Is BOC no effective?

Discontinued Products Comodo BOClean Anti-Malware
1

Where’s BOC’s an effectiveness of detecting threats?

"BOClean watches memory, registry, and the file system waiting for malware to load up and then shuts it down before they have a chance to operate” → is not true, not this time (:SAD)

BOC didn’t detect a trojan which modified my system registry and when it has accessed in memory.


http://img158.imageshack.us/img158/1926/118vg6.th.jpg

Comodo AV also didn’t detect it. I sent the trojan to Comodo Lab yesterday and also an information about it here → https://forums.comodo.com/false_positivenegative_reporting_is_this_a_malware_that_cis_hasnot_detected/malwares_not_detected-t28680.0.html;msg236104#msg236104, but still they (AV and BOC) can’t be done with it. Comodo slow react to new threats in my opinion.

Of course I deliberately installed that malware and i hadn’t any problems with it… I’ve tested BOC to another trojans and it hasn’t had a good effectiveness.

2

Hey,

  1. that’s a rogue, not a trojan
  2. You need the signatures before you can detect it, how old was that rogue ?

Xan

3
  1. that’s a trojan downloader; the avira’s name of that is TR/Crypt.XPACK.Gen
  2. how old was that rogue ? The rouge was active yesterday on this webpage http://scan.antispyware-scaneer-2009.com/241/3/?sp=1146 That url is block now.

i don’t know how old is the trojan. Avira detected it → 2007-03-01 but i’ve not a certainty.
I checked the detected date here → http://www.viruspool.net/virus.cms
http://img88.imageshack.us/img88/7039/119tl0.th.jpg

Where should i check that?

http://www.virustotal.com/pl/analisis/d3a89db68ce056b631d97670aa9da47c
http://www.threatexpert.com/report.aspx?md5=427be4efb94b8f094a118bb1159306a0
http://camas.comodo.com/cgi-bin/submit?file=0a9a3eee46c62204c965c8e37a793fd558877867e17a74e82be64272b654584e

do you want i send that rogue by your e-mail?

4

It may be a trojan downloader that was also a rogue.

Could you PM it to me?

5

I sent it to you.

6

Please send it to me also, I will forward it to the developers.

Thanks

Xan

7

OK, i sent it to you too.

PS Sorry guys for my bad english :wink:

8

This was my firts thought as well. I tested Comodo earlier with antispyware 2009 and Defense + blocked it

9

Hey, guys!

Thanks for nice words. :■■■■

But, seeing the first image I can see that Defense+ managed to intercept it. Did you try to block that rogue with Defense+ and see if it could still bypass it?

I agree with you guys Defense+ is great. I had no problems with terminated and blocked that rogue. I tested D+ of course. I used ‘Treat this application as: Isolated application’ and ‘Remember my answer’. Also i used "Active Prosess List’ to kill it and always D+ managed to intercept it.


http://img140.imageshack.us/img140/5131/121ic5.th.jpg


http://img388.imageshack.us/img388/2506/110ob3.th.jpg