Fix:

• Defect where under certain rare circumstances where a file may be sandboxed even though it is safe.

Fixes:

• Spanish translation was missing in last released v771

New:

• Antivirus module is fully compliant with case sensitive support being planned in upcoming Windows RS5 release, due in fall-2018.

i.e. C:/FOO.exe and C:/foo.exe will be differentiated by Antivirus on detection and also on quarantine.

New:

• Option to enable Virus Scope outside Sandbox:

- Like CIS, now you have a new option "Monitor only the applications running in the Sandbox" under "Sandbox --> Sandbox Settings".

• Additional Trusted Vendor List management related options:

- Now you have following additional options under "File Rating Settings":

Do cloud lookup for trusted vendors (selected by default)

Do cloud lookup for malicious vendors (selected by default)

Do not update local list upon program updates (de-selected by default)

- And you have additional options to import and export Trusted Vendor entries under "File Rating --> Trusted Vendors" section.

Above advanced options allow you to fully control trusted vendor list. You can export, import and then control update and online look up of vendor list.

Improvised:

• Improvised "Right click folder analysis" implementation:

- You will see break up of file verdicts

- Applications files, which are absent in Comodo back-end and need to be uploaded will appear under "File Rating --> Submitted Applications" section rather waiting on right click analysis dialog to finish submitting all absent files.

• Improvised "Submitted Applications" interface:

- You have two additional options: Lookup and Purge. You can select one or more entries and use "Look up" button to see latest Comodo rating of submitted files, while "Purge" will remove entries no longer present in system.

• When you click on "Being Analyzed" link present under Valkyrie section, you see files under analysis on Valkyrie, now you have "Recheck file status" button and you can check latest status of files.
• When Valkyrie detection is reported, you will have additional options to report false-positive.

Fixes:

• Bug with password protection feature, where using Valkyrie section you could still access settings without requiring password input.
• Even if user treats unknown application as safe, file will still be uploaded to Comodo for analysis.
• Browser protection notification notification should appear for 5 seconds rather 2 seconds.

New:

• There are additional right click options to submit absent PE files present inside folder or sub folders.
• You can also select an executable and add a rule to: always execute in sandbox | always block | treat as trusted
• There is a new check box in Sandbox settings as "Save files with trusted rating outside Sandbox automatically". By default de-selected. After you have this option selected, any file that is dropped in Sandbox and if found safe, it will be created automatically outside sandbox.

Improved:

• Now "Do not virtualize access to" section under Sandbox settings allow to select a file, folder or application from running processes.
• There are default entries in "Do not virtualize access to" section under Sandbox settings.

New:

• Now you can disable periodic full scan of system from "Antivirus Settings".
• Now unknown non-portable executable programs e.g. unknown scripts, which could be potentially malicious, can also be submitted to Comodo cloud for analysis.
• Under "Settings-->Sandbox-->Sandbox Settings", you have now new option "Do not virtualize access to specific files / folder", allowing you to define file/folder, which should not be virtualized.

Fixes:

• In case you remove CCAV shortcut and update CCAV, it was re-creating shortcut. Going forward, it will not re-create shortcut if it was absent before update.
• In case you update from Windows 7 to Windows 10, CCAV will detect this change and auto update required CCAV drivers compatible with Windows 10 without requiring user intervention.

Improvements:

• There are performance side changes in this version, typically 1st re-boot after installation used to be slower, it should be slightly faster now.

New:

• In Sandbox file management; now you can manage files inside Sandbox and move them outside.
• Improved Handling of Interpreters launched files

Changes:

• Additional scheduling options when system re-start is requested upon update

Changes:

• The main purpose of this hot-fix is to address creation of QualityCompat registry key during installation and update as required by Microsoft Meltdown-Spectre patch KB4056892. Last production version 619 is fully compatible with Meltdown-Spectre patch in all operating systems.

Improvements:

• Improved Usability with Clipboard Based Protection:

Earlier you could not copy-paste in and out of Sandboxed applications. We have made two changes in this regard:

a) You should be able to copy text from sandboxed application to outside Sandbox. This is by default.

b) If you want to paste text from application running outside sandbox in application running inside sandbox, we have added a new check box in Sandbox Settings as "Enable clipboard access to Sandboxed applications", de-selected by default, as we don't want a Sandboxed applications to have access to passwords from outside. So if you want to paste text in a sandboxed application, you can select check box and be able to paste in.

• Improvised message for possible file-less malware cases; you will see application details causing it.
• Improvised handling of sandboxed PDF cases:

We had two problems in there:

a) When PDF executed in Sandbox, e.g. launched from email client, user had no idea as why pdf will be Sandboxed.

b) When PDF running in Sandbox is saved, it ended up saved as in Sandbox itself, so user could not find it. And it could be very confusing.

In this release, we have improvised the message user sees when pdf is sandboxed and also, in case you save PDF, it will always be saved outside Sandbox. The reason is, if you trust the PDF, natural reaction would be to save it, that means user trusts the PDF.

• Exception list of applications in case of conflict with CCAV

This version uses a server based configuration file allowing to define list of applications, which can be excluded from CCAV in case of conflict as a quick fix; while team can resolve conflict in next releases. This will be internal list and be updated when program updates are checked.

Fixes:

• Incompatibilities with Internet Explorer and Firefox in Sandbox

New:

• Fileless Malware Support:
• - Like CIS, now CCAV also has support for file less malware. You can find related settings under "Settings-->Advanced Protection-->Miscellaneous" as "Do heuristic command line analysis...".
• Password Protection:
• Now you have password protection feature available and can be accessed via "Settings --> General Settings --> User Interface".
• Enhanced Virus Scope:
• In this version, CCAV will be providing base support for additional events allowing VirusScope modules to detect more complex malware.
• System-restart reminder upon update:
• Many users update CCAV but do not re-start system and thus remains unprotected. We have introduced a reminder alert in case user does not re-start system upon update.
• Emergency Auto Update Feature:
• If existing "Settings --> General Settings --> Updates --> Automatically install program updates..." option is selected and if there is serious incompatibility in latest Windows, CCAV will be auto updated to latest version to avoid any bad user experience.

Changes:

• Support for upcoming Microsoft Windows 10 RS3 update, due on 17th Oct, 2017
• It is fully compliant with latest Cloud Files feature being introduced in RS3 release.

Fixes:

• Since last couple of CCAV builds we have an exclusion rule in Sandbox settings for Windows Apps. There have been initial versions of CCAV, which didn't have this rule to begin with and also when updated, didn't get this rule in it and due to that some of latest CCAV versions also see Windows applications in Sandbox. This update ensures that exclusion rule is in place.

New:

• Manual Updater: Now we have manual updater. It is available from two places:
• - Main screen has a button: Check for Updates
• - Menu shown from Help icon has additional option: Check for Updates
• Proxy Settings: Under "Settings --> General Settings --> Updates", now there is a link to "Proxy and Host Settings". You will be able to configure proxy for all communication now.
• Exclusion List for Network Traffic for Apps Running in Sandbox: Under "Settings --> Sandbox --> Sandbox Settings" section you have a new check box allowing user to define exception list of applications running in Sandbox that can still communicate over TCP if network related options are disabled. So now you should be able to define exclusions e.g. for browsers running in Sandbox.
• Earlier Internet Security Essentials(ISE) used to be installed by default in case you had not installed ISE in the past. Going forward, in case ISE is not currently installed in system, you will be offered ISE during installation and can opt-out.
• Release notes link is now added in About dialog.

Changes:

• Edge browser support in Sandbox is dropped at the moment. There are technical limitations due to design of Edge. We will continue to explore possibilities further.

Fixes:

• A critical fix for Windows 10 users. It fixes incompatibility with Microsoft Update KB4022716(OS Build 15063.447). User must update to this version prior to updating to KB4022716(OS Build 15063.447).

Fixes:

• User reported critical crash fixes.

New:

• "Settings-->Sandbox->Protected Data" has now been renamed as "Settings-->Sandbox->Protected Files/Folders". It means following

a) Like before, you can define folder which can't be modified, now contents inside those folders will be invisible to Sandbox apps. So neither read nor write is allowed.

b) You can define any file path and it won't be visible to Sandboxed applications.

• Enhanced Clipboard Protection: Earlier we prevented clipboard access to Sandbox application, where sandbox application could not access clipboard, now sandboxed application clipboard data could also not be copied outside. It takes care of situations where malware applications could transfer malicious contents via clipboard to outside sandbox. Even though you were protected due to default-deny, but now that situation itself is prevented from arising.
• Recognizer Update Control: Earlier recognizers could be auto updated. Now user has control. In "General Settings Updates" now there is a check box "Update recognizer automatically", selected by default, it lets you control recognizer update.
• Clearing Recently Used Virtual Apps: Earlier if you used 'Run Virtual' option, you could have executed apps list always there. Now you can clear up. There is a trash icon in there.

Changes:

• Now "Settings-->Browser Settings Protection" has been renamed as "Settings-->Advanced Protection" and it's settings moved as sub section "Browser Settings Protection", allowing to add more sub sections in there.

Fixes:

• Many user reported crashes fixed.

Fixes:

• Fixes Sandbox bug, where in specific situation a malware could access files outside Sandbox on Windows XP systems.

New:

• Microsoft Edge Browser Support in Sandbox
• Crash Reporting: User will be asked to report crashes observed in any of CCAV modules.
• Improved Potentially Unwanted Applications (PUA) Detection
• Option to decide if Sandboxed application can create shortcut on desktop or not
• Option to control TCP traffic from Sandboxed applications. Now user can stop data oriented network traffic out of Sandboxed applications.

Fixes:

• "Ask for Unknown Applications" setting in Sandbox was not working as expected in Windows 10 Creators update

Improvements:

• Sandbox alert layout has been changed, placing block options first.
• All interfaces listing application name now have right click "Jump to Folder" option

Fixes:

• Incompatibility with upcoming Windows 10 Redstone Update

Improvements:

• Improved system performance, at par or better than CIS

Changes:

• Default exclusion of recycle-bin folder path has been removed from AV exclusion. You can always add it if you want it.
• Program update offer showing link to Release Notes

Fixes:

• In case you had Sandbox setting set to "Ask for untrusted applications" and you execute a malware that is quarantined by user, you could still get Sandbox alert after that.
• GUI issue fixes: at times some of alerts could have buttons that could be half visible.
• In case Internet connection is unavailable, upon system re-start CCAV could consume high CPU

Fixes:

• After 30 days periodic full scan, scanner keep coming back scanning system even after full scan is completed.

Improvements:

• Now there is a sea difference in scanning speed. You should be able to complete scan within reasonable time. We have made changes in protocol used by client and there are server side enhancements as well. We are still upgrading server but you can experience much much better performance now.

New:

• There is new GUI with two additional themes as decided via poll earlier: https://forums.comodo.com/news-announcements-feedback-ccav/final-round-let-s-vote-ccav-2017-user-interface-desing-options-t116944.0.html;viewresults
• After installation upon completion of Quick scan, you will be prompted to re-start system with option to postpone re-start for certain hours. Re-start of system ensures that CCAV also protects against unknown scripts, which otherwise won't be sandboxed.
• Quick scan is now default scan after immediate installation. Quick scan scans all files that could be launched on system startup and thus helps detect any active malware and at the same time helps build the cache, so next time when applications are started, results are in cache.
• When CCAV is updated, scan won't auto start upon update like has been the case. We already have 30 day scheduled scan and auto scan upon update has been unnecessary.
• "Sandbox" logs label is changed to "Executed Applications": When you access logs via "View Logs" section, earlier we had Sandbox section but within that we also had trusted installer entries differentiated by Type column, this was misleading as there were safe application entries as trusted installer misinterpreted if they ran in Sandbox.

Fixes:

• Files with install/setup keyword in path could be uploaded to Comodo even though they were safe.
• Some of temporary files were left out during installation under "Roaming" folder won't be are any longer.

Fixes:

• Protection against Petya Ransomware

Improvements:

• Only applications, which end up running in Sandbox will be submitted to Valkyrie directly and will be classified into Trusted or Malicious on priority basis. Therefore, "Valkyrie Analysis Results" section will only show status of applications, which have run in Sandbox.
• You can always submit files to Valkyrie using right click option (i.e. "Comodo Cloud Antivirus --> Submit to Valkyrie") or via "Help --> Submit File" menu.
• Applications, which are encountered during scanning (custom or full) and are found absent in Comodo back-end, will be uploaded to Comodo for analysis, same way like we have in Comodo Internet Security.
• Now "Settings --> File Rating --> Reported False Positive" has been renamed as "Settings --> File Rating --> Submitted Applications", it will list all applications, which were reported as false-positive or were submitted during on-demand scan. All applications listed in this interface, won't be looked up into Cloud periodically, if you want to know latest status of file verdict, you should re-scan them. As explained earlier, in case applications are executed, cloud lookup is done and if they run in Sandbox, they become part of Valkyrie sub system and looked up periodically so can be classified into Trusted or Malicious quickly.
• Rating scan has been removed and instead we use Full scan as default scan upon new installation.
• When you update to this latest version, "Valkyrie Analysis Section", will start from zero and show analysis results of applications which going forward run in Sandbox.

Fixes:

• In certain special cases invalid certificate could be considered valid in Win 8 and above.

Improvements:

• Improved trusted installer detection for MSI and .Net installers
• File analysis server – Valkyrie internal improvements

New:

• New option to detect PUA (Potentially Unwanted Applications)
• Show alert to prompt user to enable file submission when it is disabled

Improvements:

• Using same Sandbox engine as used by CIS
• Valkyrie internal improvements

New:

• Improvements in Valkyrie and FLS protocol internals.
• Self-Protection: CCAV protects itself from being terminated or corrupted from safe apps also.
• Create diagnostics report for troubleshooting : You can reach via Help section on main UI.

Improvement:

• Valkyrie system enhancements and bug fixes

New:

• Generic support of Trusted Installers
• Browser Protection increased usability
• Advanced Data Reporting

Fixed:

• File should not be submmited when submitting file to valkyrie turn off.

New:

• URL source of downloaded file is reported to FLS server.

Fixed:

• System starts slow when restart for the first time after CCAV installation in some systems.
• cab file signed by trusted vendor is now trusted

Fixed:

• Internal protocol improvmenets major performance improvements on Valkyrie Server.
• Bug Fix: C:\Program Files\WindowsApps should not be skipped during full scan

New:

• Protected folders which is invisible to applications running in sandbox.
• Application started by trusted installer is trusted automatically.
• New option to customize rating scan interval.
• Root certificate scan
• Windows XP x64 support

Improvement:

• Many new improvements on fls and Valkyrie server communication system which will improve the file analysis process

Fixed:

• Install progress should move when preparing installation
• Sometimes CCAV can't connect fls server

New:

• New update offer dialog
• Internet Security Essentials integration

Improvement:

• In detected file list the Clear button should be called 'Clear All' and/or an 'are you sure' check made.

Fixed:

• Some files in rating scan result is trust but still can be submitted to Valkyrie.
• CCAV crashed when click "apply" in rating scan.

New:

• When no av is detected, we show search offer right after installation instead of waiting until reboot.
• When user gives consent and av is detected, we install Yahoo extension to Google Chrome.

Fixed:

• UI freezes during rating scan

New:

• Show Vakyrie information in tray dialog
• New search offer work flow during installation
• cryptolocker Vscope recognizer
• /remove_av_with_consent installer command line parameter
• Show notification when an unknown file is submitted to Valkyrie
• Show lucky you information when valkyrie detects zero-day malware

Improvement:

• Browser setting CMC improvement
• Search protection CMC implementation
• Scheduled rating scan logic

Fixed:

• If the Sandbox is set to block unknowns, unknown executables detected as viruses/malicious get blocked but not detected and so quarantined
• Manual AV (not rating) scan process very slow when scanning deep archives
• Twitter/Facebook buttons on widget redirect to twitter/facebook main webs not to twitter/facebook comodo accounts.

New:

• Valkyrie integration:
• - Add Rating Scan to scan all executable files in system and submit unknown files to valyrie
• - Show Valkyrie analysis status in main UI
• - Show Valkyrie Lucky you information in lucky you report.
• - Show statistics of Valkyrie analyzed files in lucky you report.
• Choose file from running process in Sandbox/Antivirus settings
• Improved protection for command line applications like powershell, cmd, etc

Improvement:

• Alert size is reduced
• System context menu is improved

Fixed:

• CCAV service crashes occasionally

Improvement:

• Sandbox compatibility improvement

Fixed:

• Sandbox compatibility improved
• PAAR uninstallation tracking

New:

• Track browser setting in CMC
• Change search feed to Yandex for supported locales

Improvement:

• Register sandbox in Windows Security Center CCS-4053
• Remember browser protect option for each application CCS-4099
• Manual scan is 50% faster

Fixed:

• "No connection to server" error CCS-4074
• Valkyrie submission failure CCS-4021
• Not show search offer when locale is not supported CCS-4068

New:

• Track browser setting in CMC
• Change search feed to Yandex for supported locales

Improvement:

• Register sandbox in Windows Security Center CCS-4053
• Remember browser protect option for each application CCS-4099
• Manual scan is 50% faster

Fixed:

• "No connection to server" error CCS-4074
• Valkyrie submission failure CCS-4021
• Not show search offer when locale is not supported CCS-4068

New:

• Manual submit to Valkyrie from sandbox list, context menu, main UI
• Uninstallation UI
• Change search feed when upgrade
• Action Center integration
• Compatible with CIS 10
• Search protection

New:

• New Installation UI
• Remove incompatible software during installation
• New feature of purging trusted vendor
• More languages supported
• Performance improved for absent files in cloud server
• Submit non-sandboxed installers for Valkyrie analysis