Wallet files must be named "wallet" (.dat) in order for bitcoin to read it on startup, so the few viruses out in the wild searching for obscure virtual currencies will have no problem finding the file, regardless of comment tags. Remotely uploading the file and sending it to the attacker, however, on top of keylogging the encryption key, that's a bit more difficult.