Comodo Help
Find the desired product help
Xcitium Cleaning Essentials

Xcitium Cleaning Essentials

Version 11.0

English

Print Help Download Help
The Tools Menu > Manage Trusted Vendors
  • Introduction To Comodo Cleaning Essentials
    • System Requirements
    • Download Comodo Cleaning Essentials
    • Start Comodo Cleaning Essentials
    • The Main Interface
  • Scan Your System
    • Smart Scan
    • Full Scan
    • Custom Scan
    • Comparison Of Scan Types
  • Configure Comodo Cleaning Essentials
  • The Tools Menu
    • Manage Quarantined Items
    • Manage Trusted Vendors
    • Import Antivirus Database
    • Check For Software Updates
  • Introduction To KillSwitch
    • Start KillSwitch
      • From The Comodo Cleaning Essentials Interface
      • From The Folder Containing Comodo Cleaning Essentials Files
      • Replace Windows Task Manager With KillSwitch
    • The Main Interface
      • The System Tray Icon
    • View And Handle Processes, Applications And Services
      • Processes
        • Stop, Start And Handle The Processes
        • View Properties Of A Process
      • Applications
        • Handle The Applications
      • Services
        • Stop, Start And Delete Services
    • View And Handle Network Connections And Usage
      • Network Connections
        • Inspect And Close Network Connections
      • Network Utilization
    • Configure KillSwitch
    • KillSwitch Tools
      • View System Information
      • Repair Windows Settings And Features
      • Analyze Program Usage
      • Search For Handles Or DLLs
      • Verify Authenticity Of Applications
      • Boot Log And Handle Loaded Modules
      • Run Programs From Command Line Interface
      • View KillSwitch Logs
      • Find Process Of The Active Window
    • Manage Currently Logged-in Users
    • Help And About Details
  • Introduction To Autorun Analyzer
    • Start Autorun Analyzer
      • From The Comodo Cleaning Essentials Interface
      • From The KillSwitch Interface
      • From The Folder Containing Comodo Cleaning Essentials Files
    • The Main Interface
    • View And Handle Autorun Items
      • Handle Autorun Items
      • Filter Entries Based On Categories
      • View Autorun Items For Other User Accounts
    • Help And About Details
  • Help And About Details
  • Use The Command Line Interface
    • Run A Smart Scan From The Command Line Interface
    • Run A Custom Scan From The Command Line Interface
    • Run A Virus Database Update Task From The Command Line Interface
    • View Help
  • About Comodo Security Solutions

Manage Trusted Vendors


There are two way that an application can be treated as safe in Comodo Cleaning Essentials.

  • It is whitelisted. This means it is on Comodo's list of software which we have tested and know to be safe.
  • It is signed by one of the vendors in the 'Trusted Software Vendor' list.
From this point:
  • IF the vendor is on the 'Trusted Software Vendor' list, the application will be trusted and allowed to run.

Software publishers may be interested to know that they can have their signatures added, free of charge, to the 'master' Trusted Software Vendor List that ships to all users with CCE. Details about this can be found at the foot of this page.

To access the 'Trusted Software Vendors' interface, click 'Tools' > 'Manage Trusted Vendors'.




Column Descriptions  

  • Vendors - The company that published the software, and digitally signed their software.
  • Defined By - Indicates whether the vendor was added to 'Trusted Software Vendor' list by Comodo (the vendor is globally whitelisted), or by the user
  • Click here to read background information on digitally signing software 
  • Click here to learn how to Add / Define a user-trusted vendor
  • Software Vendors - click here to find out about getting your software added to the list

Background

Many software vendors digitally sign their software with a code signing certificate. This practice helps end-users to verify:


i. Content Source: The software they are downloading and are about to install really comes from the publisher that signed it.

ii. Content Integrity: The software they are downloading and are about to install has not be modified or corrupted since it was signed.

However, companies can't just 'sign' their own software and expect it to be trusted. This is why each code signing certificate is counter-signed by an organization called a 'Trusted Certificate Authority'. 'Comodo CA Limited' and 'Symantec' are two examples of Trusted CA's and are authorized to counter-sign 3rd party software. This counter-signature is critical to the trust process and a Trusted CA only counter-signs a vendor's certificate after it has conducted detailed checks that the vendor is a legitimate company.

If a file is signed by a Trusted Software Vendor and the user has enabled 'Trust Applications that are digitally signed by Trusted Software Vendors' then it will be automatically trusted by CCE (if you would like to read more about code signing certificates, see http://www.instantssl.com/code-signing/).

One way of telling whether an executable file has been digitally signed is checking the properties of the .exe file in question. For example, the main program executable for CCE is called 'cce.exe' and has been digitally signed.
  • Browse to the (default) installation directory of Comodo Cleaning Essentials
  • Right click on the file cce.exe
  • Select 'Properties' from the menu
  • Click the tab 'Digital Signatures (if there is no such tab then the software has not been signed)

This displays the name of the CA that signed the software as shown below:

 


  • Click the 'Details' button to view digital signature information 
  • Click 'View Certificate' to inspect the actual code signing certificate. (see below): 



It should be noted that the example above is a special case in that Comodo, as creator of 'cce.exe', is both the signer of the software and, as a trusted CA, it is also the counter-signer (see the 'Countersignatures' box). In the vast majority of cases, the signer or the certificate (the vendor) and the counter-signer (the Trusted CA) are different. See this example for more details.

Add and Define a User-Trusted Vendor

A software vendor can be added to the local 'Trusted Software Vendors' list by reading the vendor's signature from an executable file on your local drive.




  • Click the 'Add' button on the right and select 'Read from a signed executable...'. Browse to the location of the executable your local drive. In the example below, we are adding the executable 'Viber.exe'.
  • After clicking 'Open', CCE checks that the .exe file is signed by the vendor and counter-signed by a Trusted CA. If so, the vendor (software signer) is added to the Trusted Vendor list (TVL):




In the example above, CCE was able to verify and trust the vendor signature on Viber.exe because it had been counter-signed by the trusted CA 'Symantec'. The software signer 'Viber Media S.à r.l.' is now a Trusted Software Vendor and is added to the list. All future software that is signed by the vendor 'Viber Media Inc.' is automatically added to the Comodo Trusted Vendor list.

The Trusted Vendor Program for Software Developers

Software vendors can have their software added to the default Trusted Vendor list that is shipped with CCE. This service is free of cost and is also open to vendors that have used code signing certificates from any Certificate Authority. Upon adding the software to the Trusted Vendor list, CCE automatically trusts the software and does not generate any warnings or alerts on installation or use of the software.

The vendors have to apply for inclusion in the Trusted Vendors list through the sign-up form at http://internetsecurity.comodo.com/trustedvendor/signup.php and make sure that the software can be downloaded by our technicians. Our technicians check whether:

  • The software is signed with a valid code signing certificate from a trusted CA;
  • The software does not contain any threats that harm a user's PC;
before adding it to the default Trusted Vendor list of the next release of CCE.

More details are available at http://internetsecurity.comodo.com/trustedvendor/overview.php

Our Products
  • Free Antivirus
  • Free Internet Security
  • Website Malware Removal
  • Free Anti-Malware
  • Anti-Spam (Free Trial)
  • Windows Antivirus
  • Antivirus for Windows 7
  • Antivirus for Windows 8
  • Antivirus for Windows 10
  • Antivirus for MAC
  • Antivirus for Linux
  • Free Endpoint Security
  • Free ModSecurity
  • Free RMM
  • Free Website Malware Scanner
  • Free Device Manager for Android
  • Free Demo
  • Network Security
  • Endpoint Protection
  • Antivirus for Android
  • Comodo Antivirus
  • Wordpress Security
Cheap CDN
  • Bootstrap CDN
  • Semantic UI CDN
  • Jquery CDN
  • CDN Plans
  • CDN
  • Free CDN
Enterprise
  • Patch Management Software
  • Patch Manager
  • Service Desk
  • Website Down
  • Endpoint Protection Solutions
  • Website Security Check
  • Remote Monitoring and Management
  • Website Security
  • Device Manager
  • ITSM
  • CRM
  • MSP
  • Android Device Manager
  • MDR Services
  • Ransomware Prevention
  • Managed IT Support Services
  • Free EDR
Free SSL Certificate
Support Partners Terms and Conditions Privacy Policy

© Comodo Group, Inc. 2023. All rights reserved.