CIS vs Virustotal

Hi guys, how come a file not detected by my installed CIS5 is detected by Comodo on Virustotal?

/W

Post here VT link results and send me this file :wink:

Hi, woodrow.
The version of Comodo used in virustotal does not use the cloud whitelist, so if the malware was accidentally whitelisted by comodo, then you are bound to end up in these situations eventually.
If the application has a digital signature, try deleting that digital signature from the trusted vendor list then rescanning the file and report if there was any change.

http://www.virustotal.com/file-scan/report.html?id=12463a7bce768eb3c909c2be99d6cfc3a2c4f2737b054d8429213d15c9497700-1297538657

File is submitted as suspicious with your attention.

/W

Now you scare me:

accidentally whitelisted by Comodo
:wink:

The file does not have a digital signature, it was submitted to Comodo in December tru the GUI:s “submit file” as I wanted to see how long it took for Comodo to add it to their database.

I did ask this before in this forum without a clear answer, please read:

https://forums.comodo.com/antivirus-help-cis/cis-5-and-unknown-files-t65651.0.html;msg462234#msg462234

Thx

/W

Can you PM me the file?

If you have malware that is not detected please post it in Submit Malware Here To Be Blacklisted - 2011 (NO LIVE MALWARE!).

If you find malware that is not seen because it is digitally signed please post it in Report trusted and whitelisted malwares here! [Don’t attach Live Malware !!].

Make sure to follow the procedures as described in the opening posts of the topic.

Hi,
This file had safe signature in cloud and VT version of scanner does not use cloud and thus detection was visible in VT. It has been fixed and sample should be detected by CIS also.

Thanks
-umesh

Thx umesh.

/W

The question is how can the file be treated as safe and detected as malware at the same time…?
This is serious fail.