Check dangerous or unsigned certificates with SigCheck



RECOMMENDED: Click here to fix Windows errors and optimize system performance

Some of you may remember SuperFish or eDellRoot. These were insecure root certificates installed on users’ computers without their knowledge. While most anti-malware tools are capable of identifying and removing malicious certificates, there are tools like RCC Root Certificate Scanner that focus on removing dangerous root certificates from a Windows computer. SysInternals SigCheck from Microsoft is another tool that does not scan dangerous and unsigned certificates, but now even scans all files in a folder with VirusTotal.

Check unsigned certificates with SigCheck



Fix Update July 2019:

We recommend you try using this new tool. It fixes a wide range of computer errors, as well as protecting against things like file loss, malware, hardware failures and optimizes your PC for maximum performance. It fixed our PC quicker than doing it manually:

  • Step 1 : Download PC Repair & Optimizer Tool (Windows 10, 8, 7, XP, Vista – Microsoft Gold Certified).
  • Step 2 : Click “Start Scan” to find Windows registry issues that could be causing PC problems.
  • Step 3 : Click “Repair All” to fix all issues.

download
(optional offer for Advanced System Repair Pro -> Website | EULA | Privacy Policy | Uninstall)



Sigcheck can display file version number, timestamp information and digital signature details, including certificate strings. You can also use the latest version to download a file to scan and check the status of a file for VirusTotal, which uses 40 antivirus engines.

To scan your Windows computer for unsafe and insecure certificates using SigCheck, download it from Microsoft and extract the contents of the folder. To run the tool, press Shift+Right Click inside the folder. You will see one Open a command window. Click on it.

The tool offers several parameters that you can use. For example, in the Command Prompt window, you can type the following command and press Enter:

sigcheck64 -tv

If you are using a 64-bit system, use sigcheck64, otherwise sigcheck.

When you execute this command, the tool downloads a list of Microsoft trusted certificates. It then compares your certificates with this list and lists those that are not included in the trusted certificate list.

If you find certificates, you should examine them more thoroughly. If you think they are dangerous, you may want to remove them. This article shows you how to manage root certificates. With Certificate Manager or certmgr.msc under Windows, you can view, export, import, modify, delete or request new certificate details. You can also check the details of the program that installed it, and if you can do without the program, you can also consider uninstalling this software.

Use SigCheck to scan the folder for unsigned files using VirusTotal

For example, to find unsigned files in all files in a folder, you can use the following command:

sigcheck -u -u -e c:windowssystem32

To view and download the complete list of parameters and functions they perform, visit Microsoft.



RECOMMENDED: Click here to troubleshoot Windows errors and optimize system performance

Related Video