Yes - it’s from the default list and does give the ‘proper’ message . . . but you’re saying that on a system with a chosen set of applications and known vendors, that the hundreds of default vendors can’t be removed or chosen by the user?
I like to control my system(s) and not have superfluous vendor lists that I can’t remove or edit, or even understand in scores of the entries!
May I ask what is the reasoning behind that?
There are no trusted vendors and the stuxnet case (stolen Realtek and JMicron certs) confirms this. Attempt to impose these “trusted” vendors is a very bad sign. If this does not change, HIPS (and CIS itself) will become useless. Potentially, only a microsoft can be considered a trusted vendor, but it should also be allowed to users to delete and configure as they wish.
Completely agree . . . a very bad move in my opinion
I will try this option, but with previous version Cis 11 i don’t have problem. I have problem only with cis 12.
Hello,
This option now try and does not working. Cis 12 RC still blocking( alow down) system.
Hi maciejak,
Thanks for getting back.
Could you please try to reproduce the issue, provoke BSoD and share memory dump with me via PM.
There are several ways to do it:
Or you can use notmyfault tool from sys internals package:
Rexy, Ploget, your arguments are reasonable, we will discuss them internally.
Thanks Vladimir . . . I would say it is very important to a lot of users
couldnt agree more
So, no ask feature for the autosandbox like in CCAV?
Can I have an option to turn off clipboard for sandboxed processes. I think sandboxed processes have access to clipboard is a big security risk.
You might be interested in the following wish: Prompt user to Allow or Block Copy/Paste to and from Sandbox via Clipboard.
CIS has always been good at allowing itself to be tuned and it controls absolutely everything. I can not understand why you need to impose trusted vendors. Suppose you trust them, but why should the end users force them to trust them? Certificates can steal and sign a virus with them, which has already happened. I do not speak against the model with trusted vendors, but I am categorically against imposing this list. Previously, it was better - the user himself decided which vendor deserves trust and which one does not. Selective protection is not protection.
This means the complete destruction of the last HIPS for Windows. This is very bad.
Stuxnet and stolen certificates
Stuxnet signed certificates frequently asked questions
“Our results show that compromised certificates pose a bigger threat than we previously believed, as it is not restricted to advanced threats and that digitally signed malware was common in the wild before Stuxnet”
Stuxnet spawn infected Kaspersky using stolen Foxconn digital certificates
Windows Pro x64 1809 17763.379 CIS v12.0.0.6810
Again, the system hangs as in the previous version 6808
I think the same as Ploget and Rexi. The first thing I always do is to empty the list of trusted vendors.
- Extended Vendor List with User rating.
For those who want the ability to remove trusted vendors, may I ask what does removing accomplish that you can’t accomplish by changing the vendor rating in the vendor list? Just as with the file list, you can select vendors and change their rating to trusted, unrecognized, or malicious and user rating will override comodo’s own rating for those vendors. By the way, even in the past when you removed a trusted vendor, executable’s would still be trusted if the hash of the executable is found in the online file lookup service. Also if you have the AV installed an executable can be trusted by a whitelisted file signature.
Understanding - as in the hundred of undecipherable entries
Control - of the 30 or 40 that are added from my known Running Processes and those few extra that I add - AFTER deleting the original list
Ease of use
Tidiness
Simplicity
Aesthetics
(Not necessarily in that order)
Most important to me - why does Comodo feel it necessary to lock them in now?
My standard procedure, starting with a clean computer, is to delete all trusted vendors and run Comodo Cleaning Essentials. Once finished all executables are reported as unrecognized. Sent to Comodo those who are on the whitelist become reliable and their vendor also goes to swell the trusted list. At the end of the process only the providers that have programs installed on the computer are on the list of reliable suppliers. And even then I do not know if I check the box ‘trust applications signed by trusted vendors’ in ‘file rating’, because it is one thing that a program is trusted and this is in the white list and another that all the programs of that provider be.
At a guess 
Not everyone comes to the Forum to complain, I guess that some of these have been removing all the list then saying CIS is blocking some of their programs so removing CIS and complaining on Social media that it is rubbish.
Dennis
Focusing on stupid users leads to degradation. A non-removable list of “trusted” vendors is not even degradation, it makes CIS absolutely useless because it completely kills HIPS.