Another bypass ?

don’t worry , I guess the cis developers are just doing a great and fast job , I just tested 2 of the signed trusted! malwares that i had problems with last week , and they are fixed now and sandboxed when I execute them …

thanks comodo , keep up the good work

Can we please return to the topic in hand, any more off topic posts will be deleted!


Not sure what you mean. Can you rephrase?

Just want to know the time between these two points;

  1. someone reported a malware with valid signature in TVL (assume it is a true malware),
  2. release of a new TVL with above signature removed for update of CIS in our PC.

And I think the above time should be less than the time required for update of virus database if a new virus were reported. It is because I can still be protected by D+ if the AV missed the virus. However, the protection will totally be bypassed if a malware got a valid signature in TVL.

This example very well :-TU illustrates that TVL feature is flawed (despite it is very convinient), and this is gonna to change only when “trusted vendors” stop sign malware.

even with the Norton Insight technology ( it depends on the file hashes as far as I know ) , still you will find some problems like these

I was testing Norton Antivirus 2011 versus’s malwares and I also found like 4 or 5 malwares that norton reports them as ( safe !) and the system got infected so easily.

you will never get a security software with 100 % protection , but you can get a solid software like the free! cis5 and get yourself used to download only famous and trusted softwares , then u will be safe

‘SecureSoft’ is removed from TVL as we found questionable practices used by Vendor.


Great, what’s about flaged this file as malware?:wink:

Hi morphiusz,

Detection will be available soon, with virus signature databases that will follow.

Thanks and regards,

Thank you, guys!

That’s good to know :slight_smile:

Question is did you check this vendor in terms of “questionable practices” before adding to TVL :-\

I would also like to know the answer to this question, it’s only fair that we are given an answer as to why and how malware gets added to the TVL either on purpose or by accident.

Things may look good when the publisher gets assessed. But then later they decide to add some adware.

This is why the TVL should not automatically include ALL software from a trusted vendor, but each peice of software tested individually. We cannot even trust trusted vendors…this is scary. :o

I have given a suggestion how to solve this thing problem but no one seems to listen or give feedback!

Valentin N

Can you please provide a link to this advice.

Or rather directly quote the post in your reply?

The solution would be to:

  1. Comodo test each software individually, and remove the trusted vendor list.
  2. Remove the “default allow” trusted software vendors from the computer security policy manually.

Ability to disable autoupdating of TVL (by the cloud?). So after user edited TVL manually those changes won’t be lost.