A free online file verdict service “Valkyrie” is formally released today!

All these are latest malware & are blocked by Rising Internet Security 2011’s Behaviour Blocker here, erci is detected by signatures here. Impressed with Rising!!!

Thanxx
Naren

Valkyrie Uploader makes Valkyrie easier to use, but unlike VT Uploader you don’t get the option of seeing results immediately if the file has already been processed. Adding this feature would speed up results and significantly reduce the load on Valkyrie.

Still doesn’t analyse archives which makes it very tedious to check most downloaded files for malware.

I still don’t think the verdicts are reliable yet (too many FPs and unknown results).

services.exe is detected as malware (1 safe, 1 malware, 13 unknown) http://v.comodo.com/Result.aspx?sha1=de3701d2c03d9ae29b2d87eccafbbcadf1bfb7e3&&query=0&&filename=services.exe

explorer.exe is detected as unknown by all AIs. http://v.comodo.com/Result.aspx?sha1=9d2bf84874abc5b6e9a2744b7865c193c08d362f&&query=0&&filename=explorer.exe

Both files are clean according to VT, CIMA, and Killswitch.

I took 42 0 day malware files, I analyzed them with CAV (updated and including cloud) removing the files detected.
Then I sent the 12 files left to Valkyrie.
This is the result:

4 Files detected as malware:
http://v.comodo.com/Result.aspx?sha1=f7c8cd8d9bd6b40412f5e4093e7ef52811d9ffdf&&query=0&&filename=atualizar.exe
http://v.comodo.com/Result.aspx?sha1=3574e6e5bf2ef559a91fa0529ccfd345de946022&&query=0&&filename=Real_Santander.exe
http://v.comodo.com/Result.aspx?sha1=12edfb1451dfc92955e4c4bc8ef7435a7669ac13&&query=0&&filename=xclean_micro.exe
http://v.comodo.com/Result.aspx?sha1=74145512801842c363e4ba2535e424c5a96d56e0&&query=0&&filename=WizSearch_Uninstall.exe

8 Files detected as SAFE:
http://v.comodo.com/Result.aspx?sha1=5f1e08c5f454dbef97e9efdbc1ae485f7365dcb0&&query=0&&filename=st_7.exe
http://v.comodo.com/Result.aspx?sha1=62f1d6d584bba8a96db190ff7d7f3e807ee63463&&query=0&&filename=u1004.exe
http://v.comodo.com/Result.aspx?sha1=0dd9c9a517434ccab82ee41b1783adeaa4d8f910&&query=0&&filename=web2pdf-converter.exe
http://v.comodo.com/Result.aspx?sha1=4e864b277fe350a30e25fdd703038ea0f17a3f2a&&query=0&&filename=u1006.exe
http://v.comodo.com/Result.aspx?sha1=ae5db40c6d4cc352752e6c808913624eec5d2ccd&&query=0&&filename=datecalc.exe
http://v.comodo.com/Result.aspx?sha1=8405c52aaf3a001740929c6fc92a46d180db6ed5&&query=0&&filename=trinity_monitor_setup.exe
http://v.comodo.com/Result.aspx?sha1=ea15ca9cec20ac37ce12199c7efda8dde13dab20&&query=0&&filename=AItype0.8.31.exe
http://v.comodo.com/Result.aspx?sha1=109972b110e2c0f67103ab009120ab6ed04c072d&&query=0&&filename=WizSearch.exe

This makes the addition of Valkyrie to CIS useles or even harmful.
DACS was the real solution now almost discard, Valkyrie is just a joke

Malwarebytes detected 9/12 files as malware.
new folder (4)\atualizar.exe (Spyware.Banker)
new folder (4)\datecalc.exe (Trojan.Downloader)
new folder (4)\real_santander.exe (Spyware.Banker)
new folder (4)\st_7.exe (Adware.Gator)
new folder (4)\u1004.exe (Trojan.UltraSurf)
new folder (4)\u1006.exe (Trojan.UltraSurf)
new folder (4)\web2pdf-converter.exe (Trojan.MSIL)
new folder (4)\wizsearch.exe (Adware.WizSearch)
new folder (4)\wizsearch_uninstall.exe (Trojan.Downloader)

I too got the same results with most of the new samples.

Still DACS and Virus Total are giving useful results compared to Valkyrie, as on today.

while valkyrie is doing good, it needs to still mature, in particular when it gives the verdict as “Safe”, it needs some double or triple confirmation.

Lol you have spelt Creating wrong under the Comodo logo on the Uploader UI. And the English for the Ipad competition is terrible.

Also why does everyone always code in the launching if IE instead of the default browser. :-TD

It’s launching your default broswer, in my pc is launching FF

Well Dragon is default on my PC and Valkyrie launches IE.

Malware that Valkyrie detects as Safe:

http://v.comodo.com/Result.aspx?sha1=41D80EECA39BC9285F1B5A9C4DF20FFF409E0926&&query=0&&filename=video.exe

these arent real hard to find it seems like
they still need a lot of work on valkyrie
great concept tho

Valkyrie will get better… I wish they would give it some machine learning methods… so it could self-improve it self… :slight_smile: maybe down the road. :slight_smile:

you owe no apology. we are not your boss nor should we act like it. you just make great products, you allow us to have a voice and tell you how we feel about your products and listen to our ideas not because you have to but because you want to hear ideas from as many people as possible because you see the power of collaborating and how it can help make your products better and we should never take advantage of that. we should remember that not many companies listen to their users the way comodo does. i was able to talk to you directly on facebook. how many other companies will do that? none that i know of though i hope there’s more out there. thank you for making these great products. please don’t get discouraged. we do appreciate it even if we don’t always show it

Melih was being ironic… :wink:

And what’s this? ???

Valkyrie verdict: 99% safe

Camas verdict: suspicious

http://valkyrie.comodo.com/Result.aspx?sha1=AC14E9590B031124F8EA3670432D85C5E8404D90&&query=0&&filename=TVvie.exe

or

Ooo man!

Valkyrie verdict: 97% safe
CAV & Camas: undetected
VT result: 17/42

http://valkyrie.comodo.com/Result.aspx?sha1=FF5AE40231E2CEA91C8B169741C65F490FEAD285&&query=0&&filename=zeusbi7.exe

http://www.virustotal.com/file-scan/report.html?id=c7e82aff2cbd9fdc77bedd8ebe0e9cbb7727f7bd1b82f892c25542729b0cb5dc-1304198298

What is surprising you?
Camas and valkyrie are different mechanisms.
Static result is safe, (valkyrie) and it doesn’t contain the camas result.

This is not a problem.
The problem is the different results.

The problem is not that there are problems. The problem is expecting otherwise and thinking that having problems is a problem. :slight_smile:

static and dynamic…
two very different things :slight_smile:

…and the results is different also. Is it good for us?

i see so you’re letting the ai engines do all the work so you can more easily find it’s weaknesses and beef up the ai engines so that they alone are great. if you added cav to the analysis process right away then it would be harder to determine problems with ai and valkerie would be most reliant on cav which wouldn’t help the user much than if they were using cav alone. in fact valkerie teamed with cav in it’s current state would probably make the service weaker because of the contradictions that are present and confuse the main stream users and make them shy away from using comodo

exactly right!

welldone :wink:

we are letting Valkyrie get stronger…once she is ready…she will start slaying malware :wink:

Melih