What do you think about this video?

[Guest]

[Siketa]

nice, that was quick 

Yep....just like Melih said....fixed in a blink of an eye 
 

[morphiusz]

hoshinkaaaa is me I did research and found these viruses on the Internet.
Yep.It's true. Fast reaction from Comodo Team.

[Melih]

Thank you guys for your vigilance.
We will continue to add more stringent processes for our whitelists.

All in all, things are good and small hiccups are fixed immediately, thanks to this amazing community we have!

thanks
Melih

[naren]

But why did CAV didn't detected the files second time??? Is this a bug in CAV?? or care to give info on this. Coz I find it strange CAV detecting the files first time & not detecting second time.

Thanxx
Naren

[umesh]

Hi,

But why did CAV didn't detected the files second time??? Is this a bug in CAV?? or care to give info on this. Coz I find it strange CAV detecting the files first time & not detecting second time.

Thanxx
Naren

It is because the way CIS works. Due to speed optimization, it does not do TVL cloud lookup on on-access, but  when a file is detected as malware it verifies in cloud if it is safe, as it can be false-positive also, and if so, vendor is added to local Trusted Vendor List.

Next time when file was executed, vendor was already in TVL as last check found vendor in cloud and added to local TVL list and therefore there was no alert in second attempt.

Thanks
-umesh

[naren]

Hi,
It is because the way CIS works. Due to speed optimization, it does not do TVL cloud lookup on on-access, but  when a file is detected as malware it verifies in cloud if it is safe, as it can be false-positive also, and if so, vendor is added to local Trusted Vendor List.

Next time when file was executed, vendor was already in TVL as last check found vendor in cloud and added to local TVL list and therefore there was no alert in second attempt.

Thanks
-umesh

I was thinking of this but wanted an info from the experts. Thanxx you explained it clearly.

But on first attempt if the file is detected as malware & the cloud lookup found the file safe & added it to TVL local that means it was an FP, but an average user will not try to run the file second time. Dont you think it should do TVL cloud lookup on onaccess.

Thanxx
Naren

[tommymacangel]

One more time, this thing indicates that TVL is not offering maximun protection (event if, of course it helps to decrease number of popup etc....).

For me, the best protection is based on a whitelist refering to uniques files

Remember STUXNET with Realtek and JMicron digitals signatures...

[Tags:]