RCC - check your system's trusted root certificate store - new version 1.69.041

Status
Not open for further replies.

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,506
Introduction of this tool: RCC - check your system's trusted root certificate store
How do you determine, out of the hundreds of root certificates a typical Windows system trusts, which ones are actually supposed to be there and which ones have been added "behind your back"?

RCC is a tool that quickly inspects the root certificates trusted by Windows and Mozilla Firefox, and pinpoints possible issues. For instance, it is able to detect funky root certificates installed by Superfish or other unknown threats.

RCC does not require admin rights.
It is compatible with Windows 7 and later (clients) and Windows 2008 and later (servers).
Please note that RCC currently uses a (non-elevated) PowerShell command to enumerate the system certificate root store.
The announcement of the update: RCC - check your system's trusted root certificate store
RCC 1.69.041 available (long overdue!)

SHA256: 62c0393bd795e1842f8b759e955312ac1271c53e57ff657d284c7af9414dc3ef
 

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,506
Used this tool myself and it found interesting certificates:
Number of 'interesting' items: 3

31F9FC8BA3805986B721EA7295C65B3A44534274: Microsoft ECC TS Root Certificate
Time of insertion: 2018-10-07 15:08:51 UTC

2E64F21C2B4D5558E3FB968DA25BCBBA8AF407B7: Kaspersky Anti-Virus Personal Root
Time of insertion: 2018-11-19 14:18:11 UTC

D23209AD23D314232174E40D7F9D62139786633A: Equifax Secure Certificate Author
Time of insertion: 2018-10-15 21:09:29 UTC
1 one is new for Windows 1809 I think
2 one is from my AV
3 one the Equifax Certficate is revoked and no longer valid.

What do you guys think about these results?
 

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,506
@Gandalf_The_Grey , how do you know the 3rd is no longer valid? Thanks for the share (y)
@BryanB When I check this certificate (did a scan with CIS) I get the following screen:
2018-11-21.png
 
F

ForgottenSeer 69673

When I try run this new version and get a cmd open for a few seconds and has some red writing and something about signatures out of date.
That while trying to run it in Shadow Defender , which always worked in the past.
 

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,506
When I try run this new version and get a cmd open for a few seconds and has some red writing and something about signatures out of date.
That while trying to run it in Shadow Defender , which always worked in the past.
Maybe you can get support of the author in the thread on Wilders Security Forums?
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top