Are Your Device Drivers Hacked Or Wacked?
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Are Your Device Drivers Hacked Or Wacked?

  1. #1
    Junior Member
    Join Date
    Jul 2005
    Posts
    26

    Are Your Device Drivers Hacked Or Wacked?

    Suggestion.

    Besides running scans it is also a good thing to run "sigverif". This will create a list of ALL drivers on your system, signed and unsigned.

    The output is located in your C:Windows\sigverif.txt file.

    It surprised me most people do not do this. Many trojans mask themselves as drivers on your system, and most if not all are never signed.

    Be careful however, some unsigned drivers are valid, especially video drivers.

    To make it easier to run and check your drivers, so you can compare from to time if you think you may be infected, here are some instructions to do this check.

    I would save the file somewhere, so when you run it again, you can compare any differences.

    Click Start | Run and in the box, type sigverif and then click OK.

    In the File Signature Verification dialog box, click the Advanced button.

    On the Search tab, click Notify me of any system files that are not digitally signed.

    Click OK, then click the start button.

    The tool will display a list of any unsigned system drivers you have installed on your computer.

    This is a good first step in troubleshooting driver-related problems.

    You can remove the unsigned driver(s) that you think may be causing the problem (it is recommended that, rather than deleting them, you move them to a different location, so you can move them back if the removal causes problems).

    Note that video drivers are often unsigned, but you usually shouldn't remove them since you may not be able to display anything on your computer if you do.

    To view the output of all system drivers open the C:Windows\sigverif.txt file.
    Where Black, Gray and White Hats Unite to help protect YOU from current and future Exploits http://testing.OnlyTheRightAnswers.com

  2. #2
    Member
    Join Date
    Oct 2004
    Posts
    92
    Very useful info, you are right not many people ave even heard of this (me included). I usually have a look through device manager but I never knew this program existed
    I\'m Dying To Find Out The Hard Way

  3. #3
    Junior Member
    Join Date
    Jul 2005
    Posts
    26
    Originally posted here by c0br4
    Very useful info, you are right not many people ave even heard of this (me included). I usually have a look through device manager but I never knew this program existed
    Thanks


    __________________
    Where Black, Gray and White Hats Unite to help protect YOU from current and future Exploits http://testing.OnlyTheRightAnswers.com

    Where Black, Gray and White Hats Unite to help protect YOU from current and future Exploits http://testing.OnlyTheRightAnswers.com

  4. #4
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,743
    [edit] fixed.. now no one will ever know.. [/edit]

    What will realy help is regular checks.. and compare with a benchmark check.

    Ie .. After a clean install.. get the device drivers in and stable, base software installed.. benchmark scan..
    install base software.. then antivirus bench mark-2 compare with first BM..

    When you do these scans realise the following:
    when your antivirus updates, some virtual device drivers can be changed.
    this tool can miss some deliberately hidden files (I havent tested this) .. being able to do this in a remote scan would be more reliable
    the information is only of help when you are able to see the changes.. use a file comparision utility.
    if the file is unsigned and you dont have any idea what it is. and it looks suspicious.. research then ask before panicing/deleting .. the breakages from a panic deletion has kept me busy on its own

    There is more.. head still not very clear this morning
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  5. #5
    Junior Member
    Join Date
    Jul 2005
    Posts
    26
    Originally posted here by Und3ertak3r
    I know I am nitpicking.. isnt the location of the file C:Windows\sigverif.txt .. then I suppose everyone else isnt as lazy as I...
    Yep, your right, wil edit it, sticky fingers,lol

    __________________
    Where Black, Gray and White Hats Unite to help protect YOU from current and future Exploits http://testing.OnlyTheRightAnswers.com
    Where Black, Gray and White Hats Unite to help protect YOU from current and future Exploits http://testing.OnlyTheRightAnswers.com

  6. #6
    Junior Member
    Join Date
    Jul 2005
    Posts
    26
    Originally posted here by Und3ertak3r
    [edit] fixed.. now no one will ever know.. [/edit]

    What will realy help is regular checks.. and compare with a benchmark check.

    Ie .. After a clean install.. get the device drivers in and stable, base software installed.. benchmark scan..
    install base software.. then antivirus bench mark-2 compare with first BM..

    When you do these scans realise the following:
    when your antivirus updates, some virtual device drivers can be changed.
    this tool can miss some deliberately hidden files (I havent tested this) .. being able to do this in a remote scan would be more reliable
    the information is only of help when you are able to see the changes.. use a file comparision utility.
    if the file is unsigned and you dont have any idea what it is. and it looks suspicious.. research then ask before panicing/deleting .. the breakages from a panic deletion has kept me busy on its own

    There is more.. head still not very clear this morning
    Well, This is why I mentioned be careful ;-)

    If I found an un-signed driver, I would go get the latest driver run the check again, and this way you can feel safe, and use that output to compare in the future.

    __________________
    Where Black, Gray and White Hats Unite to help protect YOU from current and future Exploits http://testing.OnlyTheRightAnswers.com
    Where Black, Gray and White Hats Unite to help protect YOU from current and future Exploits http://testing.OnlyTheRightAnswers.com

  7. #7
    Senior Member
    Join Date
    Jan 2004
    Posts
    195
    Thanks for info, i too have never heard about it. done as told and also searching on net for more info related to it. :-)
    It\'s all about sense of power.

  8. #8
    Junior Member
    Join Date
    Jul 2005
    Posts
    26
    Originally posted here by rider_royal
    Thanks for info, i too have never heard about it. done as told and also searching on net for more info related to it. :-)
    Your Very Welcome.


    __________________
    Where Black, Gray and White Hats Unite to help protect YOU from current and future Exploits http://testing.OnlyTheRightAnswers.com
    Where Black, Gray and White Hats Unite to help protect YOU from current and future Exploits http://testing.OnlyTheRightAnswers.com

  9. #9
    Senior Member
    Join Date
    Jul 2001
    Posts
    343
    Thanks.... I guess we all learn something once in a while from Billy Boy...
    Franklin Werren at www.bagpipes.net
    Yes I do play the Bagpipes!

    And learning to Play the Bugle

  10. #10
    Senior Member
    Join Date
    Jul 2005
    Posts
    277
    ditto, good post.
    Difficult takes a day, Impossible takes a week~Kthln01!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •