Files are in the white list, or not?

I downloaded malware files from a website. The CIS 5.3 did not find anything on my PC, but Comodo says “Heur…” on Virus Total in some cases. These files are not in the TVL and are not digitally signed.
Possibly white list? What is the explanation for this?
The cloud is enabled.
( I submitted these here already: https://forums.comodo.com/av-false-positivenegative-detection-reporting/report-trusted-and-whitelisted-malwares-here-dont-attach-live-malware-t67172.15.html )

Two examples. Look at the pictures.

[attachment deleted by admin]

What is your heuristic level set to?

I believe VirusTotal has it set to high.

My heuristic level is high also (real time and manual scanning).

Can you please provide VirusTotal links for the files in question?

The ceshi1.exe is added to the blacklist already by Comodo but I have other links.

For examples:

http://www.virustotal.com/file-scan/report.html?id=a04cea5eb16ec63854c54d16658fe2d03bf88bb8c99fa3e2e52874e64953ae12-1294416694

http://www.virustotal.com/file-scan/report.html?id=6371d8bf1e3f47974c338407f6dacf824fe0188ee8a99f20c617d9514a94c218-1294254226

http://www.virustotal.com/file-scan/report.html?id=631ab7f16d588def9eb44bc0c8e823928f7c6c3f0be4c4d493ab657ebabcb28c-1294250747

Here are the results using Comodo File Intelligence and searching using the SHA1 given on the VirusTotal Report.

VirusTotal Link
Verdict=Safe

VirusTotal Link
Verdict=Unknown

VirusTotal Link
Verdict=Malware

Therefore only one of them is still considered a safe file. If you’ve already reported it then it will be taken care of.

Wow! :o
I understand what you say, but what is the CFI?

Here’s the relevant forum topic.
https://forums.comodo.com/empty-t63901.0.html

Okay, but I don’t fully understand it.
Why is there a difference in the results between CIS 5.3 and VirusTotal?

CIS first checks to see if the file is in the whitelist. Therefore it won’t be recognized as malicious if the file was in the whitelist. VirusTotal has no whitelist to check against.

I believe that’s why it is recognized on VirusTotal but not when you scan it on your computer.

CIS first checks to see if the file is in the whitelist. Therefore it won't be recognized as malicious if the file was in the whitelist. VirusTotal has no whitelist to check against.

That’s the point, it’s clear to me. :-TU
Thank you very much for your responses!

Regards,
vv5204