We have reviewed Comodo Antivirus 2009 before, and we have generally felt that the 2009 version performed very well. The 2011 (internet security) version adds a few key features and they are as follows, cloud based protection against zero day threats, a sandbox mode (the biggest change), game mode, trusted publisher (Norton Insight), firewall, a new interface, and spyware scanning. Since a lot of the functionality remains the same we want to take a look at what has changed and highlight theses features. In addition, one nice thing about Comodo, is there are no toolbars or added software that are included . I am pretty sure that there isn’t a competitor with some sort of bundle. In addition, the antivirus is now west coast labs certified.
The Comodo download was only 50 megabytes in size and the installer installed the software quickly. The first thing that has changed from the previous version is the interface. The interface is now has a more web 2.0 style to it but still maintains the same internal menus. So anyone familiar with the original antivirus well be comfortable with the latest version.
The biggest change to Comodo Antivirus 2011 is how the antivirus operates. The program now includes sandbox technology (brought into the mainstream by Avast). Sandbox technology takes a suspicious file and then runs it in an isolated protected environment that cannot modify system files. If there is a malware behavior detected, then the file is marked as malware and quarantined. The technology works hand in hand with the companies Defense+ heuristic detection to detect suspicious files. One thing to note about Comodo Antivirus 2011 is that a user will receive a lot of alerts and pop-ups. I received at least 4 when starting the program for the first time. The program initially sandboxed ATI control panel filezilla, and textpad.
I think Comodo probably utilizes the sandbox technology the best of its competitors because there are settings options to control it. Comodo Antivirus 2011 offers file system and registry virtualization. It can also detect trusted installers and exe’s that ignore the sandbox process (didn't work that well in practice). Perhaps the best thing about the technology is that the user can actually specify any file to be sandboxed from a convenient menu.
Cloud protection and scanning. Comodo Antivirus 2011 does in fact carry antivirus definitions locally. But, if a suspicious file is detected that isn’t in the definitions, it will update that file to the cloud (comodo’s server for enhanced virus and behavioral scanning). These settings can be found in the Execution and Control settings. As a final note, it was only a natural progression to enable cloud scanning in Comodo Antivirus 2011 because the company has been developing cloud based scanning for the past year.
The Antivirus scanning experience is generally the same as the previous version. One nice thing is that the program forces an update before running the scan (kind of large at 100 megabytes). The virus scanner is extremely fast and scans up to 15 megabytes per second. CPU usage remained at about 15% and memory usage was surprisingly low at around 60 megabytes.
Comodo Antivirus 2011 is so full of features that I simply could go on and on about the protection. The best thing a user can do is promptly install this antivirus software and test out the features for oneself. It is the most comprehensive free antivirus available to date period. However, it’s important that the user has some knowledge of antivirus software and security. There are quite a few alerts.