Win32/CompromisedCert.C alert by Windows Defender. What is this?

Question

Hello everyone. I am quite illiterate about computer issues. In general, I try to be a quite safe surfer on the internet and avoid visiting risky websites. But today, surprisingly, I received a Windows Defender alert about Win32/CompromisedCert.C and WinDefender identifies it as a 'potentially unwanted software'. Anyway, I just clicked remove and everything seems fine now. When I click details in Windows Defender, the following sentences appear as related items with this problem: file:C:\Program Files\Dell\Dell Foundation Services\Dell.Foundation.Agent.Plugins.eDell.dllfile:C:\Program Files\Dell\Dell Foundation Services\Dell.Foundation.eDell.Common.dllfile:C:\Program Files\Dell\Dell Foundation Services\Dell.Foundation.eDell.Configuration.dll I really want to know whether this 'potentially dangerous software' occured due to something I did (like visiting a website that contains malware) or whether this issue occured due to a problem related with Dell Softwares. Do you have any idea? Thanks in advance.

ky331 · Accepted Answer

Rest assured, it's nothing that you did.

The issue is indeed related to Dell's Software. As you discovered,Microsoft's scanners detect and remove the vulnerable certificates from the certificate root store, as well as the affected binaries that might re-install the vulnerable certificate:

http://www.zdnet.com/article/windows-defender-removes-potentially-dangerous-dell-certificate/

Dell has acknowledged and explained the issue here: http://en.community.dell.com/dell-blogs/direct2dell/b/direct2dell/archive/2015/11/23/response-to-concerns-regarding-edellroot-certificate

Tamerr · Answer

ky331, I really thank you so much for your help. Now I am relieved. I appreciate your prompt response. Best regards.

david550 · Answer

My PC was affected by this TrojanSpy:Win32/Nivdort.CC Trojan horse and i was looking for the immediate solution of this infection. I removed this Trojan infection with the help of this link www.howtoremovemalwarepc.com/how-to-delete-trojanspywin32nivdort-cc-from-infected-system-quickly

Virus & Spyware

Was this post helpful?