Why CIS don't detect this malware ?


Why my CIS antivirus don’t detect the malware hosted in this site ?

It is detected for Comodo in VirusTotal:

I don’t understand ???

EDIT: please dont attach links to live malware

Have you tried to right-click scan it?


The file you pointed out is digitally signed and the vendor “UpdateStar GmbH” is present in TVL. Will report it.
This is rather rare but thanks for having reported it anyway.

why the others can detect it ? it is not digitally signed in the others concurrent suites ? and the vendor is not the same ? and not included in the trust area ?
another funny day _ presto bingo

What do you mean ?
Comodo detects it but the vendor was found in the local TVL thus CAV did not react to it. Anyway issue is solved now.

The trust vendor has removed from TVL ?

Now it’s detected


The vendor was removed yes.

good news

Other ???

The vendor is signed ?

It can happen, but once reported this issue will be corrected.
A note: There are zero-day threats that go with zero detection in Virustotal and after a shorter interval of time were identified.


The file is digitally signed but not present in TVL. File is detected as malware.

Is detected ?

My CIS don’t detect !

IDK why, the file is not trusted try running it (on VM or test machine) with CIS default settings and tell us what happens.

I use a right click CIS scan and it not to detect.

What happens ?

anything ?

I believe that sample is signed for Symantec and for this it’ don’t detected.

Has been detected and is listed as malware, see:

If you want to consult, use the sha1 in: https://file-intelligence.comodo.com/


[attachment deleted by admin]

Yes, is detected for Comodo in VirusTotal but my CIS don’t detect.

This the problem !

which the current version of the database (signatures) that you have installed?

Version of database: 18094


eurekaaaaaa … :-La :-La :-La

The file was in the trust list of HIPS.

I removed it the trust list and reboot my system and now it’s detected for CIS.

Thank you all …