Sysinternals Freeware - Mark Russinovich & Bryce Cogswell

Sigcheck

Copyright 2005-2006 Mark Russinovich
Last Updated: January 13, 2006 v1.3

Verify that images are digitally signed and dump version information with this simple command-line utility.

Usage: sigcheck [-i][-e][[-s]|[-v]][-q][-u] [-c catalog file] <file or directory>

-c
Look for signature in the specified catalog file
-e
Scan executable images only (regardless of their extension)
-i
Show image signers
-n
Only show version number
-q
Quiet (no banner)
-s
Recurse subdirectories
 
-u
Show unsigned files only
-v
Csv output

One way to use the tool is to check for unsigned files in your \Windows\System32 directories with this command:

sigcheck -u -e c:\windows\system32

You should investigate the purpose of any files that are not signed.

Download Sigcheck (16 KB)

Back to Top