BOClean will consistently crash when I run the trojan simulator test from http://www.misec.net/trojansimulator
I would be in trouble if the trojan was real.
Hi Sammo,
There is something wrong!!!
I just made the test without a crash.
Best regards,
Richard
Same here.
[attachment deleted by admin]
BOClean will delete the file but crashes after. I also am running Avast which will kill the test file before BOClean can even get to it. I ran the test after disabling Avast and BOClean still crashes.
All I can say is, it doesn’t crash here after deleting the file…
Same here - stopped the unzipping of the download with a warning about the trojan. Don’t know if it was related, but couldn’t refresh web pages until cutting connection and then reconnecting.
Peter.
Sammo, if you can still run that test after disabling Avast, you don’t know how to configure Avast and your webbrowser in the first place.
Greetz, Red.
You got to be kidding, right? I’ve been a computer professional for over 20 years.
Cheers, Sammo.
tried test with no problem. boclean caught it in a heartbeat. frank.
NOD32 stopped the download page from even loading (J)
no problems after running the test
i ran the “trojansimulater” and BOC crashed on my computer, too…
i am running BOC 4.22 and that is the first time that i have ever seen BOC crash… i have run the “trojansimulator” in the past, with various versions of BOC, without its ever crashing, before…
i have been seeing a “lot” of “crashes” on my computer, lately, and i think that they are all related, caused by some recent microsoft “patch”/“update”, or else, possibly, by the newly updated “antivir” antivirus program…
i just ran the “trojansimulator” a second time and, this time, BOC flagged it and deleted the file without crashing…
i think that these crashes that i have been seeing are being caused by one of the recent microsoft “patches”/“updates”…
i ran the trojansimulator again, for a third time, and BOC nailed it, again, without any problems…
then i closed BOC and ran the “trojansimulator”, so that it had a chance to fully run, where it had the opportunity to start “tsserv.exe”, then i started BOC and BOC nailed it, again, without any problems…
i am running “system safety monitor” and i think that had something to do with the problem where BOC crashed when i ran the “trojansimulator” the first time… “comodo firewall” may likewise play a part, if you use the comodo firewall…
i noticed that the first time that i ran the “trojansimulator” it did not run the same way as it did the second time… the first time, i got alerts from my registry-protector, when the trojansimulator was starting its “service”, but i did not see that the second time (BOC nailed it, first)… also, i noticed that, the first time, BOC removed the “tsserv.exe” file while, the second time, it removed the “trojansimulator.exe” file…
anyway, i am not having any problems, now, with BOC…
here is the BOC log… notice that, the first time, BOC nailed “tsserv.exe”, but, the second and third times, it nailed “trojansimulator.exe”-before “tsserv.exe” ever had a chance to run… (BOC nailed “tsserv.exe” when i ran the “trojansimulator”, the forth time, because i had allowed the “trojansimulator” to fully run ie to start “tsserv.exe”, while BOC was closed, and then started “BOC”):
05/07/2007 14:37:16: TROJANSIM MALWARE VARIANT STOPPED!
Trojan horse was found in memory.
C:\DOCUMENTS AND SETTINGS\TOM\MY DOCUMENTS\MY DOWNLOADS\TROJANSIMULATOR\TSSERV.EXE contained the trojan.
Active trojan horse WAS shut down. System safe.
Logged in user: xxx
05/07/2007 14:50:02: TROJSIM DROPPER MALWARE STOPPED by BOCLEAN!
Trojan horse was found in memory.
C:\DOCUMENTS AND SETTINGS\TOM\MY DOCUMENTS\MY DOWNLOADS\TROJANSIMULATOR\TROJANSIMULATOR.EXE contained the trojan.
Active trojan horse WAS shut down. System now safe.
Logged in user: xxx
05/07/2007 14:59:26: TROJSIM DROPPER MALWARE STOPPED by BOCLEAN!
Trojan horse was found in memory.
C:\DOCUMENTS AND SETTINGS\TOM\MY DOCUMENTS\MY DOWNLOADS\TROJANSIMULATOR\TROJANSIMULATOR.EXE contained the trojan.
Active trojan horse WAS shut down. System now safe.
Logged in user: xxx
05/07/2007 15:03:42: TROJANSIM MALWARE VARIANT STOPPED!
Trojan horse was found in memory.
C:\DOCUMENTS AND SETTINGS\TOM\MY DOCUMENTS\MY DOWNLOADS\TROJANSIMULATOR\TSSERV.EXE contained the trojan.
Active trojan horse WAS shut down. System safe.
Logged in user: xxx
My BOClean or computer did not crash during the test. McAfee stopped the zip first.
Ah good ol’ NOD stopped me from downloading it!
Yup, so it did here as well. Of course that also defeats the purpose of this thread: testing how BOClean deals with it…
In order to do that you first have to disable AMON, then click the link and once IMON cries fowl, permit it to download the file.
Avast! 4.7 home edition also detected this trojon and stopped it from downloading i think this is the best free antivirus and far better than comodo
After reading the threads here, i decided to give this trojan test a go…
running windows Vista…and BOClean nailed it straight away no crashes whatsoever, Works like a dream for me not even a hic up and no sign of HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run. “TrojanSimulator”
Thanks for the link guys at least it makes me feel more secure knowing BOClean is installed on my PC giving me added protection…
:Beer
oooops Forgot to say i disabled Avast to see how BOClean behaved as i wasn’t testing Avast’s capabilities
(B)
Maybe you didnt install it rigth.
did you disable all your security programs when you installed BOClean?