Actually it does matter because in this context, Microsoft is signing the files... You know, the one who creates the actual OS itself...
Never in the history of Windows has there been a built-in virus created by Microsoft themselves. And I'm sure there never will be.
Even if a core .dll (or such) was infected, the only option would be to delete it which would crash the system anyway. What good does that do for anybody? I'll say it again, there's no reason to scan something that will never be broken as long as checksums line up. All the trust you need is in the checksum. Nothing magical about it.