Comodo Cloud Antivirus v1.10.413855.478 - HotFix Released

@umesh:

why the “UNKNOW FILE HUNTER” works really good and fast and why the speed of CAV is verry terrible?

Hi Hesio,
May you please provide some details. The only intersecting part between two application is scan, so did you find specific scan to be slower?

Thanks
-umesh

Hi umesh,

Valkyrie send a result faster back to the “UNKNOW FILE HUNTER”- Program.
The CAV wait a time of Days or Weeks for a result of the Valkyrie.

And in the most time, the CAV dont get any result back.

What value can I set in this input?

@umesh

Hi guys,
I read a post a couple of days ago over at Malwaretips, a guy there had a file that were malware sent back as good from Valkyrie.

If that is the case how is that possible, human error?

/W

Whitelisted malware can affect not only CCAV, but also CIS/CAV/CFW (if you have cloud lookup and trusted vendor list enable).
That’s why there is this section of the forum:
https://forums.comodo.com/av-false-positivenegative-detection-reporting/report-trusted-and-whitelisted-malware-here-2017-no-live-malware-t117715.0.html

Good vs no verdict vs malware vs pua…

are you sure it was sent as “good” …or simply “no threat detected”…(which doesn’t mean good).

Attached their discussion. I blurred some things since I have no approval. :slight_smile:

thats why we need strong behavior blocker

Hi windstorm,
Please confirm if following is Virus Total link from that snap:

Checking CCAV behavior against that file and will reply back.

Thanks
-umesh

No need. It was fixed. Appreciate your awesome followup though.

Meghan® Windows® Operating System
is it from cruelsister? >:-D

I am not sure of anything, that is why I ask…

Did you read what one of the testers said?

I quote:

"just do not use this product and use CIS or CF instead
in my quick test, it was infected by a malware which was mistakenly marked as safe via valkyrie

so in rare cases in real life, you may get infected in the same way
although valkyrie is good but human mistakes can break the whole thing

the resource usage is about the same as CF but CF has been proven to be better"

/W

How long is it supposed to take to do a full scan? I’m currently at 40 minutes and still at 0%. ???

Edit: And because of an unrelated issue I had to reboot my computer… so… had to start over again. Not the first time either, haven’t been able to complete a full scan yet…
Edit 2: 2 hours 20 min…
Edit 3: 4 hours - 0%
Edit 4: 5 hours - 0% and STUCK at the image attached…
Edit 5: Seems all new scans get stuck at preparing… Whelp, guess it won’t be completing this time either…
Edit 6: After the above I got “Realtime protection components are not working” and click “FIX IT!” doesn’t do anything. My guess is that I simply can’t connect to Comodo servers anymore and that’s also why the scan stopped. But that’s just a guess.

Hi Sanya IV Litvyak,
Are you running that QA build?

I don’t see any problem with v478 and scanning, all works as expected.

Thanks
-umesh

I am, but scanning was still as slow in non-QA builds. But the last issues from Edit 4 and forward may be QA build issues, I guess. Forgot thst I was using a QA build. :stuck_out_tongue:

What happened to Valkyrie?
Dynamic Analysis and Precise Detectors are in endless process… it didn’t give result.

https://vgy.me/5z0v5M.jpg

We’ll check, why it is not processed.

My PC’s full scan took almost 30 minutes to finish.
I have a 128Gb SSD with less than 50% of used space

Basically my long scan was a combination of two main things.

First reason - I had disabled the setting that makes it only scan executables and scripts etc, this caused the scan time to increase to many many hours, which is logical. This was the main reason the scan took so long.
Second reason - I have SFTP Net Drive installed which in turn is connected to my Raspberry Pi which has a drive connected to it with 2.16 TB of media, normally these files should be ignored because of the 100 MB limit, but when the setting mentioned in “First reason” is disabled, CCAV still scans these files regardless of their size, this would increase scan time with probably at least 24 hours due to the limited bandwidth between the Raspberry Pi and my computer, meaning calculating the hashes would take forever.

Now I’ve enabled the setting mentioned in the “First reason”, and with that setting the drive mentioned in “Second reason” is no longer scanned (I mean, it’s scanned but 0 files are ACTUALLY scanned.) This resulted in a scan that took probably less than an hour, not sure, can’t remember now.

Also, are the numbers in the screenshot normal? What I mean is, I would have assumed more files would be sent to Valkyrie? And those files that are submitted to be rated something… They seem stuck in limbo.

About the numbers?
https://forums.comodo.com/bug-reports-ccav/being-analyzed-files-policy-problem-t119001.0.html

I just created this thread but it seems not a bug… Comodo’s policy