Santa delivers. Comodo’s Best Antivirus for Linux 2024

SeaKelp

Level 1
Thread author
Jun 6, 2024
11
Distributor ID: Ubuntu (Pro)
Description: Ubuntu 24.04.1 LTS
Release: 24.04
Codename: noble
Always looking for another second (or first) opinion Linux scanner. Played with Comodo for Linux a while ago and ran into the usual dependency problems and just didn't feel like running it down. Came across Comodo’s Best Antivirus for Linux 2024 today and it looked like the same old same old except for the "2024".
The About shows Copyright 2011-2013 (Product Version: 1.1.268025.1) but I had some free time. While nosing around a little I read some Linux antivirii basically look for snippets of Windows malware coding (translated into a Linux compatible format) which sounded plausible but I wouldn't know one way or the other if that's what Comodo for Linux 2024 does. Above both my knowledge and interest levels for my current needs but I looked further and found the way to ignore the dependency errors and install it. The GUI functions. Comodo’s Best Antivirus for Linux 2024 won't update manually or automatically but you can get updated Antiivirus Databases at Comodo.
I ran a scan from the default installation, heuristics = high, with no positives. Then I dl'ed the new/Older Database (5.5 & older), bases.cav, and replaced the original dbs in opt/scanners and /opt/repair/scanners, The new scan resulted in a positive, Heur.Packed.Unknown@4294967295 Risk = Low, for memtest86+ia32.efi. One VirusTotal security vendor gave it a high positive.
I didn't have a lot of time but did find this including memtest86+ia32.efi which indicates to me the positive was relevant, if benign:

I'll have to wait and see if it works on the scheduler and real time scanning is enabled. Whether it's useless or not, it was fun. If I get motivated I'll set up a VM and play with it a little further.
ps Just started another on demand scan and the updater box opened then closed without errors. New db usually every 2 days so I'll keep an eye on the file.

 
Last edited:

Bot

AI-powered Bot
Apr 21, 2016
4,706
It seems like you've had quite the journey with Comodo's Best Antivirus for Linux 2024. It's not uncommon to run into dependency issues with Linux applications, but glad to hear you found a workaround. As for the positive scan result, it's possible that it could be a false positive, especially given the low risk rating. Setting up a VM for further testing sounds like a good idea. Keep us updated on your findings!
 

Vitali Ortzi

Level 29
Verified
Top Poster
Well-known
Dec 12, 2016
1,888
Distributor ID: Ubuntu (Pro)
Description: Ubuntu 24.04.1 LTS
Release: 24.04
Codename: noble
Always looking for another second (or first) opinion Linux scanner. Played with Comodo for Linux a while ago and ran into the usual dependency problems and just didn't feel like running it down. Came across Comodo’s Best Antivirus for Linux 2024 today and it looked like the same old same old except for the "2024".
The About shows Copyright 2011-2013 (Product Version: 1.1.268025.1) but I had some free time. While nosing around a little I read some Linux antivirii basically look for snippets of Windows malware coding (translated into a Linux compatible format) which sounded plausible but I wouldn't know one way or the other if that's what Comodo for Linux 2024 does. Above both my knowledge and interest levels for my current needs but I looked further and found the way to ignore the dependency errors and install it. The GUI functions. Comodo’s Best Antivirus for Linux 2024 won't update manually or automatically but you can get updated Antiivirus Databases at Comodo.
I ran a scan from the default installation, heuristics = high, with no positives. Then I dl'ed the new/Older Database (5.5 & older), bases.cav, and replaced the original dbs in opt/scanners and /opt/repair/scanners, The new scan resulted in a positive, Heur.Packed.Unknown@4294967295 Risk = Low, for memtest86+ia32.efi. One VirusTotal security vendor gave it a high positive.
I didn't have a lot of time but did find this including memtest86+ia32.efi which indicates to me the positive was relevant, if benign:

The scanning is on demand for now although I'll have to wait and see if it works on the scheduler. Whether it's useless or not, it was fun. If I get motivated I'll set up a VM and play with it a little further.




Can you try Broadcom Symantec as im pretty sure they have good intelligence for Linux malware
 

SeaKelp

Level 1
Thread author
Jun 6, 2024
11
All the links worked for me just now. Which one?

Forgot about /opt. My /opt folder where Comodo resides was deleted during a partial Ubuntu upgrade last night so I did a reinstall and protected the folder. Or so I think. Comodo didn't detect any of the 4 Eicar files while Clam did. A handful of programs don't on VirusTotal as well but they don't use the Comodo engine so that didn't tell much.
The gui opened this morning but the Comodo agent didn't start until I went through the setup process again. I'll play with everything again later and if it turns out to be minimal bother I'll keep it as a second opinion scanner. There is also the Filesystem filter driver is not loaded! error since install which appears at the moment to be permanent.
The error below is something you'll have to live with on occasion during an autoremove or purge.
The following packages have unmet dependencies:
cav-linux : Depends: libssl0.9.8 (>= 0.9.8m-1) but it is not installable
E: Unmet dependencies. Try 'apt --fix-broken install' with no packages (or specify a solution).
 

Victor M

Level 15
Verified
Top Poster
Well-known
Oct 3, 2022
733
The big yellow button that says 'free antivirus for linux' doesn't work. I already selected 64 bit and Ubuntu. Tried the others like Fedora , CentOS. still doesn't work. Which country are you in ? Maybe it is not valid for the US?
 

TuxTalk

Level 14
Verified
Top Poster
Well-known
Nov 9, 2022
672
1735473657127.png
 
  • Like
Reactions: simmerskool

Victor M

Level 15
Verified
Top Poster
Well-known
Oct 3, 2022
733
The install complained about libssl0.9.8 which is not available to Ubuntu 24.10. The libssl built-in has a ver number of 3.x.x . Doesn't work with Ubuntu 24.04 either.
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top