RCC - check your system's trusted root certificate store

Discussion in 'other anti-malware software' started by svenfaw, Feb 28, 2015.

  1. defconoi

    defconoi Registered Member

    Joined:
    Mar 1, 2015
    Posts:
    7
    Can confirm, same error, database too old.
     
  2. svenfaw

    svenfaw Registered Member

    Joined:
    May 7, 2012
    Posts:
    170
  3. Gandalf_The_Grey

    Gandalf_The_Grey Registered Member

    Joined:
    Jan 31, 2012
    Posts:
    432
    Location:
    The Netherlands
  4. Mister X

    Mister X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    2,287
    Location:
    Mexico
    Thank you.

    Question:
    From the website a RCC description:
    However I wonder if this program can highlight outdated, not necessarily rogue, certificates in a no Windows updates scenario, that is, a machine which its Windows OS has not been updated neither WU nor manually.
     
  5. mood

    mood Registered Member

    Joined:
    Oct 27, 2012
    Posts:
    1,780
  6. itsmeWario

    itsmeWario Registered Member

    Joined:
    Jul 22, 2016
    Posts:
    15
    Location:
    Germany
    Thanks for the update!

    Can you replace the SHA1 checksums with SHA2-512 or SHA3?
     
  7. svenfaw

    svenfaw Registered Member

    Joined:
    May 7, 2012
    Posts:
    170
    By 'outdated', do you mean.expired certificates, or an outdated certificate list (CTL)? I'm working on detecting potentially outdated CTLs.
     
  8. svenfaw

    svenfaw Registered Member

    Joined:
    May 7, 2012
    Posts:
    170
    Currently, all major trust list maintainers (Microsoft, Apple, Mozilla, Google) still rely on SHA1 to identify root certificates, so it is probably a little too early to switch.
    Also, the current consensus is that the recently announced SHA1 collision does not impact this use case.
     
  9. itsmeWario

    itsmeWario Registered Member

    Joined:
    Jul 22, 2016
    Posts:
    15
    Location:
    Germany
    But that doesnt mean the whole world need to follow that. I sure or at least hope, that the big player change that ASAP.
    Also it is no big deal to provide a secure checksum instead of a old, broken MD5 or SHA1
     
  10. gorblimey

    gorblimey Registered Member

    Joined:
    Jan 19, 2017
    Posts:
    74
    Location:
    West Oz
    Actually, while I have problems with the "Mozilla attitude"--and Google--the fact is that between them they are the "whole world". Certainly I feel that SHA1 is a tad dated, not to mention bunged up, but what you're asking is for Sven to give us info in one language, while reading the info in another. Which will make life difficult for us when we want to manipulate our Cert Stores.

    So do we all :) Mozilla can often be spelled "Godz....", and Google is suspected by many people of dastardly deeds. But don't hold your breath. These Three are up there because the whole (western) world buys their products and loves them. *puppy* They have no reason to change their winning ways.
     
  11. gorblimey

    gorblimey Registered Member

    Joined:
    Jan 19, 2017
    Posts:
    74
    Location:
    West Oz
    Sven... While I'm here, I notice the lede from RCC:

    For continued use, consider making a donation or purchasing a license.

    Ummmmm, I'd be happy to purchase a licence (one machine) for something in the usual line of US$20/year (about Au$26.50). I can live with a cmd box, but definitely a user guide would be highly appreciated, since RCC's options are not well documented, but also Microsoft's kludgy handling of certificates is... less than intuitive. And apart from functionality-related program upgrades, I do agree with the calls to have RCC download the CTL on ignition.

    This is the sort of software I would use about two or three times a year, just to keep an eye on what my web-facing apps are doing while I'm out of the house, or if I change software.
     
  12. Mister X

    Mister X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    2,287
    Location:
    Mexico
  13. mood

    mood Registered Member

    Joined:
    Oct 27, 2012
    Posts:
    1,780
  14. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    831
    Why does the file version for the exe file not always get updated? You have to run the program to see what version
    you have. filever shows 1.0.69.17, but when you run the program, you see RCC 1.69.019
     
    Last edited: Mar 20, 2017
  15. mood

    mood Registered Member

    Joined:
    Oct 27, 2012
    Posts:
    1,780
    If i look at the file-properties, the "Product-version" is correct: 1.0.69.019
    but yes, the file version is always showing an older version.
     
  16. mood

    mood Registered Member

    Joined:
    Oct 27, 2012
    Posts:
    1,780
  17. itsmeWario

    itsmeWario Registered Member

    Joined:
    Jul 22, 2016
    Posts:
    15
    Location:
    Germany
  18. doesntmatter

    doesntmatter Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    25
    Location:
    Bulgaria
    Any idea what is that used for (A Google certificate installed on my system a month ago).

    I exported it before deleting it and now RCC doesn't detect it anymore. There is not much information about it in Google (I got only 2 results for it). By the way Zemana AntiMalware is detecting it as well:

    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\33FCD70343BBE07972D73CDEFDEB3C9F4DCEFE28]
    "Blob"=hex:04,00,00,00,01,00,00,00,10,00,00,00,7d,8a,2d,99,47,56,48,a9,31,1f,\
    f7,85,3d,be,52,3d,0f,00,00,00,01,00,00,00,14,00,00,00,b9,cb,75,d4,a6,df,d0,\
    41,7f,a9,0a,d0,46,c6,65,84,c8,f4,8e,57,5c,00,00,00,01,00,00,00,04,00,00,00,\
    00,10,00,00,03,00,00,00,01,00,00,00,14,00,00,00,33,fc,d7,03,43,bb,e0,79,72,\
    d7,3c,de,fd,eb,3c,9f,4d,ce,fe,28,14,00,00,00,01,00,00,00,14,00,00,00,c1,5d,\
    83,5f,94,84,de,ed,75,16,cb,4f,5d,7c,29,78,5d,ab,e6,fe,19,00,00,00,01,00,00,\
    00,10,00,00,00,11,69,0d,2e,73,e3,f5,ac,c6,12,a0,b4,03,75,1c,5f,20,00,00,00,\
    01,00,00,00,1c,05,00,00,30,82,05,18,30,82,03,00,02,09,00,cd,0b,32,ef,b4,f4,\
    cd,13,30,0d,06,09,2a,86,48,86,f7,0d,01,01,05,05,00,30,4e,31,0b,30,09,06,03,\
    55,04,06,13,02,55,53,31,17,30,15,06,03,55,04,07,0c,0e,53,69,6c,69,63,6f,6e,\
    20,56,61,6c,6c,65,79,31,15,30,13,06,03,55,04,0a,0c,0c,41,75,74,68,65,6e,74,\
    69,63,6f,64,65,31,0f,30,0d,06,03,55,04,03,0c,06,47,6f,6f,67,6c,65,30,1e,17,\
    0d,31,35,30,37,32,31,32,31,30,35,30,38,5a,17,0d,32,30,30,37,32,30,32,31,30,\
    35,30,38,5a,30,4e,31,0b,30,09,06,03,55,04,06,13,02,55,53,31,17,30,15,06,03,\
    55,04,07,0c,0e,53,69,6c,69,63,6f,6e,20,56,61,6c,6c,65,79,31,15,30,13,06,03,\
    55,04,0a,0c,0c,41,75,74,68,65,6e,74,69,63,6f,64,65,31,0f,30,0d,06,03,55,04,\
    03,0c,06,47,6f,6f,67,6c,65,30,82,02,22,30,0d,06,09,2a,86,48,86,f7,0d,01,01,\
    01,05,00,03,82,02,0f,00,30,82,02,0a,02,82,02,01,00,e2,3c,8b,41,f3,af,89,59,\
    15,cd,85,b2,fa,29,b8,2c,8d,c1,9b,98,36,ac,22,06,a8,09,1c,a1,a3,89,2c,f5,28,\
    0c,1d,05,7c,c0,45,a0,3d,0c,d2,1b,50,06,8e,16,e1,af,01,31,a1,9a,93,57,da,bb,\
    90,2d,67,d6,c5,60,fb,0d,77,97,8d,2a,2f,be,84,b3,bd,8e,6a,35,8f,7d,77,a9,ef,\
    0d,b5,4f,c7,7f,9f,36,9a,6b,12,89,d6,9c,a6,36,7d,5f,f7,a2,b5,95,c8,11,4b,59,\
    09,ad,5e,42,75,9d,53,6e,d8,e0,1a,94,10,91,8d,50,15,37,d8,fb,5c,46,f6,33,b4,\
    9b,ff,84,88,67,df,d6,96,09,5e,43,60,4a,cc,7a,cd,8b,b5,c0,1d,cf,2c,8b,97,85,\
    36,aa,c6,e1,12,1e,1f,e7,26,03,9a,42,d8,95,08,33,29,bc,f8,b5,d6,bf,14,43,3b,\
    2c,6a,76,1e,11,6c,b8,90,d8,2c,04,ce,cb,11,af,d5,09,4e,36,1a,07,f3,9e,62,cb,\
    dd,7a,e1,eb,37,f2,1c,42,ed,c7,5b,e4,ad,b2,ff,f7,a1,ad,ac,78,c4,f3,7e,9e,d2,\
    1d,d1,d3,03,ed,bd,b3,7c,8f,17,d1,b5,fc,28,cd,b3,24,48,2d,a7,5f,5a,84,74,35,\
    3a,ad,10,1d,5c,93,73,46,27,92,16,e4,1e,4a,3c,8c,30,16,4c,fc,c8,a6,fb,f4,b2,\
    b6,59,35,ea,34,a3,76,fd,e4,7a,6d,fd,58,9e,d2,8c,a9,c7,d5,57,ac,da,6f,ed,f0,\
    a7,60,de,7e,95,c2,40,b4,96,80,64,7d,58,02,bc,57,4f,70,77,ef,7b,3c,c8,5c,38,\
    ed,03,41,2b,a5,6e,c8,f4,e2,f4,7f,73,72,f7,da,af,58,b2,ab,ff,13,06,5b,62,7a,\
    c5,51,fd,a3,14,03,6e,30,6c,97,95,62,a1,a6,ac,10,9b,7a,2a,b5,f7,7d,75,69,9b,\
    5d,90,13,b9,a6,40,bb,24,dc,be,cc,81,2b,7e,54,e5,4e,5f,1e,b1,a2,6c,dd,4f,ee,\
    46,6d,9e,71,49,3e,5a,d5,e9,b4,8d,d0,d6,52,44,88,08,af,ec,c6,14,da,d2,9a,37,\
    89,6f,f1,cd,6c,40,b2,db,4b,6d,46,22,45,f3,90,de,31,2e,88,2a,c2,62,b9,47,fa,\
    a3,c2,18,47,3c,3b,61,00,b9,b6,a7,46,23,59,0a,32,5a,ba,61,4d,95,e0,ec,7f,ac,\
    0b,dc,f8,2f,d1,7d,78,c9,ec,91,72,4a,a9,54,09,3f,56,c6,74,21,8a,69,ac,a1,58,\
    cb,d1,f3,93,02,03,01,00,01,30,0d,06,09,2a,86,48,86,f7,0d,01,01,05,05,00,03,\
    82,02,01,00,a8,00,b3,79,84,07,f8,35,bd,a2,79,63,9a,31,b8,3b,df,14,6b,c3,20,\
    75,51,7b,2d,c3,f5,d4,86,30,e7,9a,ef,bb,e9,e4,53,1f,f5,9b,77,f3,9b,52,41,ae,\
    43,c9,35,dd,d1,0d,cc,43,fa,1d,11,df,53,7b,65,0e,7b,7b,fa,92,25,0c,83,9d,6d,\
    bd,7e,bd,6f,68,86,65,23,50,83,52,64,f7,cb,0d,e7,3a,ef,7f,3d,f9,de,c6,ec,59,\
    86,f7,c3,33,78,f0,93,4c,7a,67,e6,3d,ad,9d,7a,fb,90,ad,c7,1b,0f,70,f3,b2,0f,\
    39,ea,f1,b8,8a,a5,ba,d7,7b,84,31,ea,d2,a7,22,c9,38,ac,92,c8,b9,d3,62,3b,9a,\
    a7,7f,39,24,06,68,70,c1,e7,14,50,84,f5,b0,a1,b2,5c,19,a9,a7,44,c9,1d,13,7e,\
    74,c3,1d,68,b5,02,87,af,bc,14,7b,8c,aa,54,bc,ce,85,8a,fa,4c,f0,a7,03,23,4b,\
    b1,ab,b5,9d,fc,2e,57,e8,56,17,bb,a0,f7,c5,a8,41,92,5e,e8,e0,85,d3,16,4e,cb,\
    f2,e0,50,f3,fc,98,af,a7,8a,5c,07,cb,b4,28,e0,a1,fe,2a,8e,d3,79,7e,7c,b2,af,\
    80,fb,f5,44,df,d5,8c,d1,35,66,a3,57,f0,08,24,3e,ac,d7,66,a2,02,5c,95,71,3e,\
    42,69,b0,d9,c7,af,39,f1,e6,85,68,02,ee,8b,af,81,64,7a,21,6a,92,ed,5e,af,bb,\
    d2,24,58,54,e2,d5,25,51,d5,86,80,35,9e,a1,25,03,0e,24,4a,9c,70,db,6e,2c,08,\
    4f,04,f0,b6,98,1e,2b,29,35,da,3d,da,ed,f5,4c,ee,c2,70,f2,31,c9,94,93,f1,7a,\
    c3,4a,b2,48,87,5c,39,15,7d,58,50,b4,09,33,8f,3b,fb,59,ec,cc,4f,14,2c,8d,85,\
    31,34,77,31,d7,d6,97,f5,0e,b3,01,b1,12,13,95,b1,84,c8,c2,da,7d,7b,b4,64,9f,\
    99,41,86,cd,78,37,cd,08,ac,63,40,d9,e0,0b,f3,a1,c2,43,77,64,aa,1f,41,69,a9,\
    40,77,ad,b1,c9,f1,28,7b,bf,e8,0c,c3,d6,f4,51,37,c7,cc,cc,71,71,2d,65,9f,50,\
    63,bf,e1,14,30,74,e9,cf,13,bf,72,f6,36,99,6c,e6,46,e5,de,d1,74,56,19,9c,f5,\
    61,3a,dc,00,88,f5,c1,d2,ce,c6,b9,c3,7c,86,a3,87,a9,a6,e9,18,e6,9b,7f,51,20,\
    cf,b8,a7,0c,fb,29,40,14,ac,61,02,5e,05,f7,07,de
     
  19. flatfly

    flatfly Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    70
    Try checking if you installed any Google software on that day.
     
  20. doesntmatter

    doesntmatter Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    25
    Location:
    Bulgaria
    I didn't find any software related to Google in that period of time. In fact I even don't have any Google related software installed so I simple deleted it. Didn't encounter any issues so far but will keep the backup file for a while (just in case).
     
  21. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    512
    Is RCC still developed by svenfaw?

    Maybe I never noticed before, but I saw a different name in the copyright.
     
  22. mood

    mood Registered Member

    Joined:
    Oct 27, 2012
    Posts:
    1,780
    I looked in the scan-results from a version of 2016 and i can see the same copyright.
    The copyright doesn't changed since a long time, but yes, it is not svenfaw :doubt:
     
  23. gorblimey

    gorblimey Registered Member

    Joined:
    Jan 19, 2017
    Posts:
    74
    Location:
    West Oz
    Aaahh... And the relevance is...? Actually, the copyright is held by Stephen Fenchurch, hence the "FS1" which differentiates him from Sally Firbuckle ("FS") :)

    Seriously, did youse really expect svenfaw to use his "real" name on a public security forum? Or even on his downloads page? I wouldn't worry over a change of copyright nominee, the big (and important!!!!!!) question is about the reliability of the product. Now if I see--for example--CruelSister criticising the product and mentioning the change of copyright nominee, then, yes, it's time to be concerned. But ATM it's none of my business. :cool:
     
  24. svenfaw

    svenfaw Registered Member

    Joined:
    May 7, 2012
    Posts:
    170

    I was no longer interested in staying anonymous and started releasing RCC (and most of the other apps) under my real name a couple months ago.
     
  25. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    512
    Ah, thanks. Curiosity satisfied ;)
     
Loading...