Comodo BOClean Saved my day, even though I had an AV installed!!

Eric Cryptid

Global Moderator
Comodo's Hero

Offline

Posts: 1686

Security Saskquatch

Comodo BOClean Saved my day, even though I had an AV installed!!

« on: April 27, 2007, 07:11:35 AM »

BOClean saved my **** today!

I Downloaded a Program from www.download.com which is usually really reliable. It was a program called EasyCash which I wanted for keeping track of my finances. I downloaded it with no detection from anything not CPF Nor Antivir PE Preimium nor Spyware Terminator and then click to install the program still no detection from the above and and then the installer didn't fully install / stopped and closed in the middle of copying files. I looked at my BOClean log to find!!!

04/27/2007 12:55:45: IFSKEYLOG17 MALWARE STOPPED by BOCLEAN!
Trojan horse was found in memory.
C:\WINDOWS\IFINST27.EXE contained the trojan.
Active trojan horse WAS shut down. System now safe.
Logged in user: ******

OMG! Not even my Antivirus or anti-spyware caught that one! It stopped it and removed it before it had a chance to do anything!

I LOVE BOCLEAN!!!!!!!!!!!!!!!!!!!!

EDITED
******
topic splitted and Subject line modified to reflect the post..


« Last Edit: June 30, 2007, 09:46:39 AM by Melih »	Logged

Moderator: forum policy.
System: 32 bit Windows Vista SP3
Realtime Protection:Comodo Internet Security 3.10 Internet Security
On Demand: MBAM & SAS
Other: CSE,CSC,CTC,CEVPN,CVE.

FishStyx

Newbie

Offline

Posts: 13

Comodo BOClean Saved my day, even though I had an AV installed!!

« Reply #1 on: April 27, 2007, 10:41:45 AM »

Quote from: EricEgan on April 27, 2007, 07:11:35 AM

Very interesting. I'm curious as to what IFinst27.exe is and why BOClean identifies it as malware. I Google IFSKEYLOG17 and come up with nothing. I Google IFinst27.exe and find the same "virus removal" thread on several support web sites, but no explanation of what IFinst27.exe is, no proof that IFinst27.exe was the problem, or that it is in fact malware.

The other applications didn't flag it because there seems to be no record of it. Evidently no harm done in removing it, just wondering what it actually is... Huh


« Last Edit: April 27, 2007, 06:13:58 PM by Melih »	Logged

Comodo Firewall Pro 2.4 || Avast! 4.7 || Comodo BOClean 4.23
Ad-Aware SE Personal 1.06r1 || Spybot S&D 1.4 || Windows Defender

N.T.T.W.

Global Moderator
Comodo's Hero

Offline

Posts: 1124

A minute of your time can help many.

Comodo BOClean Saved my day, even though I had an AV installed!!

« Reply #2 on: April 27, 2007, 10:50:09 AM »

I only found one link that seemed useful:

http://www.castlecops.com/t171457-navil_toolbar.html

This seems to say that IFINST27.EXE is something to do with W32/Downloader.AOLK

Smiler


« Last Edit: April 27, 2007, 06:14:14 PM by Melih »	Logged

Post proelia praemia.
Die dulci fruere.

FishStyx

Newbie

Offline

Posts: 13

Comodo BOClean Saved my day, even though I had an AV installed!!

« Reply #3 on: April 27, 2007, 11:05:08 AM »

Quote from: Anderow on April 27, 2007, 10:50:09 AM

I only found one link that seemed useful:

http://www.castlecops.com/t171457-navil_toolbar.html

This seems to say that IFINST27.EXE is something to do with W32/Downloader.AOLK

Smiler

Thanks Anderow, good catch. Looks like a browser hijack.
Good work BOClean! Viva Comodo


« Last Edit: April 27, 2007, 06:14:31 PM by Melih »	Logged

Comodo Firewall Pro 2.4 || Avast! 4.7 || Comodo BOClean 4.23
Ad-Aware SE Personal 1.06r1 || Spybot S&D 1.4 || Windows Defender

Melih

Comodo's Hero
Administrator
Comodo's Hero

Offline

Posts: 8216

Comodo BOClean Saved my day, even though I had an AV installed!!

« Reply #4 on: April 27, 2007, 05:41:40 PM »

Quote from: FishStyx on April 27, 2007, 11:05:08 AM

Thanks Anderow, good catch. Looks like a browser hijack.
Good work BOClean! Viva Comodo

Now you know what we mean by saying:
You should have Comodo BOClean in addition to your AV products Kewl

Its a tool that every PC should have no matter what AV they use!!!

Melih


« Last Edit: April 27, 2007, 06:14:48 PM by Melih »	Logged

Who is Melih? What is he trying to do? -- Follow me on Twitter

Lasse88

Usability Study Member
Comodo's Hero

Offline

Posts: 275

My Security Software: CIS + SAS Pro

Re: Comodo BOClean Saved my day, even though I had an AV installed!!

« Reply #5 on: April 27, 2007, 07:11:38 PM »

uhm when BOClean detects something, should it not then come with an alert.?

because it sounds like you didnt get an alrt and that the only way you did find out BOClean did find the trojan was because you looked in the BOClean log.

Or do you have "permanently hide traybar icon and alerts" on


	Logged

"It is better not to speak and be thought a fool, then to open your mouth and remove all doubt." - Mark Twain
"I Reject your reality and substitute my own" - Adam Savage

mike6688

Global Moderator
Comodo's Hero

Offline

Posts: 2058

Re: Comodo BOClean Saved my day, even though I had an AV installed!!

« Reply #6 on: April 27, 2007, 07:13:49 PM »

Quote from: oOeagleOo on April 27, 2007, 07:11:38 PM

Hi,

There is an option in Boclean for 'unattended cleanup and removal'. With this enabled BOClean will noy display alerts. If this is not enabled, you will be given an alert and an option for what you want to do.

Mike


	Logged

C.O.M.O.D.O: CIS | VE | TrustConnect | CSC | Online Backup (Beta)
XP SP3 32bit | 2.16GHz | 2GB Ram

Lasse88

Usability Study Member
Comodo's Hero

Offline

Posts: 275

My Security Software: CIS + SAS Pro

Re: Comodo BOClean Saved my day, even though I had an AV installed!!

« Reply #7 on: April 27, 2007, 07:29:06 PM »

Quote from: mike6688 on April 27, 2007, 07:13:49 PM


	Logged

"It is better not to speak and be thought a fool, then to open your mouth and remove all doubt." - Mark Twain
"I Reject your reality and substitute my own" - Adam Savage

Rednose

Malware Research Group
Comodo's Hero

Offline

Posts: 1678

Ganda's wet dream ...

Re: Comodo BOClean Saved my day, even though I had an AV installed!!

« Reply #8 on: April 27, 2007, 07:52:43 PM »

Now I am confused Undecided

When you guys talk about the BOClean log, do you talk about the report you get when clicking " Examine report ", or about something else Huh

Greetz, Red.


	Logged

Malware Fighter !

Lasse88

Usability Study Member
Comodo's Hero

Offline

Posts: 275

My Security Software: CIS + SAS Pro

Re: Comodo BOClean Saved my day, even though I had an AV installed!!

« Reply #9 on: April 27, 2007, 07:55:07 PM »

Quote from: Rednose on April 27, 2007, 07:52:43 PM

Now I am confused Undecided

When you guys talk about the BOClean log, do you talk about the report you get when clicking " Examine report ", or about something else Huh

Greetz, Red.

I am talking about the "Examine report" because i think thats the one he is talking about Nerd


	Logged

"It is better not to speak and be thought a fool, then to open your mouth and remove all doubt." - Mark Twain
"I Reject your reality and substitute my own" - Adam Savage

Rednose

Malware Research Group
Comodo's Hero

Offline

Posts: 1678

Ganda's wet dream ...

Re: Comodo BOClean Saved my day, even though I had an AV installed!!

« Reply #10 on: April 27, 2007, 08:07:54 PM »

Yeah, that is what I thought too

Greetz, Red.


	Logged

Malware Fighter !

mike6688

Global Moderator
Comodo's Hero

Offline

Posts: 2058

Re: Comodo BOClean Saved my day, even though I had an AV installed!!

« Reply #11 on: April 28, 2007, 12:02:22 PM »

Quote from: oOeagleOo on April 27, 2007, 07:29:06 PM

No problem. Wink


	Logged

C.O.M.O.D.O: CIS | VE | TrustConnect | CSC | Online Backup (Beta)
XP SP3 32bit | 2.16GHz | 2GB Ram

weaselthatbites

Newbie

Offline

Posts: 18

Re: Comodo BOClean Saved my day, even though I had an AV installed!!

« Reply #12 on: April 28, 2007, 02:44:24 PM »

Just downloaded the easy cash program from download.com...and it came out totally clean. Not only that...but there is no such file on my hard drive as described on my hard drive after installlation.

So where the heck did you get it from...lol. Either that or I downloaded the wrong program...


	Logged

~cat~

Global Moderator
Comodo's Hero

Offline

Posts: 969

CBO "...there is nothing better."

Re: Comodo BOClean Saved my day, even though I had an AV installed!!

« Reply #13 on: April 28, 2007, 05:31:12 PM »

This one?
Easy Cash Manager 3.0.1
http://www.download.com/Easy-Cash-Manager/3000-2057_4-10642669.html


	Logged

Parched dry and thirsty, knee deep in the river of life.

innerpeace

Comodo Family Member

Offline

Posts: 55

Re: Comodo BOClean Saved my day, even though I had an AV installed!!

« Reply #14 on: April 28, 2007, 11:17:04 PM »

I saw that program too. It has a bunch of downloads. The OP also mentioned a program called BestCash in another post. I think there is a little confusion with the name.

http://forums.comodo.com/index.php/topic,8348.msg60676.html#msg60676
I was going to download it an submit it to Jotti or VirusTotal to see if they found anything. Maybe the OP can do that and let us know what the filename is and the results.

Download dot com is not the best place to find software. Softpedia and MajorGeeks are much better and safer. Wink


	Logged

Tags:

Pages: [1] 2 3

« previous next »

Jump to:

SSL Certificate

Free Virus Removal

Firewall

Page created in 0.052 seconds with 17 queries.

Design by 7dana.com