- Dec 29, 2014
- 1,711
During the installation of Secure Folders there are a number of pop ups from Qihoo 360. This I can live with, because Secure Folders does change the context menu of Explorer if the option is selected during installation. I read all the alerts and felt like I understood what was happening (except the driver ones, honestly). It was way more than usual, about 6 or 7. Also, there was an unusual number of HIPS pop ups from Private Firewall, maybe 8-10. I could tell Secure Folders makes some fairly heavy changes.
Here's the potentially bad part. About two hours ago, I set up Secure Folders to monitor a drive, and, then about 30 minutes ago, while I was browsing around Malware Tips, I got another pop up. Forgot to get a screenshot of the pop up, but attached pic shows the log entries for the event. Decided to block the event, because it sounds to me like a very unusual thing for a program to do. The request was to "Modify the certificate of a publisher". Anyone know why a developer might add this function to a program? Also, will the block break the program?
Other pictures show modify driver and modify shell events during the installation. There were a few of each of these in the logs.
Attached the log of the events. Anyone see anything potentially dangerous? Why would a developer's program try to change a certificate and then an hour after the program installs? That's the main question I have.
Here's the potentially bad part. About two hours ago, I set up Secure Folders to monitor a drive, and, then about 30 minutes ago, while I was browsing around Malware Tips, I got another pop up. Forgot to get a screenshot of the pop up, but attached pic shows the log entries for the event. Decided to block the event, because it sounds to me like a very unusual thing for a program to do. The request was to "Modify the certificate of a publisher". Anyone know why a developer might add this function to a program? Also, will the block break the program?
Other pictures show modify driver and modify shell events during the installation. There were a few of each of these in the logs.
Attached the log of the events. Anyone see anything potentially dangerous? Why would a developer's program try to change a certificate and then an hour after the program installs? That's the main question I have.