BOClean 4.25 doesn't react to eicar [Resolved]

When I first installed v. 4.23, I tested the installation with eicar and it responded correctly. This is the first time I’ve tested v. 4.25, and it failed. I tried uninstalling and re-installing with no joy. The report file and excluder are empty. The only other real-time security is Avast Home and SAS Pro which were disabled at the time, and of course CFP 2.4.18.184 which was running. I checked the Covered Malware list and 13807. EICAR is there.

Is there anything else I can try? (V)

You can try Trojan Simulator

Thank you cat, Trojan Simulator was properly detected and stopped by BOClean.
Still, it is odd that v. 4.23 recognized eicar, but v. 4.25 does not even though it is in the database. ???

(V)

Apart from antivirus programmes I have only found one anti spyware programme to detect eicar & that’s Windows Defender

That’s fine, but why is eicar listed in the BOClean database (aka Covered Malware list) if it is not detected? I also noticed a second eicar listing in the database: 13808. EICAR. Of course, my next question is: What else is listed in the database, but not detected? I did read Red’s post late last night before it was deleted by ???, and he suggested that maybe eicar wasn’t detected because it never actually runs. OK, that’s logical and consistent with the way BOClean operates. But, it raises the very same question (see line 1 of this message).

I originally thought I just had a bad installation, or program conflict, but now I’m not so sure. What’s going on? Did I open a can of worms? Where are Melih and Kevin when I need them?

I’m sorry to sound so doubtful, as Comodo has always been right-on in the past (afaik). I would just like an explanation.

:THNK

i have never known BOC to flag the eicar.com test file… i wouldn’t worry about BOC’s not flagging it…

you can test BOC with either the trojansimulator or with GRC’s “leaktest”…

Kevin added the Eicar file, I think, ages ago at some users request. If you drag the eicar ms dos file into BOClean pop up (after right clicking on the tray icon) it will detect it. I seem to remember someone saying this feature used to be used to test the program during development. Cant find the post at the moment.

As Redwolfe_98 says, not detecting Eicar is nothing to worry about. BOClean detects malware as it tries to do something and the Eicar file was really designed to check if virus scanners work - BOC works completely differently so Eicar test is not applicable here.

:SMLR

Huh?
Someone deleted something?

Further info from Kevin regarding Eicar:

https://forums.comodo.com/comodo_boclean_antimalware/eicar_detected_only_by_dragging_into_boclean-t10656.0.html;msg76859#msg76859

:SMLR

Good find N.T.T.W.!

Yes cat, Red’s original lengthier post was before Sharky’s. Somehow it disappeared overnight.

Thank you very much N.T.T.W. That’s exactly what I needed! (:CLP)

hey jahn… i felt like i said too much, talking about other antimalware programs and my experieces in testing them, so i deleted the post…

the main point was, like NWWT said, BOC does not function the same way that av programs do and so the “eicar.com” test file isn’t good for being used to test BOC, and so that is why BOC doesn’t flag it… BOC monitors memory while av programs monitor the disk…

No problem, Red. Thanks for fessing up though, as it was very late when I saw it and I was dog tired. I was starting to wonder if I really did see it, or was dreaming! LOL ;D

Thanks to all who replied - all is well again.

(V)

Looks like Jahn has marked this as resolved so I’ll lock it up.
Thanks out to all for their help!