Verifying Digitally Signed Files
that you don’t accumulate unsigned drivers on your system (particularly
if you share your computer with other users), you should regularly run
the Signature Verification Tool. This program scans your entire system
(or, optionally, a specific folder) for unsigned drivers. Follow these
steps to run this tool:
Select Start, Run, enter sigverif, and click OK. The File Signature Verification window appears.
Click Advanced to display the Advanced File Signature Verification Settings dialog box.
Activate the Look for Other Files That Are Not Digitally Signed option.
In the Look in This Folder text box, enter SystemRoot\System32\drivers, where SystemRoot is the folder in which Windows XP is installed (such as C:\Windows).
Click Start to begin the verification process.
When the verification is complete, the program displays a list of the unsigned driver files, as shown in Figure 1. The results for all the scanned files are written to the log file Sigverif.txt, which is copied to the %SystemRoot% folder when you close the window that shows the list of unsigned drivers. In the Status column of Sigverif.txt, look for files listed as Not Signed. If you find any, consider upgrading these drivers to signed versions.
Figure 1. When the Signature Verification Tool completes its work, it
displays a list of the unsigned drivers on your system.
Reviewing Event Viewer Logs
Windows XP constantly
monitors your system for unusual or noteworthy occurrences. It might be a
service that doesn’t start, the installation of a device, or an
application error. These occurrences are called events and Windows XP tracks them in three different event logs:
|Application||This log stores events related to applications, including Windows XP programs and third-party applications.|
log stores events related to system security, including logons, user
accounts, and user privileges. Note that this log doesn’t record
anything until you turn on Windows XP’s security auditing features. You
do so by opening Windows XP Professional’s Local Security Settings
snap-in (select Start, Run, type secpol.msc, and click OK) and selecting Local Policies, Audit Policy. You can then enable auditing for any of the several polices listed.|
|System||This log stores events generated by Windows XP and components such as system services and device drivers.|
The System log
catalogs device driver errors, but remember that Windows XP has other
tools that make it easier to see device problems. Device Manager displays an icon on devices that have problems, and you
can view a device’s property sheet to see a description of the problem.
Also, the System Information utility (Msinfo32.exe)
reports hardware woes in the System Information, Hardware Resources,
Conflicts/Sharing branch and the System Information, Components, Problem
You should scroll
through the Application and System event logs regularly to look for
existing problems or for warnings that could portend future problems.
The Security log isn’t as important for day-to-day maintenance. You need
to use it only if you suspect a security issue with your machine; for
example, if you want to keep track of who logs on to the computer. To examine these logs, you use the Event Viewer snap-in, available via either of the following techniques:
Select Start, Run, type eventvwr.msc, and then click OK.
Open Control Panel’s Administrative Options icon and launch the Event Viewer icon.
shows a typical Event Viewer window. Use the tree in the left pane to
select the log you want to view: Application, Security, or System.
Figure 2. Use the Event Viewer to monitor events generated by applications and Windows XP.
When you select a log,
the right pane displays the available events, including the event’s
date, time, and source, its type (Information, Warning, or Error), and
other data. To see a description of an event, double-click it or select
it and press Enter.
Rather than monitoring the event logs by hand, Windows XP comes with a couple of tools that can help automate the process. The Eventquery.vbs script enables you to query the log files for specific event types, IDs, sources, and more. Search Help and Support for eventquery to get the script’s command-line syntax. Also, you can set up an event trigger that will perform some action when a particular event occurs. You do this using the Eventtriggers.exe utility. Search Help and Support for eventtriggers to get the full syntax for this tool.
Setting Up a 10-Step Maintenance Schedule
effective only if it’s done regularly, but there’s a fine line to be
navigated. If maintenance is performed too often, it can become a burden
and interfere with more interesting tasks; if it’s performed too
seldom, it becomes ineffective. Here’s a 10-step maintenance
your hard disk for errors. Run a basic scan about once a week. Run a
more thorough disk surface scan once a month. The surface scan takes a
long time, so run it when you won’t be using your computer for a while.
free disk space. Do this once about once a month. If you have a drive
where the free space is getting low, check it approximately once a week.
Delete unnecessary files. If free disk space isn’t a problem, run this chore once every two or three months.
your hard disk. How often you defragment your hard disk depends on how
often you use your computer. If you use it every day, you should run
Disk Defragmenter about once a week. If your computer doesn’t get heavy
use, you probably need to run Disk Defragmenter only once a month or so.
restore points. Windows XP already sets regular system checkpoints, so
you need only create your own restore points when you’re installing a
program or device or making some other major change to your system.
up your files. Perform a full backup of all your documents, as well as a
backup of the system state, about once a month. Carry out a
differential backup of modified files once a week. Complete an
incremental or daily backup of modified files every day.
Windows Update. If you’ve turned off automatic updating, you should
check in with the Windows Update website about once a week.
for security vulnerabilities. Run the Microsoft Baseline Security
Analyzer once a month. You should also pay a monthly visit to
Microsoft’s Security site to keep up to date on the latest security
news, get security and virus alerts, and more: www.microsoft.com/security/.
digitally signed files. If other people use your computer regularly,
you should run the Signature Verification Tool every couple of months.
Event Viewer logs. If your system appears to be working fine, you need
only check the Application and System log files weekly or every couple
of weeks. If the system has a problem, check the logs daily to look for
Warning or Error events.
Remember, as well, that Windows XP offers a number of options for running most of these maintenance steps automatically:
If you want to run a task every day, set it up to launch automatically at startup.
the Task Scheduler (Start, All Programs, Accessories, System Tools,
Scheduled Tasks) to set up a program on a regular schedule. Note that
some programs, particularly Disk Defragmenter, can’t be scheduled in
their GUI form. You need to use the command-line version instead.
Backup program enables you to schedule backup jobs. In the Backup
Utility window, display the Schedule Jobs tab and click Add Job.
Use the Automatic Updates feature instead of checking for Windows updates by hand.