a downloader trusted by CIS



It contains a digital signature whitelisted by CIS.

[attachment deleted by admin]

Outch… But such things are rare…

It can download a fake AV.



Nice …
Please you should submit it here : https://forums.comodo.com/av-false-positivenegative-detection-reporting/report-trusted-and-whitelisted-malware-here2013-no-live-malware-t89869.75.html

(and check again after 2/3 days)

I hate the existence of a database software digitalmmente signed, ideally creating an online database software analyzed and considered safe.
it already eliminate this vulnerability, besides extinguish this local database software digitally signed. The User has no connection for one reason another it would be up to the decisions to be taken.

a new malware downloaded by it :frowning:



Please report this in Submit Malware Here To Be Blacklisted - 2013 (NO LIVE MALWARE!)?

No this is a trusted malware sample, btw I have already said to him to report it and he did :-TU

Rare or not, they have to somehow solve that as it completelly defeats the trust chain. It’s like allowing a suspicious looking person with a rifle into a bank just because he has a pass card (which he stole from some employee of the bank). Everything about it looks wrong but they let him in because he has a pass card.
That doesn’t make sense doesn’t it? And so it doesn’t when CIS is allowing signed stuff that is in fact a malware…

Sure. They will. But at the end of the day ppl will make mistakes you have to accept that. If you want a temp fix (disable TVL). Also that’s why some users don’t rely on Comodo TVL. But at the same time it also defeat a purpose of the whole DD system.