comodo fails doesnt detect trojan.lameshield

Aloo everyone i have made a links test with cis 6 beta in vmware workstation / windows 7 enterprise 64 bits and i found a file in disk c program data that is considerated malware by malwarebites( trojan.lameshield) , after a full scan with cis this file was not remooved , and it is in the unrecognized files of cis has an unknown file , malwarebites found it!
in kilswitch it apears like this rating/ unknown restriction/restricted virtualization disabled
i also made a scan of the file itself with cis av and didnt find nothing!
the program pops up saying pc is infected (fake av)

im not an expert an forgive me if im beeing ignorant but i think i should post this! i m sending snapshots of the vm for you to see! thank you and sorry mistakes

[attachment deleted by admin]

Did you try to use Clean Endpoint and do a full system scan using that tool?

no i did not i have the vm suspended whright know is just like it was when i took the snapshots, i could do that , to see what hapens what do you think? i can do that and then tell you the results?

If you can, do it for us and post results [screenshots would be awesome!].

ok i will do that and post the results

Very much appreciated!

can you also submit the file to virustotal and provide a link for us to see

A print screen and a link will be nice to see (:NRD)

C:\Documents and Settings\All Users\Application Data\99FAB4872DE4E345008499FA3070C68A\99FAB4872DE4E345008499FA3070C68A.exe

Please improve CIMA. 88)

[attachment deleted by admin]

Most likely virus positive

Behavioural information
The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.

File system activity
Opened files...
C:\f10e0c0534ac6f68bd46ee95ca071e0b265498945947c4f588a0246a4fd6ea3e (successful)
\\.\PIPE\lsarpc (successful)
C:\Documents and Settings\All Users\Application Data\E523B22D69C1A9C3006CE52345B45386\E523B22D69C1A9C3006CE52345B45386 (failed)
C:\WINDOWS\Registration\R000000000007.clb (successful)
C:\WINDOWS\system32\shdocvw.dll (successful)
C:\WINDOWS\system32\stdole2.tlb (successful)
Read files...
C:\f10e0c0534ac6f68bd46ee95ca071e0b265498945947c4f588a0246a4fd6ea3e (successful)
C:\WINDOWS\Registration\R000000000007.clb (successful)
C:\WINDOWS\system32\shdocvw.dll (successful)
C:\WINDOWS\system32\stdole2.tlb (successful)
Deleted files...
C:\f10e0c0534ac6f68bd46ee95ca071e0b265498945947c4f588a0246a4fd6ea3e (failed)
Registry activity
Set keys...
KEY:   HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\E523B22D69C1A9C3006CE52345B45386
VALUE: C:\Documents and Settings\All Users\Application Data\E523B22D69C1A9C3006CE52345B45386\E523B22D69C1A9C3006CE52345B45386.exe (successful)
Mutex activity
Created mutexes...
E523B22D69C1A9C3006CE52345B45386 (successful)
Application windows activity
Searched windows...
CLASS: Shell_TrayWnd
NAME:  (null)
Runtime DLLs
psapi.dll (successful)
msimg32.dll (successful)
comdlg32.dll (successful)
winhttp.dll (successful)
kernel32 (successful)
user32 (successful)
ntdll.dll (successful)
kernel32.dll (successful)
shlwapi.dll (successful)
advapi32.dll (successful)
userenv.dll (successful)
rpcrt4.dll (successful)
ws2_32 (successful)
c:\windows\system32\mswsock.dll (successful)
hnetcfg.dll (successful)
c:\windows\system32\wshtcpip.dll (successful)
clbcatq.dll (successful)
ole32 (successful)
ole32.dll (successful)
c:\windows\system32\rpcrt4.dll (successful)
sxs.dll (successful)
oleaut32.dll (successful)
comctl32.dll (successful)
riched20.dll (successful)
shell32.dll (successful)
wininet.dll (successful)
secur32.dll (successful)
c:\windows\system32\winhttp.dll (successful)
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
Network activity
HTTP requests...
UA:   Mozilla/5.0 (compatible; MSIE 6.0; Windows NT 5.1; Trident/5.0);(b:2600;c:INT-7D60;l:09)
TCP connections...
UDP communications...

allo i have finished making a scan with cleaning essentials and it didnt find anything , but malwarebites did , and i uploaded the file to virus total and it was considerated malware by 3 avs companies ,unfortunaly i made a miststake and didnt copy the link( so stupid sorry for that), vakirie from comodo did recognize it has malware too!
the log file from malwarebites after scaning reported that nothing was on critical parts of the pc
im sending screenshots from the vms image for you to see , the links from virus total and valkirie results i made a mistake and did not save them well! sorry for that! i think that you can see for the shots that im sending, and i also think that CIS protected the sysstem although that file was left behind
well i realy dont understand much about this world of security , im just a curious person about it!
i apoligise for my english mistakes and if i `ve been inconvinient please forgive me!

[attachment deleted by admin]

just a thought
Did you updated the anitvirus definition???

Oh sorry i didn’t see you ur comment were you said that it was detected by only 3 AVs
so i guess its an anti-virus definition issue!!

[attachment deleted by admin]


[attachment deleted by admin]


[attachment deleted by admin]

i recovered a link with valkirie result

yes absolutely i used cleaning esentials has it it is in shots i opened cis clicked/tasks/ advanced tasks/ clean endpoint and then made full system scan and at the end nothing found reeboot and nothing found by cleaning esentials

so all that happened is that the AV does not have a signature for it. That is normal no AV detects 100% of malware. This is what you are seeing. Just because the file is there does not mean it can do harm to the computer, especially with CIS that blocks unknown malware.