eicar test failure...

I installed comodo internet security( V 4.1) premium on 20/7/2010 because of the reports i saw on matousec.com .i tested it with eicar test by downloading the test file from eicar.org. it failed to detect the file except for the first test file.i am using the av setting as below
real time sc…on access
defence+ paranoid mode
firewall custom policy mode
now can any one tell me whether my security suite is working or not? why comodo was unable to detect eicar even on paranoid mode? should i go back to avast 5 and Zone alarm pro firewall…avast could have easily detected eicar and i seriously think avast is not so bad in proactive security as matousec.com tells me.
i am not accusing comodo…i know that you guys are working very hard, i receives more than 4 or 5 updates daily for my comodo internet security suite…awesome…really extra ordinary when compared to other paid stuff.

Did you update the antivirus?
Please send the file [at] Comodo Antivirus Database | Submit Files for Malware Analysis

NOTE: Eicar Test file, isn’t a virus…


The first file is detected since it’s the test virus file. The second isn’t detected because it’s a.zip file. If you would unpack it, CAV would catch it. The RealTime scanner doesn’t scan packed files. The manual scan does. If you do a manual scan, it should catch it (if you have Scan Archive Files checked in the CAV preferences).

I have same issue!! :frowning:

Take a look at my pictures here… Is it the same problem for you mate?


I had the same issue on eicar. I can run the eicar.com without any complain.

However, I have the error “Update failed. Error code 0x80004002, No such interface supported” when I tried to update the virus definition. Also Defense+ has an error too but diagnostic says no error is detected. ??? ???

.com files are from the ms-dos era and as you guys might know or not, CIs does not have signatures for anything older then XP.

Are you kidding? I suggest you take a look at your system32 directory for all the com files before making a comment.

Moreover, eicar is used by the industry as a harmless virus for testing false negative. All AV scanner should pickup eicar by design. I am sure CIS will pick it up when it is installed properly.

You may be right but next time do it without the attitude. Consider this your only warning.

If you find my “are you kidding?” statement offensive, I apologize but I am sincere when I said that.

You sounded firm when you said “.com files are from the ms-dos era and as you guys might know or not”. Being a moderator for Comodo forum, I think it is important to realize that a false negative on eicar is a serious issue and should be verify and address ASAP. Nothing is worst that having a false sense of security.