How to use the command `driverquery` (with examples)
- Windows
- December 17, 2024
The driverquery
command is a useful tool for system administrators and advanced users seeking to gather information about device drivers installed on a Windows operating system. This command can display various details about the drivers, such as their module name, display name, driver type, and more. By using different parameters, users can customize the output to meet their specific needs, facilitating system diagnostics, troubleshooting, and inventory management. Below are several common use cases of the driverquery
command, along with explanations and example outputs.
Use case 1: Display a list of all installed device drivers
Code:
driverquery
Motivation:
The primary purpose of the driverquery
command is to display a list of all installed device drivers on the system. This is particularly useful for system administrators who need to audit driver installations or troubleshoot driver-related issues. By displaying all drivers, you can identify outdated, missing, or non-functional drivers.
Explanation:
Running the command without any further options outputs a basic, default list of installed device drivers, including details such as module name, display name, and driver type. This is the simplest use case, providing an overall view of the driver configuration.
Example Output:
Module Name Display Name Driver Type Link Date
----------- ------------ ----------- ---------
acpipmi ACPI Power Meter... Kernel 7/14/2015
adp94xx ADP 94xx Kernel 6/22/2009
adpahci ADP AHCI Kernel 1/28/2008
Use case 2: Display a list of drivers in the specified format
Code:
driverquery /fo table|list|csv
Motivation:
Depending on your workflow or requirement, you might need the output in a different format. The driverquery
command allows users to specify the output format as a table, list, or CSV file. Users might prefer the CSV format for easy import into spreadsheet applications for further analysis, while the table format is user-friendly for direct viewing in the console. The list format provides detailed information structured explicitly on a line-by-line basis.
Explanation:
The /fo
option stands for “format”, allowing users to specify how the data is output. table
produces a neatly organized table, list
displays each driver’s information individually on separate lines, and csv
produces a comma-separated values file, perfect for data manipulation and storage.
Example Output:
For Table Format:
Module Name Display Name Driver Type Link Date
----------- ------------ ----------- ---------
acpipmi ACPI Power Meter... Kernel 7/14/2015
adp94xx ADP 94xx Kernel 6/22/2009
adpahci ADP AHCI Kernel 1/28/2008
For List Format:
Module Name: acpipmi
Display Name: ACPI Power Meter...
Driver Type: Kernel
Link Date: 7/14/2015
Module Name: adp94xx
Display Name: ADP 94xx
Driver Type: Kernel
Link Date: 6/22/2009
For CSV:
"Module Name","Display Name","Driver Type","Link Date"
"acpipmi","ACPI Power Meter...","Kernel","7/14/2015"
"adp94xx","ADP 94xx","Kernel","6/22/2009"
Use case 3: Display a list of drivers with a column to indicate if they are signed
Code:
driverquery /si
Motivation:
Signing ensures that a driver is authentic and has not been tampered with. For security-conscious environments, it’s critical to use signed drivers only. This option provides an easy way to verify the signing status of each driver, helping administrators ensure that all drivers meet security compliance requirements.
Explanation:
The /si
argument adds a “signed” column to the output, which specifies whether each driver is digitally signed. A signed driver has passed through checks, providing an extra layer of security and reliability.
Example Output:
Module Name Display Name Driver Type Link Date Signed
----------- ------------ ----------- --------- ------
acpipmi ACPI Power Meter... Kernel 7/14/2015 Yes
adp94xx ADP 94xx Kernel 6/22/2009 Yes
adpahci ADP AHCI Kernel 1/28/2008 No
Use case 4: Exclude the header in the output list
Code:
driverquery /nh
Motivation:
While headers are useful for understanding what each column represents, they may not be necessary for certain tasks, such as when the data will be processed by another application. Excluding headers can simplify scripts that parse and analyze driver data, which reduces overhead and processing time.
Explanation:
The /nh
option stands for “no header”. When this is included, the command suppresses the output’s header line, leaving only the raw data. This option is particularly beneficial for scripting and automation environments.
Example Output:
acpipmi ACPI Power Meter... Kernel 7/14/2015
adp94xx ADP 94xx Kernel 6/22/2009
adpahci ADP AHCI Kernel 1/28/2008
Use case 5: Display a list of drivers for a remote machine
Code:
driverquery /s hostname /u username /p password
Motivation:
System administrators often need to gather information from multiple machines across a network. The ability to query driver information from a remote machine streamlines diagnostics and auditing tasks, facilitating centralized management and reducing the need for physical or direct access to each device.
Explanation:
The /s
argument allows specifying a remote machine by its hostname or IP address. /u
and /p
represent the username and password, respectively, required for authentication on the remote system. This combination of options enables remote driver queries, essential for efficient network administration.
Example Output:
Module Name Display Name Driver Type Link Date
----------- ------------ ----------- ---------
acpipmi ACPI Power Meter... Kernel 7/14/2015
adp94xx ADP 94xx Kernel 6/22/2009
adpahci ADP AHCI Kernel 1/28/2008
Use case 6: Display a list of drivers with verbose information
Code:
driverquery /v
Motivation:
Getting detailed information about each driver can be vital for in-depth system analysis or debugging. Verbose information may include additional fields such as driver version, file path, and more, which can assist in identifying specific issues or ensuring driver details align with system policies.
Explanation:
The /v
argument stands for “verbose”. When used, it expands the default output by including more detailed information about each driver. This additional data is important for technical support or when more comprehensive data is required.
Example Output:
Module Name : ACPI\PNP0C14\0
Display Name : Microsoft Windows Management Instr...
Driver Type : Kernel
Start Mode : Manual
State : Stopped
Status : OK
Name : WmiAcpi
File : C:\WINDOWS\System32\drivers\WmiAcpi.sys
Use case 7: Display help
Code:
driverquery /?
Motivation:
Whenever you’re using a command-line tool, it is crucial to understand its full functionality. Displaying the command’s help prompts provides a summary of all options and usage guidelines for the driverquery
command.
Explanation:
The /?
argument opens the command-line tool’s help interface, which lists available options, their descriptions, and sometimes, examples of usage. It’s an essential resource for both new and experienced users who need a quick reference or are learning to use the command for the first time.
Example Output:
Displays a list of all installed device drivers.
DRIVERQUERY [options]
/S system Specifies the remote system to connect to.
/U [domain\]user Specifies the user context under which the command should execute.
/P [password] Specifies the password for the given user context.
/FO format Specifies the output format.
Valid values: "TABLE", "LIST", "CSV".
/NH Suppresses column header in output.
/V Displays verbose output.
/SI Displays signature information.
/? Displays this help message.
Conclusion:
The driverquery
command is a powerful tool for auditing and managing device drivers on Windows systems. By leveraging its various options, users can customize output formats, gather detailed information, and even query remote systems. These capabilities make it a versatile tool for system administrators tasked with maintaining and securing complex IT environments. Whether troubleshooting a driver issue or performing routine checks, understanding how to use driverquery
effectively can save time and prevent errors.