I added Microsoft Corporation to my list of Trusted Software Vendors thinking it would reduce the number of items ending up in the My Pending Files (essentially “untrusted”) list.
It didn’t work out that way.
After adding MS to the Trusted Vendors list, I placed CPF3 in “Installation Mode”, and installed Microsoft .NET Framework 3.0. Everything went smoothly, but now I have more than 100 Microsoft Corporation items listed in the My Pending Files list.
Why?
All files that are signed by the listed 'vendors' will be automatically trusted by the Defense+ module of Comodo Firewall Pro.…snip…
One way of telling whether an executable file has been digitally signed is checking the properties of the .exe file in question. For example, the main program executable for Comodo Firewall Pro is called ‘cfp.exe’ and has been digitally signed.
Browse to the (default) installation directory of C:\Program Files\Comodo\Firewall
Right click on the file ‘cpf.exe’
Select ‘Properties’ from the menu
Click the tab ‘Digital Signatures’ (if there is no such tab then the software has not been signed)
Once installed, Comodo Firewall Pro watches all file system activity on your computer. Every new executable file introduced to the computer, is first scanned against the Comodo certified safe files database. If they are not safe, they are added to the 'My Pending Files' for users to review and possibly submit to COMODO. Apart from new executables, any executables that are modified are also moved to the 'My Pending Files' area.“My Pending Files” is specifically important while Defense+ is in ‘Clean PC Mode’. In Clean PC Mode, the files in ‘My Pending Files’ are NOT considered clean. For more information, please check ‘Clean PC Mode’ on the Defense+ settings page.
The 'My Pending Files Area allows the user to:
Assess the pending files to determine whether or not they are to be trusted. If they are trustworthy, they can be moved to ‘My Safe Files’ using the ‘Move to’ button. Similarly, files that are suspicious can be moved to the ‘My Quarantined Files’ area.
Use the ‘Lookup…’ feature to see if the master Comodo safelist contains more information.
Send the file to Comodo for analysis using the ‘Submit’ feature
Manually add files to the pending list for look-ups or submitting to Comodo
Use the ‘Purge’ feature to scan the list for files that no longer exist on your system and remove them from the "My Pending Files’ list.
You can find CFP help manual at %programfiles%\comodo\firewall\cfp.chm
Thank you gibran: (:WAV)
It wasn’t necessary for you cut & paste from the manual. I always read the manual before posting questions here. If the manual contained all the answers, (it doesn’t) - this forum would be redundant.
My original question remains unanswered.
I have set-up Microsoft Corp. as a trusted vendor. Since newly installled MS items (such as .NET 3) continue to be dumped into “My Pending Files”, I can only assume that either MS didn’t sign .NET 3, or CPF isn’t seeing the Microsoft signatures.
If anyone knows where MS hides the .NET3 executables, please let me know - so I can check for the signatures from within CPF.
Thanks all !!
What if you press purge? After installations my pending files list is also full of files which eventually turn out to be temporary files. Maybe these temp files are not signed.
Posted by: BlasWhat if you press purge? After installations my pending files list is also full of files which eventually turn out to be temporary files. Maybe these temp files are not signed.
Thanks Blas !
Unfortunately, the numerous Microsoft files remain after I purge.
What is your defense+ level?
Maybe the trusted software vendor settings only apply for programs already on your computer, and every modified/newly introduced applications go to the pending list.
Posted by: BlasWhat is your defense+ level?
CleanPC Mode
Posted by: BlasMaybe the trusted software vendor settings only apply for programs already on your computer, and every modified/newly introduced applications go to the pending list.
Maybe you’re right; I don’t know. Ideally, once you decide to trust a vendor (not an easy decision by the way) - it would make sense that everything from that vendor would be trusted in the future, assuming everything is signed using the same digital signature.
Interesting point Blas! Thanks.
Interesting “problem” btw, I also thought about it back then when I installed v3 as Microsoft is trusted by default, yet I received alerts for new or updated micro$oft stuff…Right now I see 3 possibilities:
It does ;D your second post is way different from
If you account for the quoted parts from CFP help you’ll find that Trusted vendors is used to consider safe all digitally signed files from a specified vendor.
So D+ will learn the rules for a signed apps.
V3 help states tha Modified files or files that are not in Comodo safelist are added to pending list, too.
Files in pending list are listed with full path and get a status (new/modified)
BTW not all ms files are digitally signed. MS has a separate signature DB to check file inegrity using sigverif.
If you look for explore.exe digital signature you won’t find the specific property tab.
Anyway reading manuals actually help to address topics in a better way focusing on specific aspects. Usually it helps to get more replies too.
That’s why there are many reladed internet acronyms
I have a question about the Trusted Vendors as well, I use Avira AntiVir v7.0.02 to 7.0.06 latest versions just updated about 1900hrs local time, -6 is my offset. The only file I can find a Digital Sig on is “avadmin.exe” none of the other are signed. What is your criteria for having a Digitally Signed executable?
Signer Information: Avira GmbH
Signing time: Monday, February 26, 2007 3:46:47 AM
There is more information under properties for that file.
TIA,
Only developers can sign their files. Usually many develovers only digitally sign installer packages.
It might be worth reading the attached PDF - it is taken from the firewall help file and defines digitally signed software/executables quite well.
:SMLR
[attachment deleted by admin]
N.T.T.W. & gibran,
Thank you for these replies, did not know only the Developers signed a file. Thank you also for the PDF, will get to that between Xmas parties and baking along with preparations for meals and house cleaning.
Have had to take over most of those duties since retiring along with the other duties that have continued from before retirement. That is some of my other problems and not being able to do much on this system.
My problems are here for me, do not want any volunteers to come to help me.
TIA,