Give your Windows Certificate Store a thorough scan for suspicious certs
RCC is a free program for Windows that scans the Windows Certificate Store when it is run highlighting potentially dangerous certificates.
Certificates use public and private keys, with the public key available openly, and the private key available only to the company that owns the certificate.
Anyone with access to the private key may use it to compromise HTTPS connections on the system among other things.
Windows users have access to the system's Certificate Manager, and while it is theoretically possible to go through the lists of certificates regularly to make sure that only legitimate certs are installed, it is not really practicable unless one has a deeper understanding of which certificates are required and which are not.
To load it tap on the Windows-key, type certmgr.msc and hit enter.
One of the better options is to export the certificate list on first start, and then again at a later point in time to compare the data. This won't help obviously if the PC manufacturer adds certificates to the system directly.
This is done with a click on Action > Export list in the main menu bar.
RCC, which stands for Root Certificate Check, is a free for home and educational use program for the Windows operating system that scans the Windows root CA store and the Mozilla Firefox root CA store on the system for suspicious entries.
It uses a baseline for that to which it compares the certificates to, and highlights interesting items after the scan.
These "interesting items" are not necessarily malicious or a security risk, but they can very well be one. It is necessary then to research the certificate on the Internet.
First thing you may want to do is open the Certificate Manager to list it there, as you find its full name and other information listed there which RCC does not list.
I suggest you search for the certificate name first, e.g. "Symantec Enterprise Mobile Root for Microsoft" and see what comes up. That may be enough to determine whether the cert is legitimate or not.
The "interesting" certificate in question that you see on the screenshot above seems to be used to sign Windows Phone apps, at least that's what a quick research on the Internet suggests.
Root Certificate Check enables you to scan the Windows Certificate Store and the Mozilla Firefox Certificate Store for certificates that need investigation.
Depending on the required level of security and thoroughness, it should not necessarily be your only checking option though.Advertisement