Over 1 million tech questions and answers.

Generating Server Authentication Certificates

Q: Generating Server Authentication Certificates

Hi All,
I will be deploying ATA 1.6 in our dev environment in the coming weeka and just needing a bit of help clearing up some detail with the "how-to" aspect of certificate generation. The environment I will be installing into is AD based with it's own
CA, so I won't be looking to use the self signed certs (unless someone can give me a good reason otherwise) and am wanting to get the certs provisioned from our own internal CA.
1. IIS certificate is easy, no problems here as I've done quite a few.
2. The Server Authentication template does not seem to be enabled within our environment, so I cannot use the Advanced Certificate Request form from the web portal as I can for the IIS CSR. I looked at generating a Server Authentication Certificate from
the certificates MMC, however I am getting lost under the Certificate Enrollement Policy page as policies configured by my administrator do not include a Server Authentication type.
I am getting the feeling I am going to need to either (a) get the Server Authentication template enabled or (b) generate a certificate template to facilitate this request. In either case I will need detail on what exactly is needed and why to get anything
like this approved. Can anyone help with more detailed/specific instructions on what needs to be done to generate the certificate here?
I guess the other option would be to use our internal CA for the IIS cert (trusted by all in the domain) and then use self signed for the ATA Center Service and import those certs to the ATA Lightweight Gateways?

Read other answers
RELEVANCY SCORE 200
Preferred Solution: Generating Server Authentication Certificates

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

RELEVANCY SCORE 58.4

Hi,
I have installed the x64 SQL Server 2008 R2 Express with default settings and run MBSA 2.3 (using default settings too). It shows three SQL Server instances: MSSQL10_50.SQLEXPRESS, SQLEXPRESS and SQLEXPRESS (32-bit). For the first, authentication
mode is Windows, for the rest two - mixed. Here https://social.msdn.microsoft.com/Forums/sqlserver/en-US/03e470dc-874d-476d-849b-c805acf5b24d/sql-mbsa-question-on-folder-permission?forum=sqlsecurity question
about such multiple instances was asked and the answer is that "MSSQL10.TEST_DB
is the instance ID for the SQL Server Database Engine of the instance, TEST_DB", so in my case, it seems that MSSQL10_50.SQLEXPRESS is the instance ID for SQL Server Database Engine  of the SQLEXPRESS instance.
I have two questions:
1) How can it be that SQL Server DB Engine instance has different authentication mode than corresponding SQL Server Instance?
2) Why 32-bit instance reported although I installed only 64-bit version?
Also, this https://social.technet.microsoft.com/Forums/security/en-US/6b12c019-eaf0-402c-ab40-51d31dce968f/mbsa-23-reporting-sql-32bt-instance-is-running-in-mixed-mode-when-it-is-set-to-integrated?forum=MBSA question seems to be related to this
issue, but there is no answer :(.
Upd: Tried on clean Windows 8 installation and Windows 7 with the same result.

Read other answers
RELEVANCY SCORE 56.8

I apologize for the lengthy post--I just wanted to provide enough detail. I don't know if some of this will make sense unless you play Counter-Strike:Source, but the memory error may be a more commonly known issue.

I'm posting here because I've posted it everywhere else I can think of to get answers (SourceMod Forums, Windows server forum on Valve's site, SRCDS.com forums, etc.) and have gotten zero answers. I also think this may be a Windows error rather than a game error, but something is causing it which I cannot identify.

I run a dedicated stand-alone Counter-Strike Source game server running SRCDS on Windows (on it's own PC from a home connection). The stock Counter Strike Source game runs rock-steady, no errors. I also run two game modifications: Metamod: Source on it as well as VIP Mod (with no problems at all). Been rock steady for months and I can also switch to running CSSDM (Deathmatch Mod) also with no problems. So basically, my Metamod: Source interface is correctly installed and I can run certain mods with no problems. Just to clarify, I'm not running VIP and CSSDM at the same time, I just meant that I can run them individually through Metamod: Source.

Lately, I wanted to try running other Metamod: Source plug-ins like Mani, or Basic Admin, or Hostitron, etc.. I've tried them all individually. After installing any of them on my server (yes, I checked that it loaded in metamod and I can see it running in console) they all run... Read more

A:Certain CS:S Mods Generating Memory Error on Windows Server

Fragg said:

I apologize for the lengthy post--I just wanted to provide enough detail. I don't know if some of this will make sense unless you play Counter-Strike:Source, but the memory error may be a more commonly known issue.

I'm posting here because I've posted it everywhere else I can think of to get answers (SourceMod Forums, Windows server forum on Valve's site, SRCDS.com forums, etc.) and have gotten zero answers. I also think this may be a Windows error rather than a game error, but something is causing it which I cannot identify.

I run a dedicated stand-alone Counter-Strike Source game server running SRCDS on Windows (on it's own PC from a home connection). The stock Counter Strike Source game runs rock-steady, no errors. I also run two game modifications: Metamod: Source on it as well as VIP Mod (with no problems at all). Been rock steady for months and I can also switch to running CSSDM (Deathmatch Mod) also with no problems. So basically, my Metamod: Source interface is correctly installed and I can run certain mods with no problems. Just to clarify, I'm not running VIP and CSSDM at the same time, I just meant that I can run them individually through Metamod: Source.

Lately, I wanted to try running other Metamod: Source plug-ins like Mani, or Basic Admin, or Hostitron, etc.. I've tried them all individually. After installing any of them on my server (yes, I checked that it loaded in metamod and I can see it running in console)... Read more

Read other 1 answers
RELEVANCY SCORE 56.4

I'm trying to get into paypal but IE AND Firefox are telling me that the security certificate is invalid. Is the certificate server down or is there something wrong in my interent settings?

A:IE 8 security certificates- server down?

Is your date (including the year) and time correct? This was the problem on another computer; the date and time invalidated the certificate.

Read other 3 answers
RELEVANCY SCORE 55.6

I've got a Server 2003 box running a fully working Certificate Authority on about 20 windows machines.. How do I use this CA request properly with a Mac?

I just want it to authenticate via Wireless using Internet Authentication using a RADIUS server via wireless router.

thanks, is this possible?
 

A:Server 2003 Certificates, do they work with Other OS'es?

No, they do not. Working with a Mac is described in detail with the software guidance instructions and Facs.
 

Read other 2 answers
RELEVANCY SCORE 55.6

Hiya

The previous VeriSign 128-bit International (Global) Server Intermediate certification authority certificate expired on January 7, 2004. This may cause problems for clients that try to establish server-authenticated secure socket layer (SSL) connections with Web servers and other SSL/Transport Layer Security (TLS)-enabled applications that do not have up-to-date certificates.

To prevent these problems, Microsoft Internet Information Services (IIS) operators should contact VeriSign to update the intermediate certification authority certificates for servers that use 128-bit SSL to connect to Web sites with the Secure Hypertext Transfer Protocol.
Affected software

Microsoft Internet Information Server
Microsoft Internet Security and Acceleration Server
Microsoft Exchange
Microsoft SQL Server
http://support.microsoft.com/default.aspx?scid=KB;EN-US;834438

Regards

eddie
 

Read other answers
RELEVANCY SCORE 55.6

Hey all, as most I know a lot about some aspects of computers and there's a lot of stuff I don't know as well.
 
Server certificate issues have been coming up the past couple of years and wanted to learn more about them; like how to be able to discern bogus certs, how to write certs, how to over come cert errors when trying to send mail, etc etc
 
I'm looking for a 'for Dummies' like book focused soley on certs (or covers certs thoroughly); I really don't want an expensive phone book covering the entire Windows OS or Servers in general.
 
Anyone have any suggestions?

A:Beginner's Book for Server Certificates?

Server CertificatesCertificates for dummiesBeginner's Guide to SSL Certificates - Symantec

Read other 2 answers
RELEVANCY SCORE 54.8

My company has a client that's running Windows Server 2003 in his office. For legal reasons, we can't support his server for him, only the application that we installed on his server. Server maintenance has to come from his 3rd party people. I'm just curious though.

This application of ours connects to a secure site that our company maintains. Every couple weeks, the application stops logging in to our website and he calls us to get it fixed. We Webex to his server and always see the same error. We found that if we open up IE and enter the web address in the address bar, we get a prompt for the certificate. Our application doesn't have the ability to answer this "Yes", "No", "View Certificate" prompt. So we go through the process of installing the certificate. After that, the app works flawlessly for a couple weeks before he calls us again. It's stopped logging in. After we browse to the site and install the certificate again, everything's fine. He's nice but he's tired of having to call us everytime this expires.

He's the only client out of about 1900 that has this problem. He's also the only one AFAIK that's running our app on Server 2003. I've seen Server 2003 but only have about a week's training experience with it. What kind of settings can I have this guy's support team look for on the system to keep this certificate from disappearing every couple weeks? No one uses t... Read more

Read other answers
RELEVANCY SCORE 54.8

Hello,

I believe my computer has been infected. Starting today, I began receiving messages from my browser (Chrome) stating that "The site's security certificate is signed using a weak signature algorithm!" I tried to navigate to the same sites using Firefox but did not receive this warning. I am however being redirected to obviously troublesome websites. MyWOT is also popping up on nearly all of these redirects. Please advise.

A:Suspected Infection: Bad Server Certificates and Redirects

Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply.====================================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next to Update Malwar... Read more

Read other 4 answers
RELEVANCY SCORE 54.4

I am trying to replace the auto generated self-signed (Issued to DM, issued by DM) certificates for the HDPM Server and Master Repository.  I am NOT refereeing to FTPS, the HPDM Embedded HTTPS Server, or the Thin Client Agent certs.   I have already setup certs from our own domain internal CA for FTPS in IIS and the Apache Embedded HTTPS server.  These are working fine and Repository tests pass for both protocols.  I have also issues to the Thin Clients from our internal CA just fine. I'm interested in the actual HPDM Server cert and Master repository cert. These are self-generated when the two services start up.  They use a very weak MD5 hash and RSA 1024 key.  I cannot find any documentation around this except for troubleshooting in which you can delete these certs restart the services and they will be regenerated.   Here are the certs\key paths%HPDM Install Path%\MasterRepositoryController\Controller.crt (Repository Cert)%HPDM Install Path%\MasterRepositoryController\Controller.key (Repository Key)%HPDM Install Path%\MasterRepositoryController\Client.crt (HPDM Server Cert)%HPDM Install Path%\Server\Bin\hpdmskey.keystore (Both HPDM Server and Repository Certs and Keys)(Not sure the format it is in.  It's not PEM and ok P12 as far as I can tell) There is also %HPDM Install Path%\Server\bin\hpdmcert.key.  Not sure what this is.  Think it?s the HPDM Server key but deleting it does nothing and it is ne... Read more

Read other answers
RELEVANCY SCORE 54

Hiiiiiii there ,
I have a small situation here. I have been using SQL Server and to configure it I have been using SQL Server Authentication. Now there is another option which is "Window NT Authentication". Fine.. But the problem if I use that to configur Client-Server, then if I later change the password of OS then the database becomes inaccessible. Can you suggest some solution for that, I mean "Windows NT Authentication" part. A little bit detail would be very helpful...
 

Read other answers
RELEVANCY SCORE 53.2

my Yahoo! Mail SMTP server requires authentication but I cannot see how to do this in mozilla thunderbird. Can anyone help?
 

A:authentication of server problems

Did you read this.
http://www.nidelven-it.no/articles/introduction_to_thunderbird
 

Read other 2 answers
RELEVANCY SCORE 53.2

i am facing few problems in windows 2000 server problem is that

The smpt service terminated showing following error

the authentication server is unknown.

and i am (server) unable to access other pc on my network but they are
access my server showing error workgroup is not started.
 

Read other answers
RELEVANCY SCORE 53.2

Hi,

Can e-mails be sent through a SMTP server by enforcing the authentication off for the sender's accounts? If yes, then how to do it and what all settings need to be done on the SMTP server?

 

A:SMTP server - Authentication off!

I would say the biggest question is what type of mail server are you running? As for the clients connecting to the SMTP server they have to use any client that supports SMTP Auth and they configure it under their connection settings (which most do).
 

Read other 3 answers
RELEVANCY SCORE 53.2

This question is not at all about proxy configuration. It is about proxy authentication. In my college, we use the campus LAN network, where the first thing which opens after opening the browser (which should actually open) is ironport authentication from
the proxy server where I have to enter my user id and password.
The problem is that Internet explorer tries to connect to the proxy server after some redirections but doesn't prompt for authentication, leading to error. I have to start firefox for the same as it gives no problem, still want to use IE 11.
The page which should open is some https connection to ironport but rather asks to fix connection errors.

Any help will be appreciated.

Read other answers
RELEVANCY SCORE 53.2

I was wondering if it's possible configure a Windows 2019 IIS v10 hosted Web Server to perform OCSP checking of client certificates that are used to authenticate?

It is my understanding that typically the Responder URL that the Web Server contacts in order to validate the client cert is extracted from the AIA attribute in the client certificate. But is it possible to override/supplement this with an additional Responder?


For instance, what if I set up an OCSP Responder in the same domain as the Web Server and associated its revocation configuration with the SUB CA binded to the IIS Site. Now if client certs come in for authentication  and have an unrelated OCSP Responder
in their AIA, can I somehow tell the Web Server to check also the aforementioned Responder that has been stood up in the domain?

A:OCSP Based Validation for Client Certificates Using Responder Defined by Web Server

Per a reply from Mark B. Cooper at PKI Solutions this is indeed possible. You must edit the following GPO in order to override the default behaviour of the web server which is to only check the Responder URL specified in the client certificates' AIA extension.
Default Domain Policy > Computer Configuration >  Policies > Windows Settings > Security Settings > expand Public Key Policies
Once a custom Responder is specified in the CA / SUB CA's revocation properties the above GPO will allow it to check that custom Responder URL first, then ocsp as defined in the AIA extension and then CRLs
Thanks Mark!
EDIT:
Will post reference links once MS verifies my account.

Read other 1 answers
RELEVANCY SCORE 52.8

Hi all,

Since 1 month ago im trying to setup, to configure, to understand authentication mode in SMTP IIS 6.0, with Windows 2003 Server.

I have done many test with SMTP but its impossible to me, found a solution.

I will try, with Google's Language Tool , to explain my situation. I have 2 servers. Server1 work as a Webserver and i need that this server send mail to web users. Server1 can't use local SMTP server. Server2 have a SMTP service and work well. Server1 and Server2 have a same ip range. Server2 use a SMTP service of IIS 6.0, not a Exchange server.

Objective: Server1 connected to SMTP of Server2 with Authentication mode to avoid SPAMMERS. The Server1 works with PHP but i do the test with ASP code. I think the most exactly scenario described is this:

Scenario 1: External user tries to send an email to(E-Mail address blocked: See forum rules). The email arrives at your server. If Anonymous access is not checked, then obviously the email bounces, because there was no authentication process undertaken. However, with it checked, the session establishes and yourdomain.com is checked against your domain name. If it matches, the email is accepted (it does not require relaying!). HOWEVER, if the email is to(E-Mail address blocked: See forum rules), then your server DOES NOT accept the email because it NEEDS TO BE RELAYED to NOTyourdomain.com
Click to expand...

I am in a 50% of problem because actually, Server1 can connect to Server2 and send mails but with An... Read more

Read other answers
RELEVANCY SCORE 52.8

I recently started working at a company and am trying to get onto their repository. The issue is that I haven't had to do this since sophomore year of college.
I get all the way to the point where I have to Authenticate with my username and password.

QUESTION:
How do I find my server authentication login?
or... is this something that I need from the company. I did not want to ask them first and let them know that I am not super confident in my abilities...

I appreciate the help.
 

A:How do I find out my Authentication login for an SVN server

Here is a little context of how I'm trying to log in...

 

Read other 1 answers
RELEVANCY SCORE 52

Okay I am running Windows Vista Business and Squid 2.7 Stable 5

I just wanted to know if is possible to perform Windows based Authentication before a users can authenticate successfully. I have been playing around and I am currently using MAC Address Authentication. I am just wondering how I can do MAC and User/Authentication at the same time?

I'm not on a Windows Domain is this makes a difference I just want local accounts to be allowed access.
 

Read other answers
RELEVANCY SCORE 52
RELEVANCY SCORE 51.6

I did the complete configuration for the RDP gateway server and it is working well using my laptop

when I tried to use another laptop to access the remote station using the RDP gateway server it failed

Are there specific policies and services to run on the client laptop to access the remote station using the RDP gateway server?
take note that the certificate is installed on both laptops and no issues with the certificate

Read other answers
RELEVANCY SCORE 51.6

I am not using the proxy server on mozilla, and intend to unsubscribe from it. So wondering how to get rid of the Basic Server Authentication Popup window prompting proxy details to be keyed in. If i do not key it in, say the applicatoon i want to sign in to can't connect to the internet. Anyone knows any idea why this could have happended? and how to get rid of the proxy details prompt popup, coz I have a perfectly gd internet connection, without using the proxy

A:Basic Server Authentication Popup window for Proxy

Did you checked your FF browser for any manually configured proxy settings via Tools - Options - Advanced tab - Network - Settings and use system proxy settings instead?

Read other 2 answers
RELEVANCY SCORE 50.4

Good Morning,
It is my first time to post here regarding WatchGaurd Product.
My Friend has a small company and he is SysAdmin, i came over here to help him something in limited.
He has configured with WatchGard that allows Active Directory Users to use VPN clients when they are out of comporate network.
He said, he configured everything on WatchGaurd and just do some configure in Windows Server 2012...
I could not connect him because he is in other country for vacation.
Could you please let me know, where , what should i do or any roles need to be add in Windows server 2012?
Best regards,

Read other answers
RELEVANCY SCORE 50.4

Hi
We have a situation where we have a as400 server having network shares required to be mapped with Windows 7 machines. We are able to manually access the network shares.
When I try to map it using net use command I get a system error 5, access is denied.
Command prompt is open via elevated privileges only. try to enable(make active) administrator mode but as the cmd is already opened with elevated privileges. command didn't complete successfully.


Regards Sushain KApoor

Read other answers
RELEVANCY SCORE 50.4

Good Morning,
It is my first time to post here regarding WatchGaurd Product.
My Friend has a small company and he is SysAdmin, i came over here to help him something in limited.
He has configured with WatchGard that allows Active Directory Users to use VPN clients when they are out of comporate network.
He said, he configured everything on WatchGaurd and just do some configure in Windows Server 2012...
I could not connect him because he is in other country for vacation.
Could you please let me know, where , what should i do or any roles need to be add in Windows server 2012?
Best regards,

Read other answers
RELEVANCY SCORE 48.8

Currently experiencing issues with configuring browsers to enable transparent and secure authentication on web servers without prompt. Working in a Windows 10 Pro environment and IE 11.

Turns out Mozilla is working just fine after editing network.automatic-ntlm-auth.trusted-uris with our SSO URL (sso.domain.com), but still can't make it work with IE and Chrome despite taking these steps:


Adding the SSO URL to the Intranet zone
Automatic logon in Intranet zone
Enabling Enable Integrated Windows Authentication in Advanced settings Additionally I've enable via GPO "Allow updates to status bar via script"

Yet IE keeps prompting for credentials, and seems to be treating our SSO URL as inside the Internet zone.

SupportedUserAgents:

MSAuthHost/1.0/In-Domain MSIE 6.0 MSIE 7.0 MSIE 8.0 MSIE 9.0 MSIE 10.0 MSIE 11.0 MSIPC Windows Rights Management Client Mozilla/5.0 Edge/12 Chrome

Our IIS authentication is configured as such:

Anonymous Authentication is enabled with the IUSR

Enable Windows Authentication. In the the "Providers" NTLM is first.

Under Advanced Settings the Extended Protection is "Accept" and Enable Kernel-mode authentication is CHECKED.


Is there something I am missing?

Thanks,

Read other answers
RELEVANCY SCORE 48.8

Currently experiencing issues with configuring browsers to enable transparent and secure authentication on web servers without prompt. Working in a Windows 10 Pro environment and IE 11.

Turns out Mozilla is working just fine after editing network.automatic-ntlm-auth.trusted-uris with our SSO URL (sso.domain.com), but still can't make it work with IE and Chrome despite taking these steps:


Adding the SSO URL to the Intranet zone
Automatic logon in Intranet zone
Enabling Enable Integrated Windows Authentication in Advanced settings Additionally I've enable via GPO "Allow updates to status bar via script"

Yet IE keeps prompting for credentials, and seems to be treating our SSO URL as inside the Internet zone.

SupportedUserAgents:

MSAuthHost/1.0/In-Domain MSIE 6.0 MSIE 7.0 MSIE 8.0 MSIE 9.0 MSIE 10.0 MSIE 11.0 MSIPC Windows Rights Management Client Mozilla/5.0 Edge/12 Chrome

Our IIS authentication is configured as such:

Anonymous Authentication is enabled with the IUSR

Enable Windows Authentication. In the the "Providers" NTLM is first.

Under Advanced Settings the Extended Protection is "Accept" and Enable Kernel-mode authentication is CHECKED.


Is there something I am missing?

Thanks,

Read other answers
RELEVANCY SCORE 47.2

Good Morning,

We have recently installed a CRM package which uses windows authentication to log into the software. In order to reduce licence requirements we have created three generic logins.

Our problem is, some users, when logging in using the generic account, are having their network credentials reset to the generic account credentials (which are very very minimal).

This doesn't happen for all users, only a handful. Has anyone seen this before?

Cheers,
David L. Kocher
 

Read other answers
RELEVANCY SCORE 38.8

I recently installed win 2k, I have an AMD athlon 1.2 GHZ. I downloaded many vital programs from the net ( like zip. programs, and other music apps. I also Installed a few from disc. Now it seems like every time I reset my computer a problem arrises with a new application. The problem is this; every time I try to open an app. (whether from the desktop or using it's exe. file) It says "exe. file is generating errors and will be forced to shut down". It just recently started doing this, these are apps. that I use 5 or 6 times a day! Can anyone help me please!!!!!

Sincerly,
Ian Johnson

[email protected]
 

Read other answers
RELEVANCY SCORE 38.8

Recentlly my computer decided to create it's own partition and assign it it's own "drive" characteristics. I opened it and it's all DOS stuff. I only have one hard drive. Is this going to affect the available space on my hard drive and if so how do I get rid of the partition. I don't use DOS. I haven't since 1986. Thanks.....
 

Read other answers
RELEVANCY SCORE 38.8

Under define fields, I have checked the "generate history" box for a specific field. Entry rules is "none."

When I import info from an .txt file, it does not generate the history. It does generate history only if I enter the info into a record manually.

Why would it not generate when importing from a file?

Thanks for your help!
Susan
 

A:Not generating history in ACT! 6.0

If using the normal ACT! import, it either creates new records or over writes all the fields. It's not updating specific fields. So what would be the point of adding a history for each field?

If you wanted to update fields within the records, you'd need to use something like OakMerge
 

Read other 1 answers
RELEVANCY SCORE 38.8

I have trojans that I cant seem to get rid of. they pop up randomly and my antivirus program continues to place them in quarantine.

.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by Lyndsay at 17:51:59.04 on Tue 05/17/2011
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4061.2252 [GMT -8:00]
.
AV: Symantec Endpoint Protection *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Symantec Endpoint Protection *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Symantec Endpoint Protection *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\WTouch\WTouchService.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files... Read more

A:self-generating DWH trojans

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you... Read more

Read other 16 answers
RELEVANCY SCORE 38.8

Is there a way to run an Access macro that generates a report (1) using the filtered (or unfiltered) data (2) according to the criteria that I specify while recording the macro? I.e., somewhat like the macros in Word that automate certain tasks, how can I do this in Access?
 

A:Solved: Generating

Read other 10 answers
RELEVANCY SCORE 38.8

I saw a couple of threads here with num generation and they were amazing, the outcaste had an amazing solution and the other guy with the vb script was amazing too. They all work great and the numbers generate, however I wanter to add a prefix and also if i need to add a suffix. what would be the code then? please advise
 

A:Generating nums

adnshah said:





I saw a couple of threads here with num generation and they were amazing, the outcaste had an amazing solution and the other guy with the vb script was amazing too. They all work great and the numbers generate, however I wanter to add a prefix and also if i need to add a suffix. what would be the code then? please adviseClick to expand...

https://forums.techguy.org/threads/number-sequential-list-generator.924971/

This page relates to what I was referring to
 

Read other 1 answers
RELEVANCY SCORE 38.8

This laptop was set to dual boot in Windows 7. I removed the second dual boot partition so I can upgrade to Windows 10. I cannot create a system recovery disk now, as it says disk renumerating for a long time.  I am worried about attempting the upgrade until I know all is okay. SFC /SCANNOW runs fine. Any idea how to fix this?

Read other answers
RELEVANCY SCORE 38.8

I have an mpeg that opens a browser window when played with mplayer (pre revamp version). Has anyone ever come across this?
Is it spyware or just a new more insidious kind of pop-up?
 

A:MPlayer Generating Pop-ups

It's a popup, usually porn videoes are associated with pop ups. You can try using Pop Up blockers, but I never try it since I never had a file with a pop-up on it.
 

Read other 1 answers
RELEVANCY SCORE 38.8

Here is my HJT log and attached is a screen shot of my ZA log showing the 1000s of tries these tmp files are making.

TIA for all the help.

Logfile of HijackThis v1.99.1
Scan saved at 8:59:51 PM, on 4/15/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
C:\WINDOWS\system32\regsvc.exe
C:\WINDOWS\system32\MSTask.exe
C:\WINDOWS\system32\stisvc.exe
C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
C:\WINDOWS\System32\WBEM\WinMgmt.exe
C:\WINDOWS\System32\mspmspsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\TEMP\1BB7.tmp
C:\Program Files\Yahoo!\Messenger\YPager.exe
C:\WINDOWS\TEMP\99C.tmp
C:\Documents and Settings\Steve\Desktop\Downloads\hijackthis\HijackThis.exe
C:\Documents and Settings\Steve\Desktop\Downloads\bholist\BHOList.exe
C:\Documents and Settings\Steve\Desktop\Downloads\ibprocman\IBProcMan.exe
C:\Documents and Settings\Steve\Desktop\Downloads\uptimer4\Uptimer4.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B... Read more

A:Tried to fix myself but still getting these self generating .tmp files

Read other 11 answers
RELEVANCY SCORE 38.8

I have Windows NT4, service pack 6. Recently, it has developed a problem. It keeps generating these exe files in the system32 folder called aaa.exe, bbb.exe, ccc.exe, etc. I think Ive seen every letter of the alphabet so far, but theyre always 3 letters of the same letter. When it does that, Dr Watson gives an error message, and then I delete the file. Once it has generated the file, I lose my ability to copy/paste, the ability to fill out some forms online, the ability to open a link in a new window, and who knows what else. I restart the computer and it is fine, until it does it again.

Heres what Ive done so far. When it first started developing the file, Norton would pop up and show it as being infected with "W32.Randex". It did it a few times, and I ran a full system scan. It showed maybe 6 or 7 files infected, including explorer.exe and winlogon.exe. I restarted in DOS and deleted then copied fresh versions of these files from the Windows CD. I also re-ran the SP6 update to make sure they were updated, since the CD has the original versions before any service packs. After that, Ive done a couple full system scans, along with making sure the virus definitions were updated, and it comes out clean.

But it is still doing it. And it no longer would show the files as being infected, but it is the same thing so it seems something is infected. Someone suggested it might be spyware, so I installed Spybot along with its updates, and it found a bunch of stuff and cleane... Read more

A:Keeps generating exe files aaa, bbb, ccc, etc.

Read other 16 answers
RELEVANCY SCORE 38.8

Here is my HJT log. Please help. No matter how many times is run spy ware and anti-virus, virus comes back and turns off my auto update protection.

Logfile of HijackThis v1.99.1
Scan saved at 3:22:55 PM, on 12/28/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\hpq... Read more

A:re-generating trojan, please help

Read other 11 answers
RELEVANCY SCORE 38.4

I am trying to generate a certificate with IE7 and when i press "generate" a window pops up with message: "VBScript Error occurred: 1A8"
I called the support for my online banking and they sad that this is an ActiveX problem.
I checked the options for activex but everything is ok!
Is this because i use vista (from anther PC with XP there was no such problem) and IE7? If someone has any idea i will be happy to know
thanks

Read other answers
RELEVANCY SCORE 38.4

I downloaded a file from the internet that was most likely infected by some virus/worm/not-nice-stuff.

Every time I click on an icon on the desktop, desktop gets filled with icons with random names and extensions and I can also see that every time I click a bunch of icons are made in the top left corner. When I try to delete some, it just generates new ones.

When I opened explorer, opened desktop and selected all of them (4000 of them... approx)and deleted them, the stopped spawning.

I'm running Windows XP, SP 2.

I scanned my computer with AVG free, SpyBot S&D, Ad-aware.
Before opening the file that probably caused this I scanned it with Firefox (v3, has implemented file scanner), opened in winRAR and scanned it (with AVG), extracted it and scanned it with AVG again.

None of this scans found anything...

I would like information on, what this is and how to terminate it for good. It stipped making icons now then I deleted them all but I doubt that it's gone.

Thanks in advance.
 

A:Icon generating virus

Easiest way may be to just do a System Restore to a point prior to when you ran it.
 

Read other 3 answers
RELEVANCY SCORE 38.4

I've got a computer that I'm servicing (Windows 98) and the system resources were extremely low. I discovered the source of this is that something in the computer is generating tons of .exe and .dll files in the c:\windows directory and running them. I've checked the registry, run spybot, cwshredder, norton and stinger, and I still can't find the root. I can delete the created files, but that doesn't fix the problem, because it doesn't stop it from creating more. All of the created files have random names of just letters and it is also hijacking the homepage. At one point, the homepage was res://mzopz.dll/index.html#37049 for example. Let me know if you have any ideas.
 

A:Virus-related -generating exe's and dll's

Download Adaware Se from http://www.lavasoftusa.com/support/download/
In Ad-aware click the Gear to go to the Settings area.
The following items should be on a green check, not on a red X.
Under the Scanning button:Scan within archives
Under Memory & Registry, Check EVERYTHING
In Check Drives & Folders, make sure all of your hard drives are selected
Under the Advanced button, Check
Move deleted files to recycle bin
Include additional object information
Include negligible object information
Include environment information
Under the defaults button Set the homepage you wish to have set as default.
Under the tweak button
Some of these may not be an available option, depending on your version of Ad-aware and your version of Windows. Do not be concerned if you cannot select a certain item.

In Scanning Engine:Unload recognized processes during scanning
Include info about ignored objects in logfile, if detected in scan
Include basic Ad-aware settings in logfile
Include additional Ad-aware settings in logfile
Include used command line parameters in logfile
In Cleaning Engine: XP/2000: Allow unloading explorer to unload shell extensions prior to deletion
Let Windows remove files in use at next reboot
UNCHECK: Automatically try to unregister objects prior to deletion
Click Proceed to save these settings. When you would like to perform a "Full Scan," switch the scan mode from SmartScan to Custom
_______________________________________________________________
Create ... Read more

Read other 1 answers
RELEVANCY SCORE 38.4

Recently i am seeing some processes with weird names, i tried to delete the files but new ones keep coming
2 of them are named
winamk.exe and dgvhen.exe
the location of the files are in C:\Users\User\AppData\Local\Temp if that can help
can someone tell me how to get rid of it? or tell me what it is

 sumtingwong.png   585.15KB
  0 downloads

A:Random exes generating

Hello -
A couple of simple options if it is in C:\Users\User\AppData\Local\Temp
 
First -
Please download and run RKill by Grinler.
A black DOS box will briefly flash and then disappear.
This is normal and indicates the tool ran successfully.
Please Copy / Paste the small log back here
 
Important: Do not reboot your computer until you complete the next step.
 
Now: 
Download AdwCleaner by Xplode and save to your Desktop.
• Double click on AdwCleaner.exe to run the tool.
• Vista / Windows 7 / 8 users right-click and select Run As Administrator
• Click on the Scan button.
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
• Look over the log especially under Files/Folders for any program you want to save.
• If there's a program you want to save, just uncheck it from AdwCleaner.
• If you're not sure, post the log for review.

• Once you're ready to clean it all up.....click the Clean button.
• Click on OK and OK to agree to a Reboot
• After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
• Copy and paste the contents of that logfile in your next reply.

• A copy of that logfile will also be saved in the C:\AdwCleaner folder.
• Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner... Read more

Read other 3 answers
RELEVANCY SCORE 38.4

I'm running Windows XP (Home)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:32:41 PM, on 3/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\2Wire\2PortalMon.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Movielink\MovielinkManager\Movielink User.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\system32\rundll32.exe
C:\DOCUME~1\Tracy\MYDOCU~1\PPPATC~1\scanregw.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\Program Files\Belkin\PCI F5D7000\Wireless Utility\Belkinwcui.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program F... Read more

A:Malware generating popups - help please!

Hi brianmik,

Sorry for the delay in looking into your log, as we are extremely busy in this section of the forums. If you still require assistance and are not seeking help elsewhere, then please carry out my instructions.

Please subscribe to this thread so that you are notified when you receive a reply. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Add Subscription.

--------------------------------------------------------------

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here.
Please attach extra.txt to your post.
To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\Deckard\System Scanner\extra.txt

Click Upload.
What DSS will do: create a new System Restore point in Windows XP and Vista.
clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on ... Read more

Read other 1 answers
RELEVANCY SCORE 38.4

Hi,

I need to perform the following query:

'update table table_name set field_name=cast(int, rand()*100+1)'

The problem is that rand() returns the same 'random' number for all fields.
Is there any way to generate efficient random numbers - and a different one for each entry to be updated?

D.
 

A:Generating random numbers in sql

it sounds like you may be calling the rand function only once and updating all the fields with the returned number.
you can try a couple of things..
1. create variables for each of the fields you want to update, define each as a separate rand function call, and update the row using the variables.
2. repeat the update statement for each field separately?

which database are you using?
 

Read other 3 answers
RELEVANCY SCORE 38.4

Hi,

Whenever I visit this safe page:

http://www.phl.org/live_video.html

When I click on either PLAY MOVIE 1 or 2

I get: Error -50: an unknown error occurred (phlvideo.sdp)

I have checked out the Quicktime file associations which are all OK

Any suggestions what to do would be appreciated.

Thanks in advance

yorkie_uk
 

Read other answers