brevif.dll - unclassified malware or false positive?

CCE detects this file as malware (but only when running through Comodo Rescue Disk)
in C:\windows\system32\dllcache

In virustotal check, Comodo is the only one to detect it (flags it as unclassified malware), but if I run CAV on my machine it finds nothing.

Does anyone have any info on this file?

this says it has to to do with Brother MFL Pro printer software

Thanks, but the strange thing is I haven’t installed any printer software (nor do I even own a printer itself), yet the file has appeared out of nowhere in the past week or so.

interesting website… not much on your dll but a good resource.

Yeah, I was looking at it on that website, as well as bleepingcomputer.com. It’s hard to find info on that file anywhere.

From looking at the file’s additional information section on virustotal.com, on Portable Executable structural information, there are lines like:

“SetSecurityDescriptorDacl”
“GetPrivateProfileIntA”
“GetWindowsDirectoryA”
“Sleep”
“CreateFileA”

…and so on.

Is that even normal behavior for a printer software dll, assuming that really is what it is?

Also, why would Comodo detect it on VirusTotal, but not when I run CAV on my machine, even with heuristic scanning level at highest?

Hi,emanresuoseehc

Thank you for reporting this.
We’ll check it and get back to you soon.

Best regards
Chunli.chen

Hi,

This is to inform you that false-positive has been fixed.
You can update to AV database Version <15063> of Comodo Internet Security
Version<6.0.260739.2674> and confirm it.

Thanks.

Kind Regards,
Srinivasan.G