Removing HTTPS_Malicious_Certificate

December 28, 2010 at 20:14:19
Specs: Windows XP Home w/ SP3
My Trend Micro RUBotted found HTTPS_Malicious_Certificate on my computer. It can't remove it. This thing got by AdAware, Norton 360, Windows Defender, and Windows and Norton's Firewalls. Anyone know about it and how to remove it?

See More: Removing HTTPS_Malicious_Certificate

Report •


#1
December 28, 2010 at 21:16:23
Have you tried scanning with Malware Bytes/And or Kaspersky?. Norton is garbage btw, but it's your choice to keep it. Sounds like it might be a malicious certificate trying to trick you into using it. Which, if you visted an HTTPS site, could redirect you to their servers. Not sure though. I can't seem to find any info on it.

Helpful tips before getting started: http://www.computing.net/howtos/sho...


Report •

#2
December 29, 2010 at 15:02:21
Thanks so much for the kind reply and thoughtful information!

I haven't tried any of those. But I've scanned with McAffee too. I hunted all over the web for info on this and came up with the idea that it's part of AdAware "threatworks", and so it's just a conflict with RUBotted which thinks it's malware...if anyone can show me that my hunch is right or wrong, I'd be very, very interested. NOT much information out there at all!

RUBotted doesn't tell me where the code is on the computer, and an internal search doesn't yield any result either.

I don't like this version of Norton, and am planning a change in the future. But McAfee was also irritating, both slowed my system down a LOT - but this Norton gets knocked off frequently and I have to reboot my computer to restart the Norton, makes me MAD.

My computer isn't running badly at all right now, though. No symptoms of anything.


Report •

#3
December 29, 2010 at 19:50:25
You're welcome!. And, I don't blame you. I rarely run Windows anymore because of all the maintenance it needs (I run Linux, right now on my main PC). Avast! is very low on system resources, however, when it comes to AV, I go for Kaspersky just because the detection rate is a lot better, and the false positive rating is a lot lower. One AV program might not pick up something that another one will. Does the HTTPS_Malicious_Certificate show up as a any type of file to Trend Micro?..Such as an. .exe, or etc?. Try having a look with process explorer: http://download.cnet.com/Process-Ex...

Also, I highly recommend you use only one Anti-Virus program, and one</ b>Anti-Spyware program, along with one firewall. As using multiple programs like that to protect your computer could cause it to crash or have conflicts.

Try scanning with the Kaspersky Virus Removal Tool, and see if it picks up anything: http://support.kaspersky.com/viruse...

Helpful tips before getting started: http://www.computing.net/howtos/sho...


Report •

Related Solutions

#4
January 9, 2011 at 13:58:57
I have the same thing. Regretably the only answer is to clean the drive right down to new and re-install the OS (which I have not done yet - for the obvious reasons, it's a pain) It is a Russian bot which i picked up via a server in Bejing (I back tracked it).
I have had this for about 2 months hoping that someone would come up with a less arduous fix but no luck so far :(

Report •

#5
January 9, 2011 at 20:53:49
Well, it turned out to be a non malicious file that belongs to my AdAware. Don't do that! It was just that the RUBotted program I have doesn't recognize it. I've set the RUBotted to accept it.

Report •


Ask Question