CDRInfo Forum CDRInfo Forum

Forums  Register  Login  My Profile  Inbox  Address Book  My Subscription  My Forums 

Photo Gallery  Member List  Search  Calendars  FAQ  Ticket List  Log Out

Are Your Device Drivers Wacked Or Hacked?   Logged in as: Guest
Viewers: 1310 You can click here to see Today's Posts | Most Active Topics | Posts Since Last Visit
  Printable Version
All Forums >> [News Around The Web] >> Security News >> Are Your Device Drivers Wacked Or Hacked? Page: [1]
Login
Message << Older Topic   Newer Topic >>
Are Your Device Drivers Wacked Or Hacked? - 7/19/2005 12:21:49 PM   
ZOverLord

 

Posts: 11
Joined: 7/17/2005
Status: offline
Suggestion.

Besides running scans it is also a good thing to run "sigverif". This will create a list of ALL drivers on your system, signed and unsigned. The output is located in your C:\Windows\sigverif.txt file.

It surprised me most people do not do this. Many trojans mask themselves as drivers on your system, and most if not all are never signed.

Be careful however, some unsigned drivers are valid, especially video drivers.

To make it easier to run and check your drivers, so you can compare from to time if you think you may be infected, here are some instructions to do this check.

I would save the file somewhere, so when you run it again, you can compare any differences.

Click Start | Run and in the box, type sigverif and then click OK.

In the File Signature Verification dialog box, click the Advanced button.

On the Search tab, click Notify me of any system files that are not digitally signed.

Click OK, then click the start button.

The tool will display a list of any unsigned system drivers you have installed on your computer.

This is a good first step in troubleshooting driver-related problems.

You can remove the unsigned driver(s) that you think may be causing the problem (it is recommended that, rather than deleting them, you move them to a different location, so you can move them back if the removal causes problems).

Note that video drivers are often unsigned, but you usually shouldn't remove them since you may not be able to display anything on your computer if you do.

To view the output of all system drivers open the C:\Windows\sigverif.txt file.


_____________________________

Where Black, Gray and White Hats Unite to help protect YOU from current and future Exploits http://testing.OnlyTheRightAnswers.com
Post #: 1
RE: Are Your Device Drivers Wacked Or Hacked? - 7/19/2005 2:30:01 PM   
SiliconFreak


Posts: 12103
Joined: 7/4/2003
From: Melbourne, Victoria, AUS
Status: offline
Hello and Welcome ZOverLord...

And Thank You for this info! I am sure many members dont perform those scans at least from time to time...

I do ocassionally....but its hard to know later which files should stay and which not...cause there are some other drivers (other than video ones) which also arent digitally signed, but are also needed for some programs to function... The point is...that novice users should be carefull before removing them (best way is like you said...to move them somewhere else before....so that they could be put back in case some programs stops functioning because of that). I believe M$ could do better than that for the users to be able to know exactly which program(s) needs them and so on....so it would be easier to delete not needed ones and leave essential ones...but thats another story....maybe Longhorn will perform better in those areas...who knows....lets hope for the best...

(in reply to ZOverLord)
Post #: 2
RE: Are Your Device Drivers Wacked Or Hacked? - 7/19/2005 2:34:56 PM   
ZOverLord

 

Posts: 11
Joined: 7/17/2005
Status: offline
Your Very Welcome.

Yep, if it was me, I would run this on ANY new computers, save the text output, do it again anytime I update a driver, and chek maybe every month or so,  to compare differences.


_____________________________

Where Black, Gray and White Hats Unite to help protect YOU from current and future Exploits http://testing.OnlyTheRightAnswers.com

(in reply to SiliconFreak)
Post #: 3
RE: Are Your Device Drivers Wacked Or Hacked? - 7/19/2005 2:57:30 PM   
SiliconFreak


Posts: 12103
Joined: 7/4/2003
From: Melbourne, Victoria, AUS
Status: offline
Exactly...but it would also be much more easier for novice users if Windows (or any other OS) could do this scan automatically from time to time in background and compare results later with older ones....and inform users only if there is some change there (so that otherwise they wouldnt be bothered for no reason ). I guess that it wouldnt take more than 5 minutes to add all that to the current "sigverif" version....but looks like M$ is to busy with counting $$$...

(in reply to ZOverLord)
Post #: 4
Page:   [1]
All Forums >> [News Around The Web] >> Security News >> Are Your Device Drivers Wacked Or Hacked? Page: [1]
Jump to:





New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts




Forum Software © ASPPlayground.NET Advanced Edition 2.4.5 ANSI

0.047