V12.2.2.7062 Proactive Security - Windows 7 Pro x64 SP1 Fully Patched until January 2020
By following Cruelsister’s tutorial on how to customize the Trusted Vendors List, pressing Select on all vendors, using Search function to find the vendors I wish to keep and unchecking them, finally pressing Remove to delete all other vendors, pressing OK to save changes.
By opening again the Trusted Vendors List, ALL removed vendors are still there. WHY??? Bug or what??
I was forced to manhandle Comodo’s Trusted Vendor List in order to customize it the way I want (with Cloud Lookup disabled). First had to manually delete ONE BY ONE all Chinese/Asian/Russian vendors - took 1 hour approximately, then all vendors starting with numbers: + 1 hour, then for each letter in the alphabet it took around 40 mins approximately… Luckily I did that during my spare time in the past 6 days or so…
You can’t literally allow your users to scroll/click manually through this HUGE ABYSS called the Trusted Vendors List in order to modify it… Another one of the rare things I did in my life beside shaking hands with an U.N member in the past… I literally went through Comodo’s colossal Trusted Vendors List… I deserve my name written in the World Records…
Thank you very much guys at Comodo for another RARE, yet strange, accomplishment in my life…
The ability to delete vendor rated by Comodo from Vendor List was added to CIS since version 12.1.0.6914.
It seems you are the first who used this feature and discovered that you can’t delete more than one vendor at a time.
A bit odd that no one else has reported this defect since this feature was added to CIS due to popular demand.
I think safemode will now obtain the same result when he exports and imports his new config and new file list after spending many hours of deleting the vendors.
The question is: After a fresh install of CIS, does it work to remove all vendors from the list by selecting them all and pressing the Remove button just once and then as a result find an empty Vendor list when one opens the list again?
You are not supposed to remove vendors as it wont do anything other than reset its rating when it gets added back doing either a program update or running an application that is signed by that vendor that was removed. The proper way to make vendors non-trusted is to change the vendor rating to unrecognized or malicious. They implemented the ability to change vendor ratings for a reason, that is the supported and correct way to not trust certain vendors.
Guys, first of all, thank you all for your attention, second I would like to clarify a few points:
I am the same guy who some time ago requested in the Wishlist section for the Removal of Vendors option to be re-implemented by Comodo, and it was accepted and actually re-implemented by devs.
I always DISABLE Cloud Lookup when customizing the Vendor List this way so any vendor not existing on the list will be treated as Unknown - I know somewhat well how CIS/CFW/CAV works since I’ve been using it since the past decade.
When REMOVING/DELETING unneeded vendors I’ve always noticed faster computer response time, faster System startup and faster response from CIS GUI elements. And this being in a fairly powerful computer (Core i5 @ 3,2 Ghz, 8GB RAM).
Ploget’s way of customizing the Vendor List seem to be a good solution, and thanks for mentioning that, however I still view the Cruelsister’s guide as a much easier way of customizing the Vendor List, I view it as a masterpiece of a guide actually and I honestly think Comodo should still support it. Older CIS Versions such as V12.0.0.6882 allowed me to easily customize the Vendor List by following Cruelsister’s guide.
This was a clean install using the Uninstaller Tool on V12.0.0.6882 while rebooting 2 times, also used the Offline Installer for V12.2.2.7062.
If the Removal of Vendors option is useless then might as well get rid of the ability to Disable Cloud Lookup functionality…
Can you describe the differences in the Remove Vendor List functionality between 6882 and 7062?
According to the release notes the Remove function was introduced in 6914.
It may be useful to know how the Remove function works/behaves in 6882 and in 7062.
Thanks.
IIRC they removed the option to Delete vendors in the First V12 Build and immediately I created the post in the Wishlist section asking for them to bring back this functionality, then they brought it back in a Beta (or RC) from an early V12 Build (it was way before V12.0.0.6882).
So I think the release notes are probably wrong maybe… As for the differences, in V12.0.0.6882 I was able to succesfully implement the Cruelsister’s guide in Vendor List customization while in V12.2.2.7062 I can’t remove more than a vendor at once (I have to use CTRL+ Scroll and right click to remove Each vendor in order to remove them.)
I think maybe the List got so Huge, Colossal and Big that CIS can’t process anymore if multiple vendors are removed at once???
Also why there is no option to IMPORT/EXPORT the Vendor List as .txt document? It is 2021 already…
Yes you can remove more than one at a time, use shift or select all and uncheck the ones you want to keep. Point is people wanted to untrust certain vendors and so they made it possible to change vendors rating. I doubt you are noticing speed improvements clearing the list, only speed increase that would be noticeable is opening the vendor list itself as it will load faster. Remove is useful for if you want to remove a custom vendor that you added yourself that is not part of the default comodo list, or you want to reset the vendor rating to the one comodo assigns it if you had previously changed the rating of the vendor.
Thank you for reporting. As you know there is an option to select multiple vendors from the list and to change ratings at a time, what is the purpose of removing them? Could you please create a wishlist in detail and add a poll on your wish.
About the missing Vendor List export/import feature, suppose one removes all Vendors from the list by accident how to bring them all back again?
Only by performing a program update, does that work whether there is an update available or not?
What you mentioned is basically Cruelsister’s way of customizing the Vendor List, I’ve tried it and was unable to remove multiple vendors at once as per OP. I am not entirely sure if this could be a Bug or a issue with my OS or CIS installation, however since I’ve set up CIS to work completely the way I want and I have personal issues to deal with at the moment, I won’t be able to test if a Clean Wipe Reformat of my OS + clean CIS install from Offline installer will face the same issue of not, so I will leave this CIS installation as it is for the next 8 months at the very least. Maybe some other person will volunteer to try to reproduce this Bug or not.
I always configure CIS to Block Unknowns, Cloud Lookup disabled, everything enabled at Script Analysis, HIPS enabled at Safe Mode and set to Auto-Block, AV On Access with Heuristics on High, tested it against Leak Testing Applications and even some Real Malwares, it is protecting very well so I will leave it as is for the time being. As for performance improvements, even with CIS configured this way, the System is so light and fast that it seems I have no security installed at all. Specially after removing multiple vendors from the List and leaving only around 50 or 60 Vendors…
PS: I’ve always disabled Program Updates and always did clean installs of CIS…
Maybe they should create a ‘Light Trusted Vendors List’ just like with AV Database??
I will possibly create a Wish Request for the Option to Import/Export the Vendor List as .txt Document and add a Poll. Thanks.
Having 10000s of applications being able to bypass every HIPS/AV/FIREWALL safeguard simply because someone paid 100$ to get a certificate from some sweatshop certificate authority, or use some MS certificate bundled with Terminal Server that they forgot to revoke is defeats the whole purpose of having all these restriction mechanisms in CIS.
For my understanding.
Say you don’t trust the trusted vendors, why not allowing them everything in HIPS but disallowing them any LAN/internet connection or just put a FW ASK rule in place for those applications (or one FW ASK rule for all applications).
I mean, as long as the “untrusted” trusted vendors cannot call home or whatever they are calling than what harm can they do?
Some may be a Ransomware or other type of Malware that damages the OS (Yes it is VERY rare and such certs tend to be revoked quickly) or include PUP/Adware bundled.
I personally like to set up CIS/CFW/CAV as Anti-Exe software, similar to the likes of VoodooShield, NVT ERP, and I like to have control over which Vendors are Trusted, better yet with a relatively small list (around 50 or 60 vendors, big companies only).
Yeah that’s not how it works, just because a file is digitally signed with a code signing certificate, it does not automatically become trusted by CIS, it has to be part of trusted vendors for that to happen. And if you really want full control over applications regardless of file rating, you can always set HIPS to paranoid mode and the firewall to custom ruleset mode, along with creating custom auto-containment rules.