Digital Certificates should only be loaded from trusted sources as they are sometimes used in advanced malware attacks

Malware Digitally Signed With Fake Certificate

QUOTE: German security software company Avira has uncovered a malware sample digitally signed with a fake certificate listing them as the signer. The certificate is issued to Avira GmbH and is valid from 2011-02-10 until 2039-31-12.  The malware itself is a member of the well-known Zbot/ZeuS malware family, and is spread via spammed e-mail. Its behavior is not new in any way. After running it deletes the original executable, sets itself to run when Windows starts, and contacts a command server for further instructions.