sigverif.exe

Archived from groups: microsoft.public.windowsxp.general (More info?)

Hi

I ran this tool and it showed that the majority of my system files are not
signed numerically signed.

Why is this as I have Windows XP installed.

I'd also like to know what security a numeric signature gives.

Can it be forged etc.

Thanks
4 answers Last reply
More about sigverif
  1. Archived from groups: microsoft.public.windowsxp.general (More info?)

    It (SigVerif) by default only checks 3rd-Party drivers. A Digital
    Signature is basically a way to guarantee a file is valid or has not
    been tampered with. Also, when you go to install some devices
    XP will warn you that the drivers haven't passed XP Logo testing.
    This is also part of the Signature process where MS has certified
    the drivers to be compatible with XP. I believe this is done via
    the Windows Hardware Quality Labs (WHQL).
    You can read up on it here:
    http://www.microsoft.com/whdc/whql/default.mspx


    "Dave Neve" <NoAddressForSpammers@Nofs.fr> wrote in message
    news:e0tHPHfiFHA.2916@TK2MSFTNGP14.phx.gbl...
    > Hi
    >
    > I ran this tool and it showed that the majority of my system files are not
    > signed numerically signed.
    >
    > Why is this as I have Windows XP installed.
    >
    > I'd also like to know what security a numeric signature gives.
    >
    > Can it be forged etc.
    >
    > Thanks
    >
  2. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Hi

    Thanks for the initial help.

    I've now done a scan and sinverif scanned 3436 files of which only 52 were
    signed.

    I don't understand cos a lot of the unsigned files are Microsoft.

    I've included an extract from the log to show you 3 of them.

    How is this possible???

    Thanks


    Vérification de signature Microsoft

    Fichier journal généré sur 16/07/2005 à 13:23 Dave Neve
    Plate-forme sys. expl. : Windows 2000 (x86), Version : 5.1, numéro : 2600,
    version CSD : Service Pack 2
    Résultats : nombre total de fichiers : 3436, signé(s) : 52, non signé(s) :
    2425, non analysés(s) : 959

    Fichier Modifié Version État
    Catalogue Signé par
    ------------------ ------------ ----------- ------------
    ----------- -------------------
    [c:\program files\fichiers communs\microsoft shared\dao]
    dao360.dll 19/08/2004 3.60.8618.0 Non signé
    N/A
    [c:\program files\fichiers communs\microsoft shared\msinfo]
    ieinfo5.ocx 28/08/2001 6.0.2600.0 Non signé
    N/A
    msinfo32.exe 28/08/2001 5.1.2600.0 Non signé
    N/A


    "R. McCarty" <PcEngWork-NoSpam_@mindspring.com> a écrit dans le message de
    news: %23VvIUVfiFHA.2444@tk2msftngp13.phx.gbl...
    > It (SigVerif) by default only checks 3rd-Party drivers. A Digital
    > Signature is basically a way to guarantee a file is valid or has not
    > been tampered with. Also, when you go to install some devices
    > XP will warn you that the drivers haven't passed XP Logo testing.
    > This is also part of the Signature process where MS has certified
    > the drivers to be compatible with XP. I believe this is done via
    > the Windows Hardware Quality Labs (WHQL).
    > You can read up on it here:
    > http://www.microsoft.com/whdc/whql/default.mspx
    >
    >
    > "Dave Neve" <NoAddressForSpammers@Nofs.fr> wrote in message
    > news:e0tHPHfiFHA.2916@TK2MSFTNGP14.phx.gbl...
    >> Hi
    >>
    >> I ran this tool and it showed that the majority of my system files are
    >> not signed numerically signed.
    >>
    >> Why is this as I have Windows XP installed.
    >>
    >> I'd also like to know what security a numeric signature gives.
    >>
    >> Can it be forged etc.
    >>
    >> Thanks
    >>
    >
    >
  3. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Are you using the "Advanced" options of the Scanner ? , if so
    then it won't be unexpected to receive a tally that high. I just
    did a Advanced search starting at C:\Windows with sub folder
    scan enabled.

    SigVerif returned:
    Scanned = 7618
    Signed = 5377
    Unsigned = 2207

    Was your XP instance originally a Clean install or an upgrade over
    a previous OS ? Something in your results does not seem right.

    "Dave Neve" <NoAddressForSpammers@Nofs.fr> wrote in message
    news:unb8ClfiFHA.1412@TK2MSFTNGP10.phx.gbl...
    > Hi
    >
    > Thanks for the initial help.
    >
    > I've now done a scan and sinverif scanned 3436 files of which only 52 were
    > signed.
    >
    > I don't understand cos a lot of the unsigned files are Microsoft.
    >
    > I've included an extract from the log to show you 3 of them.
    >
    > How is this possible???
    >
    > Thanks
    >
    >
    >
    > Vérification de signature Microsoft
    >
    > Fichier journal généré sur 16/07/2005 à 13:23 Dave Neve
    > Plate-forme sys. expl. : Windows 2000 (x86), Version : 5.1, numéro :
    > 2600, version CSD : Service Pack 2
    > Résultats : nombre total de fichiers : 3436, signé(s) : 52, non signé(s) :
    > 2425, non analysés(s) : 959
    >
    > Fichier Modifié Version État
    > Catalogue Signé par
    > ------------------ ------------ ----------- ------------
    > ----------- -------------------
    > [c:\program files\fichiers communs\microsoft shared\dao]
    > dao360.dll 19/08/2004 3.60.8618.0 Non signé N/A
    > [c:\program files\fichiers communs\microsoft shared\msinfo]
    > ieinfo5.ocx 28/08/2001 6.0.2600.0 Non signé N/A
    > msinfo32.exe 28/08/2001 5.1.2600.0 Non signé N/A
    >
    >
    >
    > "R. McCarty" <PcEngWork-NoSpam_@mindspring.com> a écrit dans le message de
    > news: %23VvIUVfiFHA.2444@tk2msftngp13.phx.gbl...
    >> It (SigVerif) by default only checks 3rd-Party drivers. A Digital
    >> Signature is basically a way to guarantee a file is valid or has not
    >> been tampered with. Also, when you go to install some devices
    >> XP will warn you that the drivers haven't passed XP Logo testing.
    >> This is also part of the Signature process where MS has certified
    >> the drivers to be compatible with XP. I believe this is done via
    >> the Windows Hardware Quality Labs (WHQL).
    >> You can read up on it here:
    >> http://www.microsoft.com/whdc/whql/default.mspx
    >>
    >>
    >> "Dave Neve" <NoAddressForSpammers@Nofs.fr> wrote in message
    >> news:e0tHPHfiFHA.2916@TK2MSFTNGP14.phx.gbl...
    >>> Hi
    >>>
    >>> I ran this tool and it showed that the majority of my system files are
    >>> not signed numerically signed.
    >>>
    >>> Why is this as I have Windows XP installed.
    >>>
    >>> I'd also like to know what security a numeric signature gives.
    >>>
    >>> Can it be forged etc.
    >>>
    >>> Thanks
    >>>
    >>
    >>
    >
    >
  4. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Hi

    Yep. I'm using the advanced option and just scanning System.

    Originally, I had Millenium installed and then did a clean install of XPPro.

    Since then, I've added SP1 and SP2

    I've just scanned again and same result.

    What is strange is that one of the first lines says

    Plate-forme sys. expl. : Windows 2000 (x86), Version : 5.1, numéro : 2600,
    version CSD : Service Pack 2

    Is this right for XP Pro?

    "R. McCarty" <PcEngWork-NoSpam_@mindspring.com> a écrit dans le message de
    news: uDfFvqfiFHA.4000@TK2MSFTNGP12.phx.gbl...
    > Are you using the "Advanced" options of the Scanner ? , if so
    > then it won't be unexpected to receive a tally that high. I just
    > did a Advanced search starting at C:\Windows with sub folder
    > scan enabled.
    >
    > SigVerif returned:
    > Scanned = 7618
    > Signed = 5377
    > Unsigned = 2207
    >
    > Was your XP instance originally a Clean install or an upgrade over
    > a previous OS ? Something in your results does not seem right.
    >
    > "Dave Neve" <NoAddressForSpammers@Nofs.fr> wrote in message
    > news:unb8ClfiFHA.1412@TK2MSFTNGP10.phx.gbl...
    >> Hi
    >>
    >> Thanks for the initial help.
    >>
    >> I've now done a scan and sinverif scanned 3436 files of which only 52
    >> were signed.
    >>
    >> I don't understand cos a lot of the unsigned files are Microsoft.
    >>
    >> I've included an extract from the log to show you 3 of them.
    >>
    >> How is this possible???
    >>
    >> Thanks
    >>
    >>
    >>
    >> Vérification de signature Microsoft
    >>
    >> Fichier journal généré sur 16/07/2005 à 13:23 Dave Neve
    >> Plate-forme sys. expl. : Windows 2000 (x86), Version : 5.1, numéro :
    >> 2600, version CSD : Service Pack 2
    >> Résultats : nombre total de fichiers : 3436, signé(s) : 52, non signé(s)
    >> : 2425, non analysés(s) : 959
    >>
    >> Fichier Modifié Version État
    >> Catalogue Signé par
    >> ------------------ ------------ ----------- ------------
    >> ----------- -------------------
    >> [c:\program files\fichiers communs\microsoft shared\dao]
    >> dao360.dll 19/08/2004 3.60.8618.0 Non signé N/A
    >> [c:\program files\fichiers communs\microsoft shared\msinfo]
    >> ieinfo5.ocx 28/08/2001 6.0.2600.0 Non signé N/A
    >> msinfo32.exe 28/08/2001 5.1.2600.0 Non signé N/A
    >>
    >>
    >>
    >> "R. McCarty" <PcEngWork-NoSpam_@mindspring.com> a écrit dans le message
    >> de news: %23VvIUVfiFHA.2444@tk2msftngp13.phx.gbl...
    >>> It (SigVerif) by default only checks 3rd-Party drivers. A Digital
    >>> Signature is basically a way to guarantee a file is valid or has not
    >>> been tampered with. Also, when you go to install some devices
    >>> XP will warn you that the drivers haven't passed XP Logo testing.
    >>> This is also part of the Signature process where MS has certified
    >>> the drivers to be compatible with XP. I believe this is done via
    >>> the Windows Hardware Quality Labs (WHQL).
    >>> You can read up on it here:
    >>> http://www.microsoft.com/whdc/whql/default.mspx
    >>>
    >>>
    >>> "Dave Neve" <NoAddressForSpammers@Nofs.fr> wrote in message
    >>> news:e0tHPHfiFHA.2916@TK2MSFTNGP14.phx.gbl...
    >>>> Hi
    >>>>
    >>>> I ran this tool and it showed that the majority of my system files are
    >>>> not signed numerically signed.
    >>>>
    >>>> Why is this as I have Windows XP installed.
    >>>>
    >>>> I'd also like to know what security a numeric signature gives.
    >>>>
    >>>> Can it be forged etc.
    >>>>
    >>>> Thanks
    >>>>
    >>>
    >>>
    >>
    >>
    >
    >
Ask a new question

Read More

Security Microsoft Windows XP