An Overview of Free Antivirus Programs – Part III – Comodo Antivirus 2.0 Beta

December 2, 2007 - Reading time: 8 minutes

This is the third installment in our series on free antivirus programs. Be sure to also see:

• Part I – AVG Free Edition
• Part II – PC Tools Free Edition

Up for examination today is Comodo Antivirus. Review version: 2.0 Beta (build 2.0.17.58)

Product link: Comodo Antivirus

Installation – No registration is required, though you may optionally submit your e-mail address as an ID. Even if you do not provide an e-mail address, the program is still “activated” for life. A reboot is required after installation.

Interface – I don’t think the interface will win many design awards, but it doesn’t take long to figure it out. Here is the main screen:

As you can see, the buttons across the top control most of the navigation, while you can easily enable or disable elements of the program from the main window. Here is what scanning looks like:

Updating – Manual updates are easily handled by clicking the “Update Now” button on the main window. Comodo also comes with a seamless “automatic” update feature that will automatically download and install updates as needed, making it a good “install and forget” program.

Footprint and Scanning – Thankfully, Comodo is light on system resources, and on my system it feels no heavier than AVG. I did not notice any “hangs” or slowdowns in opening files or applications.

Comodo offers a number of scanning options, ranging from a complete scan to isolating specific folders/files. I applaud the inclusion of a memory scan as well.

Upon running a complete scan, imagine my surprise when Comodo reported that the scan only took about 6 minutes on my system (over 400 GB of files)! Six minutes? Surely there must be a mistake here.

There is. An isolated scan of just one of my hard disks takes nearly 7 minutes. How can the “full” scan take less time than that? Somehow, Comodo’s “full system” scan does not even come close to scanning the full system. I’m still scratching my head about it.

That said, Comodo’s scanning speed is still very impressive. Even if I combine the time it takes to scan each of my hard disks, Comodo far outpaces AVG and PC Tools by a long shot. Admittedly, Comodo did run an initial scan just after installation to help set up its Host Intrusion Prevention System (HIPS), so perhaps there’s some aggressive caching going on. Or maybe it’s just a bug. 🙂

Types of Protection – Like the other two programs reviewed thus far, Comodo features an on-access scanner, an on-demand scanner, and an e-mail scanner for users of POP3 programs such as Thunderbird and Outlook. Quick scanning of individual files is integrated though the”right-click” explorer menu.

If you use the HIPS Application Control feature, Comodo will require some training in which applications are safe to use. In the picture below, I have just launched my Finale music software.

Just like setting up a software firewall, Comodo will “learn” which programs are authorized and never bother you again about them. Though initial setup can be tedious, HIPS Application Control can come in handy to stop a rogue virus or trojan from even executing.

EICAR Test – Here is a link where you can download a harmless test file that should be detected as malicious by antivirus programs. As I’ve mentioned before, it is NOT a real virus. In order to test the effectiveness of a program, I download the EICAR test file to my desktop and start counting to see how long it takes the antivirus program to find it. Sooner is always better than later. Let’s see how Comodo fares.

I downloaded the file and waited… and waited… and waited. Nothing happened. Uh-oh.

Bad news. Comodo does NOT automatically detect the test virus, even though the on-access scanner is active. Clicking the file does not trigger the scanner either. In fact, only by right-clicking the test virus and choosing to manually scan it did Comodo finally provide an alert.

Fortunately, the Comodo “Repair Wizard” was able to successfully delete the file, but it is still disturbing that the on-access scanner did not detect the test virus at all.

Update: Comodo’s on-access scanner finally found another copy of the EICAR virus that I manually deleted… 12 hours after I first deleted it! Maybe the on-access scanner was just on an extended coffee break.

Final Thoughts – I really want to like Comodo, and there are a number of things that the program does well. Not only is scanning blazing fast, Comodo is the first program that I have reviewed so far that does not have any nag screens or banners urging me to upgrade to a paid version.

Still, this is Beta software, and there are a few quirks, such as the “not-so-full” scan issue. A more minor issue is that the Windows Security Center does not recognize Comodo as a valid antivirus program, and by default will leave an annoying icon in the tray asking you to install a valid program. This is easily remedied by going to the Security Center and checking the box next to “I have an antivirus program that I’ll monitor myself.” Still, I hope this will be addressed later.

Of course, there is also the glaring issue of detection rates. Given how Comodo fails to quickly find the EICAR test virus, I worry about its overall effectiveness in detecting real viruses. As it stands now, I am not comfortable using this version of Comodo as my primary line of defense against viruses.

If these issues are addressed, Comodo has the potential to become a leading figure in the free antivirus software arena. A glance through their forums shows mention that a beta of a completely-rewritten version 3 should be on the way soon. I look forward to testing it.

Stay tuned for more entries in this series.

Subscribed to my feed yet? It’s free!