Are Your Device Drivers Wacked Or Hacked? (Full Version)

All Forums >> [News Around The Web] >> Security News


ZOverLord -> Are Your Device Drivers Wacked Or Hacked? (7/19/2005 12:21:49 PM)


Besides running scans it is also a good thing to run "sigverif". This will create a list of ALL drivers on your system, signed and unsigned. The output is located in your C:\Windows\sigverif.txt file.

It surprised me most people do not do this. Many trojans mask themselves as drivers on your system, and most if not all are never signed.

Be careful however, some unsigned drivers are valid, especially video drivers.

To make it easier to run and check your drivers, so you can compare from to time if you think you may be infected, here are some instructions to do this check.

I would save the file somewhere, so when you run it again, you can compare any differences.

Click Start | Run and in the box, type sigverif and then click OK.

In the File Signature Verification dialog box, click the Advanced button.

On the Search tab, click Notify me of any system files that are not digitally signed.

Click OK, then click the start button.

The tool will display a list of any unsigned system drivers you have installed on your computer.

This is a good first step in troubleshooting driver-related problems.

You can remove the unsigned driver(s) that you think may be causing the problem (it is recommended that, rather than deleting them, you move them to a different location, so you can move them back if the removal causes problems).

Note that video drivers are often unsigned, but you usually shouldn't remove them since you may not be able to display anything on your computer if you do.

To view the output of all system drivers open the C:\Windows\sigverif.txt file.

SiliconFreak -> RE: Are Your Device Drivers Wacked Or Hacked? (7/19/2005 2:30:01 PM)

Hello and Welcome ZOverLord...[;)]

And Thank You for this info! I am sure many members dont perform those scans at least from time to time...

I do ocassionally....but its hard to know later which files should stay and which not...cause there are some other drivers (other than video ones) which also arent digitally signed, but are also needed for some programs to function...[&:] The point is...that novice users should be carefull before removing them (best way is like you move them somewhere else that they could be put back in case some programs stops functioning because of that). I believe M$ could do better than that for the users to be able to know exactly which program(s) needs them and so it would be easier to delete not needed ones and leave essential ones...but thats another story....maybe Longhorn will perform better in those areas...who knows....lets hope for the best...[8D][:D][;)]

ZOverLord -> RE: Are Your Device Drivers Wacked Or Hacked? (7/19/2005 2:34:56 PM)

Your Very Welcome.

Yep, if it was me, I would run this on ANY new computers, save the text output, do it again anytime I update a driver, and chek maybe every month or so,  to compare differences.

SiliconFreak -> RE: Are Your Device Drivers Wacked Or Hacked? (7/19/2005 2:57:30 PM)

Exactly...but it would also be much more easier for novice users if Windows (or any other OS) could do this scan automatically from time to time in background and compare results later with older ones....and inform users only if there is some change there (so that otherwise they wouldnt be bothered for no reason [:)]). I guess that it wouldnt take more than 5 minutes to add all that to the current "sigverif" version....but looks like M$ is to busy with counting $$$...[8D][:D][;)]

Page: [1]

Valid CSS!

Forum Software © ASPPlayground.NET Advanced Edition 2.4.5 ANSI