Sigcheck is a useful tool provided free of charge by Microsoft to check your computer for harmful digital certificates.
You can download it from the Ms-TechNet website.
You can download it from the site, click on How to use and once you have downloaded the tool and extracted the .zip, open a prompt window on the folder (by pressing the SHIFT key and right-clicking on an empty area inside the folder).
In the prompt window that appears, enter the following command:
and press ENTER.
When prompted for scan authorisation, click on I Agree.
The certificates detected in the computer will be listed and its validity for each one will be indicated .
If you find an invalid certificate, you could delete it from the computer by opening the Windows Certificate Management Console:
1- Right-click on the Windows start menu logo and open ‘Run’ (alternatively, press the Win+R combination)2- Insert and execute the command
3- Open the section “Trusted root certification authorities” and then open “Certificates”.
4- Select and remove the malicious certificate.
The tool can also be used to scan a folder while looking for digitally unsigned files.
For example, with the following command:
sigcheck -u -e c:\windows\system32
the system32 folder will be scanned and the signed or unsigned files will be listed.