Over 1 million tech questions and answers.

False pass-the-hash when Citrix pass-through authentication in use

Q: False pass-the-hash when Citrix pass-through authentication in use

I have recently installed ATA (1.8.6645.28499). It is now in to the second week of its learning phase and it is raising a considerable number of false pass-the-hash alerts when users initiate Citrix sessions from their usual PC using pass-thru authentication,
eg a typical alert would be:
Bloggs,Fred's hash was stolen from one of the computers previously logged into by Bloggs,Fred and used from xx1234
Clearly this is spurious - in each case the user is initiating a Citrix session from their
own PC and the xx1234 represents a Citrix server in the farm in every case.
1) Why am I only receiving a handful of related PTH alerts each day when I have many thousands of Citrix users, all authenticating in the same manner?
2) How can I supress these alerts?
What I effectively want to say is 'IF the suspected PTH is being triggered BY the user on their OWN PC and the target server is in our Citrix farm' then ignore it. I can't see a way of setting an exclusion range like this for PTH events though?
Thanks

Read other answers
RELEVANCY SCORE 200
Preferred Solution: False pass-the-hash when Citrix pass-through authentication in use

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

RELEVANCY SCORE 135.6

I've noticed that when users attempt to log into a Citrix session but provide the wrong password initially, but then provide the correct password the "Identity Theft Using Pass-The-Hash Attack" is triggered. I assume this is because Citrix makes
use of pass-through authentication. Is there anything I can do to tune these out or reduce the number of false positives that are observed?

Read other answers
RELEVANCY SCORE 132.4

We are getting a Pass the Hash warning for two users (only one has happened more than once) that I am pretty sure is a false positive.  The message says the hash was stolen from one computer that the user logged into and was used by the same user on
her desktop.  

I am guessing an app is doing something weird or something but cant pinpoint it.  Anything i can do to try to track it down?





Identity theft using pass-the-hash attack

Savannah ***** (*****)'s hash was stolen from one of the computers previously logged into by Savannah ******   (************) and used from DT-S*******.

Read other answers
RELEVANCY SCORE 130.8

Running v1.7.5757.57477 and recently got four PTH alerts, and in each case it states the has was stolen from one of the computers previously logged into by the user and then used on a system, which in each case happened to be the user's primary system in
which they logged into.
Would this be potential false positives? I would be more worried if the hash was used on a system not associated with the user.

Thx

Read other answers
RELEVANCY SCORE 127.6

Hi All,
I tested the following attacks in Microsoft Advanced Threat Analytics and found them
not to be working.

Bruteforce Attack Pass-The-Ticket Pass-The-Hash Sensitive account exposed Using Plain-Text Authentication
I have tested other attacks like Reconnaissance
using DNS, Broken Trust, Honey Token account suspicious activities but they are working perfectly fine. I don't know
what's the issue with the above 4.
For
1. Bruteforce Attack:
I used thc-hydra-windows and triggered a dictionary attack using a list of passwords.

2. Pass-The-Ticket:
I used mimikatz to steal the kerberos ticket from a PC on which Admin is logged on. Impersonating an attacker, I copied the .kirbi file and Injected that file(using mimikatz again) to another PC on which a domain user is logged in.

3. Pass-The-Hash:
(Same as above)
4. Sensitive account exposed in plain text authentication:
I used mimikatz command 'sekurlsa :: logonpasswords' and was able to get passwords of all the users who logged on to that PC. But this was also not detected by MATA.

Please help me with the above issues. If possible, provide the tools using which I can trigger and detect those attacks.
Regards 

Read other answers
RELEVANCY SCORE 103.2

Hi everybody,
Could someone please explain, if he had succeeded, the pass-the-hash attack with ATA ?
I have :

1 Center1 Gateway1DC1 workstation
From the workstation, I use the DC hash password admin for authentication. I have access to the DC but ATA don't detect this scenario.

Read other answers
RELEVANCY SCORE 102

We are currently in monitor mode with ATA and have been receiving alerts since going live on Sunday 10/20.   The alert says the users hash is being passed from an unknown system to the system that is used by the owner of the hash that is being
passed. I am not sure why it is identifying an unknown system and saying the system is passing a hash to the users legitimate system.

Should we respond to alerts that are generated during the 30 day monitoring period or should they be ignored until that period is completed?

Read other answers
RELEVANCY SCORE 102

I got a pass the hash alert but it is on a Direct Access server.
A previous pass the ticket alert asked me if the computer was a DirectAccess proxy, this alert does not.
I do not see a way to do this for this new alert.

Read other answers
RELEVANCY SCORE 100.8

Hey guys.
We installed ATA on a customer and started getting Pass-the-Hash alerts after configuring the port forwarding for 4776.
We're currently looking into these events. One of them, however, has lost all data regarding which user and computer was affected - the hash is still there but all other information is gone.

Is this a known issue? Is there something we can do to recover the info/prevent this from happening again?
Thank you very much in advance,



Miguel Duarte

Read other answers
RELEVANCY SCORE 100.8

Hi,
Last week I successfully simulated "Pass the hash" in my environment using mimikatz.
However, using back the same machine, same ID, and same method, it just don't work now.
DNS Reconnaissance, Directory Reconnaissance, LDAP binding all can detect. 
Any idea why?
Regards,
Hau

Read other answers
RELEVANCY SCORE 98

Running: Windows XP and Windows 7 environment with Receiver 3.4.0.29577 on Workstations.

We have Logon Mode set to Pass-Through with Windows Credentials.

Problem: We will get users that get prompted for their USER/PASS at the Citrix Logon after they logon to Windows.
 

Read other answers
RELEVANCY SCORE 97.2

For some reason every time windows starts up i get a found new hardware message for my mouse, keyboard, monitor and video card. Even after I install the drivers. It tells me that none of these pass xp authentication. I checked and everything is ok to use with XP. Why is this? Also when I turn on the power I end up in bios and I have to hit F1 to continue... if I dont windows wont boot up, this just started happening after I had a problem with my new video card. Thank you for your time.

A:will not pass authentication

Hi InwoodK!!

Try to turn off the computer. Try to take out the CMOS battery from the computer, and put it back after a couple of minutes. Try to restart the computer back after that. See if that resolves the issue










WARNING!
Make sure you turn off the power plug before opening the case. It is better if you unplug the power cable from the wall socket as well. If you have any doubt, STOP AND ASK FIRST!! Make sure also you discharge yourself before touching anything inside the computer. You can do so by touching the computer case for a moment before opening it.

Read other 1 answers
RELEVANCY SCORE 95.2

I was trying to  use Hp client security on my elite x2 1012 G1. I set up a password and fingerprints as it was very first time for me to use it.  however, after setting it up, whenever I try to open it, it gives me screen below.  basically it tells me to verify my self with the options which does not exist.  It does not seems like normal, is there anything I need to do to fix this?  Or, is it not really an issue?   

A:HP client security - not being able to pass authentication s...

It seems like it is solved now. I updated the client security and it solved itself. 

Read other 1 answers
RELEVANCY SCORE 93.2

Hello,  We are upgrading from HPDM 4.6 to 4.7 and the server's keystore file was deleted in the process. As a result we get this log message every time we try to send a task to one of our machines: "Agent refused the task because the Device Management Gateway failed to pass the authentication." I deleted the two key files in C:\Windows\xpeagent on one of the machines and that seems to have resolved the issue -- for that machine. Repeating this process for ALL of our machines would be a daunting task. Is there another way to resync these devices with the server or are we out of luck? If we do have to touch each machine individually, does anyone have any tips or scripts for speeding up the process? Thanks in advance for any advice you can offer!

Read other answers
RELEVANCY SCORE 92.8

Ok so i am furious with Micro$oft now! the other day i was FORCED to change my microsoft account after much nagging i did so and i dont like changing logins too much. (this was a week ago)
now for some random reason on earth without my permission my windows login also changed login passwords to the microsoft account. I DONT WANT THAT! that password is too long and complicated for someone who locks his computer every 5 minutes or so. why did this just kick in now? i changed M$ account pass over a week ago and today it decides to change windows login?! can i change JUST my local windows login separate from microsoft login?
if i try to change pass from settings it it goes online and says you cant use password that has been used before.

A:Can i change windows login pass without changing microsoft pass too?

Originally Posted by xdarkmario


Ok so i am furious with Micro$oft now! the other day i was FORCED to change my microsoft account after much nagging i did so and i dont like changing logins too much. (this was a week ago)
now for some random reason on earth without my permission my windows login also changed login passwords to the microsoft account. I DONT WANT THAT! that password is too long and complicated for someone who locks his computer every 5 minutes or so. why did this just kick in now? i changed M$ account pass over a week ago and today it decides to change windows login?! can i change JUST my local windows login separate from microsoft login?
if i try to change pass from settings it it goes online and says you cant use password that has been used before.



Don't go for a password. Use the PIN option That's just what you need and it's really a great thing as well.

Read other 4 answers
RELEVANCY SCORE 92.8

I'm getting the famous enter admin pass on boot (no BIOS update, laptop been off for a year (no OS atm) and I just started trying to fix it.  The error code I get is: [ 54549743 ] I hope that helps get my mobo unlocked!











Solved!
View Solution.

A:HP-2000 Enter Admin Pass/Power on Pass at Boot

@PoetheProgrammr? Enter    41421385 Regards, DP-K

Read other 2 answers
RELEVANCY SCORE 91.6

We have been running ATA for a little over a month putting in gateways as we get resources and DC configured. We have had 3 instances of being notified that a pass the ticket attack was performed involving 3 distinct sets of 2 computers. in all cases it
appears that both computers were coming in from a VPN solution. They are not nat'ed or using DirectAccess but VPN is sort of similar so I'm starting to wonder if these are false positives. Is there any guidance on how a VPN segment can cause false positives
to show pass the ticket attacks? Some general understand on what is going on under the hood would help.

Read other answers
RELEVANCY SCORE 90

i have a hp touchsmart 610-1000 i forgot my power on password i need some help to get on my computer

A:i have a touchsmart 610-1000 cant get pass the power on pass...

 Hi, Attach the completed model number, for example 610-1031f How Do I Find My Model Number or Product Number?

Read other 3 answers
RELEVANCY SCORE 89.6

Hi
I have just installed ATA 1.6 and using the Lightweight Gateway on all our DC's.

After I have enabled and configured event forwarding I see a lot of "Identity theft using pass-the-hash attack" alerts, and there is way to many for me to believe that we have been hacked/under attack.
Have any of you any ideas of what I might be doing wrong?

Read other answers
RELEVANCY SCORE 88.8

I had a pass-the-ticket attack SA today that I believe is the result of a computer moving from a wired to a wireless network.
The DNS cache was used to resolve the original computer name (during the Kerberos TGS request) but there was no cache hit when the ticket was used again (SMB access to the DC).
First, does this seem like a plausible cause of a false positive?
Second, is there any tuning others have done to eliminate these? 

Read other answers
RELEVANCY SCORE 86.8

Hello everyone! Can you help me with a (hopefully) simple problem?
I have a Access 2003 SQL Pass-thru query that I need to prompt the user for Begin Date and End date, then put these values in the query. I read the Help, but I still don't understand HOW!
Questions: (BTW, this query is being generated from the Switchboard)
1. How do I prompt the user for the dates in Access? I can't use parameters and I don't understand how to use a prompt otyher than that.
2. How do I get those user responses into the query below
3. How do I write the querydef?

The SQL query is attached

Thanks!
Emil
 

A:Prompt&Pass value to pass-thru query

Read other 16 answers
RELEVANCY SCORE 82

I removed Simple pass and validity software, and I am still required to enter the master password that simplepass asked me to set up, I uninstalled all drivers, and software, and removed all remnants from registry, and I am still required to enter the password at login, i have done the netplwiz thing,  and bios says password is clear, so how do i remove this password requirement that i didnt have before i installed simplepass.

Read other answers
RELEVANCY SCORE 68.4

Good morning.
I'm in the process of deploying Microsoft ATA in my environment.
I received an alert for an overpass the hash. I've been working with my IR colleagues on the alert, but we haven't found a root cause yet.
Has anyone encountered any false positives with this style of alert?

Read other answers
RELEVANCY SCORE 64.4

Hi,
I've got a problem I'm hoping someone can help me with..

I've got a Belkin F5D8231-4 v2 N1 Wireless Router and a D-Link DSL-504G 4 Port Modem which I am trying to setup a VPN Connection through.
I'm using the built in VPN server in Windows XP Professional SP2, I can connect to the VPN internally but not externally - When trying to connect externally the client freezes up on "verifying username and password" but I dont think its even getting as far as connecting to the server.
I've opened up the ports in the firewall, and have forwarded port 1723 on TCP to the servers internal static IP address. The modem itself is running in Bridge mode to the router so I'm assuming that I don't have to open any ports or anything on that for it to work. I have contacted Belkin who assure me that a VPN can be established through that router, and weren't able to offer me much assistance.

what I've got setup is this:
modem (192.168.2.253) ---> Router (192.168.2.254) - - - - (wireless) - -> VPN Server (192.168.2.2)

I haven't actually been able to find anything that suggests that the clients are even getting through the modem and router to the server.. Any suggestions?
 

A:VPN Pass-Through

Read other 6 answers
RELEVANCY SCORE 64.4

hello,

im working on a Dell Latitude E6400 laptop and i need to do some work from home.
however, my new modem is not allowing my jobsite's vpn to pass thru so I can connect to it. How do i connect??
 

A:allow vpn to pass thru

msTHELP said:


hello,

im working on a Dell Latitude E6400 laptop and i need to do some work from home.
however, my new modem is not allowing my jobsite's vpn to pass thru so I can connect to it. How do i connect??Click to expand...

my wireless connection is in excellent connection by the way
 

Read other 2 answers
RELEVANCY SCORE 64.4

I had purchased windows 2010 and xp pro as w many other programs. PAID 4 them with my earned dollar! n my pass keys do not work! I have paid good money, alot of money, on many of their programs! Why cant I have a pass key thats allowed to work since mine doesnt??!!??
Both times ive called microsoft, all they want to do is sell me another program. My pass keys should work if I purchased them with my money!!

A:pass key

We are not agents for Microsoft...and we are not obligated nor legally capable of answering questions regarding MS policies.
 
If you have a computer problem which deals with Windows XP...and you want someone here to try to assist you...please post some details of the problem, rather than comments regarding items relating solely to Microsoft and conduct of Microsoft business.
 
Louis

Read other 4 answers
RELEVANCY SCORE 64.4

Hi,
I am having difficulties to enable VNP pass-through on my DFL-800 router. Iím not very familiar with some of the technical terms such as IPSec, PPTP, and L2TP and what do they actually do. My previous router Linksys RV082 had no problems. There was one option to disable or enable VPN pass-thought and everything was simple. I have setup up a VPN connection on my Windows XP and Vista and off I went. I could connect to my work network by supplying host name www.mycompany.com and my login credentials.

When I replaced my routers and try to connect, Windows connection hangs on Authenticating User Name and Password. And then fails saying that could not connect to a network.
Obviously my router blocks some communications.

Could you please let me know how to set-up this D-Link router as I am running out of ideas.
There is too many settings in this box to play with and Iím not really sure what to touch, how and what not to.

I have tried to play with IpRules Ė trying to create some and enable IPSec, PPTP, and L2TP one at the time but none of those attempts was successful.

Iím a little pissed off at my self at this moment that I have to use my old Linksys because I canít figure out how this new box works.

Please help!!!

Cheers:

CC
 

Read other answers
RELEVANCY SCORE 64.4

Hi
I'm not sure if this is the right place to post this but i need to install some programs for my use and the administrator has placed UAC on everything i try to install , it's not the typical UAC but the one where you have to type a password before it lets you click yes. I can't seem to do anything , like task scheduler msconfig etc.

How do i get pass this?

A:Getting Pass W7 UAC

Sorry, but you don't. You will need your network administrator.

Read other 2 answers
RELEVANCY SCORE 64

Hello,This happened to me yesterday, quote from Adware Report, [/Flooder.akeFlooder.Ake is a brand new threat that began to appear on people's computers on December 6th, 2006.The symptoms of infection are an alert window which pops up reading "threat found, trojan horse, heal now". Clicking this popup quarantines a system file, which then restarts the computer and pops up the alert again. The computer is then stuck in an infinite loop. It appears at this time that neither restoring the file from quarantine nor restoring the system using a Windows restore point will fix the computer. Only a complete reinstall of the operating system will work.This problem only seems to be impacting users of the antivirus program, AVG. Initial indications are that this not a true virus, but rather a bug in AVG that results in damage to system critical files.If you are experiencing problems associated with flooder.ake, please post any pertinent information below. If you have a screenshot that we may share with our readers, please post a URL where we may find it. Thank you!Step-by-Step Fix1. Boot your computer to Safe mode. Power on (or restart) your computer, keep pressing F8 key until the Startup menu appears and choose "Windows in Safe Mode".2. In the Windows Safe mode, navigate to following folder:C:\WINDOWS\system32\drivers\3. Rename rename the following files to avoid furhter deleting of "winlogon.exe".AVGCLEAN.SYS -> AVGCLEAN.SY_... Read more

A:I Thought I Should Pass This On!

The existence of this false positive appears to be limited to certain versions of Windows XP without Service Packs, and the problem has been quickly fixed by a new definition file. (I would like to thank members of the BC Staff and TeMerc for further researching the problem mentioned in Wink's post).In the AVG Forum, Radek Janata, a member of the Grisoft Team, responded as follows:?Unfortunately, this issue is caused by the false detection on particular version of "winlogon.exe" file. The false detection has been immediately fixed, however several users may have updated their AVG to this virus update containing this false definition. In order to solve this unpleasant issue, please proceed as follows: 1. Boot your computer to Safe mode. Power on (or restart) your computer, keep pressing F8 key until the Startup menu appears and choose "Windows in Safe Mode". 2. In the Windows Safe mode, navigate to following folder:C:\WINDOWS\system32\drivers\ 3. Rename rename the following files to avoid furhter (sic) deleting of "winlogon.exe". AVGCLEAN.SYS -> AVGCLEAN.SY_ AVGRSXP.SYS -> AVGRSXP.SY_ 4. Launch Registry Editor (regedit.exe) and remove the "__delete" value in the right pane from this key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AvgClean 5. Restart the computer back to Windows normal mode 6. Update your AVG program to latest virus base version. Launch AVG or open AVG Control Ce... Read more

Read other 8 answers
RELEVANCY SCORE 64

Hi, I've got my friends guest pass, but I don't know how to create the account...
It says I have to input the CD key, so I do, but it's already in use, well duh, from my friends system..what do I do?
 

A:WoW Guest Pass Help

Welcome, Well if you really want to play the game, you need to buy a new key, because your friends account is using his guest pass. However you can play WOW for 10 day-trial at www.worldofwarcraft.com
 

Read other 2 answers
RELEVANCY SCORE 64

Cannot play NFL gamepass

Read other answers
RELEVANCY SCORE 64

My elder brother has put a pass & let me use the computer sometimes.While I'm in,how can I know that accounts pass?is there any app to retrieve it?I know the admin trick where cntrl+alt & twice del appears login window when we have to login as admin but there I have to change the pass of the account to gain access.I wanted a bypass way where my bro does'nt have to know.Is there any way I can put two pass in one account?Please help?I don't wanna create another account because I don't want anyone to know that I'm using the computer.Is there any way so that I can plant an app now & later while logging in I can bypass something to gain access?Any app?Plz help.

A:How to know login pass while I'm in?

We don't provide any help with lost passwords or getting around password protection. Obviously, we can't determine the real intent here, so our policy is to abstain from any assistance in these matters.

From the Tech Support Forum Rules & Conduct
Quote:




ILLEGAL ACTIVITIES

Users may not post hacks, cracks, or give instruction how to pirate any type of software, or anything similar, in any forum of TSF. We do not condone, support or give instruction on any illegal activity pertaining to computer systems, computer hardware, computer software programs or computer related activities. Included in this group of activities are requests for help to circumvent system admin passwords or Administrator settings on networks. We do understand that the majority of requests may be legitimate, but we do not have the means to discern these from non-legitimate requests.





Thread closed

Read other 2 answers
RELEVANCY SCORE 64

I have the router (wrt 310n) set up for a internal address of 42.242.120.195 to 42.242.120 .254 - can I add a address of 192.168.1.103 also ? or when a computer on the 42.xxx.xxx.xxx network is connected and types in 192.168.1.103 I can forward to that address ?

A:pass thru router ?

  
Quote: Originally Posted by Total


I have the router (wrt 310n) set up for a internal address of 42.242.120.195 to 42.242.120 .254 - can I add a address of 192.168.1.103 also ? or when a computer on the 42.xxx.xxx.xxx network is connected and types in 192.168.1.103 I can forward to that address ?


That's a different subnet and you would need something else to handle the routing between that router and the device that you want to get the 192.x.x.x address.

Read other 9 answers
RELEVANCY SCORE 64

My computer crashed and I replaced the hard drive.  I want to reinstall HP SimplePass.  Can anyone help?  I do not want to pay for something that I already had.

Read other answers
RELEVANCY SCORE 64

i am having the same problem with this movie pass pop up. i have downloaded hi jack software, but no i have a saved log and dont know what to do with it.
 

A:movie pass.tv

Hi, Welcome to TSG!!

Post your log in this thread and I'll be happy to help you.
 

Read other 1 answers
RELEVANCY SCORE 64

www.top-password.com/.../

Read other answers
RELEVANCY SCORE 64

Is there a pass word recovery tool that I can download to a usb drive?
 

A:Pass Word

Read other 6 answers
RELEVANCY SCORE 64

System Disable Code 82313221

A:BIOS PASS

Hi Try : 33071807

Read other 2 answers
RELEVANCY SCORE 64

Hello out there
I wanted to stop the windows log on password when I boot.
A stand alone system .
Running win 98.
Thanks.
 

A:Log on pass word

Read other 12 answers
RELEVANCY SCORE 64

When I set up our netlink wireless router some time in the dim past, I set it up with 128 WEP Encryption and a pass code phrase. Sometimes when I'm hooking up a computer to the network, I get the option to enter the pass phrase only, other times I have to enter the whole gazillion character wep key. How can I get it to always prompt me for the pass phrase? Soooo much easier!

Thanks.
 

A:WEP Key vs. Pass Phrase

I recommend against the pass phrase, since many times it won't yield the same key on different brands of equipment.
 

Read other 1 answers
RELEVANCY SCORE 64

Logfile of HijackThis v1.99.1
Scan saved at 11:26:56 PM, on 4/25/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\License_Manager\license_manager.exe
C:\Program Files\Common Files\AOL\1124503619\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\1124503619\ee\AOLServiceHost.exe
C:\Program Files\Common Files\AOL\1124503619\ee\AOLServiceHost.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Pro... Read more

A:movie pass

i need to get rid of the movie pass .tv pop up. Ive done the hi jack thing and have copied and pasted the results.. now im not sure what to do.
 

Read other 2 answers
RELEVANCY SCORE 64

Hello, i would like to ask, recently i got email from an app that 2 ppl tryed to log into my acc from different locations, did not remember clicking or using something suspicious..my question is.. if my pc was hijacked why would you try to login to some 3rd party app using for communication instead of sth else? The app says the password was a valid one and it was a 12digit pass, is it possible just for that one pass to be leaked or if i click on sth all are leaked or any hints
Thanks
Besr regards
 

A:Pass leaked

What is this "App" called?
 

Read other 1 answers
RELEVANCY SCORE 64

how can i remove this movie pass .tv pop up from my start up?
 

A:pop up movie pass.tv

Read other 7 answers
RELEVANCY SCORE 64

I AM TIRED OF THIS ISSUE! EVERY SINGLE TIME MY BROWSER UPDATES, THE SIMPLE PASS STOPS FUNCTIONING. WHY HP, WHY IN THE HELL YOU MAKE AND SELL PC'S WITH SOMETHING YOU DO NOT CARE ABOUT???? DO YOU MAYBE REALIZE THAT PEOPLE BUY THIS KIND OF PC BECAUSE OF THE FEATURE OF FINGERPRINT SCANNER???? I AM TIRED OF LOOKING FOR ANY KIND OF STUPENDOUS SOLUTIONS, DISABLINGS AND WORK AROUNDS! YOU SELL PC WITH A SCANNER, YOU SHOULD BE UPDATING TO ALL OF YOUR CUSTOMERS! FIREFOX 48 -- NOT WORKING WINDOWS IE - NOT WORKING MS EDGE - NOT WORKING CHROME - NOT WORKING WHAT GIVES????!!!!

Read other answers
RELEVANCY SCORE 64

http://www.us-cert.gov/cas/techalerts/TA04-261A.html

Just in case some of you are using Mozilla and Firefox...
 

A:Thought I pass this on....

Breaking News! Carnegie Mellon has received a $20 million gift from the Bill & Melinda Gates Foundation to help fund construction of a new building dedicated to expanding the horizons of computer science!Click to expand...
....c,mon man , think we are blind or what . ...maybe a couple of "fixes " which mozilla can do in a day , micro-suck takes months and neglects to alert any of their users ....i believe this to be a biased article which they alone probably published .........
 

Read other 3 answers
RELEVANCY SCORE 64

Hi,
I have activated my OWA on my Exchange 5.5. How do I make OWA accessible from a dialup connection? My Exchange 5.5 is behind my FW1 server. I have set rules to allow http and https for my exchange server. Anything else I should look into?

Cheers,
keet
 

Read other answers