Prev: Please someone help m!!!!!!!!
Next: Local Power User on domain
From: vfclists on 27 Jul 2010 11:04
I am using Process Explorer to verify file signatures on Windows XP
and the following Microsoft files are not verifying.
This in spite of running Kaspersky AV and currently AVG

svchost.exe
winlogon.exe
services.exe
regedit.exe
cmd.exe
ctfmon.exe
explorer.exe
lsass.exe

Does Microsoft supply verified signatures for these files?

If they do why aren't the AV programs flagging them?

/vfclists
From: Allan on 27 Jul 2010 13:28

"vfclists" <vfclists(a)gmail.com> wrote in message
news:0eb9fab2-57c7-49e1-9fb9-9c334d6db026(a)k10g2000vbd.googlegroups.com...
>I am using Process Explorer to verify file signatures on Windows XP
> and the following Microsoft files are not verifying.
> This in spite of running Kaspersky AV and currently AVG
>
> svchost.exe
> winlogon.exe
> services.exe
> regedit.exe
> cmd.exe
> ctfmon.exe
> explorer.exe
> lsass.exe
>
> Does Microsoft supply verified signatures for these files?
>
> If they do why aren't the AV programs flagging them?
MS does not necessarily sign all executables and drivers and the security
companies generally know which ones. Unless your security software flags it
as a threat I would not worry too much. Sometimes it may be a false positive
by the security software. I do not know the answer for these particular .exe
files.

From: MowGreen on 27 Jul 2010 18:56
vfclists wrote:
> I am using Process Explorer to verify file signatures on Windows XP
> and the following Microsoft files are not verifying.
> This in spite of running Kaspersky AV and currently AVG
>
> svchost.exe
> winlogon.exe
> services.exe
> regedit.exe
> cmd.exe
> ctfmon.exe
> explorer.exe
> lsass.exe
>
> Does Microsoft supply verified signatures for these files?
>
> If they do why aren't the AV programs flagging them?
>
> /vfclists

XP has a built in File Signature verification tool:

http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/sig_verification_howto.mspx?mfr=true

" To check the digital signatures for system or non-system files

1. Open File Signature Verification

2. Click Advanced.

3. On the Search tab, click one of the following:

� Notify me if any system files are not signed

Checks only the Windows system files and all device driver files to see
if they have a digital signature.

� Look for other files that are not digitally signed

Enables you to specify the file type and location of non-system files to
check for a digital signature.


4. Click OK, and then click Start.

Note

� To start File Signature Verification, click Start, click Run, type
sigverif, and then click OK. "


See if running that tool shows if the system files are digitally signed.


MowGreen
================
*-343-* FDNY
Never Forgotten
================

banthecheck.com
"Security updates should *never* have *non-security content* prechecked
 | 
Pages: 1
Prev: Please someone help m!!!!!!!!
Next: Local Power User on domain