Not detecting eicar

I have just downloaded comodo av and have hips enabled. As is the custom, i went to eicar webpage and the only thing which happened is that it got sandboxed.

Comodo is not showing that it detected it as a virus and removed it.

The thing about the EICAR test file is that it is text file (.TXT) and as such is not considered harmful and will not be scanned by CIS. Rename the same EICAR.txt test file to EICAR.com (or any other type of executable file) and CIS will detect it.

However, I’m not exactly sure which EICAR web page you accessed or why that would be sandboxed… or even how (being a web page). But, if the web page attempted to deliver the EICAR test file to your PC in the form of an executable that CIS did not recognise, then I would imagine that CIS would sandbox that… and that would probably ruin that particular EICAR test.

I tried downloading the eicar.com.txt from http://www.eicar.org/85-0-Download.html and while it was not detected during download or simply browsing to the folder it reside in, it was detected when trying to open it.

When downloading eicar.com it was detected during the download.

I guess it could be that Legendkiller tried to download the eicar test file through a browser which was already sandboxed, if I recall correctly CIS AV won’t react on malware then and it would explain why the file was sandboxed and not detected. (I tried to replicate but could only get so far as to try and launch the .com file… nothing happened at all, was as if Windows didn’t recognize my attempts to open the file)