Cool, I’m glad that’s working.
Lusher, as I’m sure you are aware, is/was not a big fan of Comodo’s idea of prevention being the first line of defense; thus he was very harsh concerning Comodo’s lack of what he considered a decent signature database. That database at present contains more than 200,000 signatures, which I don’t personally consider shabby for an AV built from the ground up, in the time they’ve been working on it.
Granted, this is still not on the level of some companies that have been around much longer, purchased other companies virus databases, and whatnot. Part of the thing to consider is that while some have larger signature bases, that is due partly because their sigs are old (and in some cases way out of date); this doesn’t mean they don’t have current sig files, just that they also have obsolete sig files that are still included. A lot of so-called “new” malware isn’t really new; it’s only packaged in new ways to help it escape detection by (guess what) traditional (blacklist) file scanners. Thus, antiquated definitions often serve little purpose (but they make your signature count a lot higher…).
Also, with the purchase of BOClean, Comodo now has its 10+ years of research and definitions, which will be/are being integrated into CAVS, along with some of its detection mechanisms. The next version of CAVS will probably have this integrated.
It’s not a problem to have a backup (on-demand) scanner; I do as well. But with HIPS running, it should catch anything before the scanner triggers. You’ve got to realize, too, by the time the on-access scanner triggers, the malware has already run. This is part of the problem with traditional file scanners (only a part; the rest of the problem is that malware is always ahead of the definitions curve, and causes the AV to be reactive instead of proactive). HIPS, on the other hand, is more proactive, because it’s not based on a definition, it’s based on a type of action being generated which will cause CPU time to be accessed. Alert, Deny, and the malware is effectively castrated. Ouch!
In the end, though, it boils down to what the user is comfortable with, and trusts. If you don’t trust your security software, there’s really not much point in having it…