In the movies, the hero who rescues the town from bandits usually isn’t the guy you want sticking around to run the post office and the general store. The antivirus industry isn’t so different. Some products specialize in rousting the bandits, then riding off into the sunset leaving your PC clean and ready for a different product’s ongoing protection. The free Comodo Cleaning Essentials 6 is one such, and it does a very good job.
Some malware writers code their creations to actively fight installation of antivirus software. Comodo Cleaning Essentials foils such attacks with a simple countermeasure; it doesn’t require installation. Download the tool, unzip it, and launch it—that’s all.
The similar Malwarebytes Anti-Malware 1.70 does require installation, but it managed to install on all twelve of my nasty, malware-infested test systems without a hitch. As noted, all I had to do with Comodo was unzip the downloaded file to a folder on the desktop.
When you launch Comodo it spends a moment initializing and checking out the system, then offers you the choice of a “smart,” full, or custom scan. Whichever scan you choose, Comodo goes on to download the latest updates. On one test system, malware interfered with the update process. A full scan solved that problem, however, and when I tried a second scan the update proceeded without a hitch.
The term rootkit refers to a program that hooks deeply into Windows to hide its own presence. For example, a rootkit may redirect the standard Windows function that lists files in a folder and delete its own files from the list. After the update, Comodo automatically reboots the system and starts a scan as soon as Windows loads, before any rootkit-based threats can sink their hooks into the system.
This almost proved problematic on a test system that can only function in Safe Mode due to a ransomware infestation. When Comodo rebooted it to normal Windows, the ransomware took over. It turned out, though, that Comodo was working away in the background and managed to complete a full scan despite malware interference.
Once the scan finishes, Comodo presents its findings in a tree structure, with individual malware traces organized below the malware threat to which they correspond. Like Malwarebytes, it also fixes malicious changes to system settings such as disabling Task Manager or Command Prompt. After you give permission, it cleans the found traces, reboots again, and reports on whether everything came out right.
In most cases, the final report listed every malware traces as properly cleaned, but for a few it reported “Failed.” If you find any such items in the final report, you’ll need to pursue other options for cleaning. Typically, a session with Comodo Cleaning Essentials is the precursor to installing a full-scale antivirus or security suite. Once you’ve installed ongoing security, run a scan right away.
Very Good Cleanup Scores
Comodo detected 82 percent of the malware samples on the infested test systems, which is good. Malwarebytes, Norton AntiVirus (2013), and Kaspersky Anti-Virus (2013) did even better, with 89 percent detection.
Comodo’s cleanup of the malware it found wasn’t as thorough as some. It left behind quite a few executable files and in one case left a Trojan actively running despite its alleged removal. Its overall score of 6.2 for malware removal reflects this less-than-perfect cleanup. With 7.1 points, Malwarebytes has a higher malware removal score than any of its free or commercial competition. Norton, Webroot SecureAnywhere Antivirus 2013, and Comodo Internet Security Complete 2013 are tied for second with 6.6 points.
Comodo very thoroughly cleaned up the rootkit-based malware samples that it found, which is good. However, it only detected 60 percent of them, which is not so good. The vast majority of current products have detected 100 percent of these same rootkit samples. With 9.8 points, Comodo Internet Security Complete has the top score for rootkit removal; Kaspersky is close behind with 9.4 points.
For an explanation of how I perform and score the malware removal test, see How We Test Malware Removal.
Comodo Cleaning Essentials 6 malware removal chart
Lab Results Don’t Help
When possible, I supplement my hands-on antivirus testing by perusing the results of tests by independent antivirus labs. Some products participate with all of the labs and gather top scores all around; Bitdefender Antivirus Plus 2013 is an example. Comodo’s lab participation is limited, and in any case the labs would most likely test Comodo’s full-scale security suite, not the removal-only Comodo Cleaning Essentials.
West Coast Labs and ICSA Labs certify Comodo’s technology for virus detection, but not for removal. In all the times Virus Bulletin has tested Comodo, they’ve awarded it VB100 certification just once. For this product, lab results aren’t much help. The chart below summarizes recent results. For more about these tests, please refer to the article How We Interpret Antivirus Lab Tests
Comodo Cleaning Essentials 6 lab tests chart
In the last few weeks, I’ve also tested the free Comodo Internet Security Premium (2013) and the $39.99 Comodo Internet Security Complete 2013. Tech support is one big differentiator between these two. With the free product you must rely on email support and forums, while the for-pay edition adds unlimited remotely-assisted support from Comodo’s GeekBuddy service.
With GeekBuddy help, the for-pay product achieved excellent scores for malware removal, but the remote-control diagnosis and cleanup took many, many hours over a period of days. Without GeekBuddy, the most common advice from tech support was to run Comodo Cleaning Essentials. The free product didn’t score as high, but getting the product installed didn’t take nearly as long.
The lesson is clear. For the ultimate Comodo malware cleanup experience, first run Comodo Cleaning Essentials and then install Comodo Internet Security Complete 2013. Run a full scan with the suite and call on GeekBuddy for help with any remaining problems that it finds.
That advice holds if you’re specifically committed to installing Comodo’s security products. If not, you’ll do better turning to Malwarebytes Anti-Malware 1.70 as your free cleanup-only antivirus. In my testing, it beat all free and commercial products, and it did the job faster than Comodo. Comodo is good, but Malwarebytes is our Editors’ Choice in this category.
More Antivirus reviews:
|Tech Support||Web-based support, community support|
|OS Compatibility||Windows Vista, Windows XP, Windows 7|
|Type||Business, Personal, Professional|
Copyright © 2012 Ziff Davis, Inc