emailmaven
asked on
Constant Secutiry Alerts
Hi I am using windows 10 and every few minutes I am getting a security alert about an expired certificate for flogs.com. I may at some point have used their calendar extension but I am sure I deleted the program as now all I can find is a registry key that relates to flogs.
HKEY_CURRENT_USER\SOFTWARE
I see the open with for this key is set for chrome.exe.
I am assuming (ass-uming I think) this is what is causing the problem since it is the only thing on my system that is associated with flogs at all. If I remove this it will create even more complications? This alert is making me crazy.
I have deleted chrome.exe from the OpenWith a registry item but I am still seeing this message constantly.
I am not even sure what software is initiating this error at this point.
I have attached captures of the warning and the certification path from the properties panel.
RL
security-alert-error.jpg
security-alert-properties.jpg
HKEY_CURRENT_USER\SOFTWARE
I see the open with for this key is set for chrome.exe.
I am assuming (ass-uming I think) this is what is causing the problem since it is the only thing on my system that is associated with flogs at all. If I remove this it will create even more complications? This alert is making me crazy.
I have deleted chrome.exe from the OpenWith a registry item but I am still seeing this message constantly.
I am not even sure what software is initiating this error at this point.
I have attached captures of the warning and the certification path from the properties panel.
RL
security-alert-error.jpg
security-alert-properties.jpg
Delete away - that should fix it after a restart.
ASKER
Hi,
Nope, not the trick, still an issue, I see something for flog in registry, is this related? I am clueless about the registry. I am just grasping at straws here. The error popped up as soon as I restarted this time.
HKEY_LOCAL_MACHINE\COMPONE
RL
Nope, not the trick, still an issue, I see something for flog in registry, is this related? I am clueless about the registry. I am just grasping at straws here. The error popped up as soon as I restarted this time.
HKEY_LOCAL_MACHINE\COMPONE
RL
You still have something running that wants to connect to flogs.com on launch
Your browser is correctly identifying that flogs.com' web security certificate has expired
MSConfig or Autoruns will list what's set to run at startup have a look through and see if something rings a bell
in the meantime you can put that entry back into the registry by renaming the attached file restore.txt to restore.reg and running it to merge into the system registry
(txflog is a transaction log and nothing to do with flogs)
restore.txt
Your browser is correctly identifying that flogs.com' web security certificate has expired
MSConfig or Autoruns will list what's set to run at startup have a look through and see if something rings a bell
in the meantime you can put that entry back into the registry by renaming the attached file restore.txt to restore.reg and running it to merge into the system registry
(txflog is a transaction log and nothing to do with flogs)
restore.txt
ASKER
Hi I restarted several times and see that it pops up shortly after outlook starts most of the time.
ASKER
Hi not seeing anything anywhere. Looking in msconfig and startup items, nothing comes up in a regular search. Is there anything I can enter in the cmd prompt to find what is trying to connect to flogs.com?
There is something in startup that is named Program with no publisher, it is enabled and not measured. I have no idea what that is for.
RL
There is something in startup that is named Program with no publisher, it is enabled and not measured. I have no idea what that is for.
RL
Have a look in Outlook Options Add-ins - see if your Flogs Calendar is still active there.
You can always untick an item in MSConfig Startup and see what happens on restart - it's simple enough to check the box again
You can always untick an item in MSConfig Startup and see what happens on restart - it's simple enough to check the box again
ASKER
Hi That's the thing there is no flogs anywhere it is not in Outlook add-ins or com ad-ins, not in startup items I am so dumbfounded by this.
RL
RL
OK then let's have a closer look
Can you download and run HijackThis?
Right-click on the icon and choose run as administrator
Accept the licence
Choose "Do a system scan and save a log file"
Have a look through the textfile that's generated - if your OK publishing the contents online post it here as an attachment.
Only make changes if you know what you are doing.
Can you download and run HijackThis?
Right-click on the icon and choose run as administrator
Accept the licence
Choose "Do a system scan and save a log file"
Have a look through the textfile that's generated - if your OK publishing the contents online post it here as an attachment.
Only make changes if you know what you are doing.
ASKER
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If flogs.com does appear in your registry, perhaps it uses the IP Address rather than the domain name. flogs.com seems to be in Dublin, Eire (Ireland), and has the IP Address 54.246.197.117. This might be useful when searching Regedit, HiJack This logs, or when running commands like TASKLIST.
ASKER
MASQ there was an entry in dashlane. I never would have thought of that one. Thanks so much for that insight. It did pop up once but haven't seen it again in a while. Hopefully that was the issue.
Thanks again
Rose
Thanks again
Rose
ASKER
Hi Sorry to say that error is back. Any other logs that will help figure this out?
RL
RL
How much of a pain would it be to uninstall Dashlane completely - including removing the browser plug-ins and KWIEBar toolbar add-in?
ASKER
Hi
I removed it removed the ie add-ins and reinstalled dashlane but this is still happening, do I need to remove the registry entries before reinstalling it? After removing the application and files the registry still had dashlane entries listed after I deleted the program via the control panel and restarted the system.
I removed it removed the ie add-ins and reinstalled dashlane but this is still happening, do I need to remove the registry entries before reinstalling it? After removing the application and files the registry still had dashlane entries listed after I deleted the program via the control panel and restarted the system.
Yes, looks like dashlane retains your account details in case you want to reinstall. Helpful for most users but not in this situation.
If you are using a premium account then dashlane will resynchronize with their servers on reinstall and if the rogue entry is there it will be reloaded onto your PC.
I guess the best indicator is to run the PC for long enough to know flogs isn't being accessed before reinstalling.
If you are using a premium account then dashlane will resynchronize with their servers on reinstall and if the rogue entry is there it will be reloaded onto your PC.
I guess the best indicator is to run the PC for long enough to know flogs isn't being accessed before reinstalling.