By Mark Russinovich
Published: February 5, 2013
Download Sigcheck (120 KB)
Verify that images are digitally signed and dump version information with this simple command-line utility.
usage: sigcheck [-a][-h][-i][-e][-n][[-s]|[-v]|[-m]][-q][-r][-u][-c catalog file] <file or directory>
One way to use the tool is to check for unsigned files in your \Windows\System32 directories with this command:
sigcheck -u -e c:\windows\system32
You should investigate the purpose of any files that are not signed.