File Signature Verification Tool

Posted on 2007-10-19
Medium Priority
Last Modified: 2013-12-01
I opened the File Signature Verification Tool (sigverif.exe) for the first time yesterday.  An article I read claimed that the tool retuned a list of all unsigned drivers on a machine.  The tool returned over 90 files.  The Driver Signing Options dialog (System Properties dialog / Hardware tab / Driver Signing button), however, is set to "Warn," and I have not seen an "Unsigned Driver Warning" since I did a fresh install on my laptop about a month ago.  Is the File Signature Verification Tool returning junk results or is my "Unsigned Driver Warning" not working.  Incidently, I noticed that every unsigned file returned by the File Signature Verification Tool is in C:\WINDOWS\system32\spool\drivers.  
Question by:jdana
LVL 24

Expert Comment

ID: 20109679
Everything in C:\WINDOWS\system32\spool\drivers is printer related. You'll find a lot of signed printer drivers that also copy over a number of unsigned dependent dll files that will show up when using sigverif.exe.

So while the printer driver itself might be signed, a lot of it's dependent files might not be.

Go to Control Panel|Printers and Faxes. Then hit File->Server Properties and go to the Drivers tab. Choose a driver and hit properites. You'll get a window with a long list of files, most of which will be dependent files. My guess is most of your "unsigned" drivers will be in those.
LVL 24

Accepted Solution

Kenneniah earned 1000 total points
ID: 20109699
Also, sigverif.exe checks all files, whether they are actually being used by Windows or not. So any drivers that were copied over during a printer install for printer sharing with other operating systems and support files would be scanned by the tool.
LVL 63

Expert Comment

ID: 20109798
Well it checks for all Drivers, not necessarily those that are actually being used.

I hope this helps !

Expert Comment

ID: 20109870
Q. Is the File Signature Verification Tool returning junk results or is my "Unsigned Driver Warning" not working?

A. The answer to both of your questions is NONE.  You see, drivers installed using setup programs that manually configure the registry and copy driver files to a system and driver files that are dynamically loaded by applications arent checked for signatures. Only drivers installed using INF files are validated against the systems driver-signing policy.

Author Comment

ID: 20109937
Thanks guys.  I appreciate the feedbak.

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Issue: Unstable cursor in Windows XP and Windows runs extremely slow in that any click will bring up the Hour glass (sometimes for several seconds before giving you what you want) . Troubleshooting Process and the FINAL FIX: This issue see…
I originally wrote this article to compare SARDU and YUMI, but have now added Easy2Boot, since that is the one I currently use and find the easiest to create and alter.
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…
Suggested Courses

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question