ok. let me try to explain better.
with ccav as main protection I have 3 problems:
- the valkyrie results takes too long to be showed;
- the files marked as pending for valkyrie analyses takes too long to be marked as safe or not;
- ccav does not has an feature (or behaviour) that allows me to mark an file as trusted and so ccav will ignore this file forever as I manualy marked it as trusted.
these 3 situations makes ccav not goog enough for my daily use (and so my customers who i installed ccav too).
I agree ccav has the potential to be great, and in fact its becoming it, but its not there yet. It needs some features we had on cis, the possibility to manualy mark files to be ignored by valkyrie, and we need more control over what valkyrie will send to cloud. for instance, I want to set ccav to only send files lesser than 1mb and the other files will be identifyed by myself as trusted or not (the ones that sandbox or valkyrie will lock as unknow).
I guess it could be a good start point to hav somekind of local database with hash, crc, sha, etc., for system files and crucial files as hardware drivers, etc. so these files will not be marked as unknow and will not be sent to the cluod.
I had an situation that I can explain like this: I did a fresh install of win 10 aniversary pro x64, disabled defender and smartscreem, installed hardware drivers and installed ccav. then I reboot the computer. now, everytime I start this computer ccav lock some amd drivers files as unknow and send it to the cloud but without any veredict for days. so my amd drivers (radeon crimson) cant run, so windows 10 can not recognize the driver installed, so windows 10 will try to update the driver by windows update, but then the ccav will lock some of these files as unknow files… and it goes on and on in a circle. this could be prevented if i could mark these files as trusted and to be completely ignored by ccav/valkyrie, but I cant. Dont know why, but I cant. I mark these files as trusted but they always get locked as unknow…
so i unninstalled ccav and rolled back to windows defender as Im waiting for cis 10 with its local based signatures and local/user based ratings.
again, ccav is going to be a great security software, but not yet.
there is the problem with internet stats on ccav too. If im not online ccav keep showing me the message that ccav is not fully functioning. I guess you could add an option so user can configure ccav to “knows” that we are without internet connection and do not show these informations. this is annoyn… just that.
what about the wishe request about the main gui of ccav? is that ignored melih?