svchost.exe accessing infected web resource


I got three of these messages today after boot up:

BD Warning.png

Comments

  • Math_Matei
    Math_Matei Moderator ✭✭✭✭
    edited November 2016


    I received 12 alerts!!!!


    same problem svchost.exe


    what happens?

    Windows 11 Pro - 11th Gen Intel Core i9-11900KF @3,50 GHz, 128.0 GB RAM


  • I had the same first svchost.exe then upc.exe i think it has something to do with my uplay.

  • Math_Matei
    Math_Matei Moderator ✭✭✭✭

    408058-bitdefender-wallpaper.jpg.d3d8a41f830b6ab6d8ab0e74b34c182b.jpg

    Windows 11 Pro - 11th Gen Intel Core i9-11900KF @3,50 GHz, 128.0 GB RAM


  • Hey Guys,


    Im also having this issues, done loads of scans with other Antivirus scanners, ESET, Malwarebytes and all clear.


    Even done Bitdefender recovery scan still clean.


    I think your right something to do with Uplay as I cannot access the store or buy anything from the client or their webpage as the page itself keeps refreshing and loosing the item in cart.

    Bitdefender.PNG

  • denniz
    edited November 2016


    I also received the same warning 3 times now so far. Must be a false positive? I don't use Uplay, so that's not the problem.


    Capture.PNG


     


  • Hi Denniz,


     


    I think your right considering ive done loads of other scans and ran CHKDSK and SFC/ SCANNOW and all ok/clear.


     


  • I've been having the same problem since this morning. However I have never installed uplay on my computer as far as I can tell.

  • dower4720
    edited November 2016


    Same problem here. No Uplay on computer. Wonder if it has anything to do with latest/today's BD definition updates? It appears to be two websites that are flagged, both having to do with certificates?


    bd_alert1.jpg


    bd_alert2.jpg


  • My scans with Zemana Anti-Malware, Hitman Pro and Emsisoft Emergency Kit came back clean. In the mean time I received another 3 warnings, this time the address it detected is different. 

    Capture.PNG


  • Like the rest of you, I had 5-6 of these svchost.exe alerts. But it probably doesn't have anything in common with the reasons for the alerts that you all received. 


    Why, you ask?


    I was downloading/upgrading/activating a new version of DVDFab, (DVDFab10) and maybe or not a true positive, I got a pop up every single time I clicked on a different phase of the installation process. 


    I have not done anything else, except normal browsing, on my machine all day. 


  • Having the same issues with crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl. Pretty sure this is just a BD slip up, I don't know much about it but the link is for webpage SSL certs.


  • Oh wow, I've spent that last 6 hours trying to figure this out. Running masses of antimalware and other system checkers.


    I don't have Uplay installed, so I doubt it's that. Going to treat this as a false positive for now and try and get some work done. I was about 5 minutes away from wiping my PC as a last resort in fixing this.


  • Same problem here. I just signed up to post this. I think Bit Defender's last virus def update is screwed up hence all of the false positives. I don't have uplay on my system.


     


     

    bitdefender.PNG

  • Unknown
    edited November 2016


    1 hour ago, mdgboxx said:



    downloading/upgrading/activating a new version of DVDFab, (DVDFab10)



    I didn't have any problems doing the new DVDFab this morning. 


    Did the installer prompt for a system restart upon completion?  If not, try a restart.


    BTW, I don't recall a restart needed for 8 or 9.  But it's been a while. ^_^


     


  • Ok, i am still afraid. Bought bitdefender, because they have only a very few false positive messages...


     


    (same problem here)


  • I know it's unfashionable these days to mention which Windows, but I'm running Windows 7 and not seeing these warnings.


    IMHO it's yet another Commodo fubar in its long history of fubars and BD is just doing its job. 


    Or not. 


    Hope you folks get relief real soon.



  • Just now, Jockel222 said:



    Ok, i am still afraid. Bought bitdefender, because they have only a very few false positive messages...


     


    (same problem here)



    First time I've experienced this in about two years of using Bitdefender, so I wouldn't get too worried. 


    I know for next time to come here and post ASAP, rather than start to pull my system apart.


  • I'm running Windows 7. it's not just the comodo cert server.


     


     


     


     

    bitdefender2.PNG


  • Hello. We're aware of this and working to correct the issues. If you have reports for subdomains outside of digicert.com and comodoca.com, please report only those. Thank you.

  • MarcHoppe
    edited November 2016


    Well I'm glad to see it's not only me having this issue and that BD is aware and working on a solution.  That's one of the reasons I use BD TS 2016, very few false positives and solid service. I should have mentioned in the original post I am running Win 10 latest updates.  I always update BD on start up and these warning messages came in before I could update to today's definitions. :)


     


  • Issue has been resolved. Please report back if you are still seeing problems.

  • Math_Matei
    Math_Matei Moderator ✭✭✭✭


    I am extremely disappointed!

    How do I get rid of the 12 alerts from web protection?

    It bothers me enormously!

    Snap1.png

    Windows 11 Pro - 11th Gen Intel Core i9-11900KF @3,50 GHz, 128.0 GB RAM



  • 2 hours ago, Matei M. said:



    I am extremely disappointed!

    How do I get rid of the 12 alerts from web protection?

    It bothers me enormously!


    Snap1.png



    I presume after 30 days when your Security Report resets

  • Math_Matei
    Math_Matei Moderator ✭✭✭✭


    For me it is frustrating to see that!
    Especially because it's not my fault!

    Windows 11 Pro - 11th Gen Intel Core i9-11900KF @3,50 GHz, 128.0 GB RAM


  • Still seeing these messages this morning. I didn't see any yesterday, now they're back. I know my system is clean. What's going on with BD's virus defs?


     


    This is getting old.

    bitdefender3.PNG


  • I am still getting these alerts. Has been happening continually for the past few days.


     

    BD.jpg


  • Same probleme here.


    Very frustrating. No solution of this issue for two days.


     

    False_Positive.PNG


  • Hello,


     


    Please run a update by clicking on the Update button present on the main interface.

  • An3
    An3
    edited November 2016


    Still the same problem here. It was gone this morning, but is back now - alerts every few minutes. Very annoying.


     


  • Hello,

    still the same issue on my side.

    Running update two minutes ago didn't help.

    (crl3.digicert.com/sha2-ha-server-g5.crl)

  • rassilon
    edited November 2016


    Bitdefender's claim that this issue is resolved is incorrect. I'm still getting these false positives every few minutes. It's a shame that Sorin G and other employees don't have a clue what's going on.


  • Hello,


     


    Thank you for your patience and feedback.


    Our team is currently working on resolving this issue.


  • Thank you Sorin.  Also had no new notifications yesterday, but they came back with a vengeance this morning.  Have also received a new notice after I forced an update this morning.


  • Still not fixed.  I keep getting "The application svchost.exe accesses a web resource http://crlcomodoca.com/COMODORSAOrganizationalValidationSecureServerCA.crl that has been detected as infected."  Using Bitdefender 2016 Total Security with Windows 7. 


  • Hello,


     


    Should be resolved now.


    Let me know if you receive anymore events. You can mark past events as read or simply delete them.


     


  • Hello,


    seems to be solved for crl3.digicert.com/sha2-ha-server-g5.crl.

    Revocation list can be downloaded as a test without any errors or warnings.