Check Your Windows Installation For Unsigned Files


Windows signature file check windowAll recent versions of Windows include the ability for trusted software publishers to digitally sign their files. If you try to update a device driver, for example, and it's not been signed, Windows will warn you and ask whether you wish to continue.

As part of your general security regime for your PC, you may wish to check that all of the files in your main Windows system folder have been signed and can thus be trusted. If you find any unsigned files, you can (and should) take steps to find out how they found their way onto your PC. Chances are, they're device drivers which are necessary and should not be deleted. But you may also find evidence of malware, which you can then remove.

Sigcheck is a program from Sysinternals (nowadays part of Microsoft) which will, among a host of other features, scan a folder in search of unsigned files. It's a command-line utility, rather than sporting a graphical interface, but it's easy to use if you're au fait with such things.

Check out for the download link. The command for scanning your Windows system for unsigned files is listed at the bottom of that page. The download itself is a paltry 0.14 MB and is malware-free according to VirusTotal and Web of Trust.

It's completely free of charge too.

Incidentally, this release of Sigcheck was launched earlier this week. So if you've been using a previous version, you should consider upgrading your copy.

Please rate this article: 

Your rating: None
Average: 3.7 (15 votes)


Sigcheck is now at version 2.5 (2016.02.02).

This is a great suggestion. I use a couple of things which remain unsigned, My VPN, for one (CG) but this is another good tool in the arsenal one has to keep on hand to find, and counter, malware. Good Article, Thank you!

I want to thank Rob Schifreen and Mark Russinovich for being
So diligent and helpful
Thank you both