No announcement yet.

How can I verify sptd.sys file integrity

  • Filter
  • Time
  • Show
Clear All
new posts

  • How can I verify sptd.sys file integrity

    I have been infected by a trojan. If I suspected that the trojan had replaced or infected the sptd.sys driver, how can i verify the integrity of the driver file?

  • #2
    why do you guess the sptd.sys is modified?

    You can download the actual version of sptd here on the mainpage (downloads).

    Start it from your command-console, like e.g. "c:\sptdinst.exe add"

    This should replace the current version with the new one


    • #3
      Well I should do that next time -

      I got hit by this, they stole $4900 from my bank but luckily I got it back before it left the country:

      I found the trojan by restarting in safe mode. However - and beg your pardon for any inference - it occurred to me that a smart "rootkit" would hide itself in something that is already, some might say, a known rootkit - . I.e. the sptd.sys driver. Don't get me wrong - I love Daemon Tools (for example ;-) ).

      But I am interested in how I might compare my driver version, against the versions that you produce. The driver file has no version information, and is not signed and has no other means of checking it's integrity

      If the secrecy is required to make the magic work, then that's ok and I will just make sure that I have a version that comes from a reliable source if there is any doubt.
      I could send you the versions I saved, before I rebuilt my PC...


      • #4
        Why don't you sign you driver sptd.sys?

        Are you ashamed of it? It is being use by alcohol software I like their products, I don't like having non signed drivers on my system
        make me thing you have something to hide, normally virus do the same thing.