Author Topic: Comodo Cloud Antivirus v1.21.458953.792 hotfix release.  (Read 7274 times)

Offline Shane

  • Product Group Manager
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 628
Comodo Cloud Antivirus v1.21.458953.792 hotfix release.
« on: September 05, 2018, 02:57:56 PM »
Hi All,
We are pleased to announce a hotfix release of Comodo Cloud Antivirus v1.21.458953.792.

Download:
https://download.comodo.com/ccav/installers/ccav_installer.exe

Checksum:
SHA1: 1A922CED58909B0A062F48F6EF5298B30A5052E8
SHA256: 6E6DE21F12DDD9742165B3A729C33B4607512F824A6F0EFDEBEE6BAC3DEF3169

Fix:
- As stated here, we found a defect during regression testing where in certain rare circumstances a file may be sandboxed even though it's safe.

At this point this release is available only for new installations. We shall release updates to older versions by 10th Sept, 2018.

Please give it a try and share your feedback.

Thanks
Shane.
« Last Edit: September 05, 2018, 05:11:25 PM by Shane »
Please read the Forum Policy below before posting: 

http://forums.comodo.com/new_member_information/forum_policy-t1516.0.html

Offline Redstraw

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 427
Re: Comodo Cloud Antivirus v1.21.458953.792 hotfix release.
« Reply #1 on: September 06, 2018, 08:19:55 AM »
Just RC to final, no news, no build number changed. :)

Offline jackor

  • Comodo Loves me
  • ****
  • Posts: 139
Re: Comodo Cloud Antivirus v1.21.458953.792 hotfix release.
« Reply #2 on: September 08, 2018, 04:21:41 PM »
All good so far, installed on Win 7 x64 and Win 10 x64 and no issues.
Analyst Programmer
0days & malware hunter since 2006

Offline NDABBRU

  • Comodo Loves me
  • ****
  • Posts: 146
Re: Comodo Cloud Antivirus v1.21.458953.792 hotfix release.
« Reply #3 on: September 09, 2018, 03:40:52 AM »
Did someone accidentally have problems with automatic WiFi deactivation?
I ask him why with the previous version it happened, with this (using currently Kaspersky Free) I could not test it.

Honestly I do not even know whether to return to CCAV or keep Kaspersky Free that has some more functionality, for example automatic scanning of USB drives, web filtering, email protection, all for free.


Thank you.
Nunzio.
« Last Edit: September 09, 2018, 03:44:01 AM by NDABBRU »

Offline jackor

  • Comodo Loves me
  • ****
  • Posts: 139
Re: Comodo Cloud Antivirus v1.21.458953.792 hotfix release.
« Reply #4 on: September 09, 2018, 05:28:30 PM »
No issues with wifi at all.
We are talking about two different products. Kaspersky free is a signature based av, it only rely partially on cloud, and it's a stripped down version of its Internet security with many less funtionalities. In addition to this KAV free is a "classic" default-allow antivirus. CCAV is a full cloud av, with default deny technology.
As far as I know, web filtering will come also for ccav, probably with the addition of COS browser extension. Regarding automatic scanning of usb and email..well, you need protection when its needed, not automatically scanning every file, but when you opening/interacting with them. A malicious .exe left there is not really a threat until you double click on it. If some malware manage to auto-execute (usb example), it will be caught anyways by ccav.
« Last Edit: September 09, 2018, 05:31:26 PM by jackor »
Analyst Programmer
0days & malware hunter since 2006

Offline NDABBRU

  • Comodo Loves me
  • ****
  • Posts: 146
Re: Comodo Cloud Antivirus v1.21.458953.792 hotfix release.
« Reply #5 on: September 10, 2018, 03:39:43 AM »
No issues with wifi at all.
We are talking about two different products. Kaspersky free is a signature based av, it only rely partially on cloud, and it's a stripped down version of its Internet security with many less funtionalities. In addition to this KAV free is a "classic" default-allow antivirus. CCAV is a full cloud av, with default deny technology.

Thanks for the reply.  :)
Can you explain better the difference between the two antiviruses?
I'm curious to know in detail how it works.
Among the two in your opinion, what is the best in terms of PC protection.

Thank you. ;)

Offline jackor

  • Comodo Loves me
  • ****
  • Posts: 139
Re: Comodo Cloud Antivirus v1.21.458953.792 hotfix release.
« Reply #6 on: September 10, 2018, 01:04:39 PM »
The difference is in the approach.
KAV uses many protection layers: definitions, heuristics, behaviour, file reputation over the cloud and some local static/dynamic analysis.
But what if KAV met an unknown file? (KAV is just an example, we can also talk about Bitdefender or eset...) This file will be scanned, will be analyzed but if it is found to be harmless, the antivirus would let it execute. All good if the file is really harmless, but this file could have used a good obfuscation or analysis avoid technique. It will result in an infected pc, or in a worst scenario, in an encrypted pc if the file was a ransomware.
CIS and CCAV use the same technologies and the approach is different from other avs.
If CIS ran accross an unknown file, it will be scanned by the av module first, then it will be checked on cloud by FLS to see if the file is known. If the antivirus won't find a match in its db or in the cloud, the file will be allowed to run only inside the sandbox (containment now). In this way if the unknown file was a malicious one, it wont harm the real machine. This includes also ransomwares.
CCAV doesnt have a local antivirus database, so it will rely on cloud. Whenever an executable is interacted by the user, it will check on cloud if it's a known file. Otherwise the file will be executed in the containment and uploaded to Valkyrie to check it.

Among the two AVs i would recommend Comodo, not because I'm writing here in Comodo's forum, but because the effectiveness and the intelligent approach made to prevent  infections rather than run after malware creators like the av industry does nowadays were they are just trying to update their virus database as soon as they can, leaving their userbase opened to attacks.
I personally prefer CIS due to a good web filtering module in addition to the good protection it offers, but CCAV is more light suitable for older pcs and it has a lightning-flash installation, perfect to deploy an antivirus in under 20 seconds ready to use and to protect.
« Last Edit: September 10, 2018, 03:45:12 PM by jackor »
Analyst Programmer
0days & malware hunter since 2006

Offline Jon79

  • Comodo's Hero
  • *****
  • Posts: 1069
Re: Comodo Cloud Antivirus v1.21.458953.792 hotfix release.
« Reply #7 on: September 11, 2018, 01:52:45 AM »
Thanks for the reply.  :)
Can you explain better the difference between the two antiviruses?
I'm curious to know in detail how it works.
Among the two in your opinion, what is the best in terms of PC protection.

Thank you. ;)
Default-deny means everything not whitelisted will be prevented to run freely in your PC (either blocked or contained).
Default- allow means everything not blacklisted will be allowed to run freely in your PC.
As jackor pointed out, most traditional (default-allow) AVs are not just based on signatures, but they have other way to check if a file is malicious.
For example, Avast implemented the Hardened Mode: any exe never seen before will be blocked by default. Since Avast has a lot of users, the risk of false positive (block a legit app) is very low, while with Comodo products the false positive ratio tends to be quite high.
Plus, there have been cases (even recently) of false negatives (allow a malware to run) because someone in Comodo mistakenly whitelisted a malware.
So, if you want a real default-deny app, better to use an anti-exe, such as NoVirusThanks ExeRadarPro or Re:HIPS. Like that, it's you to choose what is whitelisted and what not.
Couple it with a good traditional AV (such as Kaspersky or Avast) and you are done :)

Offline NDABBRU

  • Comodo Loves me
  • ****
  • Posts: 146
Re: Comodo Cloud Antivirus v1.21.458953.792 hotfix release.
« Reply #8 on: September 11, 2018, 02:49:46 AM »
Hello,
thanks to both for the answers, I learned some new things and I confirmed some things I already knew.  :)

Couple it with a good traditional AV (such as Kaspersky or Avast) and you are done :)

So you suggest me to stay with Kaspersky Free and not switch to CCAV?
Is Kaspersky safer? It is not clear to me.

Also seeing on PC MAG I see that Kaspersky Free is better evaluated than Comodo AV:

https://www.pcmag.com/article2/0,2817,2388652,00.asp

Thank you!  ;)


Offline Jon79

  • Comodo's Hero
  • *****
  • Posts: 1069
Re: Comodo Cloud Antivirus v1.21.458953.792 hotfix release.
« Reply #9 on: September 11, 2018, 03:13:44 AM »
Hello,
thanks to both for the answers, I learned some new things and I confirmed some things I already knew.  :)

So you suggest me to stay with Kaspersky Free and not switch to CCAV?
Is Kaspersky safer? It is not clear to me.

Also seeing on PC MAG I see that Kaspersky Free is better evaluated than Comodo AV:

https://www.pcmag.com/article2/0,2817,2388652,00.asp

Thank you!  ;)

I used CCAV before, but then I found out it slowed down my browser, plus CPU and disk usage was quite high.

Now I use Avast with Hardened Mode. Avast allows the user to install several modules, most of them pretty useless... I have installed the field shield only, which checks any file written, read and executed in the PC. But the strongest point is the Hardened Mode for sure.
Then, I couple it with NoVirusThanks OSArmor, which is a kind of behavior blocker (it has some predefined rules that you can enable to block specific vulnerable processes, but also unsigned exe and other stuffs).

Kaspersky Free (especially the new version 19) is very good, it's one of the first AV to get signatures for new malware, plus it has several protection modules.
I tried it in the past, but I had some issues with the automatic updates, so I switched to Avast.
If you like Kaspersky Free, keep it. You can check NoVirusThanks OSArmor and see if it's worth to add it :)

About PCMag and other testing companies, don't take those results as the Bible... they usually use old malware, so the AV vendors have time to make signatures for them... the best way to test an AV is to do so against a zero-day (a malware very new, never seen before), to check if and how the AV will protect the user (containment, heuristic, behavior, and so on)
« Last Edit: September 11, 2018, 03:50:01 AM by Jon79 »

Offline NDABBRU

  • Comodo Loves me
  • ****
  • Posts: 146
Re: Comodo Cloud Antivirus v1.21.458953.792 hotfix release.
« Reply #10 on: September 11, 2018, 03:51:45 AM »
I used CCAV before, but then I found out it slowed down my browser, plus CPU and disk usage was quite high.

Now I use Avast with Hardened Mode. Avast allows the user to istall several modules, most of them pretty useless... I have installed the field shield only, which checks any file written, read and executed in the PC. But the strongest point is the Hardened Mode for sure.
Then, I couple it with NoVirusThanks OSArmor, which is a kind of behavior blocker (it has some predefined rules that you can enable to block specific vulnerable processes, but also unsigned exe and other stuffs).

Kaspersky Free (especially the new version 19) is very good, it's one of the first AV to get signatures for new malware, plus it has several protection modules.
I tried it in the past, but I had some issues with the automatic updates, so I switched to Avast.
If you like Kaspersky Free, keep it. You can check NoVirusThanks OSArmor and see if it's worth to add it :)

I used Avast Free in the past, I liked it but the advertising popups annoy me when I switch to the paid version.

I tried the products COMODO and I like them but should be reviewed some things in terms of notification icon in the PC startup and especially in CIS and CAV also reading the various reviews and always under Avast Free, Kaspersky Free, Bitedefender Free, although I think if it gets better it could be on a par.

Kaspersky Free at the moment is not creating problems and in version 19 free have also enabled behavioral analysis that I think improves protection even against ransow and then it is without advertising.

Offline Jon79

  • Comodo's Hero
  • *****
  • Posts: 1069
Re: Comodo Cloud Antivirus v1.21.458953.792 hotfix release.
« Reply #11 on: September 11, 2018, 04:19:10 AM »
I used Avast Free in the past, I liked it but the advertising popups annoy me when I switch to the paid version.

If you block avastui.exe from connecting to the web (make a block rule in windows firewall) you won't have any ads from Avast Free ;)

I tried the products COMODO and I like them but should be reviewed some things in terms of notification icon in the PC startup and especially in CIS and CAV also reading the various reviews and always under Avast Free, Kaspersky Free, Bitedefender Free, although I think if it gets better it could be on a par.

Comodo products offer a great protection, but most of the testing companies just test detection, that's why Comodo products don't score well... the problem with Comodo is that there are a lot of bugs, especially on Windows 10.

Kaspersky Free at the moment is not creating problems and in version 19 free have also enabled behavioral analysis that I think improves protection even against ransow and then it is without advertising.

Kaspersky is for sure a top notch AV, if you need more customization you can try Kaspersky Security Cloud Free (it's the same of Kaspersky Free, but you can adjust the settings)

Offline jackor

  • Comodo Loves me
  • ****
  • Posts: 139
Re: Comodo Cloud Antivirus v1.21.458953.792 hotfix release.
« Reply #12 on: September 11, 2018, 11:29:28 AM »
behavioral analysis that I think improves protection

It slightly improve protection. It won't stop a newly well written malware.
Analyst Programmer
0days & malware hunter since 2006

Offline NDABBRU

  • Comodo Loves me
  • ****
  • Posts: 146
Re: Comodo Cloud Antivirus v1.21.458953.792 hotfix release.
« Reply #13 on: September 12, 2018, 05:06:33 AM »
After reading what you wrote and seeing that Somunque CCAV I like as an interface and how it is done I wanted to try again to remove Kaspersky Free and try again to use CCAV. But I was a little disappointed because I did a test on about ten files (the first) of the following link: http://vxvault.net//URL_List.php
but I did not detect them all immediately as viruses, Trojans, etc ... (unlike Kaspersky Free) most put them in the sandbox and then some later with Viruscope has recognized them as tojan eliminating them. But some files have been waiting for many minutes of the analysis of Valkyrie and then the thing that I do not really like is also the fact that once cleaned the sandbox must also clean the files reviewed. Let's say it's a bit too laborious to clean the system from potentially dangerous files, it would take more automation and I do not understand the usefulness of keeping these files to be reviewed after putting an application in sandbox.
Then I left 3 files that were not recognized and as soon as I reinstalled Kaspersky Free they were immediately recognized and I cleaned up the system.

In my opinion there is still a lot to work and improve in CCAV to get to Kaspersky Free levels and being both free I choose Kaspersky Free at the moment, I reluctantly reluctantly because I really like CCAV for how it was created and for the interface is very beautifulclean and simple.

Work on improving the readings of viruses, trojans, etc ... better known and detected by other free and more simplified AV and automate the sandbox also reduce the analysis time of Valchirie, only so I think CCAV will become more competitive and will be a valid choice between free antivirus.

Thank you. ;) :D

Offline Jon79

  • Comodo's Hero
  • *****
  • Posts: 1069
Re: Comodo Cloud Antivirus v1.21.458953.792 hotfix release.
« Reply #14 on: September 12, 2018, 05:55:08 AM »
After reading what you wrote and seeing that Somunque CCAV I like as an interface and how it is done I wanted to try again to remove Kaspersky Free and try again to use CCAV. But I was a little disappointed because I did a test on about ten files (the first) of the following link: http://vxvault.net//URL_List.php
but I did not detect them all immediately as viruses, Trojans, etc ... (unlike Kaspersky Free) most put them in the sandbox and then some later with Viruscope has recognized them as tojan eliminating them. But some files have been waiting for many minutes of the analysis of Valkyrie and then the thing that I do not really like is also the fact that once cleaned the sandbox must also clean the files reviewed. Let's say it's a bit too laborious to clean the system from potentially dangerous files, it would take more automation and I do not understand the usefulness of keeping these files to be reviewed after putting an application in sandbox.
Then I left 3 files that were not recognized and as soon as I reinstalled Kaspersky Free they were immediately recognized and I cleaned up the system.

In my opinion there is still a lot to work and improve in CCAV to get to Kaspersky Free levels and being both free I choose Kaspersky Free at the moment, I reluctantly reluctantly because I really like CCAV for how it was created and for the interface is very beautifulclean and simple.

Work on improving the readings of viruses, trojans, etc ... better known and detected by other free and more simplified AV and automate the sandbox also reduce the analysis time of Valchirie, only so I think CCAV will become more competitive and will be a valid choice between free antivirus.

Thank you. ;) :D

Just remember, nothing is 100% bulletproof ;)
https://malwaretips.com/threads/11-09-2018-17.86648/post-763534

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek