Modified EICAR file is missed by many, including Comodo.

I simply copied the EICAR code into Notepad, added my own comments, saved it as a .com file, and uploaded to Virustotal.

Surprisingly, many companies miss it inc. Symantec, Mcafee, Gdata, Avast and Comodo ??? !

Just to be 100% sure, I sent the original one to Virustotal and all except one (Prevx) detected it. Note that Prevx is pure behavioral detection so that is expected. The following is the contents of my modified EICAR file (you can add your own comments but it probably won’t matter).


The code above is known as the EICAR test file.

It is used to ensure that antivirus software is configured correctly.

This text is merely here as a modification to the standard file.

Does this mean if a virus e.g. Virut copied its code into a file, Comodo (and Symantec, Mcafee, etc. ;D) won’t detect it?

Read the EICAR webpage again. The rules are strict and some are following them by the letter.
And it should be that way. That’s how you define proper detections.