Why does this keep happening time and time again after an CIS update?
And it’s for all my browsers. Weird. I fight and fight and sometimes don’t remember exactly what I do to get it fixed I try so many things. This ends up taking days to resolve and I use my computer a lot, and not for entertainment either.
Here is the error on Dragon browser,
[b]Your connection is not private
Attackers might be trying to steal your information from www.google.com (for example, passwords, messages, or credit cards). NET::ERR_CERT_AUTHORITY_INVALID
www.google.com normally uses encryption to protect your information. When Comodo Dragon tried to connect to www.google.com this time, the website sent back unusual and incorrect credentials. Either an attacker is trying to pretend to be www.google.com, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Comodo Dragon stopped the connection before any data was exchanged.
You cannot visit www.google.com right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later.[/b]
Other websites work fine, but any search engines like Yahoo, whatever, same problems. Or a few other websites give the same error but most work. For example I’m able to post here!
I go to “Google” on my Internet Explorer and IE browser,… There is a problem with this website’s security certificate.
Why does this happen almost every time I do an update on CIS?
Not sure how to find out “cert authority” but no pop-ups happen giving out that information.
I would GOOGLE it, but my browser won’t let me! LOL
Actually all joking side, if you type in the word “danger” anywhere inside the browser (you won’t see your typing though) and then hit enter, it bypasses the stupid error and lets you go to Google. Of course you have to keep doing that for each Google page. Any other websites you go from Google are fine, no bypassing needed.
Isn’t that a handy little secret?
Only comes in handy in a situation like this, otherwise not recommended.
Okay, think I figured it out on how to get cert info…
Here is what happens when I click on Dragon Browser in the address window where the little red x and the slash through the https:// is, but like I say, this is for all browsers and not sure how to access it from those yet. Here’s Dragon,…
[b]Windows does not have enough information to verify this certificate.
Issue to: www.google.com
Issued by: PrivDog Secure Connection Inspector CA
Valid from 11/12/2015 to 2/9/2016[/b]
I already have my PrivDog browser “extension” turned OFF.
But maybe just having it installed on my computer is effecting all browsers?
Been down this path as possible source of problem, thus already having it turned off in Dragon. But I wonder,…hmmm
Heck, I may uninstall it and see what happens then. Hate to, but I’m not using it at least in this browser. May try it later if no one chimes in with any other good ideas or solutions.
Certificate Details
Common Name www.google.com
Alternative Names
Click a Name to crt.sh (search) for all publicly logged certificates www.google.com
Subject Name commonName=www.google.com
organizationName=Google Inc
localityName=Mountain View
stateOrProvinceName=California
countryName=US
Serial Number 5E962EFD88A61399
Fingerprint (SHA-256) 3492591DE1FC3816160E026AEDEF09BB7794505553C4357EE8F55E814BE3321F
Valid From Thu, 12 Nov 2015 18:27:01 GMT
Valid To Wed, 10 Feb 2016 00:00:00 GMT (Expires in 79 days)
Key RSA (2048-bit)
Signature SHA-256 / RSA
Issuer Name
commonName=Google Internet Authority G2
organizationName=Google Inc
countryName=US
Issuer Brand Google
Validation Type Organizational Validation (OV)
Trusted by Microsoft? Yes
Trusted by Mozilla? Yes
Certificate Status Details
OCSP “Stapling” Not Supported
Server Details
Software sffe
IP Address 216.58.196.100
Port 443
Hostname maa03s19-in-f100.1e100.net
Clock (ServerHello.gmt_unix_time) Sun, 22 Nov 2015 20:22:11 GMT (Accurate)
Clock (HTTP “Date:” header) Sun, 22 Nov 2015 20:22:12 GMT (Accurate)
Protocol Versions
TLS v1.2 Supported Immune to TLS POODLE attack
TLS v1.1 Supported Immune to TLS POODLE attack
TLS v1.0 Supported Immune to TLS POODLE attack SSL v3.0 Supported Vulnerable to SSLv3 POODLE attack INSECURE
SSL v2.0 Not Supported
Protocol Features / Problems
Downgrade Protection (TLS_FALLBACK_SCSV) Supported
Secure Renegotiation (Server-initiated) Supported
Secure Renegotiation (Client-initiated) Not Supported
Legacy Renegotiation (Client-initiated) Not Supported
Compression Not Supported Immune to CRIME attack
Heartbeat Not Supported Immune to Heartbleed attack
Session Resumption Supported
Session Tickets Supported
TLS Extension Intolerant? No
Cipher Suite Negotiation Bug? No
Cipher Suites Enabled
Name (ID) Key Size (in bits)
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xCC13) 256 ECDH 256-bit (P-256)
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F) 128 ECDH 256-bit (P-256)
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xC013) 128 ECDH 256-bit (P-256) TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xC011) 128 ECDH 256-bit (P-256) WEAK (RC4 )
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9C) 128
TLS_RSA_WITH_AES_128_CBC_SHA (0x2F) 128
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3C) 128
TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xA) 112 TLS_RSA_WITH_RC4_128_SHA (0x5) 128 WEAK (RC4 )
TLS_RSA_WITH_RC4_128_MD5 (0x4) 128 WEAK (RC4 )
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xC030) 256 ECDH 256-bit (P-256)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xC014) 256 ECDH 256-bit (P-256)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xC028) 256 ECDH 256-bit (P-256)
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xC027) 128 ECDH 256-bit (P-256)
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9D) 256
TLS_RSA_WITH_AES_256_CBC_SHA (0x35) 256
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3D) 256
Miscellaneous
Report Date Sun, 22 Nov 2015 20:22:10 GMT
Report Duration 30 seconds
If this has not solved the problem, close all browers and go to Control panel ~ administrative tools ~ services ~ Privacy Content Firewall service ~ Properties, and stop the service.
If it will not stop disable it and reboot
In a command widnows with admin privs type:
sc delete “Privacy Content Firewall”
In Windows Explorer Navigate to %appdata%
Delete the AdtrustMedia folder
Reboot. Check affected site in your browser - the problem should now be gone
I came back to post my solution after so many days and my temporary work-arounds and saw your post ONLY TWO DAYS AGO!!!
How bout dat?
Thanks for the info, and your solution matched mine perfectly. Step one in fact. Surprised me how much PrivDog effected my PC, because now it’s cracking like lightning. Just uninstalled PrivDog yesterday. Really didn’t think that was the main problem there for a while but sure enough, I guess it was.
Noticed it was not the latest version, so maybe I’ll experiment with installing the new version one day when I have nothing better to do. I like the idea of an extra layer of protection but if the cost is that it messes around with too many other things, then I’ll have to pass.
Couldn’t find any “Privacy Content Firewall service” by Start/Task Manager/ and the Services tab, so I guess that’s not a factor for my computer. But I looked just for curiosity sake. And being a geek.
Thanks again for your post. Hope this helps someone out there with this maddening problem.
Glad to be of help - actually one of the Comodo devs gave me the solution.
Thanks for the info, and your solution matched mine perfectly. Step one in fact. Surprised me how much PrivDog effected my PC, because now it's cracking like lightning. Just uninstalled PrivDog yesterday. Really didn't think that was the main problem there for a while but sure enough, I guess it was.
That's good. On my machine the uninstall said it completed, but actually failed to remove the service due to a timeout stopping the service I think, or possibly due to the fact that I had earlier removed the certificate.
Noticed it was not the latest version, so maybe I'll experiment with installing the new version one day when I have nothing better to do. I like the idea of an extra layer of protection but if the cost is that it messes around with too many other things, then I'll have to pass.
Yes the uninstall problem I had was suggestive of an early version. Later versions, eg I think it is now installed with Dragon seem not to cause people problems. But we cannot be sure - maybe there is a software conflict on both our machines. So proceed with caution and take a restore pt if you decide to re-install.
Couldn't find any "Privacy Content Firewall service" by Start/Task Manager/ and the Services tab, so I guess that's not a factor for my computer. But I looked just for curiosity sake. And being a geek. ;)
It's the main proivdog service - your uninstall must have been successful
Thanks again for your post. Hope this helps someone out there with this maddening problem.