A question but then an application in sandbox if then it is not dangerous and therefore sure it will come out of the sandbox and will it always remain?
Thank you. 
Files flagged as âwaiting to be analyzedâ wonât be removed from the menu under âvalkyrie analysisâ, they will stay there until you will get a response from valkyrie. But it doesnât mean that they are active somewere in the system, they are just flagged to be in queue for analysis.
@Ndabbru: When you run an executable, it will be checked in cloud (this is valid for ccav), to see if itâs known and also if its vendor is trusted or not. If a trusted application go into sandbox, it means that the file itself is still unknown to the cloud. It will be checked.
If you are VERY sure an application is legitimate and it is sandboxed, you can always click on âdonât sandbox it againâ when you have the pop-up from comodo. Do that only if you are sure of what you are doing.
I answered you with a private message. Did you receive it?
Jackor and Jon79 after reading what you wrote, I was convinced to re-use CCAV, many things were not clear to me. 
Having said that with Kaspersky Free I find myself well but I am too fond of COMODO products also because I consider them solid in protection and I like them as an interface.
Iâll let you know how Iâll find myself.
Thanks for now! :-TU
Traditional av: Not detected = infected
CCAV: Not declared = sandbox = uninfected
Everything that has to do with the cams ⌠The question is that both legitimate programs that get into the sandbox.
For a home user very few or no program would be blocked by the sandbox âŚ
About valkyria I understand that currently have priority for the number of users who come across the file ⌠A new malware has a low number of users. so itâs not a priority
Even so, they should increase the speed of classification.
I think the speed of classifications will be upgraded.
At the moment i can confirm Valkyrie is slacking =)
As indicated above, I reinstalled CCAV instead of Kaspersky Free. I did a test by downloading 7 malware, CCAV did not recognize even one immediately as malware and put them all in sandbox. After a few seconds, less than a minute 3 of these were recognized by Viruscope and eliminated them, while the others remained in sandbox. The height is that when I disabled Comodo the antivirus came into function Windows defender that immediately recognized them as malware and removed them all is 7. So I uninstalled CCAV by returning Kaspersky Free that recognized them and deleted all 7. So in conclusion it is true that with CCAV the system is not infected thanks to the sandbox but not immediately recognize even one seems too much, then Windows Defender has cleaned up everything. So this test did not convince me to resume using CCAV. I would have understood if on 7 malware 1 or 2 were not recognized immediately, but not 7. Then Valkyrie is always slow ⌠the other files in sandbox have been there for many minutes for malware certainly not 0 day.
Low detection rate is not a big issue if you have the sandbox to keep you protected. The problem is the FP ratio. If everything (both good and bad) gets sandboxed, the user wonât pay attention to the alert and just allow stuffs to run outside the sandbox. Plus, I had performance issues when running CCAV: high CPU and disk usage, slow boot time, slow browsingâŚ
You can use several different security apps at once and have better performance than when running CCAV alone.
My current setup is:
- FW: Binisoft WFC
- AV: Avast Free (File Shield only) with Hardened Mode on Aggressive
- BB: NoVirusThanks OSArmor
- Misc: NoVirusThanks SysHardener, Fortinet Forticlient Web Filtering, uBlock Origin, Windows Privacy Dashboard, O&O ShutUp10
- OD: AdwCleaner, HitmanPro, Zemana AntiMalware
- DNS: CleanBrowsing DNS (Security Filter)
It seems quite a lot of stuffs, but I donât even notice they are there and this setup covers every protection layer:
- First line: CleanBrowsing DNS (Security Filter)
- Web Protection: Fortinet Forticlient Web Filtering
- Vulnerability scan: Fortinet Forticlient Web Filtering
- Outbound-alerting FW: Binisoft WFC
- Traditional (blacklist-based) AV: Avast Free (File Shield only)
- Default-deny (whitelist-based) AV: Avast Hardened Mode (Aggressive)
- Second opinion: AdwCleaner, HitmanPro, Zemana AntiMalware
- Behavior Blocker: NoVirusThanks OSArmor (Main protections settings)
- Anti-exe: NoVirusThanks OSArmor (Advanced settings)
- Exploit mitigation: NoVirusThanks OSArmor (Anti-Exploit settings)
- Attack surface reduction: NoVirusThanks SysHardener
- Privacy enforcing: Windows Privacy Dashboard, O&O ShutUp10
- Ad-blocker: uBlock Origin
I prefer that an antivirus cleans me as much as possible from infected files even if they are not executed, then the percentage of detection is high and better in my opinion then obviously the sandbox is certainly very useful and helps not to infect the machine but I think in percentage should come into operation right on the latest viruses that have not yet been recognized by the definitions.
So for now I rely on Kaspersky Free (or possibly the free cloud version of Kaspersky) since even today the latest viruses published on the following site: http://vxvault.net//URL_List.php (I tried the first 9)
he recognized them immediately and deleted both during the execution of each file, and in extrapolation of a zipped file (I had zipped the 9 viruses in a file) and during the insertion of a USB stick with the 9 viruses.
Probably CCAV would have sandoboxati all leaving some on the pc. I wonder what purpose since there are 9 viruses already recognized? Why keep them in the PC?
I really hope that CIS is improved in terms of heaviness in the PC startup phase a little dated because I think at the level of CIS or Comodo Antivirus antivirus detections are a bit better than CCAV, which is certainly to be improved in this sense, then obviously it is excellent for his sandbox.
Maybe Iâm wrong but I think Kaspersky free or cloud free a step forward to CCAV.
My security configuration is very simple, Kaspesky Free, windows filewall(Windows 10) ublock origin and then I run the malware checking / cleaning tools with the Emsisoft emergency kit from time to time.
Thank you!
Opear doesnât have any internet connection when this is installed.
In my case I have seen computers with avast that are infected with pup or with mining programs âŚ
Comodo easily detected and eliminated them ⌠These programs are one of the main dilemmas of domestic users.
Voodooshiels is a nice sw, but the free version comes with nag screen and not adjustable advanced settings
Avast with hardened mode on aggressive will block every unknown exe, but itâs vulnerable to scripts. Couple it with syshardened and osarmor and you are done
CCAV? O CIS/Comodo Antivirus?
Hello then do the tests with the link: vxvault is not useful for testing an antivirus?
I thought it would be useful to do it because from video reviews on YouTube I see that almost everyone uses this link.
If not, explain to me what can be reliable tests or real situations?
Thanks so much!
Nunzio.
CCAV, is good detect PUP and miner
Personally, I think it depends on what you need.
1- Test your behavior on 0 days, it is necessary to test without a database updated in 1 week against new malware âŚ
- heuritic and behavioral engine.
- You should run the malware many times so you may be infected.
2 - Check the capacity of collection or classification of malware serve tests like this, but they are not for domestic users.
There are AV that look for samples from these pages and automatically classify them as malware.
- I think Valkyria should be present in pages like this.
vxvault shows total virus analysis and other pages of malware analysis ⌠valkyria would be veneficiaria if it received samples from here.
1- would be more known.
2- I would receive samples automatically with a huge possibility of being malware.
Pages like vxvault, malekal, malc0de and so onâŚare costantly bot-scanned to fastly add new malwares into virus db. Thatâs why it canât rapresent a realworld scenario. Itâs like having all malwares on a stage and antivirus are only saying âyou are a malware, you also, you, you and youâ. In short words, you canât test a product on those pages, because those pages are costanlty monitored, to test a product you should crawl the web and take malwares samples from many sources, like email attachments, like fake program cracks (Gandcrab ransomware had this diffusion method also) and so on.
I gave CCAV a try and you know what??? Eicar test file was NOT detected by the realtime scan⌠I had to right-click on the file and make a manual scan to detect itâŚ
Now I no longer trust Comodo products :-TD