Digital signature

Let's say you scan your computer with FreeFixer and find a file named mDNSResponder.exe. If you have installed software from Apple, such as iTunes, iPhoto, iChat or Safari, it's expected to see this file on your system.

But even if it's expected to see mDNSResponder.exe on your system, how can you determine that no one has tampered with the file since it was installed on your system and added some malicious code? How can you determine that no one has replaced the legitimate mDNSResponder.exe with a malicious file? Anyone can create a file named mDNSResponder.exe and assign version and product information that looks legitimate.

The good news is that it's possible to verify that no one has modified the file, if it has a digital signature. The digital signature is used to verify the file's integrity, that is, that no one has tampered with it. A digital signature is also used to authenticate that the file really came from the company/person that claims to be the developer. In the case of mDNSResponder.exe: it has a valid digital signature. No one has tampered with the file and it's from Apple Inc - you can trust mDNSResponder.exe.

You can find more information about digital signatures at Wikipedia.