EICAR test file not detected

The Eicar.org Virus testfile is not detected :P0l, at least not for me.
I used the unpacked eicar.com and the ZIP archive, both are not detected.

Using CIS 3.13.573, and definitions 2988.

Can anyone confirm that?

Just tried detected.

Dennis

[attachment deleted by admin]

I just tryed it also, its detected.

Strange, I tried it repeatedly now, and it is not being detected … (see screenshot)

Any clues ???

BTW, I’m using Win7 X64, Avira AntiVir with realtime scanning enabled and
Comodo with realtime scanning disabled (i.e. as an on-demand only scanner).

I tried disabling Antivir’s realtime scanning as well, still eicar.com is not detected by comodo.

[attachment deleted by admin]

It is detected here. Maybe Avira did something with it before CAV got a chance to. Or maybe the two AV’s are conflicting.

Very strange indeed. As mentioned above, even if I disable Avira AntiVir, the file is still
not detected … 88)

Go here: C:\Program Files\COMODO\COMODO Internet Security\scanners and see how big bases.cav is, please post that.

With the current database revision 2999, the file is 106.003 KB (see screenshot).

[attachment deleted by admin]

Perhaps the file is corrupt. Does Avira correctly identify it as the EICAR test file?

Yes, Avira has no trouble identifying the “eicar.com” as the eicar test file …

By the way, Is there another way of testing my comodo antivirus except the eicar file ?
Are there other, similar test files around, or perhaps some quite harmless other files that
comodo would detect as malware?

Trojan Simulator
http://www.misec.net/trojansimulator/

I had the same problem on two computers after upgrading to latest version 313…573. I replaced the signature database for the latest version from link below, and all is well.

https://forums.comodo.com/anti_virus_faq/where_can_i_download_the_latest_full_av_database-t47164.0.html

Ralph


Thank you Ralph for the tip.
I downloaded the complete bases, replaced the old bases.cav
with the manually downloaded file and all is well here, too.
Interesting … something in the update process must have wrecked my bases as well >:-D.

Problem solved … but the question on how this could have happened remains a mystery 88)

–raynor

PS & Request for enhancement: Maybe comodo antivirus should always do an
integrity check on its bases after updating them, to ensure they are in mint condition ;D