SigcheckGUI is a system and security analysis tool for understanding files and processes. The program shows a variety of file data including signing source, 32/64-bit status, version, publisher, and more. Security options include VirusTotal analysis and file hashing (MD5, SHA1, and SHA256). The program can even run on all active processes.
The program can export results to spreadsheet (CSV) or copied to the clipboard.
SigcheckGUI is a front-end for Sigcheck from Sysinternals.
Category: | |
Runs on: | Vista / Win7 / Win8 / Win10 |
Writes settings to: | Application folder |
Stealth: ? | No. HKCU\Software\Sysinternals\SigCheck: "EulaAccepted" |
License: | Freeware for non-commercial use (obtain commercial license) |
How to extract: |
Optionally:
|
Similar/alternative apps: | RapidCRC Unicode |
What's new? |
Added:
|
The underlying SysInternals's SIGCHECK utility (CLI) is updated to V2.54 (as of 29-AUG-2016) with the following change :
- fixes a bug that could result in it reporting signed files that have been modified as having a valid signature.
v1.1.2
Version 1.1.2 does not include 'sigcheck.exe'.
v1.1.2
The underlying SysInternals's SIGCHECK utility (CLI) is updated to V2.5 (as of 02-FEB-2016)
with the following change :
- now reports all the signatures of images that have multiple signers
https://technet.microsoft.com/en-us/sysinternals/bb897441.aspx
Please note that since v2.4, SigCheck requires Vista, Win7 or higher.
(v2.3 still works fine under XP)
v1.1.0
Unfortunately, links do not seem to displayed well in the comment section...
Select "Sysinternals Suite October 26, 2015" under the "All versions" tab...
http://www.afterdawn.com/software/system_tools/system_information/sysint_suite.cfm#tab3
v1.1.0
@billon
Download Sysinternals Suite October 26, 2015 from http://www.afterdawn.com/software/system_tools/system_information/sysint_suite.cfm/october_26,_2015 and extract. You will find previous version of AccessChk and Sigcheck inside.
Direct link @ http://www.afterdawn.com/software/general/download.cfm/sysint_suite?mirror_id=0&version_id=105175&software_id=1917
v1.1.0
Thank you, _philippe, but it's 2.4, 'cause their links direct to Sysinternals' site.
but that's wrong place for such discussion, so never mind.
v1.1.0
@billon
Perhaps here, if you hurry...;-)
http://www.downloadcrew.com/article/31427-sigcheck
v1.1.0
Damn, and AccessChk too!
Where to get previous?
v1.1.0
The underlying SysInternals's SIGCHECK utility (CLI) is updated to V2.4
(as of 04-JAN-2016) with the following new options :
1. Reports any certificates installed on the system that do not chain to one of the certificates in the Microsoft certificate trust list (CTL).
2. Adds the ability to take image information captured from Sigcheck on a system disconnected from the Internet and obtain Vir*Total status from one that’s connected.
Full details here:
https://technet.microsoft.com/en-us/sysinternals/bb897441.aspx
Warning to die-hard WinXP users:
Regrettably, this newer version aborts with a dire admonition about
"Entry point SetfileInformationByHandle not found in Kernel32.dll"...:-(
Better stick with former version V2.3 which behaves itself under XP.
v1.1.0
FYI, Sysinternals SigCheck dependency is currently v2.90 released 2022-07-19.
v1.1.3