Why get invalid Security certificate when not accessing site?

dumluks · 01-25-2010, 02:15 AM

Occasionally my machine displays the following warning whenever left to itself for an hour or so.

"www.windowsvistatestdrive.com:443 uses an invalid security certificate.

The certificate expired on 09/16/2009 10:52 AM.

(Error code: sec_error_expired_certificate)"

I am not trying to access this site. It is not always the same url.
My machine, described below, is networked to an XP machine which recently had to be recovered after a viral attack.
Since I am not usually interested I decline to use the certificate and the warning goes away.

What is going on when this happens, please?
Is it related to the attack on the other machine?
What might I do about it?
Many thanks for all help.
--ml

Dave_Devnull · 01-25-2010, 04:34 AM

Somthing is attempting a secure connection to:

www.windowsvistatestdrive.com:443
{which is, at this moment, related to 209.216.6.102
OrgName: WCP/32POINTS INTERMEDIATE HOLDING COMPANY, INC.
OrgID: WCP32
Address: 1400 Glenarm Place
Address: Suite 100
City: Denver
StateProv: CO
PostalCode: 80202
Country: US
}
and whatever security certificate it was using on the server at 209.216.6.102 is invalid.

As per:

Quote:

www.windowsvistatestdrive.com uses an invalid security certificate.

The certificate expired on 16/09/09 18:52.

(Error code: sec_error_expired_certificate)

The why is pretty easy to answer, the 'who or what is doing this?' would be the part I would want to find out.

When it happens, where do you see the certificate warning? In a browser? On the CLI? Just a totally random desktop popup?

dumluks · 01-25-2010, 10:27 AM

Dave:
Right you are. Poor phrasing of my question. Might have been better if I asked "how does this happen?"

The warning is in its own window. Firefox and Thunderbird are open. Possibly there is an OpenOffice window open. There is no human present requesting this site, or any of the others that have appeared.

Thanks again for help.
--ml