False positive with CIS 5.3 and not with CIS 5.0

CIS 5.3 gives Heur.Suspicoius@123869440 for ghostwall_setup_1.150.exe (SHA:b9e790ee5f7d8332fbd1032d0c85ff0eb0fbfe9e)

But CIS 5.0 does not detect it.

Both are on database version 7233

Was submitted on “Comodo Antivirus Database | Submit Files for Malware Analysis” and reply was

“The sample you have submitted
ghostwall_setup_1.150.exe (SHA:b9e790ee5f7d8332fbd1032d0c85ff0eb0fbfe9e) is not detected by Comodo
Internet Security version 5.0.162636.1135 with database version 7233
Please make sure the Antivirus Database is updated and check again. If
detection is still present, please submit the file with screenshot on
Comodo forums at …”


[attachment deleted by admin]

I want to tell you that SIV exe file is not a FP; Prevx says it’s a CLOAKED MALWARE. Look here for more info

I will update this post for more info.

EDIT: do you have something from GIGABYTE?

Take care

Valentin N

Hi ghostza

Currently checking “b9e790ee5f7d8332fbd1032d0c85ff0eb0fbfe9e” as you provided shows no detection by any including Comodo