Objective: Manage and troubleshoot drivers and driver signing. Driver signing is a process that Microsoft follows to validate files that a third-party manufacturer creates for use in a Windows XP computer. A manufacturer submits its drivers to Microsoft, and after Microsoft completes a thorough quality assurance testing process, Microsoft signs the files digitally. Driver signing is an extra assurance of the quality of the software installed on the PC. If you install a device, Windows XP looks for the driver signature as a part of System File Protection. When it fails to find one, Windows XP notifies you that the drivers are not signed and prompts you to continue or stop the installation. If you continue with the installation, Windows XP automatically creates a restore point, which facilitates returning to the previous configuration. Restore points are discussed in more depth in Chapter 9. Dynamic-link libraries (DLLs) and other files are often shared by programs. Sometimes a program overwrites files that were originally installed by a digitally signed driver. If a device behaves oddly, you may want to verify that its driver still has the signature. You can check to validate the driver by looking in Device Manager. Double-click the device and click the Driver tab. You should see the statement, Digital Signer: Microsoft Windows Publisher. You can check individual files further by clicking the Driver Details button. Files that are signed have an icon of a box with a green check mark, which appears to the left of the name (see Figure 8.15). Files that have not been digitally signed do not have a green check mark icon next to the filename. Figure 8.15. Each digitally signed file is displayed with an icon for easy identification. Unsigned files are indicated as such.
If you want to verify device drivers throughout the system, you can run the sigverif application. To do so, click Start, Run. Type sigverif in the Open text box and press Enter. The File Signature Verification program starts. Click the Advanced button and select whether to check for other files to be signed. Click the Logging tab and verify that sigverif will log the results and save them to a file. Click OK and then click Start. After the program has completed its check, the program displays any files that were not signed in a window, plus you can see the results in the Sigverif.txt file. Another method of viewing which drivers are signed is to open the System Information utility by clicking Start, Run, typing msinfo32, and pressing Enter. Navigate to the Software Environment and expand it. Click to select Signed Drivers. This displays a comprehensive list of all drivers, their signed status, date, manufacturer, and more. You can configure how Windows XP treats unsigned drivers by right-clicking My Computer and selecting Properties. The System utility in Control Panel opens. Click the Hardware tab, and then click the Driver Signing button, which opens the Driver Signing Options dialog box shown in Figure 8.16. Figure 8.16. You can tell Windows XP how to handle drivers without signatures.
The three options you can select are to ignore all unsigned drivers, warn the user when an unsigned device driver is being installed, and block all unsigned device drivers from being installed. The warning option is the default behavior. To reduce errors on users' computers, you can raise the level to block all unsigned drivers. You might consider ignoring unsigned drivers in a testing lab, but in most cases, you should either warn about unsigned drivers or block them completely. Unsigned drivers may not cause a problem. If you are having problems with a device that has an unsigned driver, you should disable the driver. If you are having unspecified problems, such as the computer does not go into standby, you should determine which devices have unsigned drivers, disable them one at a time, and test to see whether the problem is resolved. To disable an unsigned driver that has already been installed, you should disable the device that uses the driver, uninstall the driver, or rename the driver files. Note When in doubt, check the system files The System File Checker, which is executed from the command line with sfc.exe, can check the digital signature of system protected files. With other uses, such as repopulating the DLLCACHE folder and replacing system files that are missing or incorrect, sfc.exe can be executed from a batch program or script. Using Windows XP RollbackIf you update an existing driver to a new version, and then you experience system problems, you should roll back the driver to the previous version. In earlier versions of Windows, this was almost impossible to do. However, Windows XP maintains a copy of the previous driver each time a new one is updated. If, at any time, you want to restore the previous version, you simply need to roll back the driver. To do this, open Device Manager and double-click the device to open its Properties dialog box. Click the Driver tab and then click the Rollback Driver button. When prompted with the question Are You Sure You Would Like to Roll Back to the Previous Driver?, click Yes. After the previous version is restored, click the Close button. You can roll back all device drivers except for printers. You should be logged on to the computer as an administrator before either updating a driver or rolling it back to a previous version. |