utm.exe & CIS

Was testing CIS latest with default settings.

utm.exe has a weird digital signature which is invalid. It is trusted by CIS i.e it gets into trusted lists.

If you keep the mouse over utm.exe it mentions company Microsoft Corporation. Trusted lists also shows Microsoft Corporation.

See the attached screenshots related to utm.exe & CIS.

VT Link - VirusTotal

Valkyrie Link - https://valkyrie.comodo.com/Result.html?sha1=e3cde656b494f1037c73c7220c38a52d2fe71d94&&query=0&&filename=uTM.exe

Comodo Dragon asks to discard the file during download as it finds it malicious.

[attachment deleted by admin]

Report in CIMA
Suspicious Actions Detected:
Creates autorun records
Deletes self
Injects code into other processes

Wow! :o
Nice catch, guys! :-TU

I am wondering how a file with such a weird invalid digital signature was whitelisted by Comodo?

A mistake or a bug in the whitelisting process?


The sample you have provided is not trusted by CIS, in fact is has a malware signature and it is detected.

Best regards,

Do you mean to say I am lieng in any way ???

CIS is detecting the sample today BUT yesterday it was not detecting it, infact the sample was trusted by CIS as shown in the screenshot in the first post.