Many users have to learn how to disable the system check for a digital signature for drivers, since during installation, a message from the Security Center may appear that the signature is missing, although the “firewood” is safe. This often happens when the user wants to connect additional equipment to the PC – printer, scanner, etc.
- Why deactivate digital signature verification of drivers in the top ten
- How to turn off driver signature verification in Windows 10
- Using a third party utility
- By booting the PC in a special mode
- Using the “Local Group Policy Editor”
- Through the “Command Line” interface
- Video: 4 Methods to Disable Driver Signature Verification
- How to reactivate the digital signature of drivers
Why deactivate digital signature verification of drivers in the top ten
A digital signature is a label embedded in the code of a program or driver. It means that the utility is licensed and safe – you can install it on your computer with peace of mind.
The developers of “Windows” 10 included in the “operating system” scanning for the presence of such a signature, which starts itself when you open the software installer file, previously downloaded from the Internet. By default, the check is enabled in the system, but you can deactivate it if, for example, when installing the driver, a message from the system about the lack of a proper digital signature appears.
When installing the driver, an error may appear stating that the publisher could not be verified
Of course, the message contains the option “Install this driver anyway”, however, even if you click on it, the “firewood” will be installed with errors – an exclamation mark in a yellow triangle will be displayed in the “Device Manager” in the future, and the equipment itself will either will not function, or it will work, but with frequent failures. The description in the dispatcher will also show error code 52.
Forcing driver installation may fail
You should turn off the scan only if you are completely sure of the safety of this software. Otherwise, you risk the security of your PC and data on it – it can be attacked by a virus that is hidden in the utility code, or hacked by hackers.
How to turn off driver signature verification in Windows 10
The user can apply several methods to deactivate the signature verification of the “firewood”: there are both temporary measures (for one time) and permanent (if, for example, you often have to install drivers without a signature). Let’s take a look at all the possible ways.
Using a third party utility
The easiest solution in the event of a notification from the Windows Security Center is to use the third-party DSEO utility from the developer NGOHQ. Its name stands for Driver Signature Enforcement Overrider – it helps to change digital signatures for any utility or driver. It assigns a software identifier – and you can install the driver smoothly and correctly.
Where to download it and what manipulations to perform in its interface, we will tell you in an understandable step-by-step guide:
- Open the official website of the NGOHQ developer and click on the link with the full name of the utility under the word Downloads.Download DSEO from the official website
- When the browser downloads and checks the document for viruses, launch it through the “Explorer” or menu with a list of downloads.Open the file through the downloads panel
- In the installer window, click on Next.On the initial screen of the program, click on Next
- We select first the first item Enable Test Mode to activate the test mode of the “operating system”. We reboot the computer.Select Enable Test Mode and restart your PC
- Open the utility again and click on Sign a System File.Run the Sign a System File item
- We drive into an empty field the local address of the installer file of the problem driver (the path to the file that is displayed in the navigation bar of “Explorer”). Click on OK. We are waiting for the completion of the procedure.Enter or paste the path to the driver file
- After that, we try to install the “firewood” again.
This method solves the problem only in a specific current case: if you have to install another driver with the same error, the procedure will have to be repeated in the interface of this utility.
By booting the PC in a special mode
You can temporarily deactivate scanning by loading the device in one of the special modes. The method will disable checking only for the current session on the PC. The next time you unplug and plug the device back on, it will boot up in normal standard mode. Consider the course of action:
- We call the interface with the operating system parameters by simultaneously pressing the Windows and I buttons. If you cannot open the window in this way, go to the settings through the Start panel (the gear under the profile on the left side of the menu).Open the window with parameters via “Start”
- We switch to the block dedicated to security and updates.In the parameters, run the block for safety
- In the fifth tab, to start recovery, press the gray “Restart” button in the block with special OS boot options.Click on “Restart Now”
- Now open the “Diagnostics” menu, followed by “Additional parameters” and the last item with the boot parameters.In the advanced options open the section with boot options
- The blue menu will present a list with special PC startup modes. We need a seventh mode with the disabling of the mandatory verification of the signature “firewood”. Feel free to press the function key F7, which is located at the top of the “keyboard”.Press F7 to start in special mode
- We are waiting for the “operating system” to restart with already disabled scanning. Install unsigned “firewood”.
Using the “Local Group Policy Editor”
This method is only suitable for you if you have the Professional or Enterprise variant of the “ten”. For the home version, the measure will not work, since the editor we need will simply be missing in the interface of the “operating system”. Let’s describe the procedure:
- We call the small “Run” panel on the screen using the R and “Windows” buttons (we clamp them simultaneously). We execute the formula gpedit.msc in the menu (after entering, click on OK).Run the command gpedit.msc
- In the central part of the window or on the left pane of the editor, open the section with user configurations.Open the large section “User Configuration”
- Let’s move on to the third section with a list of administrative templates.Run the “Administrative Templates” block
- Switch to the block dedicated to the system and launch the last directory in the “Driver Installation” list.Go to the folder “Driver Installation”
- We double-click on the first item concerning the digital signature of “firewood”.Open the digitally signed item
- In the new window, you will most likely have the value “Not set”. This will mean that the check works by default. You can deactivate scanning in two ways here. Click on the “Enabled” value, but at the same time, in the drop-down menu at the bottom, select a pass as an action. Click on “Apply” and OK to save the settings.If you put the value “Enabled”, define the action “Skip”
- The second option is to set the value to “Disabled”. We also click on the button to apply.Set the value to “Disabled” so that signatures are not verified at all
- We reboot the device so that all the changes made will finally take effect. We put “firewood” on the PC.
Through the “Command Line” interface
A quick way to disable the service responsible for scanning signatures is through the standard Windows console “Command Line”:
- The console must be started with extended administrator rights. We drive in on the “Search” panel (to the right of “Start”) the cmd request.Enter the cmd command in the “Search” line
- Right-click on the application and click on the first action.Run the console as administrator
- You can start the editor differently – through the “Run” window. We press on R and “Windows”, and in the menu we print the same three letters cmd. We execute the formula by simultaneously holding Ctrl, Shift and Enter.Paste and run cmd command
- The first command to run is bcdedit.exe -set loadoptions DISABLE_INTEGRITY_CHECKS. Copy, paste into the black window and press “Enter” on the “keyboard”.Run the first command in the console
- When the procedure completes successfully, we type the second formula – bcdedit.exe -set TESTSIGNING ON. Also we press on “Enter” for execution.Run the command bcdedit.exe -set TESTSIGNING ON to disable the service
- We reboot the device and install the driver with an error.
- If this solution did not help you, execute the exe / set nointegritychecks on command in the same editor. Before that, go to the “operating system” using safe mode. To do this, follow the steps from the instructions in the section “Booting the PC in a special mode”, but instead of F7, press F4.If the previous two commands didn’t help, run exe / set nointegritychecks on
Video: 4 Methods to Disable Driver Signature Verification
How to reactivate the digital signature of drivers
After the successful installation of the “firewood” with which the error occurred, it is recommended to reactivate the protection scan. To enable scanning again automatically when you run the driver installers, you need to undo the actions that you performed when disabled. Depending on the method you used to deactivate, follow these steps:
- Start the Command Prompt console again as an administrator and run the formula bcdedit.exe -set TESTSIGNING OFF there.Turn the service back on using the formula bcdedit.exe -set TESTSIGNING OFF
- In the editor with policies, set the option to “Not configured” or “Enabled”, and in the drop-down menu below “Block” or “Warn”.
- If you used a special mode of launching the “operating system”, just reboot your device.
You should turn off scanning for the presence of a proper digital signature for the driver you want to install only if you know that the software is absolutely safe. This can be done through the “Command Line”, booting the PC in special mode, or through the editor with local policies. The last method is suitable only for owners of the “ten” version of the Professional. You can also assign a signature to the current driver using a utility called DSEO.