Vulnerability in SSL 3.0 Could Allow Information Disclosure, v1.1

Apologies for the "subkey" nomenclature, here's what's in mine, and what I meant by no values, they're all like this including the Hashes, and KeyExchangeAlgorithms:

View attachment 338190

If no Dword are set it is like Windows 7 is using default behavior for each key the tool had created.

Adding a Dword "Enabled 0x0"should enforce it only for RC4 & DES key, and, AES keys should be prefered ones.

My thoughts is that those AES 128 & AES 256 should have a value Enable set to "1", but since there's settings in the Group Policy that could override, it shouldn't be a problem for those.

I"ll let alone Hashes keys, KeyExchangeAlgorithms. Staying concentrate on Weak Ciphers only, and the protocole keys.

Might the hardening tool taking care of it too.
 

My Computer My Computer

At a glance

Windows 7 Professional SP1 - x64 [Non-UEFI Boot]Ivy Bridge Core i5 3570K (Delidded)G.Skill "Ares" DDR3 PC3-12800 - 1600MHz (16Gb)Asus Dual-RX480-O4G
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
Windows 7 Professional SP1 - x64 [Non-UEFI Boot]
CPU
Ivy Bridge Core i5 3570K (Delidded)
Motherboard
Asus P8Z77-V LE PLUS
Memory
G.Skill "Ares" DDR3 PC3-12800 - 1600MHz (16Gb)
Graphics Card(s)
Asus Dual-RX480-O4G
Sound Card
Creative Sound Blaster Z w/5.1 sound system
Monitor(s) Displays
Asus IPS 23"
Screen Resolution
16/9
Hard Drives
Internal:
500Go Sata 6Gb/s (x2)
500Go Sata 3Gb/s (x2)
SSD 60Go Sata 6Gb/s
PSU
In Win C 900W Series 80+ Platinum
Case
Thermaltake Chaser A71
Cooling
Custom Water Cooling Loop
Keyboard
Cooler Master QuickFire XTi
Mouse
Razer Imperator 2012 (4G)
Antivirus
MSE
Browser
IE 11.0.xxx Rtm
Other Info
"Raid0" with Intel Smart Response Technology (HDD/SSD)
Ran into a problem with my banking site, I can't connect to them. I can get onto the the home page, but when I go to sign, in this is what I see:
ffb1.JPG
ieb1.jpg

I enabled everything (clients and servers) in Protocols even SSL2 & 3 I might have to use the registry backup if I can't get this sorted.
 

My Computer My Computer

At a glance

Originally Win 7 Hm Prem x64 Ver 6.1.7600 Bui...Intel i3 530 2.93GHz, 2933MHz 2 Cores 4 Logic...6GB of 1,333MHz DDR3 SDRAM32MB Intel Graphics Media Accelerator HD IGChip
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Gateway DX4831-01e (Mid-Tower Desktop)
OS
Originally Win 7 Hm Prem x64 Ver 6.1.7600 Build 7601-SP1 | Upgraded to Windows 10 December 14, 2019
CPU
Intel i3 530 2.93GHz, 2933MHz 2 Cores 4 Logical Processors
Motherboard
Gateway H57M01 133 megahertz
Memory
6GB of 1,333MHz DDR3 SDRAM
Graphics Card(s)
32MB Intel Graphics Media Accelerator HD IGChip
Sound Card
Realtek High Definition Audio
Monitor(s) Displays
Gateway HX2000 20inch TFT active matrix TN
Screen Resolution
1600 x 900 x 59 hertz
Hard Drives
WDC WD10EADS-00M2B0 [HDD] (1000.20 GB) -- drive 0,
HL-DT-ST DVDRAM GH41N [CD-ROM dr]
Four card readers, and Four USB 2.0
PSU
300watts.
Case
Mid-Tower Desktop
Cooling
Stock from Gateway
Keyboard
Natural Ergonomic Keyboard 4000, see Other Info
Mouse
Orig. Gateway wore out now using Insignia USB wired optical
Internet Speed
Vz FIOS 10ms png 57.64Mbps down 65.53Mbps up Speedtest.org
Antivirus
Zamana Anti-logger with Anti-malware, MSE, Windows Firewall,
Browser
IE11.0.9600.19399-Upd ver11.0.135, Firefox 68.0.1 x64
Other Info
System Specs by Belarc.

BIOS: American Megatrends Inc. P01-A0 11/17/2009

Replaced the MS 'Natural' Standard PS/2 Enhanced 101-102 Keyboard with a new Natural Ergonomic Keyboard 4000 on August 1st 2014.

Canon Pixma MG3222 Printer.

Updated to IE11 on 12102015 | Fios Quantum Router g1100

Additional AV: SpywareBlaster, manual Mbam, SAS
That's just mean your security settings are too tight. Now you doesn't know which keys are good or not.

I'll backed up back the saved registry. Manually add the needed entries as you have previously done before the Hardening tool was used. Proceeding a step-by-step registry settings for keys and values should be safer and fine tuning.
 

My Computer My Computer

At a glance

Windows 7 Professional SP1 - x64 [Non-UEFI Boot]Ivy Bridge Core i5 3570K (Delidded)G.Skill "Ares" DDR3 PC3-12800 - 1600MHz (16Gb)Asus Dual-RX480-O4G
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
Windows 7 Professional SP1 - x64 [Non-UEFI Boot]
CPU
Ivy Bridge Core i5 3570K (Delidded)
Motherboard
Asus P8Z77-V LE PLUS
Memory
G.Skill "Ares" DDR3 PC3-12800 - 1600MHz (16Gb)
Graphics Card(s)
Asus Dual-RX480-O4G
Sound Card
Creative Sound Blaster Z w/5.1 sound system
Monitor(s) Displays
Asus IPS 23"
Screen Resolution
16/9
Hard Drives
Internal:
500Go Sata 6Gb/s (x2)
500Go Sata 3Gb/s (x2)
SSD 60Go Sata 6Gb/s
PSU
In Win C 900W Series 80+ Platinum
Case
Thermaltake Chaser A71
Cooling
Custom Water Cooling Loop
Keyboard
Cooler Master QuickFire XTi
Mouse
Razer Imperator 2012 (4G)
Antivirus
MSE
Browser
IE 11.0.xxx Rtm
Other Info
"Raid0" with Intel Smart Response Technology (HDD/SSD)
I do want to stress something here (confirmed elsewhere as well):

"Of course, all security flaws like this should be taken seriously, but on the “sky is falling” scale, this seems lower than the other recent big-news vulnerabilities, as it does require an active man-in-the-middle attack — an attacker can’t just probe the web for it or automatically attack a client connecting to a malicious server. (The main risk is when you’re on an untrusted network, like wifi at a cofffeeshop or at a conference.)"

Source: What you need to know about the SSLv3 ?POODLE? flaw (CVE-2014-3566) | Fedora Magazine

What this tells me, and everything I have read about this vulnerability is this would be more devastating for those with laptops connecting to public open wifi (in which case you really should not be going on banking, "secure" websites to begin with) then a desktop sitting at home plugged in by ethernet or a mobile phone using 3g, 4g.


Is the flaw serious? Absolutely.
Should we panic? No.
 

My Computer My Computer

At a glance

Windows 10 ProAMD Ryzen 5 2400G Processor with Radeon RX Ve...G.SKILL Ripjaws V Series 16GB (2 x 8GB) 288-P...2047MB NVIDIA GeForce GTX 1060 6GB (EVGA)
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Built
OS
Windows 10 Pro
CPU
AMD Ryzen 5 2400G Processor with Radeon RX Vega 11 Graphics
Motherboard
ASRock X470 Master SLI/AC AM4 AMD Promontory X470 SATA 6Gb/s
Memory
G.SKILL Ripjaws V Series 16GB (2 x 8GB) 288-Pin DDR4 SDRAM D
Graphics Card(s)
2047MB NVIDIA GeForce GTX 1060 6GB (EVGA)
Sound Card
Motherboard Built in
Monitor(s) Displays
Acer R240HY bidx 23.8-Inch IPS HDMI DVI VGA (1920 x 1080) Wi
Screen Resolution
1920 x 1080
Hard Drives
1TB Sandisk SSD PLUS (Main drive)
500 GB Seagate 7200 RPM (Games)
500 GB Western Digital 7200 RPM (Virtual Machines)
PSU
CORSAIR TX Series TX650M 650W 80+ Gold Modular Power Supply
Case
CORSAIR CARBIDE SPEC-02 Mid-Tower Gaming Case, Red LED Fan
Cooling
220mm, two 120mm, and four 60mm fans
Keyboard
Wired Dell keyboard
Mouse
Wireless Logitech mouse
Internet Speed
250mb down, 30mb up
Antivirus
Panda Cloud Antivirus
Browser
Chrome-ish x64
Other Info
Your awesome for reading this.
Online Banking SSL/TLS

As far as I can work out - it should be a browser setting causing the problem rather than a registry setting.

However, I've tested and can connect to online banking:

Internet Bank.jpg

Security Information for onlinebanking.jpg

Just for comparison here's my current list of settings with a few key names fixed.

Harden SSL_TLS.jpg

Harden SSL_TLS 1.jpg

Harden SSL_TLS 2.jpg

Harden SSL_TLS 3.jpg

Harden SSL_TLS 4.jpg

Harden SSL_TLS 5.jpg

Also the following is currently contained in the registry:

Code:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\AES 128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\AES 128\128]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\AES 256]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\AES 256\256]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\DES 56]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\DES 56\56]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\Null]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 128\128]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 40]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 40\128]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 56]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 56\128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 128\128]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40\128]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56\128]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 64]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 64\128]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\Triple DES 168]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\Triple DES 168\168]
"Enabled"=dword:00000001

Code:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols]
"HardenSSL"="was_here"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client]
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client]
"DisabledByDefault"=dword:00000001
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server]
"DisabledByDefault"=dword:00000001
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client]
"DisabledByDefault"=dword:00000001
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server]
"DisabledByDefault"=dword:00000001
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client]
"Enabled"=dword:00000001
"DisabledByDefault"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server]
"Enabled"=dword:00000001
"DisabledByDefault"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
"Enabled"=dword:00000001
"DisabledByDefault"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]
"Enabled"=dword:00000001
"DisabledByDefault"=dword:00000000

Here's the list of settings before using Harden SSL:

Code:
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers\AES 128]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers\AES 128\128]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers\AES 256]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers\AES 256\256]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers\DES 56]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers\DES 56\56]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers\Null]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 128]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 128\128]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 40]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 40\128]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 56]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 56\128]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 128]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 128\128]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40\128]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56\128]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 64]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 64\128]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers\Triple DES 168]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Ciphers\Triple DES 168\168]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\CipherSuites]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Hashes]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Protocols]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client]
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client]
"Enabled"=dword:00000001
"DisabledByDefault"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server]
"Enabled"=dword:00000001
"DisabledByDefault"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
"Enabled"=dword:00000001
"DisabledByDefault"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]
"Enabled"=dword:00000001
"DisabledByDefault"=dword:00000000
 

My Computer My Computer

At a glance

Microsoft Windows 7 Home Premium 64-bit 7601 ...AMD C-60 APU with Radeon(tm) HD Graphics4.00 GBAMD Radeon HD 6290 Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
ASUS
OS
Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
CPU
AMD C-60 APU with Radeon(tm) HD Graphics
Motherboard
ASUSTeK COMPUTER INC. X501U
Memory
4.00 GB
Graphics Card(s)
AMD Radeon HD 6290 Graphics
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
Hitachi HTS545050A7E380 SATA Disk Device
Antivirus
Comodo CIS & FW, SecureAplus App Whitelisting, Threatfire
Browser
Cyberfox 64bit, Opera 64bit, Airfox
Other Info
Spy-The-Spy, HitmanPro.Alert, Norton Connect Safe, MJRegWatcher, BitDefender TrafficLight, Voodoo Shield, Zemana AntiMalware
@Callender, you have numbered of keys that appear double in your registry now...you should tide them a bit! :)
 

My Computer My Computer

At a glance

Windows 7 Professional SP1 - x64 [Non-UEFI Boot]Ivy Bridge Core i5 3570K (Delidded)G.Skill "Ares" DDR3 PC3-12800 - 1600MHz (16Gb)Asus Dual-RX480-O4G
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
Windows 7 Professional SP1 - x64 [Non-UEFI Boot]
CPU
Ivy Bridge Core i5 3570K (Delidded)
Motherboard
Asus P8Z77-V LE PLUS
Memory
G.Skill "Ares" DDR3 PC3-12800 - 1600MHz (16Gb)
Graphics Card(s)
Asus Dual-RX480-O4G
Sound Card
Creative Sound Blaster Z w/5.1 sound system
Monitor(s) Displays
Asus IPS 23"
Screen Resolution
16/9
Hard Drives
Internal:
500Go Sata 6Gb/s (x2)
500Go Sata 3Gb/s (x2)
SSD 60Go Sata 6Gb/s
PSU
In Win C 900W Series 80+ Platinum
Case
Thermaltake Chaser A71
Cooling
Custom Water Cooling Loop
Keyboard
Cooler Master QuickFire XTi
Mouse
Razer Imperator 2012 (4G)
Antivirus
MSE
Browser
IE 11.0.xxx Rtm
Other Info
"Raid0" with Intel Smart Response Technology (HDD/SSD)
Connect to banking website

Ran into a problem with my banking site, I can't connect to them.

I enabled everything (clients and servers) in Protocols even SSL2 & 3 I might have to use the registry backup if I can't get this sorted.

I took a look at your system specs but don't see your AV listed. I've heard that Kaspersky (KIS) have introduced SSL scanning and that it can cause problems with secure connections.

See: SSL connection scan by Kaspersky Anti-Virus version 6.0.4.x
 

My Computer My Computer

At a glance

Microsoft Windows 7 Home Premium 64-bit 7601 ...AMD C-60 APU with Radeon(tm) HD Graphics4.00 GBAMD Radeon HD 6290 Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
ASUS
OS
Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
CPU
AMD C-60 APU with Radeon(tm) HD Graphics
Motherboard
ASUSTeK COMPUTER INC. X501U
Memory
4.00 GB
Graphics Card(s)
AMD Radeon HD 6290 Graphics
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
Hitachi HTS545050A7E380 SATA Disk Device
Antivirus
Comodo CIS & FW, SecureAplus App Whitelisting, Threatfire
Browser
Cyberfox 64bit, Opera 64bit, Airfox
Other Info
Spy-The-Spy, HitmanPro.Alert, Norton Connect Safe, MJRegWatcher, BitDefender TrafficLight, Voodoo Shield, Zemana AntiMalware
Issues with disabling weak protocols in Windows

Further use of my machine with the registry settings shown in my last post has revealed at least one issue.

I'll try to explain as best I can.

I've had no issues at all with browsers or websites, secure connections and logins. Browsers tested - Cyberfox 64bit, Opera 12.17 64bit, SlimBoat portable, Aviator (chromium based)

Actually I experienced no issues until I downloaded the following software:

SigCheckGUI that I spotted in DonationCoder's newsletter. One of the features is to check executable files against VirusTotal but it can check all running processes or all processs in defined folders. It's main purpose though is to check file signatures.

Anyway - with the VirusTotal check enabled it threw up an error "a security error has occurred" in the VirusTotal column.

I was intrigued by this and proceeded to use my regular Virus Total Uploader from SecurityXploded and it worked without a hitch. It's integrated into the right click context menu.

Then I tried the online VirusTotal uploader and it also worked.

So the next step was to launch ProcessExplorer with admin rights and I got the same "a security error has occurred" message in ProcessExplorer's VirusTotal column.

After checking for VirusTotal TOS agreement in the registry and disabling Hosts File, Firewall, AV and anything else I could think of the error persisted.

Solution: Re-enable all disabled security protocols in SCHANNEL. Reboot.

Problem solved!

If I get time I'll disable security protocols one at a time to track down the culprit.

Posted on the basis that other members might experience the same issue.
 

My Computer My Computer

At a glance

Microsoft Windows 7 Home Premium 64-bit 7601 ...AMD C-60 APU with Radeon(tm) HD Graphics4.00 GBAMD Radeon HD 6290 Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
ASUS
OS
Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
CPU
AMD C-60 APU with Radeon(tm) HD Graphics
Motherboard
ASUSTeK COMPUTER INC. X501U
Memory
4.00 GB
Graphics Card(s)
AMD Radeon HD 6290 Graphics
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
Hitachi HTS545050A7E380 SATA Disk Device
Antivirus
Comodo CIS & FW, SecureAplus App Whitelisting, Threatfire
Browser
Cyberfox 64bit, Opera 64bit, Airfox
Other Info
Spy-The-Spy, HitmanPro.Alert, Norton Connect Safe, MJRegWatcher, BitDefender TrafficLight, Voodoo Shield, Zemana AntiMalware
Last edited:

My Computer My Computer

At a glance

Microsoft Windows 7 Home Premium 64-bit 7601 ...AMD C-60 APU with Radeon(tm) HD Graphics4.00 GBAMD Radeon HD 6290 Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
ASUS
OS
Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
CPU
AMD C-60 APU with Radeon(tm) HD Graphics
Motherboard
ASUSTeK COMPUTER INC. X501U
Memory
4.00 GB
Graphics Card(s)
AMD Radeon HD 6290 Graphics
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
Hitachi HTS545050A7E380 SATA Disk Device
Antivirus
Comodo CIS & FW, SecureAplus App Whitelisting, Threatfire
Browser
Cyberfox 64bit, Opera 64bit, Airfox
Other Info
Spy-The-Spy, HitmanPro.Alert, Norton Connect Safe, MJRegWatcher, BitDefender TrafficLight, Voodoo Shield, Zemana AntiMalware
Thanks for the infos...

Well, since Microsoft gives automated Windows Update article ID for the end-users about Schannel, better keep an eye on it, even if its for Server purposes at the first place!!!
 

My Computer My Computer

At a glance

Windows 7 Professional SP1 - x64 [Non-UEFI Boot]Ivy Bridge Core i5 3570K (Delidded)G.Skill "Ares" DDR3 PC3-12800 - 1600MHz (16Gb)Asus Dual-RX480-O4G
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
Windows 7 Professional SP1 - x64 [Non-UEFI Boot]
CPU
Ivy Bridge Core i5 3570K (Delidded)
Motherboard
Asus P8Z77-V LE PLUS
Memory
G.Skill "Ares" DDR3 PC3-12800 - 1600MHz (16Gb)
Graphics Card(s)
Asus Dual-RX480-O4G
Sound Card
Creative Sound Blaster Z w/5.1 sound system
Monitor(s) Displays
Asus IPS 23"
Screen Resolution
16/9
Hard Drives
Internal:
500Go Sata 6Gb/s (x2)
500Go Sata 3Gb/s (x2)
SSD 60Go Sata 6Gb/s
PSU
In Win C 900W Series 80+ Platinum
Case
Thermaltake Chaser A71
Cooling
Custom Water Cooling Loop
Keyboard
Cooler Master QuickFire XTi
Mouse
Razer Imperator 2012 (4G)
Antivirus
MSE
Browser
IE 11.0.xxx Rtm
Other Info
"Raid0" with Intel Smart Response Technology (HDD/SSD)
Info recieved from online payment proccessing

This is from the bank that deals with online payments for purchases made via my employer's website shopping cart.

screenshot-payments.jpg
 

My Computer My Computer

At a glance

Microsoft Windows 7 Home Premium 64-bit 7601 ...AMD C-60 APU with Radeon(tm) HD Graphics4.00 GBAMD Radeon HD 6290 Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
ASUS
OS
Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
CPU
AMD C-60 APU with Radeon(tm) HD Graphics
Motherboard
ASUSTeK COMPUTER INC. X501U
Memory
4.00 GB
Graphics Card(s)
AMD Radeon HD 6290 Graphics
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
Hitachi HTS545050A7E380 SATA Disk Device
Antivirus
Comodo CIS & FW, SecureAplus App Whitelisting, Threatfire
Browser
Cyberfox 64bit, Opera 64bit, Airfox
Other Info
Spy-The-Spy, HitmanPro.Alert, Norton Connect Safe, MJRegWatcher, BitDefender TrafficLight, Voodoo Shield, Zemana AntiMalware
Guys, apologies for not getting back sooner.

I didn't have the time to hunt down the keys that were causing me problems so I used my reg backup last weekend to put me back to before I started. All is well.

I now know that my bank doesn't use any SSL protocols, what level of TLS they do use, and with the recent posts of added information I will try again, but at a later date, and after I brush up on the hardening tool's compatibility report pdf.


EDIT:

Have you seen this thread? http://www.sevenforums.com/security-news/350627-microsoft-releases-anti-poodle-fix.html

The ZDNet link takes you to: https://support.microsoft.com/kb/3009008, and the security advisory from there goes here: https://technet.microsoft.com/library/security/3009008

I applied the technet workaround for Client Software to my registry, OS and banking are okay.
 
Last edited:

My Computer My Computer

At a glance

Originally Win 7 Hm Prem x64 Ver 6.1.7600 Bui...Intel i3 530 2.93GHz, 2933MHz 2 Cores 4 Logic...6GB of 1,333MHz DDR3 SDRAM32MB Intel Graphics Media Accelerator HD IGChip
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Gateway DX4831-01e (Mid-Tower Desktop)
OS
Originally Win 7 Hm Prem x64 Ver 6.1.7600 Build 7601-SP1 | Upgraded to Windows 10 December 14, 2019
CPU
Intel i3 530 2.93GHz, 2933MHz 2 Cores 4 Logical Processors
Motherboard
Gateway H57M01 133 megahertz
Memory
6GB of 1,333MHz DDR3 SDRAM
Graphics Card(s)
32MB Intel Graphics Media Accelerator HD IGChip
Sound Card
Realtek High Definition Audio
Monitor(s) Displays
Gateway HX2000 20inch TFT active matrix TN
Screen Resolution
1600 x 900 x 59 hertz
Hard Drives
WDC WD10EADS-00M2B0 [HDD] (1000.20 GB) -- drive 0,
HL-DT-ST DVDRAM GH41N [CD-ROM dr]
Four card readers, and Four USB 2.0
PSU
300watts.
Case
Mid-Tower Desktop
Cooling
Stock from Gateway
Keyboard
Natural Ergonomic Keyboard 4000, see Other Info
Mouse
Orig. Gateway wore out now using Insignia USB wired optical
Internet Speed
Vz FIOS 10ms png 57.64Mbps down 65.53Mbps up Speedtest.org
Antivirus
Zamana Anti-logger with Anti-malware, MSE, Windows Firewall,
Browser
IE11.0.9600.19399-Upd ver11.0.135, Firefox 68.0.1 x64
Other Info
System Specs by Belarc.

BIOS: American Megatrends Inc. P01-A0 11/17/2009

Replaced the MS 'Natural' Standard PS/2 Enhanced 101-102 Keyboard with a new Natural Ergonomic Keyboard 4000 on August 1st 2014.

Canon Pixma MG3222 Printer.

Updated to IE11 on 12102015 | Fios Quantum Router g1100

Additional AV: SpywareBlaster, manual Mbam, SAS
Technet have revised both links yesterday the 29 in the article ID 3009008, they'd added the SSL 3.0 Client workaround along the Server one!!!

V2.0 (October 29, 2014): Revised advisory to announce the deprecation of SSL 3.0, to clarify the workaround instructions for disabling SSL 3.0 on Windows servers and on Windows clients, and to announce the availability of a Microsoft Fix it solution for Internet Explorer.
 

My Computer My Computer

At a glance

Windows 7 Professional SP1 - x64 [Non-UEFI Boot]Ivy Bridge Core i5 3570K (Delidded)G.Skill "Ares" DDR3 PC3-12800 - 1600MHz (16Gb)Asus Dual-RX480-O4G
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
Windows 7 Professional SP1 - x64 [Non-UEFI Boot]
CPU
Ivy Bridge Core i5 3570K (Delidded)
Motherboard
Asus P8Z77-V LE PLUS
Memory
G.Skill "Ares" DDR3 PC3-12800 - 1600MHz (16Gb)
Graphics Card(s)
Asus Dual-RX480-O4G
Sound Card
Creative Sound Blaster Z w/5.1 sound system
Monitor(s) Displays
Asus IPS 23"
Screen Resolution
16/9
Hard Drives
Internal:
500Go Sata 6Gb/s (x2)
500Go Sata 3Gb/s (x2)
SSD 60Go Sata 6Gb/s
PSU
In Win C 900W Series 80+ Platinum
Case
Thermaltake Chaser A71
Cooling
Custom Water Cooling Loop
Keyboard
Cooler Master QuickFire XTi
Mouse
Razer Imperator 2012 (4G)
Antivirus
MSE
Browser
IE 11.0.xxx Rtm
Other Info
"Raid0" with Intel Smart Response Technology (HDD/SSD)
Microsoft SSL v3 Fixit

Yes, I've just seen it today. I'll run the Fixit anyway.

Re: Virus Total scanner not working within applications. SSL v3 is kept disabled. With all other protocols enabled the scanner works:

SigcheckGUI.jpg

Note: If changes are made to SSL registry settings - on my machine a reboot is required before the settings stick.
 

My Computer My Computer

At a glance

Microsoft Windows 7 Home Premium 64-bit 7601 ...AMD C-60 APU with Radeon(tm) HD Graphics4.00 GBAMD Radeon HD 6290 Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
ASUS
OS
Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
CPU
AMD C-60 APU with Radeon(tm) HD Graphics
Motherboard
ASUSTeK COMPUTER INC. X501U
Memory
4.00 GB
Graphics Card(s)
AMD Radeon HD 6290 Graphics
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
Hitachi HTS545050A7E380 SATA Disk Device
Antivirus
Comodo CIS & FW, SecureAplus App Whitelisting, Threatfire
Browser
Cyberfox 64bit, Opera 64bit, Airfox
Other Info
Spy-The-Spy, HitmanPro.Alert, Norton Connect Safe, MJRegWatcher, BitDefender TrafficLight, Voodoo Shield, Zemana AntiMalware
Update on VirusTotal uploader issue

It seems that setting TLS v1.0 Client to disabled caused the problem with applications that upload files (or hashes) to VirusTotal for scanning.

Re-enabling fixed it:

TLS 1.0Protocol.jpg

SigCheckGUI and ProcessExplorer now both allow VirusTotal scanning.

SigcheckGUI 1.jpg
 

My Computer My Computer

At a glance

Microsoft Windows 7 Home Premium 64-bit 7601 ...AMD C-60 APU with Radeon(tm) HD Graphics4.00 GBAMD Radeon HD 6290 Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
ASUS
OS
Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
CPU
AMD C-60 APU with Radeon(tm) HD Graphics
Motherboard
ASUSTeK COMPUTER INC. X501U
Memory
4.00 GB
Graphics Card(s)
AMD Radeon HD 6290 Graphics
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
Hitachi HTS545050A7E380 SATA Disk Device
Antivirus
Comodo CIS & FW, SecureAplus App Whitelisting, Threatfire
Browser
Cyberfox 64bit, Opera 64bit, Airfox
Other Info
Spy-The-Spy, HitmanPro.Alert, Norton Connect Safe, MJRegWatcher, BitDefender TrafficLight, Voodoo Shield, Zemana AntiMalware
I've only check all boxes for TLS 1.0, 1.1, 1.2 in the Internet Options and let at default settings in registry (no keys created). Created SSL 3.0, though!

I think it does stuff the Algorithm to force too much enabled keys. Should be enough, Qualys Lab tells me i am not vulnerable to poodle and most are forward secrecy set.
 

My Computer My Computer

At a glance

Windows 7 Professional SP1 - x64 [Non-UEFI Boot]Ivy Bridge Core i5 3570K (Delidded)G.Skill "Ares" DDR3 PC3-12800 - 1600MHz (16Gb)Asus Dual-RX480-O4G
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
Windows 7 Professional SP1 - x64 [Non-UEFI Boot]
CPU
Ivy Bridge Core i5 3570K (Delidded)
Motherboard
Asus P8Z77-V LE PLUS
Memory
G.Skill "Ares" DDR3 PC3-12800 - 1600MHz (16Gb)
Graphics Card(s)
Asus Dual-RX480-O4G
Sound Card
Creative Sound Blaster Z w/5.1 sound system
Monitor(s) Displays
Asus IPS 23"
Screen Resolution
16/9
Hard Drives
Internal:
500Go Sata 6Gb/s (x2)
500Go Sata 3Gb/s (x2)
SSD 60Go Sata 6Gb/s
PSU
In Win C 900W Series 80+ Platinum
Case
Thermaltake Chaser A71
Cooling
Custom Water Cooling Loop
Keyboard
Cooler Master QuickFire XTi
Mouse
Razer Imperator 2012 (4G)
Antivirus
MSE
Browser
IE 11.0.xxx Rtm
Other Info
"Raid0" with Intel Smart Response Technology (HDD/SSD)
Back
Top