Disable digital verification. Command line mode

Installing drivers for new hardware usually occurs in normal mode, however, sometimes the installation presents surprises and you have to be smart. AT certain cases you may need to turn off the check digital signature drivers in Windows 7, Vista, XP, 8/8.1. 64-bit operating Windows systems make such a check on a mandatory basis.

Attention! Disable developer digital signature verification only if you are sure that the driver you are installing comes from a trusted source.

Disabling in Windows 7 and earlier

Using the keys Win+R open utility Run and type gpedit.msc. Click OK and if an error message box appears on the screen, then you have one of the initial versions Windows 7. Problem fixed self-installation Group Policy Editor, details. After installing the editor, repeat the algorithm above. In utility Run enter gpedit.msc- The "Local Group Policy Editor" window will open.

The next algorithm is as follows. Go to the "User Configuration" → "Administrative Templates" → "System" → "Driver Installation" section. Open the "Digital Signature of Device Drivers" option and set the value to "Disabled". Click "Apply", "OK" and restart the computer.

Disabling without using gpedit.msc

If the above option for some reason does not suit you, it is possible and desirable to use the second method. When you turn on the computer before starting Windows boot press the key F8. The boot menu will open operating system- in it we select " Shutdown mandatory verification driver signatures"and press Enter. If instead of the menu, Windows immediately loaded, turn off the computer and repeat everything again.

This OS boot mode will allow you to install any drivers, but after restarting the computer, signature verification will turn on again, however installed drivers will work. If you need to install new drivers, you will need to boot the OS again in the disable check mode.

Disabling validation in Windows 8/8.1

Disabling digital signature verification of drivers in Windows 8/8.1 is similar previous method, however, has its own peculiarity due to the lack of standard menu F8. So, with a keyboard shortcut win+i bring up the options panel and select , holding down the Shift key.

Next, before turning off the PC, you will need to press a few menu buttons. In the first dialog choose Diagnostics, in the second Extra options, in third Download options, in the fourth, without choosing anything, press the button Reload.

After restarting, an analogue of the F8 menu will appear, in it you need to press F7 thus choosing: 7) Disable mandatory driver signature verification. After that, the operating system will boot in a mode that allows you to install any driver.

lovers computer games It's not uncommon for them to run into a problem where the applications they would like to run don't work. People immediately rush to the forums and technical support to find a solution. One method is some command line manipulation. At the same time, few people explain exactly what these changes lead to. It's about what to do to disable digital signature verification Windows drivers 7 (64 bits), and other versions too.

Signature

Let's first understand what a label is on software and any files that allows you to identify its creator, as well as ensure that the software has not been changed after the signature.

In the case of drivers, the operating system checks their authenticity, as well as compatibility with this OS. In addition, the driver is checked for the absence of modifications by third-party users.

If a file or driver contains an invalid or missing signature, this may either mean that it was created by an unverified developer, or that given file has been modified (for example, infected with a virus). However, the absence of a signature does not guarantee the harmfulness of the drivers, and its presence is not necessarily a guarantee of security.

Example

We start, oddly enough, with case study when you may need knowledge of the "OS" of Windows 7. You may constantly need to disable driver digital signature verification, for example, if you decide to play toys from the Fogeym service. Previously, you had to download a special client, as Mail.ru now has, but they decided to abandon it and built the entire system into a browser.

That's just along with the new technique came and new protection called Frost. In order for it to work, you need to perform the actions we are considering. Moreover, the advice of other users will be quite unambiguous, but useless. As a result, two problems arise.

1. Why does a self-respecting gaming service force protection?
2. Why this way doesn't always help? And the user, frustrated unsuccessful attempt, forgets to return the settings to the initial ones.

As you can see, it may be necessary to disable driver digital signature verification in Windows 7, but how useful is this for the system and security? We do not in any way recommend that you do not trust the sites in the example, however, if you encounter problems, it is better to contact technical support instead of user forums. Experts will help and prompt you, not unknown people with a dubious reputation.

A warning

Before you start the procedure, which we will talk about in this article, absolutely decide and decide - do you really need it? Are you absolutely sure what and why you are going to do? After all, if you disable driver digital signature verification in Windows 7, the security of your system is at risk.

On the one hand, there is no problem if this operation you need to spend to install drivers from a trusted source. For example, with license disk, and not bought on the market in a stall. On the other hand, applications downloaded from the Internet from unverified sites and exchangers. By downloading the driver (application) in such a place and disabling protection, you can infect your computer with a spy that will collect data, steal passwords, or even connect the computer to the network to DDoS attacks. In general, decide for yourself how much you need to disable the digital signature verification of Windows 7 drivers (32 bits).

First way

Finally, we got to the direct consideration of the issue. There are several options for disabling digital signature verification of drivers in Windows 7 Home Basic 64 and other versions. Both of these methods are slightly different from each other and require almost the same steps. So, let's begin.

1. First, we need to enable the command line so that you can enter the required commands. To do this, click "Start", then go to "My Programs" and to "Accessories". You need to run this utility as an administrator. If the user entry you are working with on the computer is the only one by default and has full rights, then you can simply in the menu of the "Start" button in the search enter
2. After that, enter bcdedit.exe /set nointegritychecks ON into the line. If you need to enable driver checking again, you need to set the ON parameter to OFF. Be careful and don't get confused. It seems that ON in English is "enable", but in fact you are turning on a service that disables driver verification.

Second way

The next method is not much different from the previous one. In order to disable driver digital signature verification in Windows 7, you will need to enable the command line again, as described in the paragraph above, and enter the following sequence. After each of them, you must confirm the entry by pressing Enter.

1. bcdedit.exe -set loadoptions DDISABLE_INTEGRITY_CHECKS
2. bcdedit.exe -set TESTSIGNING ON

Make sure the task has been completed. This can be understood by the message "Operation completed successfully". Only after that the verification of the digital signature will be disabled. If you need to roll back the changes that these commands made to your computer, then you need to repeat them in reverse order, with a few exceptions. Instead of the ON -> OFF command, and instead of DDISABLE - ENABLE.

Third Method

This method is not suitable for everyone, since it only temporarily solves the problem that we are trying to deal with today. If you need to install and test drivers for any equipment, you can safely use it. But if we are talking, as already mentioned, about game protection systems that do not work with the check enabled, then, unfortunately, this technique will not work for you.

In order to disable driver signature verification in Windows 7, you will need to restart your computer. Then, at the stage when you usually enter BIOS, you need to press the F8 key. After that, a window should appear with a choice of boot options and their settings. You should be interested in almost the very bottom line, the first one above the "normal start" - Disable driver signature enforcement.

By booting the operating system with this option, you will be able to install the driver you need, however, during a normal boot, it will stop working. So in any case, disabling digital signature verification of Windows 7 (64) drivers is simply necessary forever if you want to work with the driver you need.

Fourth way

Another method involves using and configuring Group Policy on your operating system. It should be noted right away that this method does not work on all assemblies of operating systems, so it is not a fact that it will suit you. Now we perform the following steps.

1. Open the Start menu.
2. We enter gpedit.msc into the search.
3. A window will open with many directories. You will need to follow the path below.
4. First, select the item - "User Configuration". After that, go to the "administrative templates" branch and select "system". The last thing you need to do is find the item "driver installation".
5. Select the "Digital Signature" option. We double-click on it with the left button, or click a little to the left of "Change parameter".
6. Put the switch on the left upper corner to "Off".
7. We accept changes.

Protection against counterfeit drivers should start working immediately, but you can restart your computer to be sure. If you are going to restore the default value, please note that if you specify "Warn" about unsigned driver, then even if you continue to install it, it will not work.

Fifth method

We will only mention this possibility in passing. This action not only is it a little illegal, but it also involves a lot of risk, because we will almost forcibly install an unverified driver into the computer.

If all the previous methods did not help you, you can always sign the driver yourself. To do this, you will need the driver itself and two completely legal SDK developer programs for Windows and Driver Kit, of course, the latest versions, or pirated software, the use of which may be more dangerous for your computer than the same drivers that you are trying to "force" install on your computer.

Before doing this, you can try adding the driver manually. To do this, run known way command line and write the Pnputil -a c:\***.inf command, where the last value is the path to the correct driver. If the computer still gives an error, you will have to sign the driver yourself.

Conclusion

And finally, whatever you do with the operating system and whatever changes you make, if they do not help you solve your problem, do not forget to return everything as it was. Remember that no matter how users criticize the Windows operating system, it was created by professionals who know a lot about programming. By intervening on your own in an already created, integral structure, you risk a lot.

Consider how to disable driver digital signature verification. If you try to install a file without such a signature, errors may occur or the system may refuse to install. Only disabling the function can solve the problem.

To find where the Digital Signature Options window is located on your operating system, follow the appropriate instructions for your OS. After deactivating the option, you can easily install any programs and libraries that do not have a signature identifier.

Why do I need to digitally sign a driver

A digital signature is a so-called mark on a file or library that guarantees its security. It is necessary so that the user can find out about the origin and developer of the application. The signature is also verified by the operating system itself on initial stage installation of any executable file.

If this attribute is missing or certain errors are found in it, the installation will not start, and the user will be notified of the possible danger that may result from the use of an unidentified program.

The digital signature is displayed in a pop-up window as soon as the user starts the installation of the executable file. In this window, you must provide the OS additional permission to launch the installation wizard. Here you can see the name of the certificate. It is listed after the program name. The figure below shows an example of the window display. user account Control where the application's digital signature is the Publisher field.

Rice. 1 - an example of the program certificate verification window

The digital signature is embedded not only in standard applications and system libraries. It can also be found in driver software. A driver is a program that is responsible for configuring the operation of the hardware components of a PC and devices connected to it (video card, mouse, keyboard, printer, microphone, and others). As a rule, all drivers are installed through the Device Manager window. It can be configured automatic update configuration for any connected device.

Often users download drivers from third party sources. Some of them may be custom (unofficial), so there is almost always no certifiable signature in such files. In this case, the computer will detect the absence of an ID and you will not be able to complete the installation.

Also, configuration errors can occur on Windows. Because of this, even a driver with an official digital signature can be identified as a potential security threat to the PC. 64-bit versions of the OS immediately block the installation and delete the application file if the digital signature is not found.

The window that appears windows errors may display one of the following problems:

• "Lack of driver signature";
• "The system cannot check the manufacturer of the program";
• "Windows needs a digitally signed driver."

Rice. 2 is an example of a Windows Security error window

Most easy option The solution to the problem is to disable digital signature verification. The process for configuring this setting may differ depending on the version of Windows that is installed on your computer.

Before disabling this feature, the user must be aware of all possible threats for operating system and computer. The system may not recognize the signature due to its forgery or insecure content. In most cases, it's best to avoid using apps without a digital ID.

Disable feature in Windows 7

In Windows 7, the group policy editor of the system is responsible for the option to enable / disable signature verification. Its window can be opened using the command line. Follow instructions:

• Open the Run window with rollover Win buttons and R;
• Enter the command shown in the figure and click OK;

Rice. 3 - command to open a window by a Windows policy group

• In the window that appears, open the "User Configuration" tab. Then click on Administrative Templates. In the "System" tab, click on the "Install driver" option;
• In the right part of the window, select the "Digital signature of devices" item;

Rice. 4 - "Driver installation" tab in the OS group policy window

• Disable ID verification in the new window and save your changes.

Rice. 5 - disable verification for Windows 7

Instructions for Windows 8 and 8.1

For both versions of Windows 8, disabling driver signature verification is the same. As in previous version, you need to work with the Local Group Policy Editor. Enter the gpedit.msc command in the Run window to open the settings window, or enable the policy editor through the control panel. Next, follow these steps:

• On the left side of the window, go to the "System" directory, as shown in the figure below, and go to the driver installation policy folder. On the right side of the system window, click on the "Digital Signature" item right key mice.

Rice. 6 - checking the status of the option

• Click on "Edit";
• In the new window, select the "Enabled" option, and then set the "Options" column to "Skip";
• Click OK and exit the Group Policy Editor.

Now, even after rebooting the operating system, verification of the presence of a digital signature will not be enabled. To enable the feature, go back to system window editor and set the validation option.

Rice. 7 - disable verification in Windows 8 and 8.1

Another way to deactivate a feature is to use command line. You can disable the option by entering one simple command. Go to the Run window and launch Command Line using the cmd line:

Rice. 8 - command to activate the line

In the window that opens, enter the command shown in the figure below. To re-enable the option, change the identifier from OFF to ON.

Rice. 9 - command to disable signature verification

Instructions for Windows 10

Most functions and options new Windows 10 are similar to the eighth version of the system. Disabling an option constant verification Numeric driver IDs are held in the Group Policy window:

• Go to the editor, as shown in the instructions for Windows 8;
• Open the enable/disable signature verification window;
• Select "Disabled";
• Leave an empty field in the parameter column;
• Save your changes.

Rice. 10 - disable option in Windows 10

If there is no zero (empty) value in the drop-down list, select Skip. To deactivate using the command line, you need to use two commands. The first is to load options, the second is to disable the function. Both commands and the order in which they are executed are shown in the figure below:

Rice. 11 - disable using Command Line in Windows 10

Shutdown Windows Defender

Newer versions of Windows (8.1 and 10) have a built-in protector that also checks the security level of any executable file. Sometimes, disabling digital signature verification alone may not be enough, because Defender can identify a file as dangerous. In this case, it will be immediately deleted or quarantined (depending on the settings of the defender).

Figure 12 - Windows Defender main window

If, after disabling driver signature verification, a system window appears about unsafe content in the file, to continue its installation, disable the service Windows Defender. Follow instructions:

• Open a Windows Defender window;
• Check the status of the utility, and then click on the "Options" tab;
• You will be redirected to Windows system settings. In it, you need to disable the options for real-time protection and cloud protection.

Fig.13 - disabling Windows protection

Installing drivers without a digital signature should be carried out only if you are absolutely sure that the file is safe. For example, if you are a developer and have created an application that does not yet have a signature.

The setup file is trustworthy if you downloaded it from the developer's site. Often latest versions drivers may be erroneously detected by the digital signature verification server. This indicates that the developer has not yet entered the identifier data into the system or work on improving the driver is still active. In this case, disabling signature verification and the protector will not cause any damage to the installed operating system.

Disabling the feature via BIOS

You can turn off the signature verification function through the BIOS during the boot of the operating system. This method is only suitable for those drivers that install components without the need for a further reboot of the device. Follow instructions:

• Turn on the computer and activate the BIOS. To do this, in the first few seconds after pressing the Power key, click on F8 or another key that is indicated in the boot window;
• Navigate through the menu using the up and down keys. The choice is pressing the Enter key. Go to the window additional options downloads;
• Select "Disable Driver Signature Verification".

Fig. 14 - disable check in BIOS

As a result of selecting this field, Windows will reboot and start in a mode that does not provide verification of the digital signature of the driver software. Now you can install the component. The error and installation prohibition window will not appear.

It is worth noting that this mode will be active only until the next restart of the computer. Make sure the driver is working properly, otherwise it may be deactivated after restarting the system. If the warning window still appears during the installation phase, just close it and the process will continue automatically without changes.

Creating a digital signature manually

If for some reason you were unable to disable the function or the system still requires a digital signature of the installation file, you should assign this identifier to the driver yourself. To do this, you can use a number of special applications.

DSEO is a popular utility for installing and editing digital signatures for any type of software. Follow instructions:

• After installing DSEO, open the program as an administrator;
• Select a mode in the main window test mode and go to the next window by pressing the Next button;
• Click the Sign a System Mode option to sign a specific system file and click Next again;
• In the pop-up window, select the file for which a suitable digital signature will be created and click OK;
• Wait for the process to finish and close the program.

You should now be able to install the selected driver on your computer.

Fig.15 - work in the DSEO program

Video instructions

Disable digital signature verification of Windows 7 x64 drivers

How to disable driver digital signature verification in Windows

Most Windows users 7 it is known about the installation for all kinds of equipment of your computer that the driver file has a digital signature by which it is identified in the system. This is a kind of label or label by which you can determine the relevance of the version installed driver, and also its authenticity is determined, thereby confirming its safety.

The subsequent installation of the driver on OS Windows is carried out with preliminary check digital signature and if the values ​​converge, then the system allows the installation of the new driver to continue. When there is a conflict, the system displays a message about it - you have the opportunity to continue the installation, but its work may not be correct.
But if you disable this feature, the driver will install perfectly, so there is a need to disable signature verification.
There are several proven and most reliable methods for disabling digital driver signature.

Method 1

We perform a soft-reset (reboot) of the PC or laptop and start pressing the F8 button periodically. This is required to call a special menu that will open us necessary settings. Now find the item "Disable mandatory signature verification ...".
On the different versions windows name may be different, but finding the function is always located below. Therefore, you can simply select the bottom item and activate it by entering Enter. This method is able to disable verification, but only until the next reboot of the system, so this method can be considered as a temporary elimination of a digital signature.

Method 2

The second option to eliminate the digital signature of drivers is a group policy. The function is activated by entering the expression "gpedit.msc" which you want to add to the search start menu Windows. Click the "Start" button and enter in the search field
gpedit.msc.

When you have successfully launched Group Policy, on the left you need to open the "User Configuration" tab, then click on the "Administration Templates" link,
find the "System" parameter - driver installation. If the "Installing drivers" tab is selected in the left menu, then on the right you can see the setting to disable their signature, which you need to activate double tap.
Before closing the settings window, be sure to save the changes and exit the utility. This method is good, but, alas, it does not work for everyone.

Method 3

The third tool to turn off driver signatures is standard string command input. You can run it through the search by entering (you can copy and paste) the combination "cmd" into the line. You need to enter the following values: bcdedit -set loadoptions DDISABLED_INTEGRITY_CHECKS, which will result in forced shutdown built-in driver signature. Then, after manually entering such a combination (you can copy and paste), confirm by pressing Enter, and enter the following parameter: bcdedit -set TESTSIGNING ON.
Due to the activation of such commands, the system will give permission to install any driver. Return old settings done by typing on the command line: . This is the first command that overrides the corresponding configuration, and then the setting bsdedit -set loadoption TESTSIGNING OFF is introduced, which allows you to return the previous signature. They must be entered separately.

Beginning with Windows Vista Microsoft introduced additional level protection for their 64-bit systems - DeviceDriver Signature Enforcement. This means that you can only install and use drivers that have been certified by Microsoft. In addition to increasing the level of security, this, of course, led to the fact that enough a large number of devices working in 32-bit Seven do not work in 64-bit (driver certification procedure is not free). This article is about how you can try to get around this limitation.

0. Before you start, download the DSEO (Driver Signature Enforcement Overrider) utility from the developer's website - http://www.ngohq.com/home.php?page=dseo (no installation required).

1. We log into Windows as "administrator" (I used master post Administrator with RID-500, in professional version it’s not difficult to turn it on, but that’s not the point - the usual “administrator” is enough).

2. and reboot.

3. After the reboot, open the command line. The easiest way to start it: Start -<вводим в графе поиска cmd> — <после того как поиск найдёт cmd>- click on the label cmd. Alternative option: Start -> All Programs -> Accessories -> Command Prompt.

4. In the command line window, run the following command:

bcdedit /set loadoptions DDISABLE_INTEGRITY_CHECKS , where DDISABLE is not a typo!

5. Run the utility DSEO. You can run it from any directory, any disk :)

After starting, as usual, "accept license agreement"- yes, and then select the option" Enable Test Mode "(enable test mode) and click "Next":

The program will warn you that you can only load "self-signed" drivers in "Test Mode", but for it to take effect, you must reboot again:

To exit the program, select the "Exit" option and click "Next".

We reboot.

6. After the reboot, run DSEO again and select the "Sign a System File" (sign system file) and "Next":

7. The program will ask you to specify the path to the signed driver. To do this, copy the files of the "problematic" driver from the installation CD or extract them from the archive (if downloaded from the Internet) somewhere on HDD- the main thing to remember and / or copy the exact address location of drivers from address bar"explorer", do not forget to specify the name of the driver itself (the driver is a file with the .sys extension), since they can be located not only in the directory where you copied / extracted, but also in its subdirectories !!! After specifying the location of the driver, click OK. Perform this operation for all drivers - only the file name will change in the address, or a subdirectory with the name:

P.S. If the device is already installed, but does not work without a blocked driver, then the driver should most likely be looked for in C:\Windows\system32\drivers, look in the "Device Manager" (Start - Control Panel - Administrative Tools - Computer Management) opposite which device is question mark - then there will be a device without a driver. Double-click on the name of this device and properties, select "Driver" - "Details", where you will see the address (s) of the driver (s).

Actually, I do not recommend doing this, because when you try to install the driver without Windows signatures it not only does not load it into RAM for execution, but also deletes the link to it from the “HKLM\SYSTEM\CurrentControlSet\services\” branch of the registry as a service!!! normal operation such a device without a service configuration (such as startup and settings) is hardly possible (actually, it simply doesn’t exist: (!!!), so it’s better to remove this device completely by any methods, and then install it again after signing the drivers!!!

8. After signing all the drivers, you can check if the operation was performed correctly: select the signed driver, open it context menu, select Properties, and then select Digital Signatures. If you did everything right, you should see something like this:

9. Now the driver can be installed. As a rule, we click on “Setup.exe” and off we go…………..

If Windows "swears" (and she obviously will not miss such a moment) and displays a dialog box like this:

- we are not afraid of Silly questions respond accordingly!

10. After the installation process is completed, you can (and should) make sure that the driver is installed correctly - to do this, look at the Windows log “System” in “Computer Management”, if it contains only “Information” in “minutes of installation time”, then everything is in order (true not always - there may be "deplorable" information), but as a rule, "failure" is displayed as a "Warning" or "Error" - then everything is bad:

If you no longer use the DSEO utility, then turn on "Control accounts”For the security of the system, if you are planning to “sign” something else, then it is better to do it right away, because with the “User Account Control” enabled, DSEO will not start !!!

Notes:

1. To prevent our “self-signed” drivers from being blocked by Windows, you can’t disable the test mode (never!!!), which is evidenced by the “not very pleasant” information about the OS build version in the lower right corner of the Desktop, which, however, you can get rid of - in DSEO there is such an option - "Remove Watermarks".

2. Not all drivers "prepared according to this recipe" can be installed without problems, for example, ASUS's drivers turned out to be "the most persistent" in "disobedience" to the installation - according to at least on my machine, which itself is ASUS.

As I understand it, this is most likely not because of signatures, but because of the peculiarities of their low-level work - since I received errors not about signatures, but simply - “window with a red cross” (and one button - OK) - impossible set and everything! Although earlier, when I worked under XP, everything was as it should - I didn’t see a single “BSOD” because of them, but Microsoft sometimes “naughty”. It's about correctness... but Microsoft knows better :) :) :)

3. With the "Test Mode" turned on all the time and especially when working on the Web, there is a certain risk of installing on your machine the same drivers "prepared" by someone in the same way, and the kernel mode drivers - and this is no longer funny !!!

So in no case do not go online under the "Administrator", because the most best antivirus- head on his shoulders, with a thinking brain, of course!