As we install software there is a growing list of unknown files in Defence+. The list does not get smaller and more and more files are trapped there. From one or two to hundreds.
We, the user doe not know if a file is good or bad so we wait for Comodo to decide and take them out of the list and put them in the good or bad section (as the movie shows us). But that does not happen it seems.
I don’t get the video because it shows me that Comodo will do this deciding for me … how?
NO that can’t be it.
The movie tells us customers action will be done by Comodo. I don’t even know how to send it and I don’t want to know. Comodo wil do this for me as the video shows.
Cloud scanning is on and this does noting for the list.
With the overflow of M$, Adobe and other updates the list grows to 300 files on multiple computers. The computers start crashing because the files are in this list.
If a file is unknown it will be uploaded to the Comodo cloud servers and it will get analysed. That will take time.
Once there is a verdict it will be fed back through the cloud system. If the file is safe it will be unsandboxed the next time your start up your system. When it is malware it will be removed.
The whitelist system will by defintion always be behind of the facts of updating unless the updated files are digitally signed by a vendor who is on the Trusted Software Vendors list.
When you know files on the Unrecognised Files list to be safe you can move them to Trusted Files yourself.
The only issue here is that analysis often recognizes malware as safe application. :-TD
Check how many I found only today in “Report trusted and whitelisted malwares here!” topic…
So what is the normal time-line that Microsoft files are verdict and be found safe after M$ has released there paches every Thursday? Because I still find a lot of normal M$ files in there for months.
I have no idea of a time line. From what I see at the forums the mileage varies quite a bit.
To know what programs are important for Comodo users there is a topic where they can submit their programs there. That will help Comodo prioritize.
That being said. I am surprised you have Windows system files on the list of Unrecognised Files. Most of Microsoft files are digitally signed and should be trusted therefor. Did you take one or more instances of Microsoft digital signatures from the Trusted Software Vendors list?
Since Sandboxing is being dicussed in this thread and I am new to using it (I didn’t use it in prior versions), I have a question.
Defense+ a while back found a suspicious temp file and sandboxed it; said it was unknown and submitted it to the cloud. After a while and what appeared to be no response from the cloud, I submitted the file manually to Comodo. I also got nervous and manually blocked the temp file.
As far as I can tell? I never received a response from Comodo on that submitted file. I have deleted the blocked file since it was just a temp one to start with. The file still shows in my submitted list. How do I remove it from the submitted list?
BTW - sandbox works great if the cloud finds the file OK. It removes it from the sandbox and moves it to trusted files.
Issue appears to be when the file remains in an unknown status …