Comodo Cloud AV Test Results & Reviews

BlueTesta · August 30, 2017, 8:10pm

indeed

umesh · August 30, 2017, 10:39pm

Hi yigido,
In first look,
Keylogger downloaded from:
https://www.spyshelter.com/download/AntiTest.zip

is detected by Comodo for quite some time:
https://consumer.valkyrie.comodo.com/get_info?sha1=25aa8a22131271d12e2cb7f821eb333f0563e538

Investigating behavior in case cloud look up fails, however where do you see file treated as safe?

Thanks
-umesh

umesh · August 30, 2017, 10:50pm

So i disabled AV component in CCAV just in case during test cloud lookup may have failed to see if Sandbox works and tested against Antitest.exe (SHA1: 25aa8a22131271d12e2cb7f821eb333f0563e538)

I could not produce!
It was always Sandboxed. Please see enclosed snaps.

Any of you able to re-produce?

Thanks
-umesh

BlueTesta · August 31, 2017, 6:47am

CCAV always sandboxed the file on my machine aswell.

Could be that CCAV detected the Spyshelter AntiTest.exe and she/he whitelisted it (since it isent malware) and cleared the Detected Threats counter b4 the video was recorded.

Maybe he/she thought that “Ignore and add to whitlist” or “Ignore and report as fale alert(positive)” was the exclusion for the AV and not for CCAV Core whitelist.

lugo_58 · August 31, 2017, 10:35am

Hi umesh,

In the near past we have this problem, please see the conversation below (it is in 2017)
https://forums.comodo.com/av-false-positivenegative-detection-reporting/report-trusted-and-whitelisted-malware-here-2017-no-live-malware-t117715.0.html;msg849065#msg849065

I saw the tool whitelisted in 2016 by Valkyrie, too.
https://forums.comodo.com/comodo-valkyrie-fls/report-problems-with-valkyrie-file-verdict-service-t79618.0.html;msg829174#msg829174

Maybe this new version was sanboxed on your side but some old SpyShelter tools are trusted.
This tester guy may use the old version? Why not?
Please see the enclosed screenshots

umesh · August 31, 2017, 2:10pm

Thank you for history

Let me have that old whitelisted file checked.

Thanks
-umesh

mike6688 · August 31, 2017, 3:09pm

Been testing this also, CCAV works as it should and detects or sandboxes the file.
Does anybody have a copy of an older SpyShelter test for testing?

qmarius · August 31, 2017, 3:59pm

2016
SHA-1: 25AA8A22131271D12E2CB7F821EB333F0563E538

2015
SHA-1: 9A9FBBAB0F91383A1C37A3133A69218FCDCC63AD

2013
SHA-1: FDDD387A735B7C209B5FA01830C3B0A00B8FFAD7

mike6688 · August 31, 2017, 4:11pm

According to virustotal Comodo detects the 2016 and 2015 version. However, the 2013 is not detected. I will download and test further when at my laptop.

mike6688 · August 31, 2017, 4:22pm

I can confirm the 2013 version runs without detection. It also runs without any containment on my system, and is added to Trusted Vendor list automatically.

umesh · August 31, 2017, 4:26pm

Hi,

was safe and safe sign is removed, changes should reflect in next AV updates.

it’s not digitally sign, so should have been treated safe by sign not by trusted vendor list.

Thanks
-umesh

lugo_58 · August 31, 2017, 10:14pm

Who did that? :o These kind of tools mustn’t be safe, or they shouldn’t be detected by AV component.
They always have to be stay at “unknown” so we can use them for test purposes

BlueTesta · September 7, 2017, 10:58am

Comodo Cloud Antivirus Review By Malware Geek

woodrow · September 8, 2017, 5:58am

It´s a pity he did not test some legit apps as well, when they (or updates) end up in the sandbox life is not so good anymore for the user.

If this project is to go forward with some dignity, please fix your side of Valkyrie, FLS or whatever it is that does not keep up at the moment.
You need to be on par or better than Avast Cybercapture with time to handle unknowns, if a file need extra attention at Cybercapture it even tells you that you will get an answer in 170 minutes, for example.
I have a Slimjet browser installation sitting, waiting for Valkyrie, weeks now…

And for us testing this product, who has a great potential by the way, it seem progress is only made when Umesh is available for development.
Surely you must have others involved in this?

I sorry if I sound a bit harsh, but it is becoming very frustrating to see development on far less important areas like GUI for example.
It´s like having a nice looking car without an engine…cmon.

Fix Valkyrie, and you will have a product that will fart competitors left and right on it´s way forward :-TU

/W

davidepi · September 8, 2017, 3:25pm

woodrow post:94:

It´s a pity he did not test some legit apps as well, when they (or updates) end up in the sandbox life is not so good anymore for the user.

If this project is to go forward with some dignity, please fix your side of Valkyrie, FLS or whatever it is that does not keep up at the moment.
You need to be on par or better than Avast Cybercapture with time to handle unknowns, if a file need extra attention at Cybercapture it even tells you that you will get an answer in 170 minutes, for example.
I have a Slimjet browser installation sitting, waiting for Valkyrie, weeks now…

And for us testing this product, who has a great potential by the way, it seem progress is only made when Umesh is available for development.
Surely you must have others involved in this?

I sorry if I sound a bit harsh, but it is becoming very frustrating to see development on far less important areas like GUI for example.
It´s like having a nice looking car without an engine…cmon.

Fix Valkyrie, and you will have a product that will fart competitors left and right on it´s way forward :-TU

/W

:-TU

umesh · September 8, 2017, 3:45pm

Hi woodrow,
We believe the same, if we can’t clear a file within specific time, it is going to be annoying experience to users.

We are working towards a goal, where we can give SLA for a given file seen by specific number of users at first stage.

Please bear with us.

Thanks
-umesh

woodrow post:94:

It´s a pity he did not test some legit apps as well, when they (or updates) end up in the sandbox life is not so good anymore for the user.

If this project is to go forward with some dignity, please fix your side of Valkyrie, FLS or whatever it is that does not keep up at the moment.
You need to be on par or better than Avast Cybercapture with time to handle unknowns, if a file need extra attention at Cybercapture it even tells you that you will get an answer in 170 minutes, for example.
I have a Slimjet browser installation sitting, waiting for Valkyrie, weeks now…

And for us testing this product, who has a great potential by the way, it seem progress is only made when Umesh is available for development.
Surely you must have others involved in this?

I sorry if I sound a bit harsh, but it is becoming very frustrating to see development on far less important areas like GUI for example.
It´s like having a nice looking car without an engine…cmon.

Fix Valkyrie, and you will have a product that will fart competitors left and right on it´s way forward :-TU

/W

Melih · September 8, 2017, 7:36pm

To give a verdict of Bad vs Good are two different things.

Today, companies give an “Assumption based verdict for Good”.

What they do is, they check to see if the file displays any “bad behaviour”…if it doesn’t they assume its good.

this is recipe for disaster.

klaken · October 13, 2017, 12:19am

How about searching god behavior …
If the verdict does not catalog it as bad. a search for god behavior is used …

This way you could catalog many software in an automatic way avoiding that some malware is classified as good …

Ex: using VT or the number of users who saw the file , possibility of uninstallation, user interface, that has no permanent processes … etc.

Melih · October 13, 2017, 12:20am

we do that

Jon79 · November 10, 2017, 1:24pm

AVLab - Fileless Malware Protection Test

Great job Comodo