Well, This is why I mentioned be careful ;-)Originally posted here by Und3ertak3r
[edit] fixed.. now no one will ever know.. [/edit]
What will realy help is regular checks.. and compare with a benchmark check.
Ie .. After a clean install.. get the device drivers in and stable, base software installed.. benchmark scan..
install base software.. then antivirus bench mark-2 compare with first BM..
When you do these scans realise the following:
when your antivirus updates, some virtual device drivers can be changed.
this tool can miss some deliberately hidden files (I havent tested this) .. being able to do this in a remote scan would be more reliable
the information is only of help when you are able to see the changes.. use a file comparision utility.
if the file is unsigned and you dont have any idea what it is. and it looks suspicious.. research then ask before panicing/deleting .. the breakages from a panic deletion has kept me busy on its own
There is more.. head still not very clear this morning
If I found an un-signed driver, I would go get the latest driver run the check again, and this way you can feel safe, and use that output to compare in the future.
__________________
Where Black, Gray and White Hats Unite to help protect YOU from current and future Exploits http://testing.OnlyTheRightAnswers.com
Reply With Quote