How to improve the stability of system files in Windows7

As is known to all, Microsoft operating system files are often used by trojans, viruses and other programs to focus on the object. Sometimes the user does not inadvertently destroy the system files. System instability is mostly caused by the destruction of system files. The stability of this system file has improved a lot in Windows7.

Before talking about this topic, the system administrator needs to understand that the system files in the Microsoft operating system, regardless of the required files for installation of the operating system, also include some drivers. Microsoft's operating system supports hardware more strongly than open source operating systems such as Linux. In the Windows7 operating system, an attack detects most of the hardware and automatically finds and installs the appropriate drivers during the installation process. This is mainly because Microsoft will test the current mainstream hardware devices before a new version of the operating system comes out. If the test passes, the driver of this hardware will be added to the operating system. So you can identify most of the hardware without having to install the driver manually after the WINDOWS7 system is installed. These drivers also make up the system files in the Microsoft operating system. The following protection measures for system file Stability are also valid for these driver files.

Use the file signature to verify that the system files have been modified.

All system files (including Microsoft-approved driver files) will be signed by Microsoft in the Windows7 operating system. This signature information includes information such as the system file name, the storage path, the date the file was created, and the version number. If the system administrator collects the relevant information after the WINDOWS7 system has been deployed. Then when the operating system is unstable, the system administrator suspected that the system files are damaged, you can compare the system file signature and the original signature, you can determine whether the system file is not informed by the administrator has been changed. This can be done to repair the system files to restore the stability of the OS.

In the Microsoft operating system, there is no need to manually collect this information now. A graphical file Signing tool is provided in the system to help the system administrator do the work. In command line mode, the following dialog box pops up when you enter the Sigverif command.

This file Signing tool is a graphical management tool provided by the Microsoft operating system. When an application or hardware setup is installed, if the system administrator suspects that the original, protected, digitally signed system files, or startup programs are illegally modified or replaced, you can use this tool to check if this is the case. Although this tool has existed in previous versions of the operating system, it has been overlooked by everyone before. A lot of improvements have been made to this tool in Windows7, especially in performance. Through the author's test, in the Windows7 operating system, this tool is running faster than the previous version of the operating system several times faster. In addition, this tool has also been improved in functionality. If only the system files are detected in the previous operating system, the driver is not detected. Now, the tool detects both system files and driver files to ensure that all files are digitally signed by Microsoft. When the tool detects a file version that is not signed or inaccurate, it tells the administrator about the relevant information file name, modification time, version number, and so on. This information is also retained in the system-related log for subsequent queries by the system administrator.

However, after the use of the author feel that there is an inconvenient place, is unable to write this information directly into the text file or directly copy. If this tool is now querying a file for problems, such as Tcpip.sys this file is problematic. Now the system administrator may need to find out the specific uses of the file on the Internet, and whether anyone has ever encountered such a problem before. But let the author discouraged is unexpectedly can not directly copy the file name. Now I want to ask someone else the purpose of this file, I have to manually input, and can not be copied and pasted to achieve. I suggest that Microsoft's design experts, in this respect can be more humane point. Finally, this information can be exported directly to a text file in this window or directly to a copy and paste operation. Instead of opening the log file to perform these behaviors.

Also note that the tool does not repair itself to problematic files. So running this tool does not require administrator privileges. That is, ordinary users can also run the program to check if the system files have been maliciously altered.

Second, the use of SFC command to automatically repair the problem of the system files.

What if there are problems with the system files through the above tool? In addition to fixing the system files through the system installation disk or manually fixing the files, there is another useful tool available in the operating system, the SFC command. The function of this command is similar to that of the File Signature Authentication tool, which verifies the legality of the system files and the signature of the driver. However, there are still a lot of differences between the two tools.

One is the difference in appearance. SFC is a tool below the command line that does not have a graphical administration wizard. The File Signature Verification tool is a graphical management tool. So in terms of convenience, the file Signing tool may be easier to get started. However, for system management experts, the graphical interface and the text interface may not be fundamentally different. Another of the most significant differences may be functional differences. The SFC command not only checks the legality of system files and driver signatures, but also automatically fixes detected files. The fix is to automatically replace any incorrectly detected files with the Microsoft version of the extra files. Because there is no hint to the system administrator during the replacement process, there is a certain risk when using this tool. To this end, the author's suggestion is that the system administrator should first use the file Signing tool to find out what is the problem of the system files or driver files. If you confirm that these files are replaced by the Microsoft version of the file without problems, use the SFC command-line tool to automatically fix the problematic files.

If in the operating system, the system administrator deploys some system files that are not signed. If the system administrator believes that these files are required, it is best not to use this tool at all risk. If you can use this tool, first copy the legitimate but unsigned files, and then use this tool to fix other problematic system files or drivers. Wait until the repair is complete, and then restore these legitimate unsigned files or driver files. In addition, due to the high risk of running this tool, in the WINDOWS7 operating system to do more stringent restrictions, must be an administrator to run this program. Note that this admin trait system defaults to the Administrator account. That is, if the system administrator establishes a new account, then the account is added to the Administrators group. At this point, the account has the identity of an administrator, but it is still not able to run this SFC tool. Because he is not the default administrator account for the system. Microsoft's limitations in this regard are primarily designed to prevent misuse of the tool, which affects other users ' applications.

You can also use this tool in conjunction with Group Policy. If you can configure it in Group Policy to run the tool automatically when the operating system starts. Generally speaking, if the Windows7 operating system is only used as a client, then this is a good choice to maintain its stability. But if it is used as a server, then I do not recommend doing so. Because the server for enterprise Information application sensitivity (server failure all related to the application of the client will be affected), so only if the system file corruption or driver problems only use this tool. And before using this tool, it is best to use the Signature Authentication tool to query the files that may be problematic. If necessary, you need to back up the data in the server first. To prevent the operating system from starting because of a file recovery failure. For this reason, I think that although SFC is a good tool to maintain the stability of system files, the system administrator still needs to use it carefully.