Re: Digital Signatures - Confusion!



After further thought you probably are not missing any certificates but the
message simply means that the file is probably not signed and XP is warning
you of such. That does not always mean that the file is malicious. Checking
the MD5 hash in this case would show whether the file was authentic or
ot. --- Steve


"Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:wJidnYTSKPMfu2XeRVn-jA@xxxxxxxxxxxxxx
I would go ahead and use it. I have several times on different computers.
It sounds like you may be missing some certificates maybe? Anyhow you could
verify the MD5 hash of sysclean.com to see if it matches what they show.
You can download programs to do that such as fsum and check it like I did
in the example below. --- Steve

http://www.slavasoft.com/fsum/ --- Fsum

D:\test1>fsum sysclean.com

SlavaSoft Optimizing Checksum Utility - fsum 2.51
Implemented using SlavaSoft QuickHash Library <www.slavasoft.com>
Copyright (C) SlavaSoft Inc. 1999-2004. All rights reserved.

; SlavaSoft Optimizing Checksum Utility - fsum 2.51 <www.slavasoft.com>
;
; Generated on 02/19/06 at 01:59:45
;
7a84da903c56ba0646eacf6b42957594 *sysclean.com

"BoaterDave" <BoaterDave@nospam invalid> wrote in message
news:%2363LsCSNGHA.1676@xxxxxxxxxxxxxxxxxxxxxxx
I may not have followed you exactly Steve! I ended up here
http://www.trendmicro.com/download/dcs.asp and DID download Sysclean -
and, guess what, the downloaded file, when checked for its' Digital
Signature, said it was from an Unknown Publisher!

Now why should that be? I thought I might be "safe" using this
newsgroup!!

D.

"Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:JOSdnUjRn9LzX2reRVn-qg@xxxxxxxxxxxxxx
Be sure to scan for viruses also as those programs do not. I would not
worry about spyware that is detected if it is shown to be low risk by
AdAware as it is not unusual to find something after every internet
browsing session. Trend Micro has a great free utility called Sysclean
that scans for and deletes malware [virus/worm/trojan] it can detect.
You do not have to install it just run Sysclean from the same folder as
their latest pattern file. More info is at the link below and click
Trend Micro pattern files under the list for update center on the left
hand side of the page to access the pattern files. --- Steve

http://www.trendmicro.com/download/dcs.asp

"BoaterDave" <BoaterDave@nospam invalid> wrote in message
news:eC$JKcONGHA.2916@xxxxxxxxxxxxxxxxxxxxxxx
I did scan earlier today and "cleaned". I've just done so again -
result:-

Spybot found nothing!
Trend Micro AntiSpyware found 10 items!
Lavasoft Ad-Aware found 7 items (some the same as Trend)

Quite amazing really - but the price to pay for surfing the .net I
suppose!

Thanks for your interest Steve.

David


"Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:98idnZXgU_cfGGrenZ2dnUVZ_v-dnZ2d@xxxxxxxxxxxxxx
Interesting. I just did the same thing and had no problem printing it
up without selecting printer friendly version. I would certainly scan
for malware/spyware including in Safe Mode. --- Steve


"BoaterDave" <BoaterDave@nospam invalid> wrote in message
news:egoONyLNGHA.812@xxxxxxxxxxxxxxxxxxxxxxx
Well - I thought I'd seen it all!.

Thanks for the links Steve. Whilst I had seen the pages before, as
I'd used the Windows OneCare back-up facility I saw no real need.
However........... I'm no longer experimenting with Beta programmes
and will therefore follow the Microsoft advice.

I went to the "Windows XP Backup Made Easy site, had a quick read and
decided to print it. I failed to select a "printer friendly" version
........... what was printed? Not the whole as a web page, but a
single sheet with a Lady and a small window in front of her .....
above which was printed "I've been bitten".

Any comment or ideas why?

David B.

"Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:DqOdnVm-8JykzWreRVn-vQ@xxxxxxxxxxxxxx
Digital signatures are used to verify that the file comes from a
trusted publisher and can rule out that the file has been tampered
with. The file must be signed by a certificate that was issued by a
Certificate Authority that your computer trusts and be valid. You can
see the CAs that your computer trusts in Internet
Explorer/tools/content - certificates. However if the date of the
certificate has expired it is not considered valid and you will get a
warning message stating such which apparently is what you are seeing.
I have no idea why these companies have not renewed their
certificates. However I would not be that concerned about it as any
company that values it's security will carefully secure it's signing
certificates and revoke any issued certificates that they feel have
been compromised. As always good backups of at least data files,
ideally the System State also which includes registry backup, and
possibly an image of the system drive is best practice to prevent
undue hardship from any surprises that can include hardware
ilure. --- Steve

http://www.microsoft.com/windowsxp/using/setup/learnmore/bott_03july14.mspx
--- making backups on XP




ww.microsoft.com/technet/prodtechnol/winxppro/maintain/asr.mspx ---
XP Automated System Recovery backup
"BoaterDave" <BoaterDave@nospam invalid> wrote in message
news:eFxvpAKNGHA.3392@xxxxxxxxxxxxxxxxxxxxxxx
Hello.

I recently received this message (part only) from the Trend Micro
Help Centre:-

Thank you for your email and the screenshot.
1.
Please ignore that Digital Signature and install and run the file
anyway.

Really .......... I thought that's why warnings are given in the
first place! Whilst I'm sure that, in that particular scenario, it
was well-intentioned (and after having had the file checked by
Sophos, I believe that there is nothing for me to be concerned about)
it does leave me "wondering"!

However, I must admit that I do not fully understand exactly how the
Digital Signature system is supposed to work. I "expect" to see a
Digital Signature which, when I check (say after downloading a
programme from the Internet) to have a date which is current .

However, (and as a "for instance") during my many re-installations of
Windows XP since Christmas (7 in all now!) I discovered that in order
to obtain Updates from Microsoft thereafter, I had to accept a
Certificate which had a "out of date" signature. I did raise this
with Microsoft, and was told that they were "aware of the problem"
............... and accept it anyway! I gather it has something to do
with when the original "tool" was published and given its' Digital
Signature, but I've always been sceptical about this.

This has just occured again when (now that my PC is, at last, free
from Malware [ ??? ever the optomist!]) I attempted to join MSN - it
required to "update" itself - and wants me to accept a sinature dated
in 2004? (I haven't, yet!)

Someone "out there" must surely be able to explain to me how the
Digital Signature system works ......... or, perhaps, that it doesn't
always work as one might expect! I'm willing to learn (but it's
getting much harder to remember!).

David B.













.