Sysinternals Freeware - Mark Russinovich & Bryce Cogswell


Copyright 2005-2006 Mark Russinovich
Last Updated: January 13, 2006 v1.3

Verify that images are digitally signed and dump version information with this simple command-line utility.

Usage: sigcheck [-i][-e][[-s]|[-v]][-q][-u] [-c catalog file] <file or directory>

Look for signature in the specified catalog file
Scan executable images only (regardless of their extension)
Show image signers
Only show version number
Quiet (no banner)
Recurse subdirectories
Show unsigned files only
Csv output

One way to use the tool is to check for unsigned files in your \Windows\System32 directories with this command:

sigcheck -u -e c:\windows\system32

You should investigate the purpose of any files that are not signed.

Download Sigcheck (16 KB)

Back to Top