The files are all signed with “NVIDIA Corporation PE Sign v2014” digital signature and yet they aren’t whitelisted. Why not? The reason why I’m asking here is because I’ve asked about this in the whitelisting thread and it got ignored in a mass of other posts.
I’ve also attached one such file…
[attachment deleted by admin]
It looks the digital sign is broken… or not valid.
Lets submit it for whitelisting, maybe they will handle it.
It’s still a certificate only used by NVIDIA…
Verified: A certificate chain could not be built to a trusted root authority.
Link date: 8:06 PM 11/24/2015
Publisher: NVIDIA Corporation PE Sign v2014
Description: NVIDIA D3D Shim Driver, Version 359.06
Product: NVIDIA D3D shim drivers
Prod version: 10.18.13.5906
File version: 10.18.13.5906
Binary Version: 10.18.13.5906
Original Name: nvumdshim.dll
Internal Name: nvumdshim
Copyright: (C) 2015 NVIDIA Corporation. All rights reserved.
Which just means its a signature issued by NVIDIA and NVIDIA only but wasn’t verified by a certificate authority. Which doesn’t make it any less valid considering you can extract files with such signature from any drive downloaded from official NVIDIA webpage.
The issuer is not a trusted root CA (The Microsoft Windows O.S does not see the cert as being valid, tests were performed on xp, vista x64, win 7 x32, win 10) … it seems this causes alot of problems not only with comodo but also with other security software according to
nvidia forum. However, our team will investigate and manually whitelist these self-signed files.
Self signed signatures are not secure by definition. They should only be used on local networks. It is beyond my understanding why NVIDIA hangs on to this deprecated practice.
Moving to D+ Help board.
I’m not able anymore to update my NVIDIA drivers if Comodo is running !
Please do something about it ASAP.
To install Nvidia drivers,
Someone suggested disabling ‘Enable File Source Tracking’ under Auto Sandbox.
I haven’t had another update to test this yet, so please give it a try and report back.
You can add that signature to your Trusted Software Vendor List. CIS is a very customisable tool.
Only if it’s a valid signature. And if it’s PE file, currently.
Oops and thank you. I overlooked that not unimportant detail.
That’s stupid. Why can’t I add ANY signature if I desire so to make things easier for me? No, instead I’m blocked even there by the CIS itself.
Are you talking about just the problem with this specific executable or has your problem changed to a more generic one?
You can always white list the individual files that come with this signature.
Because signature spoofing, self signed malware, etc.