Sigcheck

Verify that images are digitally signed and dump version information with this simple command-line utility.

Usage: sigcheck [-i][-e][[-s]|[-v]][-q][-u] [-c catalog file] <file or directory>

-c

Look for signature in the specified catalog file

-e

Scan executable images only (regardless of their extension)

-i

Show image signers

-n

Only show version number

-q

Quiet (no banner)

-s

Recurse subdirectories

 

-u

Show unsigned files only

-v

Csv output

One way to use the tool is to check for unsigned files in your \Windows\System32 directories with this command:

sigcheck -u -e c:\windows\system32

You should investigate the purpose of any files that are not signed.

Download Sigcheck (16 KB)

Back to Top