Comodo Anti Virus doesn't detect all viruses


I installed the Comodo Anti Virus last night and did some tests. I downloaded some zip files from [www.matousec.coml], and

Apparently these zip files contain viruses to test the computer security. I scanned these 2 files using Comodo antivirus scanner but it failed to detect even 1 virus.

I used Avast antivirus scanner,Kaspersky, Nortons and AVG, they all found the virus. The best scanner was the Avast. Using Avast, I just right-clicked scanned the zip files and straight away it alerted me that it contains virus.

Threatfire also failed to detect the virus.

So I would really hesitate to install Comodo Antivirus again unless they improve.

Also the firewall. I think ZoneAlarm free firewall is far much better then the Comodo Firewall. ZoneAlarm is so easy and fast to use. I can stealth all my ports very easily and the most important thing is to deny internet access to certain programs.

Using ZoneAlarm, it was just so easy but in Comodo it took me ages to find it.

Maybe u Comodo guys should make ur products simple to use and more effective.

Hello markjones900.

COMODO Antivirus is pretty new, so don’t expect it to be as good as the other big guys right away. It will take time to build a virus database, polish the AV engine and heuristics. But it’s getting there REALLY fast.
I don’t agree that ZA is better than COMODO. ZA free is heavy on resourses, takes much more space than COMODO and doesn’t stop threats as good as COMODO. I agree that CIS might be a bit harder to use, but the new graphical user interface is on it’s way to improve usability :-TU


P.S. Welcome to the forums (CWY)

Its getting more and more user friendly. Its on its way.

As you visit matousec you could think that you would not claim that ZONEALARM somehow should be better than CIS. Zonealarm scores BAD at leak tests those days.

As for viruses, Those are really not viruses, neither are they Trojans, these are tests and pose no threat, and some companies chose to instead of building a solid firewall build a anti virus that tries to catch those “tests”.
Comodo AV is currently about to release a new version with heuristic, as for now, yes you are correct, its not the best antivirus, yet, its a new product.

As for effectiveness CIS is THE number 1, preformance (system resources) that CIS uses is way below all other suites, The firewall is the best, Since it scores extremely good and passes leaktests with glance. Simplicity of use is a other matter, ZA is easy to use since it offers less protection.
And not so many functions as CIS, and therfor its a less secure option, made mostly for idiots/broad masses.

Also comodo stealth you as good as ZA. Its nothing advanced.

EDIT:: as for those matousec tests, D+ catches them and the Firewall, those are the ones suposed to be tested.


Thanks for the replys.

Those test files contains virus as confirmed on the website. They not like comodo test files which I have already tested. At least the Avast stops me from executing those files. I don’t wanna execute some files and later on the antivirus tells me that it has detected some virus. “Prevention is better then cure”

Zone Alarm is the company who invented the software firewall. I have tested and tested the free firewall and it is ■■■■ good. There is nothing wrong with it and it doesn’t give much annoying alerts like comodo.

Though right now I have installed the Comodo Firewall. There is nothing wrong with the firewall it’s only the antivirus.

There are lots of stuff Comodo need to improve in their antivirus like scanning for trogans,spyware, scripts and so on.

But hey it’s a free product that’s the best part. I used Nortons and got really sick of it. Installing Nortons is like installing a virus on the computer (:AGY)

I am not against Comodo in fact I want them to make such a good product that big companies start scratching their head. (:CLP)

Comodo scans for Trojans, spyware and dangerous scripts as far as I know. :-TU
Maby misses a few, but they all do. :stuck_out_tongue:

As for the detection its going to improve! New version (currently in second beta) has a new heuristic engine( the current public version don’t have heuristic yet), a new improved database that improves scanning time.

And as for prevention, Comodo actually uses that as a first layer of defence, Comodo firmly believes in PROTECTION as a first layer of defense, thats why D+ is implanted, to restrict new applications chance to do damage, thats why there is a BufferOverflow protection, to prevent bufferoverflows from happening.
As a second layer, there is the Antivirus that can detect/prevent, and the Firewall that detect/restrict.

Glad to hear that! We all want comodo to achieve this! (:LOV) (:LOV)

I’m glad I found this thread before asking the question about Comodo AV. I’m a new user of Comodo - downloaded and installed it yesterday - thanks to many very favorable comments about the product at Wilders Security forums.

I wasn’t as certain about Comodo antivirus, so at this point am running Comodo FW with D+ and Threatfire. Is D+ and Threatfire duplication, or can the two together be an effective hedge against virii, worms, etc? The Comodo av is, of course, with the firewall exe on my second HD and can easily be installed, if recommended.

I’m a very safe surfer, but these days that doesn’t seem to be enough.

Threatfire is a good hedge.
I ran the same setup as you describe.I figured if I accidentally allowed something bad Threatfire would catch it.
CBOClean is an excellent hedge too.
Either or but not both at once.

Hey, It is advised you not to read posts found from Google about Zone Alarm vs Comodo, because more of them are from 2006-early 2008, very bad info. It was very obvious that you do, because (ok, here are some evidence) I used to use ZoneAlarm back 2 years ago until August 24, 2008. Somewhere in late 2007- early 2008 and (i suggested my friends to use it too), it completely bogged my PC down. I went on Google and typed The best Free Firewall, and found Comodo firewall pro, and compared it to Zone Alarm. There were many post that says ZA is better, but i read the dates and most of them says 2006, or 2007. Some of it says CFP/CIS (now) is better and the dates were 2008, and was smart enough to visit their forum and found how to delete bad Zone Alarm off completely, download CFP (at the time) and used it, despite a slight problem with my connection, it was hella good. I avoided CIS (out on October 23, 2008) until November 7, 2008. And your post sort of ticked me off.

Those files you downloaded are NOT viruses…

They are leak tests. They should not be detected by any Anti Virus product.


Shock and Awe. :o I used to think slamming CFP/Comodo was their favorite past time. I guess sometime things may change LOL


PS Just a note: I used Google to search for the word virus (37 results) and could find nowhere to suggest their tests were viruses although with heuristics on high on the CIS beta it does detect some of them.

Zone Alarm free firewall does not offer the latest protection needed, Comodo on the other hand offers more options and more solid protection.

I agree with the original poster, Comodo AV does not detect all viruses. I got a virus yesterday that managed to run on my PC. The virus in question 0xf9.exe is still not being picked up by Comodo, even though yesterday it said the file was already being analysed when I tried to submit it.

I had only recently dumped F-Secure for CIS, so tried F-Secure on another PC and that recognised it as Trojan-Downloader.Win32.VB.klx immediately. I had a similar thing happen using Avast a couple of years ago, and decided that the old adage was true, you get what you pay for, so purchased F-Secure (as that also detected the virus that Avast missed immediately). Now I am concerned once again that I may made a mistake with a free AV program.

The only saving grace for me was that it detected 0xf9.exe trying to modify a protected registry key (is that Defense+?), and warned me, so I became aware of the infection before it spread. Had I been using F-secure and it hadn’t know about the virus, I would have been infected completely without even knowing it. Obviously I could still be infected as Comodo isn’t even detecting the original infection, repeated scans have brought up nothing, but it wouldn’t find anything it didn’t know about.

As for the Firewall, I have to disagree. I first used it years ago and it is still the best Firewall, free or otherwise, that I have ever used. Since dumping F-Secure I have also reclaimed an extra 150-200MB of RAM, and my PC is no longer using 50% of the RAM just from booting up!

I’ll have to wait and see how long it takes to recognise that virus before I decide whether to go back to F-Secure, but because of the AV I certainly won’t be recommending CIS to my mother!

Hi pablo,
Can you please make sure you have submitted sample as per guidelines given under following topic:

As i understand you have used files submission interface of CIS, using which we get many files and takes quite time to process all those, while malicious/suspicious ones can be sent via mail as described in above mentioned topic, which get processed at higher priority.