DRIVER_BIN64 and DRIVER_BIN32

[writhziden]

A user at TSF has DRIVER_BIN64 installed on the system. A quick Google search shows that it is likely part of a package for allowing unsigned drivers to be installed on the system. Should this be added to the DRT? There would be no driver update link, but I think users should know that circumventing signed drivers in this fashion can lead to problems with the system.


Some info from Symantec:

Driver Signing on Vista 64-bit ? Using the Process against Itself | Symantec Connect Community​

 

[Wrench97]

It's been out for awhile now, I believe at least 1 video card manufacturer (ATI??) used it as a tool to load legacy drivers on newer systems.
More info here > Download Tool to Bypass Driver Signing on 32-bit and 64-bit Windows Vista - Softpedia
and
Driver Signing on Vista 64-bit ? Using the Process against Itself | Symantec Connect Community

 

[jcgriff2]

@ Mike - do you have a link to TSF post, please?

I wa going to check syslist to see where the driver was located as it may contain a dir name that gives us a clue.

 

[writhziden]

It won't show up in $sys_list.txt since it lacks the *.sys extension. The full name is DRIVER_BIN64.

Computer bsod'ing or freezing randomly. - Tech Support Forum​

-----

 

[usasma]

I'd add it to the DRT w/a note that highlights the Symantec article and the phrase "rootkit-type behavior"
Download info noted as "N/A" or something similar

That way we document it, but don't offer support for it.
IMO, even if the big boys (like AMD) use it, it's still a hack/crack and - IMO - an unauthorized mod of the OS
FWIW - I did something similar with my system when installing the GBridge VPN drivers in Win8 RP. Never did like how the system operated after that.