The File Signature Verification Tool allows you to scan your computer and find unsigned device drivers. Any files that are signed can trigger a flag if modified; hence, we protect critical files with signatures. DirectX device drivers can be checked using the DXdiag tool. Start The File Signature Verification Tool by typing sigverif in the Start search text box.
The File Signature Verification main window allows you to configure log settings from the Advanced button. You can either Append or Overwrite scan results to the previous ones. It is recommended to save the scan results as these will serve as a list of all device drivers found on your computer.
Computer users without administrator privileges cannot install unsigned drivers! Drivers must be signed by certificates that Windows 7 trusts, while a user account with administrator privileges can install unsigned drivers. In the case of a network environment where ordinary users need to install unsigned drivers or applications, an administrator can authorize such installation using a self-signed digital certificate.
Digital Certificates allow users to identify that the source of the device driver or application is a legitimate publisher. It does not mean that the driver or application is bug free but its source is trustworthy that is, coming from its claimed source and it is intact.
A self-signed certificate will be valid only to your environment and can be created from a certificate authority server running Windows Server and Certificate Services. In order to have a certificate that is recognized by other users outside your organization, it needs to be issued by an external Certificate Authority such as, VeriSign. It is recommended to thoroughly test self-signed drivers in a test environment prior to deployment on production machines.