Do I have something on my machine, or is KIS finding this on some website? I've done a bunch of scans (kis, Mbam, SAS, ADW), I always choose 'disconnect' Example... Thanks
What Kaspersky is warning you about is that there is a problem with the web site's SSL certificate. Before I get into that, a few tests. Zulu, Sucuri, and VirusTotal all say the web site is clean. When I tried to access the web site in IE11, the first thing the site attempted to do is download something. This was before the web page was displayed. Never saw that one before. For that reason alone, I would stay away. As far as Kapersky's cert. warning, I could not verify same using Eset since I terminated the access to the web site after the attempted download. My theory on this is the web site is compromised and a redirect is occurring. However, Eset didn't detect the drive-by download so not really sure this is the case.
Thanks! itman Note I was not on the above site when KIS msg occurred, so something from the site I was on tried to re-direct. So first check the machine for malware (none), then curious these are the same sites visited regularly, where KIS sounds the warning. uBlock Origin stays quite, or allows, so dif vendors, disagree, still I do not like the fact that a dl started when you visited. Anytime this happens in the future, I'll choose 'disconnect' Rico
I checked out the cert. both at Quals and at NetWorking4All. Quals gave it an A-. Below are details from the NetWorking4All scan: The SSL Certificate for *.bootstrapcdn.com is signed by GlobalSign Domain Validation CA - SHA256 - G2 wich is signed by GlobalSign Root CA wich is signed by GlobalSign Root CA . The SSL Certificate will expire on Monday 10 June 2019 this means it is still valid for 974 days. This SSL Certificate has 2 subject alternative name(s). This means that this SSL Certificate is not only valid for *.bootstrapcdn.com but in this case also for the alternative names *.bootstrapcdn.com, bootstrapcdn.com There are no organisation details listed in this SSL Certificate. This certificate is validated by contacting the domain administrator through e-mail only, no validation on the identity of the owner has taken place. Ref.: https://www.networking4all.com/en/support/tools/site+check/report/?fqdn=maxcdn.bootstrapcdn.com https://www.networking4all.com/en/support/tools/site+check/report/?fqdn=maxcdn.bootstrapcdn.com I believe what Kaspersky is complaining about is the "*" in the cert. subject name. Use of "*" should only be used for alternates and I believe that use is being deprecated. Appears to me was the source web site in question should not have been using a reference to this URL since as noted, the cert. is for content delivery network servers.
scan with roguekiller x32 http://download.adlice.com/RogueKiller/RogueKiller.exe x64 http://download.adlice.com/RogueKiller/RogueKillerX64.exe
From the Wikipedia link posted above: BootstrapCDN is a free and public content delivery network. Users of BootstrapCDN can load CSS, JavaScript and images remotely, from its servers. Now read this recent Wilders post: https://www.wilderssecurity.com/thre...l-credit-card-data-from-popular-sites.389105/ as an example of possible malicious use of this CDN provider.