Lucky You, Microsoft has Sent You an Email! (Think Again). - System File Checker

(Page 5 of 6 )

The System File Checker feature scans all protected system files and verifies their versioning; if the version is incorrect, the File Checker replaces it with a correct Microsoft version file.

Bear in mind that only a member of the Administrators group can execute the sfc (System File Checker) command.

Syntax: The syntax to call the System File Checker is the following:

sfc [/scannow] [/scanonce] [/scanboot] [/revert] [/purgecache] [/cachesize=x]

Parameters: The sfc command can be called using the following parameters:

• /scannow: Scans all protected system files immediately.
• /scanonce: Scans all protected system files once at the next boot.
• /scanboot: Scans all protected system files every time the computer is restarted.
• /revert: Returns the scan to its default operation.
• /purgecache: Purges the Windows File Protection file cache and scans all protected system files immediately.
• /cachesize=x: Sets the size, in MB, of the Windows File Protection file cache.
• /?: Displays help at the command prompt.

Results: When using the System File Checker, if it finds that a protected file is incorrect, it uses the %systemroot%\system32\dllcache folder or the Windows CD to retrieve the correct version of the file and replace the incorrect one.

File signature verification tool

Another feature of Windows that can be used to verify the originality and integrity of system files and device driver files is the File Signature Verification tool. Using the tool, you can identify files that are not digitally signed and view the following information about them:

• The file’s name
• The file’s location
• The file’s modification date
• The file’s type
• The file’s version number

In order to use the File Signature Verification tool you must complete the following steps:

1. Click Start -> Run, type sigverif, and then click OK.
   
   
   
   
2. Click Advanced.
   
   
3. On the Search tab, click one of the following:
   
   
   
   1. Notify me if any system files are not signed. This option checks only the Windows system files and all device driver files to verify that they have a digital signature.
      
      
   2. Look for other files that are not digitally signed. This option checks specified file types and the location of non-system files for a digital signature.
      
      
      
      
      
      
4. On the Logging tab, select the Save the file signature verification results to a log file check box.
   
   
5. Click one of the following:
   
   
   
   1. Append to existing log file. This option adds new search results to the end of an existing log file.
      
      
   2. Overwrite existing log file. This option replaces the existing log file with a new log file.
      
      
6. In Log file name, you can specify a name for the log file that will be used by the tool to write the search results.
   
   
7. Click OK, and then click Start.

Next: Conclusion >>
 

More Windows Security Articles
More By Eliana Stavrou

Comments On: Lucky You, Microsoft has Sent You an Email! (Think Again).

>>> Be the FIRST to comment on this article!