The source of many system problems can be traced to inappropriate drivers being installed. To reduce the occurrence of such problems, Windows 2000 drivers and operating system files have been digitally signed by Microsoft to ensure their quality. In Device Manager, you can look at the Driver tab to verify that the digital signer of the installed driver is correct. Some applications overwrite existing operating files as part of their installation process. These files can cause system errors that are difficult to troubleshoot. Microsoft has greatly simplified the tracking and troubleshooting of altered files by signing the original operating system files and allowing you to easily verify these signatures.
After this lesson, you will be able to
Estimated lesson time: 20 minutes
You can configure how the system responds to unsigned files by opening System in Control Panel and clicking the Hardware tab. On the Hardware tab, in the Device Manager box, click Driver Signing to display the Driver Signing Options dialog box (see Figure 6.9).
Figure 6.9 Configuring driver signing
The following three settings are available to configure driver signing:
If you are logged on as Administrator or as a member of the Administrators group, you can select Apply Setting As System Default to apply the driver signing configuration you set up to all users who log on to this computer.
You can use Device Manager to track the digital signature of files. Windows 2000 also provides System File Checker (SFC), a command-line utility you can use to check the digital signature of files. The syntax of the SFC utility is as follows:
Sfc [/scannow] [/scanonce] [/scanboot] [/cancel] [/quiet] [/enable] [/purgecache] [/cachesize=x]
Table 6.6 describes System File Checker's optional parameters.
Table 6.6 SFC's Parameters
|/scannow||Causes the SFC utility to scan all protected system files immediately|
|/scanonce||Causes the SFC utility to scan all protected system files at the next system restart|
|/scanboot||Causes the SFC utility to scan all protected system files every time the system restarts|
|/cancel||Cancels all pending scans of protected system files|
|/quiet||Replaces all incorrect system file versions without prompting the user|
|/enable||Returns Windows File Protection to default operation, prompting the user to restore protected system files when files with incorrect versions are detected|
|/purgecache||Purges the file cache and scans all protected system files immediately|
|/cachesize=x||Sets the file cache size|
Windows 2000 also provides a File Signature Verification utility. To use this utility, click Start, point to Run, type sigverif and press Enter. Once the File Signature Verification utility starts, you can click the Advanced button to configure it. The File Signature Verification utility allows you to view the file's name, its location, its modification date, its type, and its version number.
In this practice, you use the File Signature Verification utility (sigverif) to monitor and troubleshoot driver signing on your system.
The File Signature Verification dialog box appears.
The Advanced File Signature Verification Settings dialog box appears with the Search tab active. Notice that, by default, you are notified if any system files are not signed. Notice also that you can select Look For Other Files That Are Not Digitally Signed. This setting has the File Signature Verification utility verify nonsystem files to see whether they are digitally signed. If you select this option, you can specify the search parameters for the files you want checked.
Notice that, by default, the File Signature Verification utility saves the file signature verification to a log file, named Sigverif.txt.
When the File Signature Verification utility completes its check, a Signature Verification Results window appears if there are files that are not signed. Otherwise you see a message box telling you that your files have been scanned and verified as being digitally signed.
In this lesson, you learned about the two utilities that verify the digital signatures of system files. One is a command-line utility, System File Checker (SFC). It has a number of optional parameters that let you control how and when it will run. The second utility is a Windows utility, File Signature Verification (sigverif). You practiced monitoring and troubleshooting digital signatures using the sigverif utility.