SigCheck will download the current Microsoft Trusted Root Store and look for any certificates not rooted by it that would be considered invalid on a default windows install. Any positive results are likely malicious or inappropriate (eDellRoot) and should be investigated.
Create content for sigcheck: https://twitter.com/swiftonsecurity/status/946532192460648448?s=21
sigcheck.exe -accepteula -c -nobanner -tv * -u
SigCheck will download the current Microsoft Trusted Root Store and look for any certificates not rooted by it that would be considered invalid on a default windows install. Any positive results are likely malicious or inappropriate (eDellRoot) and should be investigated.
Related: