Windows XP Professional drivers and operating system files have been digitally signed by Microsoft to ensure their quality. In Device Manager, you can look in the Driver tab of a device Properties dialog box to verify that the digital signer of the installed driver is correct. Some applications overwrite existing operating files as part of their installation process, which might cause system errors that are difficult to troubleshoot. Microsoft has greatly simplified the tracking and troubleshooting of altered files by signing the original operating system files and allowing you to easily verify these signatures.
You can configure how the system responds to unsigned files by clicking System in the Performance And Maintenance window in Control Panel and clicking the Hardware tab. In the Hardware tab, in the Device Manager box, click Driver Signing (see Figure 11.10).
Figure 11.10 Configuring driver signing in the Driver Signing Options dialog box
The following three settings are available to configure driver signing:
If you are logged on as Administrator or as a member of the Administrators group, you can select the Make This Action The System Default check box to apply the driver signing configuration you set up to all users who log on to the computer.
Windows XP Professional also provides System File Checker (SFC), a command-line tool that you can use to check the digital signature of files. The syntax of the SFC tool is as follows:
Sfc [/scannow] [/scanonce] [/scanboot] [/revert] [/purgecache] [/cachesize=x]
Table 11.5 explains the SFC optional parameters.
Table 11.5 System File Checker Optional Parameters
Causes the SFC tool to scan all protected system files immediately
Causes the SFC tool to scan all protected system files once at the nextsystem restart
Causes the SFC tool to scan all protected system files every time the system restarts
Causes the SFC settings to be returned to the default settings
Purges the file cache
Sets the file cache size
There is also a Windows File Signature Verification tool. To use it, click Start, click Run, type sigverif, and then press Enter. Once the File Signature Verification tool begins, you can click Advanced to configure it (see Figure 11.11).
Figure 11.11 Configuring driver signing
The File Signature Verification tool allows you to view the file's name, location, modification date, file type, and version number.
In this practice, you use File Signature Verification to monitor and troubleshoot driver signing on your system.
Run the SignatureVerification file in the Demos folder on the CD-ROM accompanying this book for a demonstration of using the File Signature Verification tool to monitor and troubleshoot driver signing on your system.
The File Signature Verification dialog box appears.
The Advanced File Signature Verification Settings dialog box appears with the Search tab active. By default you are notified if any system files are not signed. Notice that you can select the Look For Other Files That Are Not Digitally Signed option. This setting has the File Signature Verification tool verify nonsystem files to see if they are digitally signed. If you select this option, you can specify the search parameters for the files you want checked.
By default the Signature Verification tool saves the file signature verification to a log file named SIGVERIF.TXT.
The Signature Verification tool builds a list of files to check and then scans the files. When the Signature Verification tool completes its check, a Signature Verification Results window appears if there are files that are not signed. Otherwise you see a Sigverif message box telling you that your files have been scanned and verified as being digitally signed.
The following questions will help you determine whether you have learned enough to move on to the next lesson. If you have difficulty answering these questions, review the material in this lesson before beginning the next lesson. The answers are in Appendix A, "Questions and Answers."