SOLVED Window 7 CERTIFICATE THREAT

Joined
Feb 21, 2010
Messages
165
Reaction score
77
Hello members,
Yesterday after reading the email about IE9 I couldnt help myself as it is very plain simple very very fast.Anyway back to my point of posting certificate manager had 2 certificates there and I am confused as to How they were installed.Certificates are not my area of knowledge especially when it come down to this security weakness that windows always seem to cross.


WHEN I downloaded IE9 yesterday FRAUDULENT CERTIFICATE flashed up on my desktop,so i went into Credential Manager in control panel then clicked on Certificate-based Credentials & took a look at UNTRUSTED CERTIFICATES,to my shocked amazement being I assumed something was & is very wrong here seeing activity after I go OFFLINE.

wow to my amazement there were two certificates BOTH FRAUDULENT NOT MICROSOFT & VERISIGN ALSO they were giving FULL admin right to many security related Issues which make anyone feel totally useless about keeping this off win 7does anyone else have these two certificates in their credential certificate based Manager:

(1)microsoft corporation Verisign Commercial Software CA Expire 01/02/2002 FRAUDULENT now set to none(DISABLED)from enabled it was set to go online at 5pm daily (i go offline at 5pm daily)

(2)microsoft corporation Verisign Commercial Software CA Expire 31/1/2002 now set to none this also had FULL ADMIN RIGHTS and a keep alive internet 7 setup for use as a loopback from 127.0.0.1\255.0.55.53 CAN ANYONE EXPLAIN how & why i never knew they were even there as i monitor my security norton history every ten mins never see anything but unusual things all day long
Any help would REALLY BE APPRECIATED
respectfully
jeffreyobrien
 
Last edited:

davehc

Microsoft MVP
Joined
Jul 20, 2009
Messages
1,958
Reaction score
502
Assuming you downloaded IE9 from the normal advertised source, your problem has nothing to do with IE9. The certificates were placed there through a third party program, ot through an unfortunate browsing connection you may have made.
I have none such, nor have I collected anything like it from other sources.
There are quite a few comments on the subject, on the web. Here is one example:
http://articles.techrepublic.com.com/5100-10878_11-5033191.html

Here is my certificate window,
View attachment 925

Fwiw. Nothing to do with this topic, but your posts, imho, would be easier to assimilate if you kept the text in lower case.
 
Last edited:

catilley1092

Win 7/Linux Mint Lover
Joined
Nov 13, 2009
Messages
3,507
Reaction score
563
Jeffrey, you and your friend may need to install a program such as Malwarebytes, update it and do a FULL scan. I'm not 100% positive, but it sounds like you may have some spyware or malware on your computer. Some downloaded programs includes these. But my offer of the IE9 pre-beta came directly from Microsoft in a newsletter, and I downloaded it from that link. I don't think that using this software would cause any problems, unless you don't have an adequate AV, or don't keep it updated. You should also do a full scan with your AV once weekly, at the least, and have "real time" protection enabled. Malwarebytes has a free version that you can use to do a scan with to see if you're infected. And if you scan and somethings found, scan again. Try this out, if you need more advice, post back.
 
Joined
Feb 21, 2010
Messages
165
Reaction score
77
Hi davehc,
I had downloaded the IE9 preview from same exact newsletter as catilley,I am sorry if my post misled any readers I never had the fraudulent certificates prior to setting up IE9 preview THAT is when I noticed another update going on without my admin approval Catilley for record I use Norton 360 Premium edition version 4 with latest pulse updates,it is configured correctly by Norton as well the copy of win 7 being RTM.
I have no third party applications except for Adobe & Active whois.I have called mark from Microsoft as well sent a message to my complete contact list Guess what?YES they also had the same two certificates on their PC so i am aware that I have these I am also aware they need to be deleted what I need to find out is HOW they were installed without me seeing or realising they were there until adobe was downloading after IE9 from Microsoft.

Catilley & davehc I appreciate your assistance and will keep the lower case down as well I will watch my subjects.I was very EXCITED when this happened and for this I also appologise as to read thing like this Fwiw. Nothing to do with this topic, but your posts, imho, would be easier to assimilate if you kept the text in lower case."Visual FIX" is a registered trademark of Assimilate Technology, Inc. The marks "FIX" and "FIX Protocol" are registered sorry davehc i will be more careful in future so others can fully understand what my post is about ,that is why I re-posted it under Window 7 CERTIFICATE THREAT .no ie9 had nothing to do with the 2 certificates found on my laptop.
respectfully always
jeffreyobrien

Assuming you downloaded IE9 from the normal advertised source, your problem has nothing to do with IE9. The certificates were placed there through a third party program, ot through an unfortunate browsing connection you may have made.
I have none such, nor have I collected anything like it from other sources.
There are quite a few comments on the subject, on the web. Here is one example:
http://articles.techrepublic.com.com/5100-10878_11-5033191.html

Here is my certificate window,
View attachment 925

Fwiw. Nothing to do with this topic, but your posts, imho, would be easier to assimilate if you kept the text in lower case.
 
Joined
Feb 21, 2010
Messages
165
Reaction score
77
Catilley,
well we took your advice and we did a format on all three laptops,we then did a clean install of win7 home premium 64bit on rodneys two,on mine I installed RTM 7600 x64bit

After we plugged in the 3G USB Modems & setup these devices which are both E160 made by Huawei made feb 2009 they are on compatability list for win7,Prior to going online the very first thing I did was to go into certificates Credentials which to my amazement in un trusted certificates on all three systems,they were back.

Certificates 2 not microsoft (Fraudulent) certificates as mentioned in my post last week.i do not see these on the copy of win 7 & i am totally confused on this one.

We both purchased all 3 laptops from same store anyway mate what & where could these come from,the only thing i see a threat from is that both of us use 3G (usb)modems I think this is where the software comes from .

Any help or understanding about this would be greatly appreciated as I am concerned as to what to do about them.
respectfully
jeffreyobrien
 

Nibiru2012

Quick Scotty, beam me up!
Joined
Oct 27, 2009
Messages
4,955
Reaction score
1,302
This apparently has something to do with your wireless devices and/or router, etc.

It's definitely not from Microsoft and it's definitely not spyware, malware or that type of thing.

Check with the store you got them at and see if they have any suggestions, or call M$ support.
 

catilley1092

Win 7/Linux Mint Lover
Joined
Nov 13, 2009
Messages
3,507
Reaction score
563
Jeffrey, after all of this trouble, it must be your modem. I had two different USB internet modems, and they were much slower and cost more than a cable internet service. The last one that I had ran around 25 to 35KB/sec, which is slow as dirt. When I bought this desktop, that service had to go. Most cable/phone lines has some form of protection within them, although you can't use this as your AV.
 
Joined
Feb 21, 2010
Messages
165
Reaction score
77
Hello Nibiru2012,
firstly thank you for taking the time to help me,I have called M$ they agreed it could be the Wireless USB Modems,and we have contacted several other people that are using the E160 & E160G with 3G (three.com.au).

Support and drivers come from their own company,I have written a snail mail letter to hewlett & packard,Microsoft & hauwei.What I have Just found out these were in fact designed for Vista x64 & Hauwei released new drivers on 15/03/2010 for windows 7

This update changed nothing only now the drivers are STILL un signed so I would assume they are still to be finalised and yet to be released offically.I looked again as expected did not alter certificates we did however delete them off one laptop to my amazement the device still worked fine.Until he re booted his system then his internet connection was dead and still won't go online.
have a great day again thank you for your time and assistance
regards
jeffreyobrien
 

Nibiru2012

Quick Scotty, beam me up!
Joined
Oct 27, 2009
Messages
4,955
Reaction score
1,302
Just because a driver is "unsigned" does not mean it is inferior or unfinished. It just means that the company hasn't gotten Microsoft's WHQL - Windows Hardware Quality Labs kiss of approval. I believe the driver vendor also has to pay M$ to get that certification, I could be wrong on that though.

I have found that with LAN Ethernet and wireless drivers that using their connection utilities which are usually embedded can cause problems. I load just the driver only, nothing else.

I just use the device manager to search the folder where the driver is stored and load the driver through the "Updated Driver" option. That is what works best for me. Then I let Windows do the connecting.
 

catilley1092

Win 7/Linux Mint Lover
Joined
Nov 13, 2009
Messages
3,507
Reaction score
563
That's right, I have a couple of programs with unsigned drivers. ImgBurn and File Hippo Update Checker doesn't have signed drivers. In fact, there's a red warning sign to let you know this. All you have to do is scan it with your AV.
 

Veedaz

~
Joined
Sep 1, 2009
Messages
1,988
Reaction score
374
Used ImgBurn for years in XP and use it now in Winodows 7 Pro never had any problems with it (unsigned drivers including) :)
 

Nibiru2012

Quick Scotty, beam me up!
Joined
Oct 27, 2009
Messages
4,955
Reaction score
1,302
ImgBurn uses the windows native SPTI driver, which is similar to ASPI, but more for the likes of XP, Vista and Win 7.

SPTI - SCSI Pass-Through Interface
 
Joined
Feb 21, 2010
Messages
165
Reaction score
77
Catilley,
members I have discovered the device E160 & E160G have been the cause of both fraudulent certificates,i have called Andrew Horbury and have given all details relating to these and they(Verisign)will advise Microsoft,hewlett& packard and also Huawei HSDPA 3.6mbps devices installs these when (during)installation next time I will use the website and manually install this device using another connection,if only i knew this prior to setting up all four laptops now for the beast Desktop thanks everyone for your comments,help and knowledge I appreciate this more than most.
respectfully
jeffreyobrien
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top