they don't see one they warn you about it, or even block access to the site. They don't know whether or not the site is legitimate, so they take the approach that if the security certificate isn't up-to-date, it's a dodgy site. Not all sites will be dodgy, but better safe rather than sorry.

 

If you run a search for flikr security certificate out of date one result is this one.

 

In my opinion your PC isn't the problem, but the site you are trying to connect to, and if you have any doubts about this, or any other site, don't go there. I leave the choice up to you.


Edited by Noviciate, 24 May 2014 - 12:05 PM.
Poor grammar.

So long, and thanks for all the fish.

 

 


#8 hustlejoe

hustlejoe
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:58 PM

Posted 25 May 2014 - 09:10 PM

Hi Noviciate,
Again, thanks for your response and explanation.

Unfortunately I can't just stop using flickr.com as it plays a big role in promoting myself as a photographer.

Maybe I should have been more specific in my first post.
I am not actually receiving a message saying the security certificate is out of date which has been addressed in the forum post you forwarded.
I don't think this is just an issue with the websites security certificate. I am actually being redirected to other websites which I am then asked by chrome if I want to proceed as the security certificates don't match the URL.
Sometimes these websites are familiar websites such as google.com, other times they are unfamiliar such as *.scorecardresearch.com
There's a small selection of the website redirects I've encountered in my first post under the .txt document "Redirect message LOG"
If I do agree to proceed to the redirected website I am taken to a "page not found" or "error" or similar depending on the page I'm redirected to.

After reading THIS forum post. I'm thinking possibly it's to do with my router.

If you have any more ideas or advice I'd be happy to hear them. Otherwise thanks for your help & time trying to help me figure this one out

Cheers,

Joe
 



#9 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:04:58 AM

Posted 26 May 2014 - 01:25 PM

Good evening. :)

My first choice would be to try Firefox and see if that behaves in the same way. There are add-ons for it that can improve your browsing security, such as Adblock Plus and NoScript that you can use to fine tune things if you like.


So long, and thanks for all the fish.

 

 


#10 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:04:58 AM

Posted 01 June 2014 - 01:39 PM

As this issue appears to have been resolved, this thread is now closed.


So long, and thanks for all the fish.

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users