Malware found on Virus Total with CAV but not on pc (same database numbers)

I was cleaning out malwares that were sent by email (most of them I submitted).

I found one that I wasn’t sure of, unpacked it and didn’t see CIS flag it. So I submitted it to Virus Total. Iit got flagged by CAV, with datebase 4555, as malware. I had the same AV database on my computer as on VT.

I then tried to download the latest available full database and updated CIS to 4556. Again it didn’t detect. Then I let it scan another folder with infected cracks and alike and it detected malwares there. The AV is working.

I am on Win 7 x32 with CIS 4.138377.779 with no other security program running in the background. On demand I have MBAM, A2, Super Antispyware, Spybot and Defender.

think you can send it to me? I want to see if I can detect it.

Check your pm for a download link.


Umesh is the right guy for this job. he can get this checked out and report back.



yup no detection on my end either. But it definitely is a bad file, check it out

The VT analysis shows 37 of 39 programs think it is malware.

I’m going to try to replace my database with a fresh one and see if the problem is still there.

ok replaced bases file and still no detection, :o

Thanks for confirming. Let’s see what Umesh comes up with.

Hi Guys,
This is being detected in CIS 3.x but not in CIS 4.x as of now.
I will get back to you after finding out more details for fix of this.


Hi All,
This issue has been resolved in today’s CIS release (V4.0.141842.828).
You can scan using latest version and sample must be getting detected.


good to hear, must have been something important if a program update is needed.

We already had released planned. This was an additional fix. This was one of exception cases, so nothing very critical about it.


well whatever you did it detected the file just fine now. I’m happy again.

You mean other than users systems getting infected? ???

I just did a clean install of 4.0.141842.828 and I can confirm the problem is fixed.

What do you mean? It sounds a bit cryptic.


Received a suspicious file by email that according to Virus Total could be malware and got flagged by the online Comodo scanner, database 4641, as “Heur.Packed.Unknown”. But it doesn’t get seen by CIS on my computer (database 4642) even with Heuristics set to high.

I submitted it to CIMA .