Recognizer v1.12.0.168 for Comodo Cloud Antivirus (RC)

Hi All,

We have made recognizers v1.12.0.168 available via test server for CCAV.:

On top of previously released recognizers v1.11.0.128, following are additional variants related to different malware families covered:

[ol]- Trojan.MSIL.Kryptik.~LXW

  • Trojan.MSIL.Kryptik.~MAA
  • Trojan.Win32.CoinMiner.~ASH
  • Trojan.Win32.Filecoder.~NOD
  • Trojan.Win32.Kryptik.~GATM
  • Trojan.Win32.Kryptik.~GAYY
  • Trojan.Win32.Kryptik.~GBJX
  • Trojan-spy.Win32.Zbot.~ADC
  • Virus.Win32.Jeefo.~A[/ol]

Steps to test:
Have following entries in Windows hosts file(c:/windows/system32/drivers/etc/hosts)

Run manual updater, in case you are using latest CCAV version, although it would say “no updates available”, it will still update recognizers as that’s in auto update and also updated whenever you run manual updater. Once updated, you will see recognizer version via About interface as shown in enclosed CCAV_Recognizer_1.12.0.168.png

Areas to test:

  • Looking for product stability while using this recognizer.
  • Please run applications in Sandbox and report if you see anything abnormal.

Any feedback is highly appreciated.


Updated & installed - no problems. Will test out

The options for Internet access work fine for Browsers - FF, Opera, IE etc. but when I add Word from Office 365 to the exclusions, then Internet access is still blocked as shown

Also a minor point is that checking the box to edit the path in exclusions has no effect at all. The actual line has to clicked and highlighted or the edit function doesn’t work, irrespective of what box is checked as shown in the last snap

I think these would be in general even without new recognizer.
Regarding Word issue, can you please identify exact process using other tool that tried to connect out and if it’s the same as you defined in exclusion?

We will address check box issue.

None of the Office365 applications can connect and there is no warning / request from CCAV - but the only time they need to is to create a new place such as OneDrive or SharePoint as shown. I can’t see any particular need for (me anyway) to have to do this as I don’t use either and if I did, I wouldn’t be running it in the Sandox to start with! It was simply to test as far as I could go

I couldn’t test Outlook as yet, since my data files are on a different drive and can’t be accessed from the Sandbox

One thing I found with Word is that I couldn’t save any document I created, although I’m still trying with that

All browsers as I said work just fine with the exclusions etc. as does Corel PSP, which needs to ‘call home’ for license verification

Hi All,
This is released in production today. Thanks for the feedback Ploget :-TU


You’re welcome Umesh. There weren’t any problems or stability issues at all

(Running Office365 components on this particular system is always going to be a problem as all data files and paths are separate and isolated)

Hi All,
Please have a look at latest v210 of recognizer, made available as RC via test server: