I recently submitted suspicious file which is an actual malware DLL file which slipped through Comodo AV into Firefox as an extension hidden (hid itself from Addon page). And it has past two days, but I haven’t see Comodo update their database to detect the malware.
Response time to new malware is a major part for all AV companies to fight new/undetected malicious files.
Comodo really need to step up and reduce the response time.
VirusTotal doesn’t give a total representation of a security product’s protection because it uses command-line scanners which may lack some functionality found in the normal interfaces (refer to the VirusTotal about page for details).
In the case of Comodo what you see on VirusTotal lacks CAMAS dynamic detection as well as effects caused by automatic sandboxing. Files CAMAS detects cause antivirus pop-ups in CIS right away to protect users, but VirusTotal won’t show a positive detection until these samples formally migrate into the definitions or heuristics. Similarly, automatic sandboxing makes some undetected threats harmless or non-functional but this protection is invisible on VirusTotal until Comodo actually incorporates detection for them.