Unrecognised file lookup doesn't ask to delete malicious files [M130] [v6]


  1. What you did: Added some malicious files to the unrecognized files list then did a lookup of all the files. Comodo finds many of them as malicious but when i click close it doesnt ask to delete them like previous versions.
  2. What actually happened or you actually saw: When i clicked close cis did not ask if i wanted to delete the malicious files.
  3. What you expected to happen or see: I expected cis to tell me there were malicious files and ask if i want to clean them
  4. How you tried to fix it & what happened: Tried a reintall and i tried clicking the x to close the window thinking maybe it would act different
  5. If a software compatibility problem have you tried the compatibility fixes (link in format)?: N/A
  6. Details & exact version of any software (execpt CIS) involved (with download link unless malware): N/A
  7. Whether you can make the problem happen again, and if so precise steps to make it happen: Add a malicious file detected by cis to unrecognized files, then do a lookup, cis will detect the malware but not ask to clean the file.
  8. Any other information (eg your guess regarding the cause, with reasons): The file lookup GUI was changed during the beta phase so it seems like the clean functionality wasnt added correctly.

B. FILES APPENDED. (Please zip unless screenshots).:
0. A diagnostics report file (Click ‘?’ in top right of main GUI) Required for all issues): Attached

  1. Screenshots of the 6.0 Killswitch Process Tab (see Advanced tasks ~ Watch Activity) or 5.x Active Process List. If accessible, required for all issues:: Attached
  2. Screenshots illustrating the bug: Attached
  3. Screenshots of related CIS event logs: N/A
  4. A CIS config report or file: Zipped and attached
  5. Crash or freeze dump file: N/A
  6. Screenshot of More~About page. Can be used instead of typed product and AV database version: Attached


  1. CIS version, AV database version & configuration: About screenshot attached
  2. a) Have you updated (without uninstall) from a previous version of CIS: No clean install
    b) if so, have you tried a clean reinstall (without losing settings - if not please do)?:
  3. a) Have you imported a config from a previous version of CIS: No
    b) if so, have U tried a standard config (without losing settings - if not please do)?:
  4. Have you made any other major changes to the default config? (eg ticked ‘block all unknown requests’, other egs here.): No
  5. Defense+, Sandbox, Firewall & AV security levels: Defense + disabled; Sandbox partially limited; firewall safe mode;
  6. OS version, service pack, number of bits, UAC setting, & account type: Win 7 ultimate x32; admin; sp1; UAC off
  7. Other security and utility software currently installed: MBAM pro but i experienced the bug when mbam was not installed
  8. Other security software previously installed at any time since Windows was last installed: mbam pro but experienced the bug before i installed it.
  9. Virtual machine used (Please do NOT use Virtual box)[color=blue]: None

[attachment deleted by admin]

Also I’d add, File Lookup does not remove “trusted files” to the trusted files after lookup and new unknown file : it does not ask user to submit them to Comodo, in V5 and V6 beta1 everything was working well.

Thank you very much for your report in standard format, with all information supplied. The care you have taken is much appreciated by Comodo, and will increase the likelihood that this bug can be fixed.

Developers may or may or may not communicate with you in the forum or by PM/IM, depending on time availability and need. Because you have supplied complete information they may be able to replicate and fix the bug without doing so.

Many thanks again


This can be moved to resolved. Comodo changed the behavior of CIS after it does a lookup of files more info can be found here:

I will create a new topic in the wishlist to help make this easier to use

I’ve looked at the described behavior, it’s more obvious perhaps that there is a threat, but there is still nothing to suggest to the user what to do if I am understanding correctly. The user can just close the window?

So I’ll retain this on file I think. QA, if you are looking at this could we have an IM chat about it?

Fixed in CIS 6.1.275152.2801