File Signature Verification Tool

Posted on 2007-10-19
Last Modified: 2013-12-01
I opened the File Signature Verification Tool (sigverif.exe) for the first time yesterday.  An article I read claimed that the tool retuned a list of all unsigned drivers on a machine.  The tool returned over 90 files.  The Driver Signing Options dialog (System Properties dialog / Hardware tab / Driver Signing button), however, is set to "Warn," and I have not seen an "Unsigned Driver Warning" since I did a fresh install on my laptop about a month ago.  Is the File Signature Verification Tool returning junk results or is my "Unsigned Driver Warning" not working.  Incidently, I noticed that every unsigned file returned by the File Signature Verification Tool is in C:\WINDOWS\system32\spool\drivers.  
Question by:jdana
    LVL 24

    Expert Comment

    Everything in C:\WINDOWS\system32\spool\drivers is printer related. You'll find a lot of signed printer drivers that also copy over a number of unsigned dependent dll files that will show up when using sigverif.exe.

    So while the printer driver itself might be signed, a lot of it's dependent files might not be.

    Go to Control Panel|Printers and Faxes. Then hit File->Server Properties and go to the Drivers tab. Choose a driver and hit properites. You'll get a window with a long list of files, most of which will be dependent files. My guess is most of your "unsigned" drivers will be in those.
    LVL 24

    Accepted Solution

    Also, sigverif.exe checks all files, whether they are actually being used by Windows or not. So any drivers that were copied over during a printer install for printer sharing with other operating systems and support files would be scanned by the tool.
    LVL 63

    Expert Comment

    Well it checks for all Drivers, not necessarily those that are actually being used.

    I hope this helps !
    LVL 9

    Expert Comment

    Q. Is the File Signature Verification Tool returning junk results or is my "Unsigned Driver Warning" not working?

    A. The answer to both of your questions is NONE.  You see, drivers installed using setup programs that manually configure the registry and copy driver files to a system and driver files that are dynamically loaded by applications arent checked for signatures. Only drivers installed using INF files are validated against the systems driver-signing policy.

    Author Comment

    Thanks guys.  I appreciate the feedbak.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Join & Write a Comment

    We have adopted the strategy to use Computers in Student Labs as the bulletin boards. The same target can be achieved by using a Login Notice feature in Group policy but it’s not as attractive as graphical wallpapers with message which grabs the att…
    In this article we have discussed the manual scenarios to recover data from Windows 10 through some backup and recovery tools which are offered by it.
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
    Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now