bug

bug in active process list(sandboxed only).
its vedict is trusted but online lookup verdict is malicious.

suggestion: providing verdict after online lookup is the best. Please implement this.

the exe in the attachment is a Win32:Buterat-CG Trj but CIS not detected it yet. It is LATEST THREAT.

Mod Edit: Link removed. Please do not post live malware on the forum!

We would very much appreciate it if you would edit your first post to create an issue report in line with the bug forum guidelines and format here. You can copy and paste the format from this topic.

To understand the reasons why we ask you to follow these guidelines please see below.

WHY WE ASK YOU TO FOLLOW THESE GUIDELINES
Bugs/issues can be impossible or very time consuming to fix if developers don’t have enough information to reproduce them. Since CIS is free, development time is limited. So if you want your issue fixed, please use the format below to describe it.

To avoid clutter, issues not described in the format below your post will not be moved to the ‘moderator verified’ issues topic. This means that the developers may not look at it.

Best wishes and many thanks in anticipation

HeffeD

It is detected by AV heuristics.

Sorry for the malicious file in the attachment. I don’t know that. My intention is to help comodo. So now i followed ur format:

  1. What you did: i downloaded a file which is malicious but not detected by CIS.

  2. What actually happened or you actually saw: the active process verdict is trusted.

  3. What you expected to happen or see: i expected that the verdict=malicious

  4. How you tried to fix it & what happened: online look up and its malicious, so CIS offered to remove it

  5. If its an application compatibility problem have you tried the application fixes here?:No

  6. Details & exact version of any application (execpt CIS) involved with download link:No

  7. Whether you can make the problem happen again, and if so exact steps to make it happen:you mentioned not to post live malware links. so i can’t tell the exact steps without that.

  8. Any other information (eg your guess regarding the cause, with reasons): online look up and verdict.

[attachment deleted by admin]

We really would very much appreciate it if you would edit your first post to create an issue report in line with the bug forum guidelines and format. You can copy and paste the format from this topic.

Thank you

Dennis

Unfortunately we do need this issue to be reported in the full right format, and with all the information we have asked for, if we are to forward it to verified issues.

For the moment I am going to move it to the Orphaned/Resolved child board. If you do edit your post to create a complete issue report in standard format, and PM an active mod, we will of course consider moving it to verified reports.

The devs only look at the Orphaned/Resolved board if they have time, so please do edit the post and PM an active mod if you want it fixed.

Dennis

Since the cis version 5.5 I noticed the same problem as the line 5.8 beta, Windows 7 32 bit SP1, when it detects new hardware and Windows tries to install the drive, lasts forever when antivirus is turned on (set deafult on stateful), once the antivirus is disable everything goes normal. I hope that this problem be solved in the final version of CIS 5.8. Version 5.5 was a disappointment, I did not expect this to happen, and I see that history repeats on cis 5.8 beta.