Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Signed Drivers Detected As Unsigned

Posted on 2010-09-09
5
Medium Priority
?
490 Views
Last Modified: 2012-06-22
Can I get a very detailed (services involved etc) explanation of the Windows XP Driver Signing process?  Every now and again I get a PC that has no USB functionality.  Sigverif.exe claims that over 2000 drivers are not signed.  A healthy computer built from the same image has far less drivers listed as unsigned.  The list includes things like USBSTOR.SYS, which is definitely signed.  Most of the Microsoft drivers which were seen previously as signed drivers are now seen as unsigned.  I even tried replacing drivers with the original and it's still detected as unsigned.  

The keyboard and mouse are non-functional when this happens.  The only fix is to re-install Service Pack 3.  The issue comes back approximately 3 months later on some of the computers.  Thanks for your help.
0
Comment
Question by:Timbilt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 70

Expert Comment

by:Merete
ID: 33644170
Hi Timbilt, this could be a very lengthy topic but as simple as I can, this could be conflict between OEM drivers and the manufacturer drivers, take for example this from Microsoft regarding USB printers
If a user has installed the company's USB solution drivers what happens if a second vendor's solution tries to load?
The two solutions might conflict with each other and interfere with successful printing on the user's system. The operating system cannot detect or prevent such conflicts.
Vendors should use the Microsoft USB printing solution.
If these systems are HP or DEL here lies a possible conflict
Uninstall the vendor-supplied solution completely and then install the Microsoft solution.
source
USB Printers - Architecture and Driver Support
http://www.microsoft.com/whdc/archive/usbprint.mspx
Here's a few more topics that may assist you
Windows XP Pro SP3 Image Build Process
http://www.symantec.com/connect/articles/windows-xp-sp3-out-time-rebuild-those-base-images
How to Add OEM Plug and Play Drivers to Windows XP
http://support.microsoft.com/kb/314479
Driver Signing for Windows
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/code_signing.mspx?mfr=true
0
 
LVL 5

Expert Comment

by:ina_don
ID: 33719785
But all the while you havent had spyware, malware or viruses? I'd think one of those could be to blame. Most oems now supply signed drivers so you wouldn't end up with so many unsigned after such a short period. Check for rootkits and also check the image that you're using. It might carry some malware with it.
0
 

Author Comment

by:Timbilt
ID: 33730751
Sorry for late reply.  Problem still wreaking havok.  Because it happens with so many PCs, it quite possible the image.  I tried to do a rootkit scan with GMER on two of the PCs (those not yet affected by the USB problem, but build from the same image) but it caused both PCs to restart during the scan.  Also, what I've noticed is that the problem arises almost always after moving a PC.  After reconnected the USB devices and powering it on, they keyboard and mouse and completely non-responsive.  After remoting into the PC and doing a scan with Sigverif.exe, almost all the drivers that were signed are now unsigned.

Example:
Normal PC:  2500 signed drivers, 200 unsigned drivers
Affected PC: 250 signed drivers, 2700 unsigned drivers
0
 
LVL 5

Expert Comment

by:ina_don
ID: 33731118
Those automatic restarts dont sound healthy but it could just be coincidence. Maybe you should try running the rootkit scanner and something like Dr. Web CureIt from a live CD such as WinPE/BartPE or even Dr. Web CureIt Live CD or WinInternals. See what you will pick up and then move from there. I've have some success recently using CureIt LiveCD because it has updated definitions and it is currently free so it might be worth trying.
0
 

Accepted Solution

by:
Timbilt earned 0 total points
ID: 33769470
It seems that the chipset drivers that came with the computer were dated 2006 and unsigned.  After upgrading to 2009 signed drivers, the computers are now faster and no more USB issues so far.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
Ever visit a website where you spotted a really cool looking Font, yet couldn't figure out which font family it belonged to, or how to get a copy of it for your own use? This article explains the process of doing exactly that, as well as showing how…
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question