Hello,
I use lates version CIS beta. I downloaded a file, run it and my PC is infected. I have AV ON, sandbox - FULLY VIRTUALIZED, HIPS - SAFE MODE. I run the file on purpose. I thought it will go to Sandbox. It did not happen. And My PC is infected.
Why was not the file taken to sandbox. It is marked as a virus only 8-10 AV on Virustotal. Comodo has it as clean.
thank you for your help.
Could it be possible to send the file to virustotal and post the link into this topic ?
Also, you can give me the binary throught PM so that I can test.
Thanks.
Thanks for the file, ran it on production machine and it got fully virtualised automatically.
I run it from desktop. How is it possible it did not go to sandbox?
I am just looking and I have it in TRUSTED Files and I surely know I did not put it as trusted.
Basically, I don’t see any reason why it is in your trusted files…it is brand new (14 hours old) and is listed as unknown in Comodo’s cloud so it automatically goes to sandbox.
It happened to me moretimes even with the stable version of CIS.
Do you have any idea or solution how I could avoid it next time?
!ot! 
is there anyway to download the file from VT ? how can i get a download link for that file
It created another file in my PC. And I am afraid to run it. But I would run and try it. 
>:(
Hello,
I am here again. I have the same problem today. I tried to run old infected file and CIS on my PC says - it is clean. Comodo on Virustotal marked this file as a trojan. I have the latest virus database.
What is wrong?
[attachment deleted by admin]
Please, try reinstalling CIS by following these steps :
Tell us if the problem persists.
Thanks.
I tried it few days ago. What about if I send you the file. Could you try to scan it in your PC and see what it does?
Virustotal just uses CIS scanner but CIS on your system has whitelists too i.e a file goes through whitelists first & if it is whitelisted then it is not scanned so may be the file was in whitelists. VT only uses CIS scanner so thats why may be it was detected at VT.
For such case, a thread is there in the forum “submit malware that is whitelisted”
Send me the file, I will test it on XP SP3 32 Eng real system i.e no VM.
What is your system?
I am sending it to you.I did not put it on a whitelist.
But for now, nothing shows that this is trusted malware.
You can also send me this file so that I test, but last time you sent me a file it correctly got sandboxed, don’t know why it didn’t on your system.
I will send it to you through PM.
Thanxx for the sample.
Here it was detected by the AV.
I disabled the AV & Cloud & it was autosandboxed & Fake AV Antivirus Pro Security appeared. I exited the Fake AV & restarted the system. After restart Fake AV didn’t appeared, neither was active in the memory.
XP SP3 32
CIS 7 Beta Defaults
Thank you for your answer. When I run the file it is sandboxed too. But when I scan the file it is clean. It is strange. I have W8.1 64b.
Scanned and got detected as malware.