The new Peghorse’s test (in french … sorry) O0
http://infomars.fr/WordPress/peghorse/?p=605#comments
Conclusion, cis did very well ! ;D ;D ;D
Maxx you need to Update the translation, i have added a new line 
I would like to know how you came up with that last line??
Very easy to know Languy. When you are viewing all videos, in a moment i have checked the Safe List because the Rogue successfully bypassed without any warning from Comodo and what a surprise, Comodo added it automatically.
This is a potential security breach which is not used yet by a lots of malwares. I consider that as a bug.
+1 .msi installers are not ALL safe… >:-D
problem in translation : red line 3 is “the ANTIvirus can sometimes cause slowdowns but it’s not essential to the protection, you can install a free lightweight AV instead”
and the line that Peghorse added :
“- Behavior that might be important: The Sandbox allows easy installation of malware when it is already using another software safe, eg, Windows Installer, and other program “Setup” known and safe. Once it is safe, Comodo attributes apparently all right … Something that simplifies the task but seems to create a potential security hole in the future …”
which rogue was that and what do you mean comodo added it automatically? Automatically to what?
RST Antivirus is one of those, but in my reviews this wasn’t it… ErrorNuker for example…
Comodo add them to “Safe Files” in “Defense+” and doesn’t do any warning…
Error Nuker seems to be perfectly legal app. digitally signed since 2005, please see pictures for confirmation
BTW. Kaspersky IS also add it to trusted appz automatically
[attachment deleted by admin]
it looks legitimate butsome people doubt of it : http://www.mywot.com/fr/scorecard/errornuker.com so…
the other rogue was Dr.Alex antispyware (http://www.doctor-alex.com/) if i remember well… same case (rogue or not ?)
The software itself, may well be ■■■■■■.
The company may or may not have had some dodgy marketing or associations at some point.
There are a lot of reasons the rogue label gets tossed around.
IMHO WOT is a poor source to solely base any decision on.
Any software could be rated poorly by just a small group of unhappy campers.
With or without having appeared on some black list once upon a time.
Any way none of the above makes a software malicious.
And as you have demonstrated the executable must be on Comodo’s white list.
If I am wrong then someone should also inform Softpedia.
http://www.softpedia.com/get/Tweak/Registry-Tweak/Error-Nuker.shtml
Or CNet for the old tired Doctor. The reviews although old, don’t seem so bad.
Bad
The last line of PegHorse is still correct when we see rogues that use the .msi installer to install them selfs just like RST Antivirus.
You may verify SpywareScrapper which has bypassed Comodo too in same way as RST Antivirus.
You will see the list of certified files in the last part of videos, about the End … When i show people how to remove certified files.
Just a couple of pics.
First is during download of RST Antivirus.
Second is when scanning or accessing RST installer.
This is with the 2011 Alpha.
I can check with 4.1 soon, doesn’t it have the same AV database?
Bad
[attachment deleted by admin]
ignore the alerts and try to see if the d+ module say something about the RST please. The result with 4.1 is the same the antivirus catch it but the d+ will not anything or will only show a alert from .msi I really don’t remember.