How to enable or disable test signing mode in Windows.
Windows test signing mode is a special mode of operation designed to allow loading of the unsigned drivers into Windows. What it means, basically, that beginning with Windows Vista 64-bit edition Microsoft imposed a restriction that only digitally signed device drivers are normally allowed to be loaded and used by the system. When the test signing mode is enabled, it removes such a restriction. Note that if you have a 32-bit version of Windows, then you may not need to worry about the test signing mode, because this restriction applies only to the 64-bit versions.
Why would you want to enable the test signing mode? Well, if you use an older 64-bit version of Windows, such as Windows Vista or Windows 7, it may no longer recognize a digital signature of a recent driver. For example, when you try to run the latest version of Folder Guard on Windows 7 64-bit, it may report that it cannot load its driver:
and Windows 7 may show the following explanation:
What's puzzling, when you check the digital signature of the driver (by navigating to the folder C:/Program Files/Folder Guard, right-clicking on the file FGUARD64.sys, and selecting Properties from the menu), Windows reports that the digital signature of that file is OK:
So, the digital signature of the Folder Guard driver is OK, but Windows 7 reports that it is unsigned. What makes Windows 7 so confused? Let us spare you a lot of boring technical details that involve cryptographic algorithms (SHA1 ans SHA256), Certificate Authorities, the EV certificates, cross-signing certificates, root certificates, as well as the (un)willingness of Microsoft to update the old versions of Windows, because the conclusion would eventually come down to, as time progresses, and as Microsoft and other software companies tighten up the restrictions on what kind of digital signatures are allowed to be used, deprecating the old, less secure standards, the old versions of Windows simply cannot keep up with such advances, and enabling the test signing mode becomes the only practical solution to allow the use of the newer products on the old versions of Windows.
Wait, wouldn't enabling the test signing mode make my Windows 7 computer less secure, you might be asking? Yes, it would, but that ship has sailed when you decided not to update Windows 7 to a more recent version of Windows that is still supported and updated by Microsoft. Your Windows 7 computer is already insecure, and if you are OK with that, enabling the test signing mode would not make a significant difference in its security anyway.
How to enable the test signing mode
First, if your computer supports secure boot, disable it in the BIOS settings, because if the secure boot is enabled, Windows would not allow you to enable the test signing mode.
Next, open a Windows command window as Administrator. The exact procedure is a bit different in different versions of Windows, but usually the following procedure should work: click the Start button and type cmd (if there is a Search box, type it into that box). You should see a list of the results displayed and if it contains cmd.exe or Command prompt, right-click it, and select Run as Administrator from the menu.
When the command prompt window appears on the screen, type the following command:
bcdedit /set TESTSIGNING ON
You should see the result similar to the following:
If you see an error message that tells you that this setting is protected by secure boot, then you need to turn off the secure boot option of your computer using the UEFI/BIOS configuration utility. (Refer to the instructions provided by your computer or system board manufacturer.)
If you see the Access denied or some other error message, it could mean you have not opened the command window in the Administrator mode. Or, you can try the following command:
Bcdedit.exe -set loadoptions ENABLE_INTEGRITY_CHECKS
and then try the previous command again.
To make the change effective, restart the computer. If you see the Test mode message displayed in the bottom-right corner of the desktop, it means that the test signing mode is enabled and the loading of the unsigned device drivers is allowed:
If you had a problem running Folder Guard (or another program) before, run it again now, and it should proceed normally, without displaying an error message about loading a driver.
How to disable the test signing mode
If you have decided that you no longer want to allow unsigned drivers to be used by Windows, and to remove the Test mode message from the desktop, you need to open the command window as Administrator in the same way as described above, and type the following command:
bcdedit /set TESTSIGNING OFF
Restart the computer, and the Test mode message should disappear from the corner of the desktop. If you still see the Test mode message in the corner, it could be that you have the debugging mode enabled. To disable it, run System Configuration tool of Windows, select the Boot tab, press Advanced options, and finally make sure the Debug box is cleared:
Restart the computer again, and the Test mode message should now disappear. Of course, any software that might be using a driver with an unrecognized digital signature may stop working after that.
If you want to link to this article, you can use this HTML code: <a href="https://www.winability.com/how-to-enable-disable-test-signing-mode-windows/">How to enable or disable test signing mode in Windows.</a>
- How to restrict access to Microsoft Store app with Folder Guard.
- Tired of the Your password has expired and must be changed prompts? Here is how to stop them.
- How to move Pictures and other folders to Virtual Encrypted Disk
- How to disable Fast Startup if you use encryption software
- How to restore Videos, Pictures, and other folders in This PC in Windows 11
- How to create a local user account in Windows 11 or Windows 10
- How to enable or disable test signing mode in Windows
- Email or SMS text messaging are NOT secure for two-factor authentication
- Estimate how much you could save on electric bill with ActiveExit software
- How to delete partition on Windows 11 or Windows 10
- Forget VeraCrypt password? Here is how to recover it.
- Why do my desktop icons keep moving?
- How to create a private folder in Windows 11 and 10
- How to restrict access to Windows Settings with Folder Guard
- Suspending all operations with fascist Russia
- How to keep desktop icons from moving by running Icon Shepherd from command line
- How to restrict access to Task Manager with Folder Guard
- Take ownership of your files after access denied due to NTFS permissions
- How to reprogram or disable CAPS LOCK key
- Encryptability vs Folder Guard: which one to choose?
- Troubleshooting software removal problems using MSI files
- Encryptability: Compare Personal and Business Licenses
- How to add Group Policy and Local Security Policy to Windows 11 and 10 Home edition
- SOLVED – File is too large for the destination file system
- Forget your WI-FI password? Find it in Windows 11 and 10 settings
- What is FAT32 maximum file size limit?
- How to create a secret folder in Windows 11 and 10
- How to easily password-protect Windows Linux folders with Folder Guard
- Force DISKPART to delete EFI system partition in Windows 11 and 10
- How to make Windows 11 and 10 recognize a cloned hard drive again
- How to stop Windows 11 and 10 from using thumbnail preview icons for folders
- How to hide pictures from the Photos app in Windows 11 and 10
- How to save Windows Spotlight photos to your computer
- How to move the OneDrive folder to an encrypted drive
- Windows 10 fails to upgrade? Here is how to fix it.
- How to stop Microsoft Edge from opening PDF files
- Preventing installations of specific programs with Folder Guard
- Folder Guard licensing explained
- Speed up the updates of the network folders
- Make your Windows laptop work as a Wi-Fi access point
- How to stop automatic Windows Update in Windows 10 and 11
- Solved: Windows cannot connect to the printer. Access is denied.
- Migrating encrypted data from TrueCrypt to USBCrypt
- “The Microsoft account service is unavailable right now. Try again later.”
- Using DiffMerge as the external tool of AB Commander to compare plain text files
- How to repair the icon cache and/or thumbnail cache in Windows 11 and 10
- Transferring images between your PC and an Android device: Part 2
- Transferring images between your PC and an Android device: Part 1
- Case study: Using SoftDetective to suppress Corel Guide sign-in prompt
- Using junction points to change the iTunes backup folder location
- How to tell if my Windows computer is 32- or 64-bit?
- How do I stop Windows from rearranging my desktop icons?
- Organize your photo library with the Rename tool of AB Commander
- Windows does not offer the NTFS format option? Here is how to bring it back.
- How to encrypt Firefox profile, bookmarks, and cookies
- Restarting Windows 11, 10, and Windows 8 in the safe mode
- Integrating AB Commander with Universal Viewer
- How to delete a protected EFI system partition with Windows 11,10, 8, or 7
- Using Folder Guard to protect from the social engineering attacks
- How to erase Windows login password if you forget it
- How to unhide a folder hidden with Folder Guard
- How to repair Windows desktop icons with AB Commander
- Slow network in Windows 7 Virtual PC? Speed it up!
- How to show drive letters first in AB Commander and Windows Explorer
- What is my IP address?
- Why can’t I copy large files over 4GB to my USB flash drive or SD card?
- Test the strength of your password with USBCrypt
- How to set up an external text editor for AB Commander
- How to restrict Internet Explorer from downloading programs from the Internet
- Personal vs business license for USBCrypt
- Use Folder Guard to restrict access to Control Panel
- Compare MySecretFolder and Folder Guard
- Hide folders and make files invisible with Folder Guard
- WINEXIT vs ActiveExit: automatically log off users from Windows
- How to protect folder with password in Windows 11 and 10
- How to restrict access and lock external drives with Folder Guard
- How to password-protect Dropbox folder with USBCrypt
- How to set up Folder Guard to stop downloading from the Internet
- Is (Wipe the content) the same as (Secure Delete)?
- How to encrypt and protect the system C: drive with USBCrypt
- Make it easier to return your lost encrypted drive
- USBCrypt for users of Microsoft Office
- How to start programs elevated from a batch file
- How to make elevated programs recognize network drives
- How to disable or enable hibernation
- Using names and labels to organize USBCrypt drives
- How to password-protect a USB flash drive
- Always have a backup of your important files