@Mr.NoName ..
Check for dangerous or unsigned Certificates using SigCheck
Check for Unsigned Certificates using SigCheck
Sigcheck can show the file version number, timestamp information, and digital signature details, including certificate chains. Additionally, the latest version now lets you upload a file for scanning, as well as check a file’s status on VirusTotal, which uses 40 antivirus engines.
To use SigCheck to scan your Windows computer for dangerous & unsafe Certificates, download it from Microsoft and extract the contents of the folder. Now to run the tool, press Shift+Right-click inside the folder. You will see an
Open a command window here entry. Click on it.
The tool offers several parameters that you can use. As an example, in the Command Prompt window, you may type the following command for instance and hit Enter:
sigcheck64 -vt
If you are using a 64-bit system, use
sigcheck64, else
sigcheck.
When you run this command, the tool downloads a list of Trusted Certificates from Microsoft. It then compares your Certificates with this list and then lists those that are not present in the Trusted Certificates list.
If you do find any certificates, you may want to investigate further. If you feel they are dangerous, you may want to remove them. This post will show you how to
manage Root Certificates. The Certificate Manager or
certmgr.msc in Windows lets you see details about your certificates, export, import, modify, delete or request new certificates. You may also check details about the program which has installed it, and if you can do without the program, you could also consider uninstalling that software.
Use SigCheck to scan folder for unsigned files with VirusTotal
To scan all the files in a folder for unsigned files, you could, for example, use the following command:
sigcheck -u -e c:\windows\system32\
To see the entire list of parameters and the functions they perform, and to download SigCheck, visit
Microsoft.