I am having to come back here often, although I definitely do not want to...
It happened once again. I was just checking some samples that I suspected to be virus on my friends system. I checked them with Valkyrie and Virustotal and found them to be malware. I submitted them to Comodo through Forum and was awaiting the detection.
Lately, after a week from submission I found that they are not still being detected by my CIS. I thought of resubmission, but accidentally checked again on Virustotal. Surprisingly (the usual/regular surprise for me though) they are all detected by Comodo in Virustotal.
I rescanned those samples again and they are not being detected by CAV on my system.
After a few trials I realised that it could be the old issue, so I opened the Trusted Files list. YES, they are there sitting happily in the list. I am very much frustrated by this...
I removed them from the list. They are now being detected, except one sample.
I could not figure it's entry in the Trusted Files list. There is no search facility in the list either for easy verification and we do not have SHA or MD5 search in case the file exists in the list with a different name.
I am still trying to figure out a way to get it detected by CAV which already detects on all other systems.
Finally, I am very much disappointed with this behaviour of CAV.
I do not still understand why or how it can add or allow a known malware to the Trusted Files list
I am planning to start a new thread questioning this behaviour with a poll. Please vote if you also want this to be corrected in future versions.