• Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Solved Connection not private - ongoing

Status
Not open for further replies.
Hi everyone

So I've had this problem since Saturday and despite my willingness to fix it myself - which I was certain I could - it's exactly the same as before.

I first noticed the problem when I tried to log into one of my a/c on Facebook Game of Thrones Winter is Coming (game) and it said :

"The web page at might be temporarily down or it may have moved permanently to a new web address."

But then I started getting "Your connection is not private" message from random site when using Chrome browser.

I've established that both the game and sites work fine on another laptop on the same network so I concluded the problem is with the PC (currently using).

I've also tried calling my network supplier and they said everything was fine.

So I believe I've tried every recommended fix possible :

- PC date/time
- Clearing brower cache
- Trying with another browser (opera and edge)
- Stopping my AV/Firewall (AVG premium)
- Alternative DNS addresses
- Changing connection to/from public/private
- Clearing SSL state on internet options
- Checking windows updates

I've also restored my PC to Saturday afternoon before the problem started with no sucess.

It's random, some sites work others that I visit regularly just dont or work to only a certain extent.

So yeah - help please :p
 
@maramessi Would you like to check for malware/adware? Or have you already done that? We can go thru and clean up the machine in the process of removing any malware/adware. With the tools used in malware removal it should give me a decent idea of what is going even if it is not a malware issue.
 
@maramessi Would you like to check for malware/adware? Or have you already done that? We can go thru and clean up the machine in the process of removing any malware/adware. With the tools used in malware removal it should give me a decent idea of what is going even if it is not a malware issue.
I am happy do that, not done it yet.

Should I do it on my own or will you give me some advice?
 
Download Autologger to your desktop.
Disable your Anitivirus/Defender prior to running.

  • Unzip it there. -- If you are unsure how to unzip a program, then use ---- http://www.7-zip.org/ ----
  • Right click Autologger and run as administrator. (Xp user double click)
  • AVZ4 will open and scan your machine, allow this to complete.
  • Upload Collectionlog.zip to your next reply.

 
Ok, these logs take while to go over, while I check them please run these two tools.

Adware Cleaner




  • Download AdwCleaner and save it to your Desktop
  • Right-click on AdwCleaner.exeand select, Run as Administrator
  • Accept the EULA (I accept), then click on Scan Now
  • Let the scan complete
  • Once the scan completes, make sure that every item listed in the different tabs is checked and click on the Quarantine and delete.
  • Once the cleaning process is complete, AdwCleaner will ask you to restart your computer
  • Close all other open windows and allow it to restart
  • After the restart, Notepad will open with the AdwCleaner cleaning log
  • Please Attach the contents of that log into your next reply to me

Download Malwarebytes v.4 . Install and run.
  • Once the MBAM dashboard opens, click on Settings (gear icon).
  • Click on Security tab and make sure that all four Scan options are enabled.
  • Close Settings and click on the Scan button on the dashboard.
  • Once the scan is completed make sure you have it quarantine any detections it finds.
  • If no detections were found click on the Save results drop-down, then the Export to TXT button and save the file as a Text file to your desktop.
  • If there were detections then once the quarantine has completed click on the View report button, then click the Export drop-down, then the Export to TXT button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
  • If the computer restarted to quarantine you can access the logs from the Detection History, then the History tab. Highlight the most recent scan and double-click to open it. Then click the Export drop-down, then the Export to TXT button, and save the file as a Text file to your desktop or other location you can find and include that log on your next reply.
 
Uninstall Useless programs!
Hit the windows key and R at the same time.
Type appwiz.cpl hit ok.
Uninstall these programs below.


Driver Easy 5.7.3

Look in the Autologger folder and drag out the CheckBrowsersLNK file.
To your desktop.
AutoLogger\CheckBrowserLnk
Drag and drop onto the ClearLNK utility .
After saving ClearLNK to desktop.

move.gif


Run HijackThis! as admin! (located in the folder ...Autologger\HijackThis)
Do a system scan, then check each item below, make sure and only check the items listed.
Then click Fix checked.
The computer will need to reboot, allow it to do so.

Code:
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software (empty)
O22 - Tasks: (disabled) Driver Easy Scheduled Scan - C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
O22 - Tasks: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (file missing)

Please download the FRST 32 bit or FRST 64bit version to suit your operating system. It is important FRST is downloaded to your desktop.
If you are unsure if your operating system is 32 or 64 Bit please go HERE.
Once downloaded right click the FRST desktop icon and select "Run as administrator" from the menu
If you receive any security warnings, or the User Account Control warning opens at any time whilst using FRST you can safely allow FRST to proceed.
FRST will open with two dialogue boxes, accept the disclaimer.
  1. Accept the default whitelist options,
  2. If the additions.txt options box is not checked please select it.
  3. Then select Scan
  4. Frst will take a few minutes to scan your computer, and when finished will produce two log files on your desktop, FRST.txt, and Addition.txt. They will display immediately on the desktop, but can be reopened later as a notepad file.



2016-08-12_152002.jpg



Please Attach the contents of these logs in your next post for review by our Security Team
 
I wasn't able to remove the below from Hijack This - presumably because I deleted it after advice a few posts ago. The other 2 were removed no problem.

O22 - Tasks: (disabled) Driver Easy Scheduled Scan - C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
 

Attachments

  • FRST.txt
    54.1 KB · Views: 2
  • Addition.txt
    39.4 KB · Views: 4
Download and run Startup lite.


Copy the content of the code box below.
Do not copy the word code!!!
Right Click FRST and run as Administrator.
Click Fix once (!) and wait. The program will create a log file (Fixlog.txt).
Attach it to your next message.

Code:
Start::
CloseProcesses:
SystemRestore: On
CreateRestorePoint:
RemoveProxy:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
S3 cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [X]
C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3a875e6f-2e40-4768-bda4-fefa751dbca2}: [DhcpNameServer] 192.168.15.52
Tcpip\..\Interfaces\{6216a534-b922-4cef-9d95-8aa9039f6fbb}: [NameServer] 100.120.30.1
Tcpip\..\Interfaces\{63e8001e-faba-418f-a62a-c98a9380e3e7}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{eb8c6cba-ebc5-479c-8e25-a48edc6943c7}: [DhcpNameServer] 192.168.15.52
FirewallRules: [TCP Query User{F24EAD7D-B830-4521-86D7-DD318BA1F3B3}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{35BB12DE-AD7F-405B-B24D-C2DC88CAA809}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [{4F892332-3556-4238-9E97-6F02E2F61F81}] => (Allow) D:\SteamLibrary\steamapps\common\Golf It!\GolfIt.exe => No File
FirewallRules: [{C126190A-8487-4BE8-9A9A-171F12205D0A}] => (Allow) D:\SteamLibrary\steamapps\common\Golf It!\GolfIt.exe => No File
FirewallRules: [{D1CD37FF-6417-4CC9-A639-DD1E39F22DF3}] => (Allow) C:\Users\David Lindsay\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [{28254DD9-FEB9-4776-B43D-93DA6BD0F46A}] => (Allow) C:\Users\David Lindsay\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
C:\WINDOWS\system32\drivers\etc\hosts
Hosts:
ShortcutWithArgument: C:\Users\David Lindsay\Desktop\David - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\David Lindsay\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\David (alloccasionscateringevents.com) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
cmd: netsh winsock reset catalog
cmd: netsh int ip reset C:\resettcpip.txt
cmd: net stop bits
Move: C:\ProgramData\Microsoft\Network\Downloader\qmgr*.db C:\ProgramData\Microsoft\Network\Downloader\qmgr*.db.old
cmd: net start bits
cmd:  bitsadmin /list /allusers
CMD: "%WINDIR%\SYSTEM32\lodctr.exe /R"
CMD: "%WINDIR%\SysWOW64\lodctr.exe /R"
CMD: "C:\Windows\SYSTEM32\lodctr.exe /R"
CMD: "C:\Windows\SysWOW64\lodctr.exe /R"
CMD: del /f /s /q %windir%\prefetch\*.*
CMD: del /s /q C:\Windows\SoftwareDistribution\download\*.*
CMD: del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*"
cmd: del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\*.*"
cmd: del /s /q "%userprofile%\AppData\Local\Opera Software\Opera Stable\Cache\Cache_Data\*.*"
CMD: del /s /q "%userprofile%\AppData\Local\temp\*.*"
CMD: ipconfig /flushdns
C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
emptytemp:
Reboot:
End::
 
I've done the scan and its rebooted, files attached but what was I to do with the text you told me to copy above? I can't see you telling me to paste it anywhere.
 

Attachments

  • Fixlog.txt
    305 KB · Views: 2
but what was I to do with the text you told me to copy above?


When you copy it to the clipboard, it is what the FRST program will use, to create a fixlog, that you just posted. Those items are fixed/removed from within the clipboard via FRST.

How is the original issue now? Can you test and see what happens please.
 
Na its still the same. Some sites are fine, infact most probably are but the ones I use - twitch/sofscore/youtube/google account info - all these are problems plus I've seen it on many other random pages I've visited.

The game is also not loading via the web like it always has done.

Or when I do somehow manage to get on a site, it never loads properly. For example if load up sofascore it will just tell me that no fixtures are being played on this day - and there tons being played. Twitch at the moment is just a white screen.

Have you seen anything on the scans?

This has just came up when I was on my desktop about to open STEAM

1673595494069.png
 
Last edited by a moderator:
Ok. Remove the following programs.

You can reinstall later this is just a test.

AVG AntiTrack (HKLM-x32\...\AVGAntiTrack) (Version: 3.3.654.558 - AVG)
AVG Internet Security (HKLM\...\AVG Antivirus) (Version: 22.12.3264 - AVG Technologies)
AVG Secure VPN (HKLM\...\AVG Secure VPN) (Version: 5.22.7134.5502 - AVG)
NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.3.0.73 - Nord Security)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 7.1.1.0 - Nord Security)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
uTorrent Web (HKU\S-1-5-21-3473206753-2221114680-3962231543-1001\...\utweb) (Version: 1.2.8 - Rainberry, Inc.)

Reboot the computer, then run the AVG removal tool.

Reboot again and test. AVG is known for causing connection issues, so just removing it and testing for a minute would be the next logical step. Like I say you can reinstall it as this is just a diagnostic approach.
 
  • Like
Reactions: maramessi
Okay well ...... that worked, everything seems to be fine now.

Definitely going to be the AVG causing it and not Nord (not used in a long time) or Torrent (also not used it in a long long time) ?
 
AVG does cause issues, a whole lot of them. Up to you to reinstall it.


I suggest the following to increase privacy and security on the machine.

Ublock Origin
O&O Shutup Ten
O&O App Buster



Update your older programs with Patch My PC home Edition.



We will clean all the tools we used...

Download KpRM
Save to Desktop
Check Delete Tools'
Check Delete Restore points.
Create Restore point.
Click delete quarantines.
Then click run.
 
  • Like
Reactions: maramessi
Status
Not open for further replies.