Immer mehr Trojaner installieren eigene Root-CAs in Windows, um damit ihre Schadprogramme signieren oder Web-Seiten-Aufrufe manipulieren zu können.
Schädlinge unterminieren Windows-Zertifikats-System
-
-
-
Absolut geiler Artikel - mal schauen...
Bin schon seit geraumer Zeit am Überlegen, wie man die Lücke aus dem Weg räumen könnte. Lust, selbst Root-Zetifikate durchzukauen und Listen mitzuschlüren, habe ich absolut nicht.
Also mal gesucht - und gefunden! -
Mmmh - RCC ist nicht direkt herunterladbar. Die Liste von RCC ist auch nicht mehr aktuell.
Die Online-Liste wird scheinbar auch nicht mehr aktualisiert. Da muss ich selber mit Powershell Code ran. -
Hab was in Powershell fertig - funktioniert scheinbar recht gut.
Das ich immer eine gültige Zertifikatsliste mitschlüren muss, nervt gewaltig.
Bringe in den nächsten Tagen ein Update für die im PPFScanner mitgelieferten Scripte. -
Ich brauche ein paar Leute, die mir einmal das hier ausführen:
Das tun:- Von hier den PPFScanner herunterladen und die ZIP in einen eigenen Ordner entpacken (zum Beispiel nach C:\PPFS).
- PPFScan.exe starten.
- Lass auf Nachfrage des Programms die 64Bit Version des Scanners starten.
- In das Texteingabefeld über dem Button Script ausführen folgenden Text einfügen (das was in der Box steht - ohne das Wort Quellcode und die Zeilennummern). Achte darauf, dass dir der gesamte Inhalt der Box angezeigt wird:
Code
Alles anzeigenFILE_EXISTS_TO_ENV_VAR->%Systemroot%\System32\WindowsPowerShell\v1.0\powershell.exe>PPFS_EXISTS IF->%PPFS_EXISTS%=1 CREATE_FOLDER->C:\PPFS_T CREATE_FOLDER->C:\PPF_Scan1 CREATE_BATCH_FILE->C:\PPFS_T\T1.ps1 WRITE_BATCH-> WRITE_BATCH-> WRITE_BATCH->"**********************************************" > C:\PPF_Scan1\RootCA.txt WRITE_BATCH->"** Globale Rootzertifikate (nicht Standard) **" >> C:\PPF_Scan1\RootCA.txt WRITE_BATCH->"**********************************************" >> C:\PPF_Scan1\RootCA.txt WRITE_BATCH->" " >> C:\PPF_Scan1\RootCA.txt WRITE_BATCH-> WRITE_BATCH->$RootCAs = "" WRITE_BATCH->$RootCAs = $RootCAs + ",7E784A101C8265CC2DE1F16D47B440CAD90A1945" WRITE_BATCH->$RootCAs = $RootCAs + ",BED525D1AC63A7FC6A660BA7A895818D5E8DD564" WRITE_BATCH->$RootCAs = $RootCAs + ",D23209AD23D314232174E40D7F9D62139786633A" WRITE_BATCH->$RootCAs = $RootCAs + ",23E594945195F2414803B4D564D2A3A3F5D88B8C" WRITE_BATCH->$RootCAs = $RootCAs + ",627F8D7827656399D27D7F9044C9FEB3F33EFA9A" WRITE_BATCH->$RootCAs = $RootCAs + ",85371CA6E550143DCE2803471BDE3A09E8F8770F" WRITE_BATCH->$RootCAs = $RootCAs + ",DDE1D2A901802E1D875E84B3807E4BB1FD994134" WRITE_BATCH->$RootCAs = $RootCAs + ",16D86635AF1341CD34799445EB603E273702965D" WRITE_BATCH->$RootCAs = $RootCAs + ",11C5B5F75552B011669C2E9717DE6D9BFF5FA810" WRITE_BATCH->$RootCAs = $RootCAs + ",C09AB0C8AD7114714ED5E21A5A276ADCD5E7EFCB" WRITE_BATCH->$RootCAs = $RootCAs + ",0CFD83DBAE44B9A0C8F676F3B570650B94B69DBF" WRITE_BATCH->$RootCAs = $RootCAs + ",3921C115C15D0ECA5CCB5BC4F07D21D8050B566A" WRITE_BATCH->$RootCAs = $RootCAs + ",6B81446A5CDDF474A0F800FFBE69FD0DB6287516" WRITE_BATCH->$RootCAs = $RootCAs + ",253F775B0E7797AB645F15915597C39E263631D1" WRITE_BATCH->$RootCAs = $RootCAs + ",DF646DCB7B0FD3A96AEE88C64E2D676711FF9D5F" WRITE_BATCH->$RootCAs = $RootCAs + ",9158C5EF987301A8903CFDAB03D72DA1D88909C9" WRITE_BATCH->$RootCAs = $RootCAs + ",409D4BD917B55C27B69B64CB9822440DCD09B889" WRITE_BATCH->$RootCAs = $RootCAs + ",4A058FDFD761DB21B0C2EE48579BE27F42A4DA1C" WRITE_BATCH->$RootCAs = $RootCAs + ",FD1ED1E2021B0B9F73E8EB75CE23436BBCC746EB" WRITE_BATCH->$RootCAs = $RootCAs + ",34D499426F9FC2BB27B075BAB682AAE5EFFCBA74" WRITE_BATCH->$RootCAs = $RootCAs + ",A3A1B06F2461234AE336A5C237FCA6FFDDF0D73A" WRITE_BATCH->$RootCAs = $RootCAs + ",6A174570A916FBE84453EED3D070A1D8DA442829" WRITE_BATCH->$RootCAs = $RootCAs + ",742C3192E607E424EB4549542BE1BBC53E6174E2" WRITE_BATCH->$RootCAs = $RootCAs + ",2DE16A5677BACA39E1D68C30DCB14ABE22A6179B" WRITE_BATCH->$RootCAs = $RootCAs + ",1139A49E8484AAF2D90D985EC4741A65DD5D94E2" WRITE_BATCH->$RootCAs = $RootCAs + ",FA0882595F9CA6A11ECCBEAF65C764C0CCC311D0" WRITE_BATCH->$RootCAs = $RootCAs + ",0560A2C738FF98D1172A94FE45FB8A47D665371E" WRITE_BATCH->$RootCAs = $RootCAs + ",742CDF1594049CBF17A2046CC639BB3888E02E33" WRITE_BATCH->$RootCAs = $RootCAs + ",A59C9B10EC7357515ABB660C4D94F73B9E6E9272" WRITE_BATCH->$RootCAs = $RootCAs + ",CABB51672400588E6419F1D40878D0403AA20264" WRITE_BATCH->$RootCAs = $RootCAs + ",00EA522C8A9C06AA3ECCE0B4FA6CDC21D92E8099" WRITE_BATCH->$RootCAs = $RootCAs + ",8EB03FC3CF7BB292866268B751223DB5103405CB" WRITE_BATCH->$RootCAs = $RootCAs + ",97817950D81C9670CC34D809CF794431367EF474" WRITE_BATCH->$RootCAs = $RootCAs + ",A9CAFE9DFD67F4145AD397D0E2F3050D198DE6EE" WRITE_BATCH->$RootCAs = $RootCAs + ",A073E5C5BD43610D864C21130A855857CC9CEA46" WRITE_BATCH->$RootCAs = $RootCAs + ",C303C8227492E561A29C5F79912B1E441391303A" WRITE_BATCH->$RootCAs = $RootCAs + ",8E928C0FC27BB7ABA34E6BC0CA1250CB57B60F84" WRITE_BATCH->$RootCAs = $RootCAs + ",80F95B741C38399495C34F20C23E7336314D3C6B" WRITE_BATCH->$RootCAs = $RootCAs + ",7F8AB0CFD051876A66F3360F47C88D8CD335FC74" WRITE_BATCH->$RootCAs = $RootCAs + ",3A4979B40FA841488200B582FBEEB63AAB9919AE" WRITE_BATCH->$RootCAs = $RootCAs + ",3E42A18706BD0C9CCF594750D2E4D6AB0048FDC4" WRITE_BATCH->$RootCAs = $RootCAs + ",7FB9E2C995C97A939F9E81A07AEA9B4D70463496" WRITE_BATCH->$RootCAs = $RootCAs + ",CDD4EEAE6000AC7F40C3802C171E30148030C072" WRITE_BATCH->$RootCAs = $RootCAs + ",CCEAE32445CD4218DD188EADCEB3133C7FB340AD" WRITE_BATCH->$RootCAs = $RootCAs + ",32F442093B36D7031B75CA4DADDCB327FAA02B9C" WRITE_BATCH->$RootCAs = $RootCAs + ",21DACE4C2C34E66468EE06314DB055A0A89D4C1D" WRITE_BATCH->$RootCAs = $RootCAs + ",313B8D0E7E2E4D20AE8668FFE59DB5193CBF7A32" WRITE_BATCH->$RootCAs = $RootCAs + ",8A5C8CEEA503E60556BAD81BD4F6C9B0EDE52FE0" WRITE_BATCH->$RootCAs = $RootCAs + ",CB44A097857C45FA187ED952086CB9841F2D51B5" WRITE_BATCH->$RootCAs = $RootCAs + ",80BF3DE9A41D768D194B293C85632CDBC8EA8CF7" WRITE_BATCH->$RootCAs = $RootCAs + ",BEB5A995746B9EDF738B56E6DF437A77BE106B81" WRITE_BATCH->$RootCAs = $RootCAs + ",A9E9780814375888F20519B06D2B0D2B6016907D" WRITE_BATCH->$RootCAs = $RootCAs + ",C9321DE6B5A82666CF6971A18A56F2D3A8675602" WRITE_BATCH->$RootCAs = $RootCAs + ",086418E906CEE89C2353B6E27FBD9E7439F76316" WRITE_BATCH->$RootCAs = $RootCAs + ",B865130BEDCA38D27F69929420770BED86EFBC10" WRITE_BATCH->$RootCAs = $RootCAs + ",43F9B110D5BAFD48225231B0D0082B372FEF9A54" WRITE_BATCH->$RootCAs = $RootCAs + ",0409565B77DA582E6495AC0060A72354E64B0192" WRITE_BATCH->$RootCAs = $RootCAs + ",7FBB6ACD7E0AB438DAAF6FD50210D007C6C0829C" WRITE_BATCH->$RootCAs = $RootCAs + ",90DECE77F8C825340E62EBD635E1BE20CF7327DD" WRITE_BATCH->$RootCAs = $RootCAs + ",D2441AA8C203AECAA96E501F124D52B68FE4C375" WRITE_BATCH->$RootCAs = $RootCAs + ",5A5A4DAF7861267C4B1F1E67586BAE6ED4FEB93F" WRITE_BATCH->$RootCAs = $RootCAs + ",3E84D3BCC544C0F6FA19435C851F3F2FCBA8E814" WRITE_BATCH->$RootCAs = $RootCAs + ",23E833233E7D0CC92B7C4279AC19C2F474D604CA" WRITE_BATCH->$RootCAs = $RootCAs + ",31F1FD68226320EEC63B3F9DEA4A3E537C7C3917" WRITE_BATCH->$RootCAs = $RootCAs + ",3E2BF7F2031B96F38CE6C4D8A85D3E2D58476A0F" WRITE_BATCH->$RootCAs = $RootCAs + ",E7A19029D3D552DC0D0FC692D3EA880D152E1A6B" WRITE_BATCH->$RootCAs = $RootCAs + ",5F3AFC0A8B64F686673474DF7EA9A2FEF9FA7A51" WRITE_BATCH->$RootCAs = $RootCAs + ",FBEDDC9065B7272037BC550C9C56DEBBF27894E1" WRITE_BATCH->$RootCAs = $RootCAs + ",D27AD2BEED94C0A13CC72521EA5D71BE8119F32B" WRITE_BATCH->$RootCAs = $RootCAs + ",B94294BF91EA8FB64BE61097C7FB001359B676CB" WRITE_BATCH->$RootCAs = $RootCAs + ",1632478D89F9213A92008563F5A4A7D312408AD6" WRITE_BATCH->$RootCAs = $RootCAs + ",892A1BD4C8B0F8AA9A65ED4CB9D3BF4840B34BC1" WRITE_BATCH->$RootCAs = $RootCAs + ",398EBE9C0F46C079C3C7AFE07A2FDD9FAE5F8A5C" WRITE_BATCH->$RootCAs = $RootCAs + ",DD83C519D43481FAD4C22C03D702FE9F3B22F517" WRITE_BATCH->$RootCAs = $RootCAs + ",0119E81BE9A14CD8E22F40AC118C687ECBA3F4D8" WRITE_BATCH->$RootCAs = $RootCAs + ",E011845E34DEBE8881B99CF61626D1961FC3B931" WRITE_BATCH->$RootCAs = $RootCAs + ",26F993B4ED3D2827B0B94BA7E9151DA38D92E532" WRITE_BATCH->$RootCAs = $RootCAs + ",A43489159A520F0D93D032CCAF37E7FE20A8B419" WRITE_BATCH->$RootCAs = $RootCAs + ",8E1C74F8A620B9E58AF461FAEC2B4756511A52C6" WRITE_BATCH->$RootCAs = $RootCAs + ",6F3884568E99C8C6AC0E5DDE2DB202DD002E3663" WRITE_BATCH->$RootCAs = $RootCAs + ",ACED5F6553FD25CE015F1F7A483B6A749F6178C6" WRITE_BATCH->$RootCAs = $RootCAs + ",FEB8C432DCF9769ACEAE3DD8908FFD288665647D" WRITE_BATCH->$RootCAs = $RootCAs + ",1CB7EDE176BCDFEF0C866F46FBF980E901E5CE35" WRITE_BATCH->$RootCAs = $RootCAs + ",2AC8D58B57CEBF2F49AFF2FC768F511462907A41" WRITE_BATCH->$RootCAs = $RootCAs + ",150332A58DC591FC42D4C873FF9F1F0F81D597C9" WRITE_BATCH->$RootCAs = $RootCAs + ",52412BD67B5A6C695282386026F0B053DD400EFC" WRITE_BATCH->$RootCAs = $RootCAs + ",DA8B6567EF3F6E1EA26AB146E36CCB5728041846" WRITE_BATCH->$RootCAs = $RootCAs + ",8C96BAEBDD2B070748EE303266A0F3986E7CAE58" WRITE_BATCH->$RootCAs = $RootCAs + ",101DFA3FD50BCBBB9BB5600C1955A41AF4733A04" WRITE_BATCH->$RootCAs = $RootCAs + ",1B4B396126276B6491A2686DD70243212D1F1D96" WRITE_BATCH->$RootCAs = $RootCAs + ",64902AD7277AF3E32CD8CC1DC79DE1FD7F8069EA" WRITE_BATCH->$RootCAs = $RootCAs + ",AB16DD144ECDC0FC4BAAB62ECF0408896FDE52B7" WRITE_BATCH->$RootCAs = $RootCAs + ",4A3F8D6BDC0E1ECFCD72E377DEF2D7FF92C19BC7" WRITE_BATCH->$RootCAs = $RootCAs + ",968338F113E36A7BABDD08F7776391A68736582E" WRITE_BATCH->$RootCAs = $RootCAs + ",2388C9D371CC9E963DFF7D3CA7CEFCD625EC190D" WRITE_BATCH->$RootCAs = $RootCAs + ",0B972C9EA6E7CC58D93B20BF71EC412E7209FABF" WRITE_BATCH->$RootCAs = $RootCAs + ",8250BED5A214433A66377CBC10EF83F669DA3A67" WRITE_BATCH->$RootCAs = $RootCAs + ",24A40A1F573643A67F0A4B0749F6A22BF28ABB6B" WRITE_BATCH->$RootCAs = $RootCAs + ",18F7C1FCC3090203FD5BAA2F861A754976C8DD25" WRITE_BATCH->$RootCAs = $RootCAs + ",465B26BEBE7106DD8544C1139D9FA25700C1D7BD" WRITE_BATCH->$RootCAs = $RootCAs + ",D4DE20D05E66FC53FE1A50882C78DB2852CAE474" WRITE_BATCH->$RootCAs = $RootCAs + ",5D003860F002ED829DEAA41868F788186D62127F" WRITE_BATCH->$RootCAs = $RootCAs + ",06F1AA330B927B753A40E68CDF22E34BCBEF3352" WRITE_BATCH->$RootCAs = $RootCAs + ",06083F593F15A104A069A46BA903D006B7970991" WRITE_BATCH->$RootCAs = $RootCAs + ",7F8A77836BDC6D068F8B0737FCC5725413068CA4" WRITE_BATCH->$RootCAs = $RootCAs + ",786A74AC76AB147F9C6A3050BA9EA87EFE9ACE3C" WRITE_BATCH->$RootCAs = $RootCAs + ",4ABDEEEC950D359C89AEC752A12C5B29F6D6AA0C" WRITE_BATCH->$RootCAs = $RootCAs + ",6E3A55A4190C195C93843CC0DB722E313061F0B1" WRITE_BATCH->$RootCAs = $RootCAs + ",339B6B1450249B557A01877284D9E02FC3D2D8E9" WRITE_BATCH->$RootCAs = $RootCAs + ",F373B387065A28848AF2F34ACE192BDDC78E9CAC" WRITE_BATCH->$RootCAs = $RootCAs + ",6F62DEB86C85585AE42E478DB4D76DB367585AE6" WRITE_BATCH->$RootCAs = $RootCAs + ",7EB1A0429BE5F428AC2B93971D7C8448A536070C" WRITE_BATCH->$RootCAs = $RootCAs + ",8DA7F965EC5EFC37910F1C6E59FDC1CC6A6EDE16" WRITE_BATCH->$RootCAs = $RootCAs + ",5A8CEF45D7A69859767A8C8B4496B578CF474B1A" WRITE_BATCH->$RootCAs = $RootCAs + ",0D44DD8C3C8C1A1A58756481E90F2E2AFFB3D26E" WRITE_BATCH->$RootCAs = $RootCAs + ",F6108407D6F8BB67980CC2E244C2EBAE1CEF63BE" WRITE_BATCH->$RootCAs = $RootCAs + ",925A8F8D2C6D04E0665F596AFF22D863E8256F3F" WRITE_BATCH->$RootCAs = $RootCAs + ",C9A8B9E755805E58E35377A725EBAFC37B27CCD7" WRITE_BATCH->$RootCAs = $RootCAs + ",07E032E020B72C3F192F0628A2593A19A70F069E" WRITE_BATCH->$RootCAs = $RootCAs + ",6252DC40F71143A22FDE9EF7348E064251B18118" WRITE_BATCH->$RootCAs = $RootCAs + ",D3DD483E2BBF4C05E8AF10F5FA7626CFD3DC3092" WRITE_BATCH->$RootCAs = $RootCAs + ",DB2B7B434DFB7FC1CB5926EC5D9521FE350FF279" WRITE_BATCH->$RootCAs = $RootCAs + ",2BB1F53E550C1DC5F1D4E6B76A464B550602AC21" WRITE_BATCH->$RootCAs = $RootCAs + ",2E66C9841181C08FB1DFABD4FF8D5CC72BE08F02" WRITE_BATCH->$RootCAs = $RootCAs + ",CD787A3D5CBA8207082848365E9ACDE9683364D8" WRITE_BATCH->$RootCAs = $RootCAs + ",42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA" WRITE_BATCH->$RootCAs = $RootCAs + ",4CAEE38931D19AE73B31AA75CA33D621290FA75E" WRITE_BATCH->$RootCAs = $RootCAs + ",342CD9D3062DA48C346965297F081EBC2EF68FDC" WRITE_BATCH->$RootCAs = $RootCAs + ",5BB59920D11B391479463ADD5100DB1D52F43AD4" WRITE_BATCH->$RootCAs = $RootCAs + ",CEA9890D85D80753A626286CDAD78CB566D70CF2" WRITE_BATCH->$RootCAs = $RootCAs + ",AEC5FB3FC8E1BFC4E54F03075A9AE800B7F7B6FA" WRITE_BATCH->$RootCAs = $RootCAs + ",DAFAF7FA6684EC068F1450BDC7C281A5BCA96457" WRITE_BATCH->$RootCAs = $RootCAs + ",490A7574DE870A47FE58EEF6C76BEBC60B124099" WRITE_BATCH->$RootCAs = $RootCAs + ",3F0FEB17A7EF5804CFD90A77B7BB021EA69C6418" WRITE_BATCH->$RootCAs = $RootCAs + ",B561EBEAA4DEE4254B691A98A55747C234C7D971" WRITE_BATCH->$RootCAs = $RootCAs + ",A69E0336C4E59023FF653C71F928EB73F21C00F0" WRITE_BATCH->$RootCAs = $RootCAs + ",CBA1C5F8B0E35EB8B94512D3F934A2E90610D336" WRITE_BATCH->$RootCAs = $RootCAs + ",5463283B6793FF55277CEDE39098E80422F912F7" WRITE_BATCH->$RootCAs = $RootCAs + ",9D70BB01A5A4A018112EF71C01B932C534E788A8" WRITE_BATCH->$RootCAs = $RootCAs + ",2E14DAEC28F0FA1E8E389A4EABEB26C00AD383C3" WRITE_BATCH->$RootCAs = $RootCAs + ",FAB7EE36972662FB2DB02AF6BF03FDE87C4B2F9B" WRITE_BATCH->$RootCAs = $RootCAs + ",F02B70BDE4EAE02B207377B9FD4785E4C9CC55DC" WRITE_BATCH->$RootCAs = $RootCAs + ",E2B8294B5584AB6B58C290466CAC3FB8398F8483" WRITE_BATCH->$RootCAs = $RootCAs + ",EABDA240440ABBD694930A01D09764C6C2D77966" WRITE_BATCH->$RootCAs = $RootCAs + ",4F99AA93FB2BD13726A1994ACE7FF005F2935D1E" WRITE_BATCH->$RootCAs = $RootCAs + ",8BAF4C9B1DF02A92F7DA128EB91BACF498604B6F" WRITE_BATCH->$RootCAs = $RootCAs + ",67650DF17E8E7E5B8240A4F4564BCFE23D69C6F0" WRITE_BATCH->$RootCAs = $RootCAs + ",D99B104298594763F0B9A927B79269CB47DD158B" WRITE_BATCH->$RootCAs = $RootCAs + ",81AC5DE150D1B8DE5D3E0E266A136B737862D322" WRITE_BATCH->$RootCAs = $RootCAs + ",2C8AFFCE966430BA04C04F81DD4B49C71B5B81A0" WRITE_BATCH->$RootCAs = $RootCAs + ",DE990CED99E0431F60EDC3937E7CD5BF0ED9E5FA" WRITE_BATCH->$RootCAs = $RootCAs + ",211165CA379FBB5ED801E31C430A62AAC109BCB4" WRITE_BATCH->$RootCAs = $RootCAs + ",EE869387FFFD8349AB5AD14322588789A457B012" WRITE_BATCH->$RootCAs = $RootCAs + ",D1CBCA5DB2D52A7F693B674DE5F05A1D0C957DF0" WRITE_BATCH->$RootCAs = $RootCAs + ",2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E" WRITE_BATCH->$RootCAs = $RootCAs + ",AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4" WRITE_BATCH->$RootCAs = $RootCAs + ",02FAF3E291435468607857694DF5E45B68851868" WRITE_BATCH->$RootCAs = $RootCAs + ",9F744E9F2B4DBAEC0F312C50B6563B8E2D93C311" WRITE_BATCH->$RootCAs = $RootCAs + ",D1EB23A46D17D68FD92564C2F1F1601764D8E349" WRITE_BATCH->$RootCAs = $RootCAs + ",B172B1A56D95F91FE50287E14D37EA6A4463768A" WRITE_BATCH->$RootCAs = $RootCAs + ",0483ED3399AC3608058722EDBC5E4600E3BEF9D7" WRITE_BATCH->$RootCAs = $RootCAs + ",E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46" WRITE_BATCH->$RootCAs = $RootCAs + ",AE3B31BF8FD891079CF1DF34CBCE6E70D37FB5B0" WRITE_BATCH->$RootCAs = $RootCAs + ",28903A635B5280FAE6774C0B6DA7D6BAA64AF2E8" WRITE_BATCH->$RootCAs = $RootCAs + ",3BC49F48F8F373A09C1EBDF85BB1C365C7D811B3" WRITE_BATCH->$RootCAs = $RootCAs + ",3DB66DFEBEB6712889E7C098B32805896B6218CC" WRITE_BATCH->$RootCAs = $RootCAs + ",924AEA47F73CB690565E552CFCC6E8D63EEE4242" WRITE_BATCH->$RootCAs = $RootCAs + ",27EED22AFD58A2C64A855E3680AF898BF36CE503" WRITE_BATCH->$RootCAs = $RootCAs + ",AB9D58C03F54B1DAE3F7C2D4C6C1EC3694559C37" WRITE_BATCH->$RootCAs = $RootCAs + ",93F7F48B1261943F6A78210C52E626DFBFBBE260" WRITE_BATCH->$RootCAs = $RootCAs + ",39410BC2303748066069A72A664DE4C743481296" WRITE_BATCH->$RootCAs = $RootCAs + ",0AB5C3CD7448B86D711E77A549838B87CE525F7F" WRITE_BATCH->$RootCAs = $RootCAs + ",1B3D1114EA7A0F9558544195BF6B2582AB40CE9A" WRITE_BATCH->$RootCAs = $RootCAs + ",8025EFF46E70C8D472246584FE403B8A8D6ADBF5" WRITE_BATCH->$RootCAs = $RootCAs + ",2D0D5214FF9EAD9924017420476E6C852727F543" WRITE_BATCH->$RootCAs = $RootCAs + ",B12E13634586A46F1AB2606837582DC4ACFD9497" WRITE_BATCH->$RootCAs = $RootCAs + ",92B46C76E13054E104F230517E6E504D43AB10B5" WRITE_BATCH->$RootCAs = $RootCAs + ",A14B48D943EE0A0E40904F3CE0A4C09193515D3F" WRITE_BATCH->$RootCAs = $RootCAs + ",F517A24F9A48C6C9F8A200269FDC0F482CAB3089" WRITE_BATCH->$RootCAs = $RootCAs + ",DF3C24F9BFD666761B268073FE06D1CC8D4F82A4" WRITE_BATCH->$RootCAs = $RootCAs + ",7E04DE896A3E666D00E687D33FFAD93BE83D349E" WRITE_BATCH->$RootCAs = $RootCAs + ",DDFB16CD4931C973A2037D3FC83A4D7D775D05E4" WRITE_BATCH->$RootCAs = $RootCAs + ",517F611E29916B5382FB72E744D98DC3CC536D64" WRITE_BATCH->$RootCAs = $RootCAs + ",40B331A0E9BFE855BC3993CA704F4EC251D41D8F" WRITE_BATCH->$RootCAs = $RootCAs + ",26A16C235A2472229B23628025BC8097C88524A1" WRITE_BATCH->$RootCAs = $RootCAs + ",84F2E3DD83133EA91D19527F02D729BFC15FE667" WRITE_BATCH->$RootCAs = $RootCAs + ",6724902E4801B02296401046B4B1672CA975FD2B" WRITE_BATCH->$RootCAs = $RootCAs + ",58D52DB93301A4FD291A8C9645A08FEE7F529282" WRITE_BATCH->$RootCAs = $RootCAs + ",912198EEF23DCAC40939312FEE97DD560BAE49B1" WRITE_BATCH->$RootCAs = $RootCAs + ",5F43E5B1BFF8788CAC1CC7CA4A9AC6222BCC34C6" WRITE_BATCH->$RootCAs = $RootCAs + ",0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43" WRITE_BATCH->$RootCAs = $RootCAs + ",A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436" WRITE_BATCH->$RootCAs = $RootCAs + ",5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25" WRITE_BATCH->$RootCAs = $RootCAs + ",51501FBFCE69189D609CFAF140C576755DCC1FDF" WRITE_BATCH->$RootCAs = $RootCAs + ",F138A330A4EA986BEB520BB11035876EFB9D7F1C" WRITE_BATCH->$RootCAs = $RootCAs + ",7991E834F7E2EEDD08950152E9552D14E958D57E" WRITE_BATCH->$RootCAs = $RootCAs + ",795F8860C5AB7C3D92E6CBF48DE145CD11EF600B" WRITE_BATCH->$RootCAs = $RootCAs + ",6E2664F356BF3455BFD1933F7C01DED813DA8AA6" WRITE_BATCH->$RootCAs = $RootCAs + ",22FDD0B7FDA24E0DAC492CA0ACA67B6A1FE3F766" WRITE_BATCH->$RootCAs = $RootCAs + ",4F658E1FE906D82802E9544741C954255D69CC1A" WRITE_BATCH->$RootCAs = $RootCAs + ",9C615C4D4D85103A5326C24DBAEAE4A2D2D5CC97" WRITE_BATCH->$RootCAs = $RootCAs + ",74207441729CDD92EC7931D823108DC28192E2BB" WRITE_BATCH->$RootCAs = $RootCAs + ",D2EDF88B41B6FE01461D6E2834EC7C8F6C77721E" WRITE_BATCH->$RootCAs = $RootCAs + ",216B2A29E62A00CE820146D8244141B92511B279" WRITE_BATCH->$RootCAs = $RootCAs + ",F44095C238AC73FC4F77BF8F98DF70F8F091BC52" WRITE_BATCH->$RootCAs = $RootCAs + ",6C7CCCE7D4AE515F9908CD3FF6E8C378DF6FEF97" WRITE_BATCH->$RootCAs = $RootCAs + ",58E8ABB0361533FB80F79B1B6D29D3FF8D5F00F0" WRITE_BATCH->$RootCAs = $RootCAs + ",96C91B0B95B4109842FAD0D82279FE60FAB91683" WRITE_BATCH->$RootCAs = $RootCAs + ",CB658264EA8CDA186E1752FB52C397367EA387BE" WRITE_BATCH->$RootCAs = $RootCAs + ",559BBA7B0FFE80D6D3829B1FD07AA4D322194790" WRITE_BATCH->$RootCAs = $RootCAs + ",E0B4322EB2F6A568B654538448184A5036874384" WRITE_BATCH->$RootCAs = $RootCAs + ",20D80640DF9B25F512253A11EAF7598AEB14B547" WRITE_BATCH->$RootCAs = $RootCAs + ",B8236B002F1D16865301556C11A437CAEBFFC3BB" WRITE_BATCH->$RootCAs = $RootCAs + ",D8A6332CE0036FB185F6634F7D6A066526322827" WRITE_BATCH->$RootCAs = $RootCAs + ",293621028B20ED02F566C532D1D6ED909F45002F" WRITE_BATCH->$RootCAs = $RootCAs + ",F9B5B632455F9CBEEC575F80DCE96E2CC7B278B7" WRITE_BATCH->$RootCAs = $RootCAs + ",503006091D97D4F5AE39F7CBE7927D7D652D3431" WRITE_BATCH->$RootCAs = $RootCAs + ",8CF427FD790C3AD166068DE81E57EFBB932272D4" WRITE_BATCH->$RootCAs = $RootCAs + ",B31EB1B740E36C8402DADC37D44DF5D4674952F9" WRITE_BATCH->$RootCAs = $RootCAs + ",51C6E70849066EF392D45CA00D6DA3628FC35239" WRITE_BATCH->$RootCAs = $RootCAs + ",0F36385B811A25C39B314E83CAE9346670CC74B4" WRITE_BATCH->$RootCAs = $RootCAs + ",8094640EB5A7A1CA119C1FDDD59F810263A7FBD1" WRITE_BATCH->$RootCAs = $RootCAs + ",1F24C630CDA418EF2069FFAD4FDD5F463A1B69AA" WRITE_BATCH->$RootCAs = $RootCAs + ",D69B561148F01C77C54578C10926DF5B856976AD" WRITE_BATCH->$RootCAs = $RootCAs + ",B1BC968BD4F49D622AA89A81F2150152A41D829C" WRITE_BATCH->$RootCAs = $RootCAs + ",47BEABC922EAE80E78783462A79F45C254FDE68B" WRITE_BATCH->$RootCAs = $RootCAs + ",B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E" WRITE_BATCH->$RootCAs = $RootCAs + ",2796BAE63F1801E277261BA0D77770028F20EEE4" WRITE_BATCH->$RootCAs = $RootCAs + ",AD7E1C28B064EF8F6003402014C3D0E3370EB58A" WRITE_BATCH->$RootCAs = $RootCAs + ",6969562E4080F424A1E7199F14BAF3EE58AB6ABB" WRITE_BATCH->$RootCAs = $RootCAs + ",75E0ABB6138512271C04F85FDDDE38E4B7242EFE" WRITE_BATCH->$RootCAs = $RootCAs + ",E1C950E6EF22F84C5645728B922060D7D5A7A3E8" WRITE_BATCH->$RootCAs = $RootCAs + ",D273962A2A5E399F733FE1C71E643F033834FC4D" WRITE_BATCH->$RootCAs = $RootCAs + ",30D4246F07FFDB91898A0BE9496611EB8C5E46E5" WRITE_BATCH->$RootCAs = $RootCAs + ",2A1D6027D94AB10A1C4D915CCD33A0CB3E2D54CB" WRITE_BATCH->$RootCAs = $RootCAs + ",84429D9FE2E73A0DC8AA0AE0A902F2749933FE02" WRITE_BATCH->$RootCAs = $RootCAs + ",A9822E6C6933C63C148C2DCAA44A5CF1AAD2C42E" WRITE_BATCH->$RootCAs = $RootCAs + ",705D2B4565C7047A540694A79AF7ABB842BDC161" WRITE_BATCH->$RootCAs = $RootCAs + ",FAA7D9FB31B746F200A85E65797613D816E063B5" WRITE_BATCH->$RootCAs = $RootCAs + ",1AC92F09EA89E28B126DFAC51E3AF7EA9095A3EE" WRITE_BATCH->$RootCAs = $RootCAs + ",60D68974B5C2659E8A0FC1887C88D246691B182C" WRITE_BATCH->$RootCAs = $RootCAs + ",D6DAA8208D09D2154D24B52FCB346EB258B28A58" WRITE_BATCH->$RootCAs = $RootCAs + ",FFB7E08F66E1D0C2582F0245C4970292A46E8803" WRITE_BATCH->$RootCAs = $RootCAs + ",A2B86B5A68D92819D9CE5DD6D7969A4968E11991" WRITE_BATCH->$RootCAs = $RootCAs + ",3BC6DCE00307BD676041EBD85970C62F8FDA5109" WRITE_BATCH->$RootCAs = $RootCAs + ",F00FC37D6A1C9261FB6BC1C218498C5AA4DC51FB" WRITE_BATCH->$RootCAs = $RootCAs + ",7612ED9E49B365B4DAD3120C01E603748DAE8CF0" WRITE_BATCH->$RootCAs = $RootCAs + ",971D3486FC1E8E6315F7C6F2E12967C724342214" WRITE_BATCH->$RootCAs = $RootCAs + ",3913853E45C439A2DA718CDFB6F3E033E04FEE71" WRITE_BATCH->$RootCAs = $RootCAs + ",8351509B7DF8CFE87BAE62AEB9B03A52F4E62C79" WRITE_BATCH->$RootCAs = $RootCAs + ",E45501608AA1EF89E27B8CD3C3B34C03B038E6D7" WRITE_BATCH->$RootCAs = $RootCAs + ",38DD7659C735100B00A237E491B7BC0FFCD2316C" WRITE_BATCH->$RootCAs = $RootCAs + ",20A8F5FFC43AF4A9BC89881EBF9920FF91E9FD0A" WRITE_BATCH->$RootCAs = $RootCAs + ",93057A8815C64FCE882FFA9116522878BC536417" WRITE_BATCH->$RootCAs = $RootCAs + ",B38FECEC0B148AA686C3D00F01ECC8848E8085EB" WRITE_BATCH->$RootCAs = $RootCAs + ",EC503507B215C4956219E2A89A5B42992C4C2C20" WRITE_BATCH->$RootCAs = $RootCAs + ",6AD23B9DC48E375F859AD9CAB585325C23894071" WRITE_BATCH->$RootCAs = $RootCAs + ",746F88F9AC163C53009EEF920C4067756A15717E" WRITE_BATCH->$RootCAs = $RootCAs + ",B091AA913847F313D727BCEFC8179F086F3A8C0F" WRITE_BATCH->$RootCAs = $RootCAs + ",F48B11BFDEABBE94542071E641DE6BBE882B40B9" WRITE_BATCH->$RootCAs = $RootCAs + ",76E27EC14FDB82C1C0A675B505BE3D29B4EDDBBB" WRITE_BATCH->$RootCAs = $RootCAs + ",D8EB6B41519259E0F3E78500C03DB68897C9EEFC" WRITE_BATCH->$RootCAs = $RootCAs + ",59AF82799186C7B47507CBCF035746EB04DDB716" WRITE_BATCH->$RootCAs = $RootCAs + ",9638633C9056AE8814A065D23BDC60A0EE702FA7" WRITE_BATCH->$RootCAs = $RootCAs + ",3143649BECCE27ECED3A3F0B8F0DE4E891DDEECA" WRITE_BATCH->$RootCAs = $RootCAs + ",7A1CDDE3D2197E7137433D3F99C0B369F706C749" WRITE_BATCH->$RootCAs = $RootCAs + ",535B001672ABBF7B6CC25405AE4D24FE033FD1CC" WRITE_BATCH->$RootCAs = $RootCAs + ",23D731FEDC5C8BB97DE6DC8E13B411BD4F24004F" WRITE_BATCH->$RootCAs = $RootCAs + ",9FF1718D92D59AF37D7497B4BC6F84680BBAB666" WRITE_BATCH->$RootCAs = $RootCAs + ",010C0695A6981914FFBF5FC6B0B695EA29E912A6" WRITE_BATCH->$RootCAs = $RootCAs + ",FE45659B79035B98A161B5512EACDA580948224D" WRITE_BATCH->$RootCAs = $RootCAs + ",9B0959898154081BF6A90E9B9E58A4690C9BA104" WRITE_BATCH->$RootCAs = $RootCAs + ",DF717EAA4AD94EC9558499602D48DE5FBCF03A25" WRITE_BATCH->$RootCAs = $RootCAs + ",BA29416077983FF4F3EFF231053B2EEA6D4D45FD" WRITE_BATCH->$RootCAs = $RootCAs + ",DAC9024F54D8F6DF94935FB1732638CA6AD77C13" WRITE_BATCH->$RootCAs = $RootCAs + ",9F8DE799CF8764ED2466990564041B194919EDE8" WRITE_BATCH->$RootCAs = $RootCAs + ",585F7875BEE7433EB079EAAB7D05BB0F7AF2BCCC" WRITE_BATCH->$RootCAs = $RootCAs + ",30779E9315022E94856A3FF8BCF815B082F9AEFD" WRITE_BATCH->$RootCAs = $RootCAs + ",027268293E5F5D17AAA4B3C3E6361E1F92575EAA" WRITE_BATCH->$RootCAs = $RootCAs + ",E252FA953FEDDB2460BD6E28F39CCCCF5EB33FDE" WRITE_BATCH->$RootCAs = $RootCAs + ",335A7FF00927CF2DF278E2C9192F7A4D5534F80C" WRITE_BATCH->$RootCAs = $RootCAs + ",C93C34EA90D9130C0F03004B98BD8B3570915611" WRITE_BATCH->$RootCAs = $RootCAs + ",1E0E56190AD18B2598B20444FF668A0417995F3F" WRITE_BATCH->$RootCAs = $RootCAs + ",06143151E02B45DDBADD5D8E56530DAAE328CF90" WRITE_BATCH->$RootCAs = $RootCAs + ",89DF74FE5CF40F4A80F9E3377D54DA91E101318E" WRITE_BATCH->$RootCAs = $RootCAs + ",8F43288AD272F3103B6FB1428485EA3014C0BCFE" WRITE_BATCH->$RootCAs = $RootCAs + ",3B1EFD3A66EA28B16697394703A72CA340A05BD5" WRITE_BATCH->$RootCAs = $RootCAs + ",46AF7A31B599460D469D6041145B13651DF9170A" WRITE_BATCH->$RootCAs = $RootCAs + ",EC93DE083C93D933A986B3D5CDE25ACB2FEECF8E" WRITE_BATCH->$RootCAs = $RootCAs + ",016897E1A0B8F2C3B134665C20A727B7A158E28F" WRITE_BATCH->$RootCAs = $RootCAs + ",55C86F7414AC8BDD6814F4D86AF15F3710E104D0" WRITE_BATCH->$RootCAs = $RootCAs + ",5CFB1F5DB732E4084C0DD4978574E0CBC093BEB3" WRITE_BATCH->$RootCAs = $RootCAs + ",0456F23D1E9C43AECB0D807F1C0647551A05F456" WRITE_BATCH->$RootCAs = $RootCAs + ",1F3F1486B531882802E87B624D420295A0FC721A" WRITE_BATCH->$RootCAs = $RootCAs + ",4B6BD2D3884E46C80CE2B962BC598CD9D5D84013" WRITE_BATCH->$RootCAs = $RootCAs + ",B2BD9031AA6D0E14F4C57FD548258F37B1FB39E4" WRITE_BATCH->$RootCAs = $RootCAs + ",4394CE3126FF1A224CDD4DEEB4F4EC1DA368EF6A" WRITE_BATCH->$RootCAs = $RootCAs + ",D6BF7994F42BE5FA29DA0BD7587B591F47A44F22" WRITE_BATCH->$RootCAs = $RootCAs + ",B1EAC3E5B82476E9D50B1EC67D2CC11E12E0B491" WRITE_BATCH->$RootCAs = $RootCAs + ",A0F8DB3F0BF417693B282EB74A6AD86DF9D448A3" WRITE_BATCH->$RootCAs = $RootCAs + ",1B8EEA5796291AC939EAB80A811A7373C0937967" WRITE_BATCH->$RootCAs = $RootCAs + ",093C61F38B8BDC7D55DF7538020500E125F5C836" WRITE_BATCH->$RootCAs = $RootCAs + ",4812BD923CA8C43906E7306D2796E6A4CF222E7D" WRITE_BATCH->$RootCAs = $RootCAs + ",CA3AFBCF1240364B44B216208880483919937CF7" WRITE_BATCH->$RootCAs = $RootCAs + ",1F4914F7D874951DDDAE02C0BEFD3A2D82755185" WRITE_BATCH->$RootCAs = $RootCAs + ",DE3F40BD5093D39B6C60F6DABC076201008976C9" WRITE_BATCH->$RootCAs = $RootCAs + ",D496592B305707386CC5F3CDB259AE66D7661FCA" WRITE_BATCH->$RootCAs = $RootCAs + ",5F3B8CF2F810B37D78B4CEEC1919C37334B9C774" WRITE_BATCH->$RootCAs = $RootCAs + ",36B12B49F9819ED74C9EBC380FC6568F5DACB2F7" WRITE_BATCH->$RootCAs = $RootCAs + ",B80E26A9BFD2B23BC0EF46C9BAC7BBF61D0D4141" WRITE_BATCH->$RootCAs = $RootCAs + ",28F97816197AFF182518AA44FEC1A0CE5CB64C8A" WRITE_BATCH->$RootCAs = $RootCAs + ",C860A318FCF5B7130B1007AD7F614A40FFFF185F" WRITE_BATCH->$RootCAs = $RootCAs + ",0C2009A4A88D8B4202185250540CC42BDFB5B089" WRITE_BATCH->$RootCAs = $RootCAs + ",D2695E12F592E9C8EE2A4CB8D55E295FEE6B2D31" WRITE_BATCH->$RootCAs = $RootCAs + ",4CDD51A3D1F5203214B0C6C532230391C746426D" WRITE_BATCH->$RootCAs = $RootCAs + ",C3197C3924E654AF1BC4AB20957AE2C30E13026A" WRITE_BATCH->$RootCAs = $RootCAs + ",B7AB3308D1EA4477BA1480125A6FBDA936490CBB" WRITE_BATCH->$RootCAs = $RootCAs + ",743AF0529BD032A0F44A83CDD4BAA97B7C2EC49A" WRITE_BATCH->$RootCAs = $RootCAs + ",C7F7CBE2023666F986025D4A3E313F29EB0C5B38" WRITE_BATCH->$RootCAs = $RootCAs + ",A1585187156586CEF9C454E22AB15C58745607B4" WRITE_BATCH->$RootCAs = $RootCAs + ",8D08FC43C0770CA84F4DCCB2D41A5D956D786DC4" WRITE_BATCH->$RootCAs = $RootCAs + ",A1E7C600AA4170E5B74BC94F9B9703EDC261B4B9" WRITE_BATCH->$RootCAs = $RootCAs + ",0B7199A1C7F3ADDF7BA7EAB8EB574AE80D60DDDE" WRITE_BATCH->$RootCAs = $RootCAs + ",56E0FAC03B8F18235518E5D311CAE8C24331AB66" WRITE_BATCH->$RootCAs = $RootCAs + ",D8C5388AB7301B1B6ED47AE645253A6F9F1A2761" WRITE_BATCH->$RootCAs = $RootCAs + ",9BAAE59F56EE21CB435ABE2593DFA7F040D11DCB" WRITE_BATCH->$RootCAs = $RootCAs + ",8D1784D537F3037DEC70FE578B519A99E610D7B0" WRITE_BATCH->$RootCAs = $RootCAs + ",039EEDB80BE7A03C6953893B20D2D9323A4C2AFD" WRITE_BATCH->$RootCAs = $RootCAs + ",323C118E1BF7B8B65254E2E2100DD6029037F096" WRITE_BATCH->$RootCAs = $RootCAs + ",DE28F4A4FFE5B92FA3C503D1A349A7F9962A8212" WRITE_BATCH->$RootCAs = $RootCAs + ",E621F3354379059A4B68309D8A2F74221587EC79" WRITE_BATCH->$RootCAs = $RootCAs + ",379A197B418545350CA60369F33C2EAF474F2079" WRITE_BATCH->$RootCAs = $RootCAs + ",AADBBC22238FC401A127BB38DDF41DDB089EF012" WRITE_BATCH->$RootCAs = $RootCAs + ",F18B538D1BE903B6A6F056435B171589CAF36BF2" WRITE_BATCH->$RootCAs = $RootCAs + ",91C6D6EE3E8AC86384E548C299295C756C817B81" WRITE_BATCH->$RootCAs = $RootCAs + ",BE36A4562FB2EE05DBB3D32323ADF445084ED656" WRITE_BATCH->$RootCAs = $RootCAs + ",22D5D8DF8F0231D18DF79DB7CF8A2D64C93F6C3A" WRITE_BATCH->$RootCAs = $RootCAs + ",3679CA35668772304D30A5FB873B0FA77BB70D54" WRITE_BATCH->$RootCAs = $RootCAs + ",4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5" WRITE_BATCH->$RootCAs = $RootCAs + ",204285DCF7EB764195578E136BD4B7D1E98E46A5" WRITE_BATCH->$RootCAs = $RootCAs + ",61EF43D77FCAD46151BC98E0C35912AF9FEB6311" WRITE_BATCH->$RootCAs = $RootCAs + ",132D0D45534B6997CDB2D5C339E25576609B5CC6" WRITE_BATCH->$RootCAs = $RootCAs + ",9CBB4853F6A4F6D352A4E83252556013F5ADAF65" WRITE_BATCH->$RootCAs = $RootCAs + ",CF9E876DD3EBFC422697A3B5A37AA076A9062348" WRITE_BATCH->$RootCAs = $RootCAs + ",9957C53FC59FB8E739F7A4B7A70E9B8E659F208C" WRITE_BATCH->$RootCAs = $RootCAs + ",4313BB96F1D5869BC14E6A92F6CFF63469878237" WRITE_BATCH->$RootCAs = $RootCAs + ",37F76DE6077C90C5B13E931AB74110B4F2E49A27" WRITE_BATCH->$RootCAs = $RootCAs + ",66F2DCFB3F814DDEE9B3206F11DEFE1BFBDFE132" WRITE_BATCH->$RootCAs = $RootCAs + ",F9DD19266B2043F1FE4B3DCB0190AFF11F31A69D" WRITE_BATCH->$RootCAs = $RootCAs + ",FFBDCDE782C8435E3C6F26865CCAA83A455BC30A" WRITE_BATCH->$RootCAs = $RootCAs + ",B8BE6DCB56F155B963D412CA4E0634C794B21CC0" WRITE_BATCH->$RootCAs = $RootCAs + ",58D1DF9595676B63C0F05B1C174D8B840BC878BD" WRITE_BATCH->$RootCAs = $RootCAs + ",3BC0380B33C3F6A60C86152293D9DFF54B81C004" WRITE_BATCH->$RootCAs = $RootCAs + ",3A44735AE581901F248661461E3B9CC45FF53A1B" WRITE_BATCH->$RootCAs = $RootCAs + ",8782C6C304353BCFD29692D2593E7D44D934FF11" WRITE_BATCH->$RootCAs = $RootCAs + ",B80186D1EB9C86A54104CF3054F34C52B7E558C6" WRITE_BATCH->$RootCAs = $RootCAs + ",590D2D7D884F402E617EA562321765CF17D894E9" WRITE_BATCH->$RootCAs = $RootCAs + ",55A6723ECBF2ECCDC3237470199D2ABE11E381D1" WRITE_BATCH->$RootCAs = $RootCAs + ",85A408C09C193E5D51587DCDD61330FD8CDE37BF" WRITE_BATCH->$RootCAs = $RootCAs + ",C418F64D46D1DF003D2730137243A91211C675FB" WRITE_BATCH->$RootCAs = $RootCAs + ",5A4D0E8B5FDCFDF64E7299A36C060DB222CA78E4" WRITE_BATCH->$RootCAs = $RootCAs + ",70179B868C00A4FA609152223F9F3E32BDE00562" WRITE_BATCH->$RootCAs = $RootCAs + ",71899A67BF33AF31BEFDC071F8F733B183856332" WRITE_BATCH->$RootCAs = $RootCAs + ",0FF9407618D3D76A4B98F0A8359E0CFD27ACCCED" WRITE_BATCH->$RootCAs = $RootCAs + ",5922A1E15AEA163521F898396A4646B0441B0FA9" WRITE_BATCH->$RootCAs = $RootCAs + ",905F942FD9F28F679B378180FD4F846347F645C1" WRITE_BATCH->$RootCAs = $RootCAs + ",E1A45B141A21DA1A79F41A42A961D669CD0634C1" WRITE_BATCH->$RootCAs = $RootCAs + ",F9CD0E2CDA7624C18FBDF0F0ABB645B8F7FED57A" WRITE_BATCH->$RootCAs = $RootCAs + ",D3EEFBCBBCF49867838626E23BB59CA01E305DB7" WRITE_BATCH->$RootCAs = $RootCAs + ",77474FC630E40F4C47643F84BAB8C6954A8A41EC" WRITE_BATCH->$RootCAs = $RootCAs + "," WRITE_BATCH-> WRITE_BATCH-> WRITE_BATCH->$CAs=Get-Childitem cert:\LocalMachine\Root -recurse WRITE_BATCH->foreach($CA in $CAs) { WRITE_BATCH->$TestCA = "," + $CA.Thumbprint + "," WRITE_BATCH-> WRITE_BATCH->if($RootCAs -like "*" + $TestCA + "*"){ WRITE_BATCH-> } WRITE_BATCH->else{ WRITE_BATCH-> Get-Childitem cert:\LocalMachine\Root -recurse | Where-Object {$_.Thumbprint -Match $CA.Thumbprint} | Format-List >> C:\PPF_Scan1\RootCA.txt WRITE_BATCH-> } WRITE_BATCH-> WRITE_BATCH-> WRITE_BATCH-> WRITE_BATCH->} WRITE_BATCH-> WRITE_BATCH-> WRITE_BATCH-> WRITE_BATCH->" " >> C:\PPF_Scan1\RootCA.txt WRITE_BATCH->" " >> C:\PPF_Scan1\RootCA.txt WRITE_BATCH->"***************************************************" >> C:\PPF_Scan1\RootCA.txt WRITE_BATCH->"** Rootzertifikate (nicht Standard) Current User **" >> C:\PPF_Scan1\RootCA.txt WRITE_BATCH->"***************************************************" >> C:\PPF_Scan1\RootCA.txt WRITE_BATCH-> WRITE_BATCH->$CAs=Get-Childitem cert:\CurrentUser\Root -recurse WRITE_BATCH->foreach($CA in $CAs) { WRITE_BATCH->$TestCA = "," + $CA.Thumbprint + "," WRITE_BATCH-> WRITE_BATCH->if($RootCAs -like "*" + $TestCA + "*"){ WRITE_BATCH-> } WRITE_BATCH->else{ WRITE_BATCH-> Get-Childitem cert:\CurrentUser\Root -recurse | Where-Object {$_.Thumbprint -Match $CA.Thumbprint} | Format-List >> C:\PPF_Scan1\RootCA.txt WRITE_BATCH-> } WRITE_BATCH-> WRITE_BATCH-> WRITE_BATCH-> WRITE_BATCH->} WRITE_BATCH->Exit START_SHELL->%Systemroot%\System32\WindowsPowerShell\v1.0\powershell.exe,-noprofile -executionpolicy bypass -file C:\PPFS_T\T1.ps1 REGISTRY_SEARCH->HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates -> REGISTRY_SEARCH->HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates SLEEP->30000 CLOSE_SHELL-> END_IF-> COPY_SCANFILES->C:\PPF_Scan1 OPEN->C:\PPF_Scan1 END->
- Klicke dann auf den Button Script ausführen und bestätige die erscheinende
Messagebox mit Ja. - Warte, bis der Scanner sich selbst beendet. Beendet er sich nach kurzer Zeit selbst, hat alles geklappt.
- Lasse das Script bei einer Meldung nicht abbrechen!
- Es befindet sich im Ordner C:\PPF_Scan1 dann eine Textdatei mit dem Namen RootCA.txt. Den Inhalt der Datei bräuchte ich einmal von mehreren Rechnern. Bitte mit dazu schreiben, auf welchem Betriebssystem der Text gelaufen ist (XP geht nicht).
Was tut das Script:
Es überprüft anhand einer mitgelieferten Liste mit Hilfe von Powershell, ob irgendein Root-Zertifikat installiert ist, was Microsoft laut der mitgelieferten Liste nicht selbst installiert. -
Windows 7, 64bit
Code
Alles anzeigen********************************************** ** Globale Rootzertifikate (nicht Standard) ** ********************************************** Subject : CN=ClockworkMod Issuer : CN=ClockworkMod Thumbprint : 8E9FBA4F0A0974EF5DA6939F17D49F682C78E76E FriendlyName : NotBefore : 08.04.2013 01:13:44 NotAfter : 01.01.2040 00:59:59 Extensions : {System.Security.Cryptography.Oid} Subject : CN=Microsoft Authenticode(tm) Root Authority, O=MSFT, C=US Issuer : CN=Microsoft Authenticode(tm) Root Authority, O=MSFT, C=US Thumbprint : 7F88CD7223F3C813818C994614A89C99FA3B5247 FriendlyName : Microsoft Authenticode(tm) Root NotBefore : 01.01.1995 09:00:01 NotAfter : 01.01.2000 00:59:59 Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography. Oid, System.Security.Cryptography.Oid} Subject : OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Time Stampin g Service Root, OU=Microsoft Corporation, O=Microsoft Trust Netw ork Issuer : OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Time Stampin g Service Root, OU=Microsoft Corporation, O=Microsoft Trust Netw ork Thumbprint : 245C97DF7514E7CF2DF8BE72AE957B9E04741E85 FriendlyName : Microsoft Timestamp Root NotBefore : 13.05.1997 18:12:59 NotAfter : 31.12.1999 00:59:59 Extensions : {} *************************************************** ** Rootzertifikate (nicht Standard) Current User ** *************************************************** Subject : CN=ClockworkMod Issuer : CN=ClockworkMod Thumbprint : 8E9FBA4F0A0974EF5DA6939F17D49F682C78E76E FriendlyName : NotBefore : 08.04.2013 01:13:44 NotAfter : 01.01.2040 00:59:59 Extensions : {System.Security.Cryptography.Oid} Subject : CN=Microsoft Authenticode(tm) Root Authority, O=MSFT, C=US Issuer : CN=Microsoft Authenticode(tm) Root Authority, O=MSFT, C=US Thumbprint : 7F88CD7223F3C813818C994614A89C99FA3B5247 FriendlyName : Microsoft Authenticode(tm) Root NotBefore : 01.01.1995 09:00:01 NotAfter : 01.01.2000 00:59:59 Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography. Oid, System.Security.Cryptography.Oid} Subject : OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Time Stampin g Service Root, OU=Microsoft Corporation, O=Microsoft Trust Netw ork Issuer : OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Time Stampin g Service Root, OU=Microsoft Corporation, O=Microsoft Trust Netw ork Thumbprint : 245C97DF7514E7CF2DF8BE72AE957B9E04741E85 FriendlyName : Microsoft Timestamp Root NotBefore : 13.05.1997 18:12:59 NotAfter : 31.12.1999 00:59:59 Extensions : {}
Gruß Volkmar
-
@Volkmar:
Eines ist bei dir zusätzlich installiert - zwei sind abgelaufen. Ich schaue mal, ob ich das Zertifikat zuordnen kann.PS: Zertifikat dürfte von einer Android Softwarefirma stammen. Betreibst du da in der Richtung was auf dem Rechner (Emulator vielleicht)?
Hier ist übrigens meine Datei:
Code: RootCA.txt
Alles anzeigen********************************************** ** Globale Rootzertifikate (nicht Standard) ** ********************************************** Subject : CN=Microsoft Authenticode(tm) Root Authority, O=MSFT, C=US Issuer : CN=Microsoft Authenticode(tm) Root Authority, O=MSFT, C=US Thumbprint : 7F88CD7223F3C813818C994614A89C99FA3B5247 FriendlyName : Microsoft Authenticode(tm) Root NotBefore : 01.01.1995 09:00:01 NotAfter : 01.01.2000 00:59:59 Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography. Oid, System.Security.Cryptography.Oid} Subject : CN=Avast Web/Mail Shield Root, O=Avast Web/Mail Shield, OU=gener ated by Avast Antivirus for SSL/TLS scanning Issuer : CN=Avast Web/Mail Shield Root, O=Avast Web/Mail Shield, OU=gener ated by Avast Antivirus for SSL/TLS scanning Thumbprint : 3E479370EDB85A8B183B7FA0CDCD4434359F8430 FriendlyName : NotBefore : 01.01.2010 13:00:00 NotAfter : 01.01.2040 13:00:00 Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography. Oid, System.Security.Cryptography.Oid, System.Security.Cryptogra phy.Oid...} Subject : OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Time Stampin g Service Root, OU=Microsoft Corporation, O=Microsoft Trust Netw ork Issuer : OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Time Stampin g Service Root, OU=Microsoft Corporation, O=Microsoft Trust Netw ork Thumbprint : 245C97DF7514E7CF2DF8BE72AE957B9E04741E85 FriendlyName : Microsoft Timestamp Root NotBefore : 13.05.1997 18:12:59 NotAfter : 31.12.1999 00:59:59 Extensions : {} *************************************************** ** Rootzertifikate (nicht Standard) Current User ** *************************************************** Subject : CN=Microsoft Authenticode(tm) Root Authority, O=MSFT, C=US Issuer : CN=Microsoft Authenticode(tm) Root Authority, O=MSFT, C=US Thumbprint : 7F88CD7223F3C813818C994614A89C99FA3B5247 FriendlyName : Microsoft Authenticode(tm) Root NotBefore : 01.01.1995 09:00:01 NotAfter : 01.01.2000 00:59:59 Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography. Oid, System.Security.Cryptography.Oid} Subject : CN=Avast Web/Mail Shield Root, O=Avast Web/Mail Shield, OU=gener ated by Avast Antivirus for SSL/TLS scanning Issuer : CN=Avast Web/Mail Shield Root, O=Avast Web/Mail Shield, OU=gener ated by Avast Antivirus for SSL/TLS scanning Thumbprint : 3E479370EDB85A8B183B7FA0CDCD4434359F8430 FriendlyName : NotBefore : 01.01.2010 13:00:00 NotAfter : 01.01.2040 13:00:00 Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography. Oid, System.Security.Cryptography.Oid, System.Security.Cryptogra phy.Oid...} Subject : OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Time Stampin g Service Root, OU=Microsoft Corporation, O=Microsoft Trust Netw ork Issuer : OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Time Stampin g Service Root, OU=Microsoft Corporation, O=Microsoft Trust Netw ork Thumbprint : 245C97DF7514E7CF2DF8BE72AE957B9E04741E85 FriendlyName : Microsoft Timestamp Root NotBefore : 13.05.1997 18:12:59 NotAfter : 31.12.1999 00:59:59 Extensions : {}
-
Windows 7 64bit
-
@EstherCH:
Bei dir ist nichts zusätzlich installiert. Zwei Zertifikate sind abgelaufen (ist normal so). -
-
Bei Volmar könnte man jetzt zum Beispiel im nächste Schritt nach EXE Dateien suchen, die eine Signatur der Firma ClockworkMod haben und so darauf stoßen, warum das Zertifikat wohl installiert ist.
-
Da fällt mir jetzt nur dieser ein
Code
Alles anzeigenSignature = "$Windows NT$" Class = AndroidUsbDeviceClass ClassGuid = {3F966BD9-FA04-4ec5-991C-D326973B5128} Provider = %ProviderName% DriverVer = 12/06/2010,4.0.0000.00000 CatalogFile = android_winusb.cat ProviderName = "Google, Inc." SingleAdbInterface = "Android ADB Interface" CompositeAdbInterface = "Android Composite ADB Interface" SingleBootLoaderInterface = "Android Bootloader Interface" WinUSB_SvcDesc = "Android USB Driver" DISK_NAME = "Android WinUsb installation disk" ClassName = "Android Phone"
Gruß Volkmar
-
Bingo - der dürfte das gewesen sein!
Lässt sich also zuordnen. Absolut geil!!!!Ich verstehe nicht, warum Microsoft nicht selbst was im System mitliefert, um Manipulationen in dem Bereich aufdecken zu können. Normalerweise müsste jedes System was onboard haben, um da Einblick zu erhalten.
Das ist ja ein Loch wie ein Scheunentor. Solche Root-Zertifikate sind alle selbstsigniert. Die Wahrscheinlichkeit, dass man da nicht irgendwas eintragen, was einem gefällt (wenn man Adminrechte hat) ist eigentlich null.
Da kann sich eigentlich sogar jemand als Microsoft ausgeben - und in Wirklichkeit der Hacker um die Ecke sein.... -
Ich würde mich sehr freuen, wenn @Adell Vállieré das mal testen könnten / würde.
-
Ich würde mich sehr freuen, wenn @Adell Vállieré das mal testen könnten / würde.
Du hast doch wieder irgendwelche Hintergedanken und willst auf etwas hinaus.
Warum gerade ich?Aber hier:
Code
Alles anzeigen********************************************** ** Globale Rootzertifikate (nicht Standard) ** ********************************************** Subject : CN=Microsoft Authenticode(tm) Root Authority, O=MSFT, C=US Issuer : CN=Microsoft Authenticode(tm) Root Authority, O=MSFT, C=US Thumbprint : 7F88CD7223F3C813818C994614A89C99FA3B5247 FriendlyName : Microsoft Authenticode(tm) Root NotBefore : 01.01.1995 09:00:01 NotAfter : 01.01.2000 00:59:59 Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid} Subject : OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Time Stamping Service Root, OU=Microsoft Corporation, O=Microsoft Trust Network Issuer : OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Time Stamping Service Root, OU=Microsoft Corporation, O=Microsoft Trust Network Thumbprint : 245C97DF7514E7CF2DF8BE72AE957B9E04741E85 FriendlyName : Microsoft Timestamp Root NotBefore : 13.05.1997 18:12:59 NotAfter : 31.12.1999 00:59:59 Extensions : {} *************************************************** ** Rootzertifikate (nicht Standard) Current User ** *************************************************** Subject : CN=Microsoft Authenticode(tm) Root Authority, O=MSFT, C=US Issuer : CN=Microsoft Authenticode(tm) Root Authority, O=MSFT, C=US Thumbprint : 7F88CD7223F3C813818C994614A89C99FA3B5247 FriendlyName : Microsoft Authenticode(tm) Root NotBefore : 01.01.1995 09:00:01 NotAfter : 01.01.2000 00:59:59 Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid}
-
Sieht sehr gut aus. Zwei abgelaufene Zertifikate.
Du hast doch wieder irgendwelche Hintergedanken
Ich suche im Prinzip Leute, die aus unterschiedlichen Bereichen was installieren. Am liebsten hätte ich Leute, die sehr viel Software und irgendwelche Treiber auf den Rechner packen. Dich wollte ich gerne als Tester, weil du ganz spezielle Sachen tust:
Ein über Youtube verbreiteter Schädling gab sich als Coin-Generator und Aimbot für das Survival-Game Fortnite aus.
Leute, die sich im Gaming Bereich aufhalten und auch mal vielleicht Cracks installieren wären da ein gutes Angriffsziel für solche Techniken.
Hier noch mal was von meiner Windows10 Preview:
Code
Alles anzeigen********************************************** ** Globale Rootzertifikate (nicht Standard) ** ********************************************** Subject : CN=Microsoft Authenticode(tm) Root Authority, O=MSFT, C=US Issuer : CN=Microsoft Authenticode(tm) Root Authority, O=MSFT, C=US Thumbprint : 7F88CD7223F3C813818C994614A89C99FA3B5247 FriendlyName : Microsoft Authenticode(tm) Root NotBefore : 01.01.1995 09:00:01 NotAfter : 01.01.2000 00:59:59 Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid} Subject : CN=Microsoft ECC TS Root Certificate Authority 2018, O=Microsoft Corporation, L=Redmond, S=Washington, C=US Issuer : CN=Microsoft ECC TS Root Certificate Authority 2018, O=Microsoft Corporation, L=Redmond, S=Washington, C=US Thumbprint : 31F9FC8BA3805986B721EA7295C65B3A44534274 FriendlyName : Microsoft ECC TS Root Certificate Authority 2018 NotBefore : 27.02.2018 21:51:34 NotAfter : 27.02.2043 22:00:12 Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid...} Subject : OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Time Stamping Service Root, OU=Microsoft Corporation, O=Microsoft Trust Network Issuer : OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Time Stamping Service Root, OU=Microsoft Corporation, O=Microsoft Trust Network Thumbprint : 245C97DF7514E7CF2DF8BE72AE957B9E04741E85 FriendlyName : Microsoft Timestamp Root NotBefore : 13.05.1997 18:12:59 NotAfter : 31.12.1999 00:59:59 Extensions : {} Subject : OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US Issuer : OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US Thumbprint : 4F65566336DB6598581D584A596C87934D5F2AB4 FriendlyName : VeriSign Class 3 Primary CA NotBefore : 29.01.1996 01:00:00 NotAfter : 08.01.2004 00:59:59 Extensions : {} Subject : CN=Microsoft Development Root Certificate Authority 2014, O=Microsoft Corporation, L=Redmond, S=Washington, C=US Issuer : CN=Microsoft Development Root Certificate Authority 2014, O=Microsoft Corporation, L=Redmond, S=Washington, C=US Thumbprint : F8DB7E1C16F1FFD4AAAD4AAD8DFF0F2445184AEB FriendlyName : Microsoft Flighting Root 2014 NotBefore : 28.05.2014 18:43:46 NotAfter : 28.05.2039 18:51:48 Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid} Subject : CN=Microsoft ECC Development Root Certificate Authority 2018, O=Microsoft Corporation, L=Redmond, S=Washington, C=US Issuer : CN=Microsoft ECC Development Root Certificate Authority 2018, O=Microsoft Corporation, L=Redmond, S=Washington, C=US Thumbprint : 6CA22E5501CC80885FF281DD8B3338E89398EE18 FriendlyName : Microsoft ECC Development Root Certificate Authority 2018 NotBefore : 27.02.2018 21:30:58 NotAfter : 27.02.2043 21:38:56 Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid...} *************************************************** ** Rootzertifikate (nicht Standard) Current User ** *************************************************** Subject : CN=Microsoft Authenticode(tm) Root Authority, O=MSFT, C=US Issuer : CN=Microsoft Authenticode(tm) Root Authority, O=MSFT, C=US Thumbprint : 7F88CD7223F3C813818C994614A89C99FA3B5247 FriendlyName : Microsoft Authenticode(tm) Root NotBefore : 01.01.1995 09:00:01 NotAfter : 01.01.2000 00:59:59 Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid} Subject : CN=Microsoft ECC TS Root Certificate Authority 2018, O=Microsoft Corporation, L=Redmond, S=Washington, C=US Issuer : CN=Microsoft ECC TS Root Certificate Authority 2018, O=Microsoft Corporation, L=Redmond, S=Washington, C=US Thumbprint : 31F9FC8BA3805986B721EA7295C65B3A44534274 FriendlyName : Microsoft ECC TS Root Certificate Authority 2018 NotBefore : 27.02.2018 21:51:34 NotAfter : 27.02.2043 22:00:12 Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid...} Subject : OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Time Stamping Service Root, OU=Microsoft Corporation, O=Microsoft Trust Network Issuer : OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Time Stamping Service Root, OU=Microsoft Corporation, O=Microsoft Trust Network Thumbprint : 245C97DF7514E7CF2DF8BE72AE957B9E04741E85 FriendlyName : Microsoft Timestamp Root NotBefore : 13.05.1997 18:12:59 NotAfter : 31.12.1999 00:59:59 Extensions : {} Subject : OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US Issuer : OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US Thumbprint : 4F65566336DB6598581D584A596C87934D5F2AB4 FriendlyName : VeriSign Class 3 Primary CA NotBefore : 29.01.1996 01:00:00 NotAfter : 08.01.2004 00:59:59 Extensions : {} Subject : CN=Microsoft Development Root Certificate Authority 2014, O=Microsoft Corporation, L=Redmond, S=Washington, C=US Issuer : CN=Microsoft Development Root Certificate Authority 2014, O=Microsoft Corporation, L=Redmond, S=Washington, C=US Thumbprint : F8DB7E1C16F1FFD4AAAD4AAD8DFF0F2445184AEB FriendlyName : Microsoft Flighting Root 2014 NotBefore : 28.05.2014 18:43:46 NotAfter : 28.05.2039 18:51:48 Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid} Subject : CN=Microsoft ECC Development Root Certificate Authority 2018, O=Microsoft Corporation, L=Redmond, S=Washington, C=US Issuer : CN=Microsoft ECC Development Root Certificate Authority 2018, O=Microsoft Corporation, L=Redmond, S=Washington, C=US Thumbprint : 6CA22E5501CC80885FF281DD8B3338E89398EE18 FriendlyName : Microsoft ECC Development Root Certificate Authority 2018 NotBefore : 27.02.2018 21:30:58 NotAfter : 27.02.2043 21:38:56 Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid...} [b][/b][i][/i][u][/u][sub][/sub][sup][/sup][s][/s]
Zwei davon konnte ich bislang nicht zuordnen, da die ziemlich neu sind.
Hat jemand von euch die aktuelle Preview von Windows10? -
Hier mal noch der weiterführende Link von der Seite von Heise:
Solche Aussteller-Zertifikate lassen sich also einfach über das Tool CertMgr.exe installieren, das zum Betriebssystem gehört (aber nicht nur damit). Nötig dafür sind Adminrechte.
Ist so ein Zertifikat erst einmal im Betriebssystem installiert, kann man im Prinzip jede ausführbare Datei so signieren lassen, als käme sie direkt von Microsoft. Es ist dann im Prinzip nicht mehr zu erkennen, dass die Datei nicht vertrauenswürdig ist.
Vertrauenswürdige Dateien werden von Virenscannern bei einer Verhaltensanalyse anders behandelt. Treiber, die signiert sind, lassen sich problemlos ins Betriebssystem laden. Bei Analysen werden vertrauenswürdige Dateien erst einmal ausgeklammert.Für alles das sind nur Adminrechte nötig - und man kann im Prinzip nicht sicher checken, was in den Bereich der vertrauenswürdigen Aussteller gar nicht hineingehört???
Hier steht folgendes:Microsoft is deprecating the online version of the Trusted Root Participants list. It will no longer be updated with each release. For a total list of participants in the program, please refer to the downloadable spreadsheet above.
An aktuelle Listen wird man in Zukunft also gar nicht mehr herankommen - ist ja Klasse!
Man bekommt also nur den SST Mist, den man sich über Certutil ziehen kann... -
Leute, die sich im Gaming Bereich aufhalten und auch mal vielleicht Cracks installieren wären da ein gutes Angriffsziel für solche Techniken.
Du weißt was ein Aimbot ist, oder? Dann hier eine kurze Erklärung: In Shooter, oder auch "Ballerspiele" genannt, muss man natürlich auf seine Gegner zielen und zur Strecke bringen. Ein Aimbot übernimmt diese Aufgabe und trifft IMMER. Solche Programme dienen zum schummeln und zerstören anderen den Spielspaß. Ich persönlich habe nie und werde nie so etwas nutzen.
Jedenfalls schön zu sehen, dass auf "diesem" Gerät solche Mechaniken nicht angewendet wurden.
-
Du weißt was ein Aimbot ist, oder?
Nein, danke für die Erklärung!
Jedenfalls schön zu sehen, dass auf "diesem" Gerät solche Mechaniken nicht angewendet wurden.
Dann würde ich mal auf irgendeinem deiner "anderen" Geräte schauen, auf denen du mehr installierst.
Als Gamer würde ich in den Bereich öfters mal einen Blick reinwerfen - ich könnte mir aber vorstellen, dass es sich bei anderen noch mehr lohnt, da reinzusehen, als bei dir.Wie man hier sieht, arbeite ich gerade an einem Konzept, Überblick über den Bereich zu bekommen.
-
Dann würde ich mal auf irgendeinem deiner "anderen" Geräte schauen, auf denen du mehr installierst.
Das hier ist mein Hauptsystem, die anderen sind leer, da läuft alles in virtuellen Maschinen. Da sehen die Verläufe identisch aus, hatte ich nämlich schon geprüft.
Wie man hier sieht, arbeite ich gerade an einem Konzept, Überblick über den Bereich zu bekommen.
Ein Thema wo es sich lohnt also immer wieder rein zuschauen.
-
Jetzt mitmachen!
Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!