I will spread, but before...

Hi over there from Spain!
I really like your products and I’m testing them @ home to be sure they are what they’re suposed to be (for now 10 over 10)

I wanna promote and spread your work but in Spain the language is a problem, if the product is not in spanish forget to be here :frowning:

So if i can help with a translation be sure I will do my best and also promote your security software from my web (noslan.com)

Bests regardes and continue your excellent job!


soon we will have the tools to help us translate…


can I help?

we would love you to.


Tell me how and be sure I will

soon we will release the Multi Language tool, as soon as its ready you can use that tool to translate.

woops, sorry I didn’t get it, ok so if you want/need/think that I can do it I will, I really like your work.
I’ll wait for that tool (R)

how can I notice the launch of that tool? newsletter or so?

ok, I began to spread the word cos yesterday COMODO firewall saved my laptop from an infection that:
Mcafee ASAP didn’t

Please tell us how to translate it cos this product really rocks!

In spanish, but here you are:

Thank you for that Noslan!

This is a great example of how ineffective the current AV products are against day zero attacks! They simply can’t catch what they don’t know and they don’t know a lot!!!

Here is an article I wrote about Detection vs Prevention


Thank all you, Comodo is passing all tests :wink:

Is there any new to translate it to spanish?


Umesh had put a post up for Multi Language Conversion tool somewhere.
we should have it shortly though

In that Virustotal’s scan you linked to, every one of the AV tools you mention in your post, and quite a few more, correctly recognize the malware. My guess is that the problem is somewhere between outdated signature bases and not-too-PC-literate users. Lucky you to recognize suspicious behaviour (btw why in that Comodo’s screenshot the file is declared ‘safe’?)

was it detected the date when noslan reported it?

Hi there!

Well, let’s explain it

Part of my work is related with Virus, I have my own computer shop and a workshop where I fix the computer problems……
Most of this problems are related with virus and spyware, in the last 7 years I don’t know how many of them I’ve killed : ) In all this time I don’t know how many A/V Solutions I’ve test…. Toooons of them, be sure….
Panda, Norton, Mcafee, Kaspersky, Nod, blablablabla, and my final conclusion is that to be the best is not only to have the best definition files in the world or to have an impressive heuristic algorithm or the most impressive GUI, not, the best is simply protect the system which seems Comodo is doing : )

In the case I mentioned before, yes 3 of the 4 computers were from my customers, but McAfee Asap in my computer and it was up to date and any of them said nothing. When comodo said me something about a file in my pendrive I didn’t care if the file was or not safe, I know my pendrive and what it must do when I plug it in a computer with this little advisory Comodo saved my laptop and also me to be spied by someone in the world, while Asap, Nod, and Kaspersky didn’t.
PD; The worm is not new, it appeared in summer 2007 (more or less) and yes the website results shows us that the A/V catch this worm, but locally they didn’t.

The link in that noslan’s blog post leads to virustotal’s results at the time of submitting the sample. I’m pretty sure virustotal doesn’t store files for constant re-checking after virus databases update. I also understand that noslan checked the sample immediately after catching it with CFP’s help, which was only a couple days ago at any rate (those results say file received Feb 19th now that I checked that). This was the reasoning behind my saying that at the 4 customer PCs, the AV solutions installed weren’t used to their full potential. Also, the story is from this month, and the worm dates back over half a year…

Noslan, I can’t agree more that an AV solution alone is insufficient protection these days. It’s encouraging to know that one can use CFP to avoid a worm in the system. However, the way you succesfully used CFP required a certain level of knowledge on your part, which a lot of people out there still lack. Calling malware ‘safe executable’ can only confuse people, and frankly that screenshot belongs with the bug reporting forum.

Now for McAfee on YOUR system saying nothing, I’d want to recheck my AV settings if I had such a case :stuck_out_tongue: Is real-time scanning running, when are files scanned (access, execution,…), are there any exceptions. A big Q is whether on-demand scanner picks that knight.exe up. If all is well, it’s probably down to WinAPI level, where I’d guess CFP was just the first along the chain to catch that execution attempt (btw did you have CFP popup saying some process wanted to execute knight.exe in the first place, as in your screenshot it appears already running?).

EDIT: already running, huh? what was that mcafeeasap thinking indeed?..

Well let’s go:

McAfee Asap is my workshop laptop not in my personal laptop, Asap works as resident, doesn’t have so many options it means that it works as real time scanning not on demmand (it can scan also on demand but it’s config is in real time).

My pendrive was configurated with an autorun.inf exacuting an exe file (my knowledge about it was the name of this exe file) the autorun.inf was read protected and knight.exe deleted it and put it’s own and also copied itself from the infected computer to my pendrive all this wit one of the mentioned A/V solutions installed (i don’t know wich cos now all of them are infected (and cleaned))

The “safe” and “already running” messages appear cos the screen capture was taken the second time I plugged the pendrive, in the first momment I didn’t thin to blog it :P.

So again, I really don’t wanna enter in a deep technic discussion let’s say that I want somethink that, at least, advises me when something happends and, for now only Comodo did it and stills doing (R)

Whatabout BitDefender 2008 ,it has the best proactive defence in the antivirus world.Have you tryed BD 2008 also?im very curious.
Have you tried also Trend Micro?
As for NOD 32 is just a joke.
Few days ago KAV 7 was eaten by a trojan.

it could have been a new packed variance of the malware. So there are many reasons why AVs couldn’t have detected it.


Oh I see…Mabe you didnt have the correct settings on, because one of them should have detected it.