Highlighted
Tamerr
1 Nickel

Win32/CompromisedCert.C alert by Windows Defender. What is this?

Jump to solution

Hello everyone. I am quite illiterate about computer issues. In general, I try to be a quite safe surfer on the internet and avoid visiting risky websites. But today, surprisingly, I received a Windows Defender alert about Win32/CompromisedCert.C and WinDefender identifies it as a "potentially unwanted software". Anyway, I just clicked remove and everything seems fine now.

When I click details in Windows Defender, the following sentences appear as related items with this problem:

file:C:\Program Files\Dell\Dell Foundation Services\Dell.Foundation.Agent.Plugins.eDell.dll
file:C:\Program Files\Dell\Dell Foundation Services\Dell.Foundation.eDell.Common.dll
file:C:\Program Files\Dell\Dell Foundation Services\Dell.Foundation.eDell.Configuration.dll

I really want to know whether this "potentially dangerous software" occured due to something I did (like visiting a website that contains malware) or whether this issue occured due to a problem related with Dell Softwares. Do you have any idea? Thanks in advance.

0 Kudos
1 Solution

Accepted Solutions
ky331
6 Indium

RE: Win32/CompromisedCert.C alert by Windows Defender. What is this?

Jump to solution

Rest assured, it's nothing that you did.

The issue is indeed related to Dell's Software.   As you discovered,Microsoft's scanners detect and remove the vulnerable certificates from the certificate root store, as well as the affected binaries that might re-install the vulnerable certificate:

http://www.zdnet.com/article/windows-defender-removes-potentially-dangerous-dell-certificate/

Dell has acknowledged and explained the issue here:  http://en.community.dell.com/dell-blogs/direct2dell/b/direct2dell/archive/2015/11/23/response-to-con...

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware


Windows 7 Pro SP1 (64-bit), avast! v17 Free, MBAM3 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), uBlock Origin, CryptoPrevent.


[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos
3 Replies
ky331
6 Indium

RE: Win32/CompromisedCert.C alert by Windows Defender. What is this?

Jump to solution

Rest assured, it's nothing that you did.

The issue is indeed related to Dell's Software.   As you discovered,Microsoft's scanners detect and remove the vulnerable certificates from the certificate root store, as well as the affected binaries that might re-install the vulnerable certificate:

http://www.zdnet.com/article/windows-defender-removes-potentially-dangerous-dell-certificate/

Dell has acknowledged and explained the issue here:  http://en.community.dell.com/dell-blogs/direct2dell/b/direct2dell/archive/2015/11/23/response-to-con...

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware


Windows 7 Pro SP1 (64-bit), avast! v17 Free, MBAM3 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), uBlock Origin, CryptoPrevent.


[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos
Tamerr
1 Nickel

RE: Win32/CompromisedCert.C alert by Windows Defender. What is this?

Jump to solution

ky331, I really thank you so much for your help. Now I am relieved. I appreciate your prompt response.

Best regards.

0 Kudos
david550
1 Copper

RE: Win32/CompromisedCert.C alert by Windows Defender. What is this?

Jump to solution

My PC was affected by this TrojanSpy:Win32/Nivdort.CC Trojan horse and i was looking for the immediate solution of this infection. I removed this Trojan infection with the help of this link www.howtoremovemalwarepc.com/how-to-delete-trojanspywin32nivdort-cc-from-infected-system-quickly