RCC - check your system's trusted root certificate store

Discussion in 'other anti-malware software' started by svenfaw, Feb 28, 2015.

  1. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,630
    Interesting to find that Windows Defender doesn't like the latest version...

    RCC_1.69.031_ WindowsDefender_threat detected.JPG
     
  2. svenfaw

    svenfaw Registered Member

    Joined:
    May 7, 2012
    Posts:
    215
    Strange, Windows Defender doesn't complain here. Can you check the hash?
     
  3. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,630
    Yes, it is strange. But I have rechecked the file again, and this time Windows Defender "doesn't complain". ;) Must have been a glitch!
     
  4. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    7,800
  5. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    3,353
    Location:
    Mexico
    What happened to RCC page/development?
     
  6. itsmeWario

    itsmeWario Registered Member

    Joined:
    Jul 22, 2016
    Posts:
    22
    Location:
    Germany
  7. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,614
    Last edited by a moderator: Jan 25, 2018
  8. JoWazzoo

    JoWazzoo Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    241
    Location:
    Ether
    I got there today.

    But no downloads available.
     
  9. itsmeWario

    itsmeWario Registered Member

    Joined:
    Jul 22, 2016
    Posts:
    22
    Location:
    Germany
    Still no answer from Dev
     
  10. svenfaw

    svenfaw Registered Member

    Joined:
    May 7, 2012
    Posts:
    215
    Sorry, RCC will be back soon.
    (The website is currently broken but not compromised.)
     
  11. SouthPark

    SouthPark Registered Member

    Joined:
    Jun 13, 2012
    Posts:
    335
    Location:
    USA
    Thank you for the info. (I am greatly relieved!)
     
  12. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    7,800
    It seems that there is a new version available but the website isn't updated yet.
    I have used this download link:
    https://www.trustprobe.com/fs1/dl_rcc.php?appname=RCC.exe

    I haven't executed it yet (hashes still points to the old version) but i have already looked into the file with a hex editor to know about the version and Definitions:
    RCC-1.0.69.037.png RCC-1.0.69.037_.png

    RCC v1.69.37 (Definitions updated: 2018-02-18)
     
  13. itsmeWario

    itsmeWario Registered Member

    Joined:
    Jul 22, 2016
    Posts:
    22
    Location:
    Germany
    Sadly still no updates on the site and the RCC tool now say it need new Updates and then close
     
  14. svenfaw

    svenfaw Registered Member

    Joined:
    May 7, 2012
    Posts:
    215
    OK, I could finally fix the website and RCC is back with a fresh update.

    Things should be back to normal now.
    Really sorry for the long wait!
     
  15. JoWazzoo

    JoWazzoo Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    241
    Location:
    Ether
    Here?

    https://www.trustprobe.com/fs1/dl_rcc.php?appname=RCC.exe

    I tried to DL and run twice. Kept getting:

    Tried all the usual methods of fixing.

    "Windows cannot access the specified device, path, or file" error when you try to install, update or start a program or file
     
    Last edited by a moderator: Feb 24, 2018
  16. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    7,800
  17. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,346
    Location:
    Italy
    Solve the problem of the Equifax certificate:

    https://sendvid.com/k9q5z2pu
     
  18. SKA

    SKA Registered Member

    Joined:
    Aug 2, 2002
    Posts:
    171
    Thanks Sampei

    But may I request you - as your video is too fast and window fonts too small indeed , so can you kindly post a stepwise guide by private message or on this thread ? Thanks !

    I tried very hard to remove Equifax certificate since long, but unsuccessful,as it always comes back(I am on Windows 7 Pro / Ultimate 64bit)

    Thanks again
    Ska
     
  19. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,346
    Location:
    Italy
    Enter the full screen view of the video.;)

    Immagine.jpg

    It is impossible that you can not see the operations to be done.:thumb:
    The resolution is 1440 X 900.

    certmgr.msc (enter) (administrator)
    found the certificate...............
     
    Last edited: Feb 26, 2018
  20. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,346
    Location:
    Italy
    @bellgamin and others users of Windows XP:

    In Windows XP there are 3 certificates to disable:

    https://www.geotrust.com/resources/repository/crls/


    4.JPG
     
  21. SKA

    SKA Registered Member

    Joined:
    Aug 2, 2002
    Posts:
    171
    After extensive tests even following Sampei N's guide to disable Equifax cert on Win 7 x64, I now get certificate revoked errors for all secure google sites in Chrome & derivative browsers (Opera,Slimjet,Vivaldi etc) as well as in IE11. But, I can use Firefox and Palemoon to get into google sites without any issue,as these use theor own certificate store(not Windows certificate store like IE11 & Chrome/Chromium).

    Allowing the Equifax certificate to remain, makes the certificate errors/warnings go away in those browsers where i faced errors. The Equifax cert. has some numbers in extended validation tab , but its a standalone PC behind a router.

    Is it safe to use certutil.exe instead of certmgr.msc to manage/edit/remove trusted root certs on Win 7 x64 ?

    I really hope SvenFaw can release his RootExposureManager and update RCC and CTLInfo - most valuable programs indeed !

    Ska
     
    Last edited: Apr 8, 2018
  22. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,346
    Location:
    Italy
    To eliminate those errors you need to enable:

    GeoTrust Global CA
     
  23. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    2,652
    i dont get the reason why to disable certs in general?
    based on this news?
    https://leeneubecker.com/equifax-equimelt-vulnerability/
    https://github.com/certifi/python-certifi/issues/47

    geez

    if malware has reached this level on system you gonna lost, however. fail on all security layers.

    ofc xp user have to panic, but you were told....

    well "geotrust" is listed in the cert path of equifax. should be logical that it fails because of missing geotrust chain.
    at least equifax run out in august'18 if not renewed - who cares? (same for cybertrust)
     
  24. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,614
    No, they're just the latest addition to the long-standing problem and malware is just 1 possible case. The reason is modern OSes and browsers by default trust too many CAs which I never need and some of them have bad record, others are tied to govt. agency. Every several years we hear news about mis-issued certificate or compromised CA, but if you had disabled affected CAs you're safe before CRLs or OCSP response come to your device, and even before the issue is disclosed. CRLs can sometimes be slow, OTOH Firefox take soft-fail for OCSP response and Chrome don't use OCSP by default. Google is also going to remove HPKP as they claim CT is way to go, but actually CT can't address some attack vector which HPKP can. OKTurtles explains these things well.

    It's long time after I disabled about 1/3 or 1/4 of CAs on Android and haven't experienced any problem. For desktop, I disabled less CAs but still many CAs on Firefox are disabled. But I recommend make your own search for what cert to disable. There was a useful site as a reference, but it's dead and not saved on Wayback machine. Also, it should be noted unless you understand what to do when you get certificate warning, disabling certs do not enhance security at all.
     
  25. svenfaw

    svenfaw Registered Member

    Joined:
    May 7, 2012
    Posts:
    215
    Investigating... Can anyone else on Win 7 x64 reproduce this?
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.