There is no doubt that Comodo’s whitelist is superior and it makes CIS more user friendly.
But some malwares could sometimes get a trusted signed certificate! or accidentally get whitelisted!.
We must fight that by all means!.
So I thought it will be useful to open a new topic and report these trusted! malwares in it.
If you find files that are whitelisted, but seem suspicious (for whatever reason) please report it here asap.
just upload the malware to camas.Comodo.comandvirustotal.com , and post both result links here. , the name of the trusted vendor or any other info could be useful too.
As you wish , but I thought that this is not a normal negative detection , as they are trusted signed or whitelisted malwares and they can easily and completely bypass comodo security layers. Not like the unknown malwares.
Anyway , I hope that these bypasses get fixed asap.
3D Crash Icons is an adware that uses aggressive, deceptive advertising. It shows deceptive and/or false messages. It may be installed without adequate notice and consent, often though exploits.
Also, there should be a big difference between something not being malicious and being worthy of being included in the whitelist. There should be a gray area between.
Определяются CIS 5.3 только в режиме сканирования “Критические зоны” как Rootkit.HiddenFile@0.
WinFLdrv.sys - подписан цифровой подписью NewSoftwares.net Inc. SDN. BHD., скрывает себя и два других файла так, что даже при включённом отображении скрытых и системных файлов они не видны.
Никакого ПО от NewSoftwares.net Inc. я никогда не устанавливал и не скачивал.
На всякий случай я у себя удалил newsoftwares.net из списка “Доверенные поставщики”.
translate.google.ru:
CIS 5.3 determined only in the scanning mode “Critical Zone” as Rootkit.HiddenFile@0.
WinFLdrv.sys - digitally signed NewSoftwares.net Inc. SDN. BHD., hides himself and two other files so that even when the view hidden and system files are not visible.
No software from NewSoftwares.net Inc. I have never installed or downloaded.
Just in case I have a newsoftwares.net removed from the list of “Trusted suppliers”.
CIS 5.3 ругался на них в режиме сканирования “Критические зоны”.
Да, вероятно, это ложное срабатывание.
Сюда написать меня попросили здесь: https://forums.comodo.com/empty-t67478.0.html