CIS Trusted Vendor List Problem

Comodo Internet Security - CIS Resolved/Outdated Issues - CIS
1

My OS : Windows 10 Pro 21H1 - up-to-date
My CIS Version : Comodo Internet Security Premium Free - 12.2.2.8012 (Latest-connected to internet)

  • It is fresh installation of CIS. 10 days ago installed.
  • My configuration, attached
  • Diagnostic report, attached.

How this problem appears?

1 - I downloaded a software called Rambox, just for hunting white softwares for COMODO. (Rambox Download Link)
2 - Checkhed it’s digital signature, exist. It’s digital signature is “Rambox LLC(See image 1)
3 - Open CIS settings > File Ratings > Trusted Vendors,
4 - Use search option and copy-paste “Rambox LLC”, it is not there. (See image 2)
5 - Then I opened a whitelist request on forum. See request.
6 - Comodo employee, Bogdan, came and response “The submitted vendor is already in Trusted Vendor List.” See his reply.
You may check the continues conversation in the forum.

7 - I checked other vendors before submitting to Comodo with the same way above. Bogdan said they are already in TVL, too
Example 2
Example 3

8 - He suggested me open a bug report, here

Summary & Questionary
Comodo Internet Security have a probelm with Trusted Vendor List. Is all TVL entries installed on installation of CIS? or Comodo using a “light TVL” option while installin CIS, just like antivirus database.
Another question? Let’s say I installed CIS on 10 January and Comodo Whitelist guy added “XXXXX Ltd.” to Trusted Vendor List in 15 January. How CIS got this update in this senario? Does CIS update TVL like antivirus database? If the answer is yes, why I am getting this problem.
If the answer is no, so there must be a cloud TVL option around there.

2

CIS ships with all TVL at the time the specific build is created, and any new vendor that gets added will only show up in local TVL if you execute an application that is signed by that new trusted vendor, as long as you have cloud lookup enabled in CIS file rating settings. As a side note you should check verdict.valkyrie.comodo.com for file rating, as this will tell you how CIS will handle the file. Although in this case, both verdict valkyrie and regular valkyrie do not seem to detect the digital signature and thus will not tell you that the vendor is trusted, but it will be trusted when you execute the application. So it seems an issue with valkyrie in detecting digital signatures on files it analyzes.

3

Thanks futuretech,

As I said in the first post, I am just hunting them for whitelisting purposes. I cannot run all the files on my desktop.

both verdict valkyrie and regular valkyrie do not seem to detect the digital signature and thus will not tell you that the vendor is trusted,

Indeed!

Edit:

Running the file even in container helped! Suddenly Ramboc LLC appears in my local TVL. Just for the information

1828×1015 365 KB

4

Then you should be checking https://verdict.valkyrie.comodo.com/ to view what rating it will be assigned.

Edit: Yes, as long as it gets run in some way CIS will perform rating lookup via file lookup system.