Bo Clean 4.25 False Positive?

Discussion in 'other anti-trojan software' started by jimboo21, May 22, 2008.

Thread Status:
Not open for further replies.
  1. jimboo21

    jimboo21 Registered Member

    Joined:
    May 22, 2008
    Posts:
    3
    I wanted to install this program, but Bo Clean warned me of a "Trojan Horse".

    I assume this is a legitimate program, so I'm wondering if this may be a false positive. And I know that 4.26 is available but I do not want to update at this moment.

    This is the website, and I downloaded the .EXE file (the first link). It downloaded, but when I clicked the icon to install, Bo Clean jumped in. Could anybody confirm on whether this in fact is a trojan?

    ([noparse]http://www.docs.kr/entry/Download-Shock-4Way3D-en[/noparse])
     
  2. tansu

    tansu Registered Member

    Joined:
    Sep 13, 2005
    Posts:
    210
    Also eSafe and Prevx1 marked this program as malicious.
     
  3. jimboo21

    jimboo21 Registered Member

    Joined:
    May 22, 2008
    Posts:
    3
    yea I also scanned it with virus total and got the same results.
    hmm.. oh well. I guess I'm not going to be installing this program, ... even if it is a false positive.
     
  4. controler

    controler Guest

    Could be a FP. Should be submitted to Comodo anyways.

    ------------------------------
    05/22/2008 14:43:19: IFSKEYLOG17 MALWARE STOPPED by BOCLEAN!
    Trojan horse was found in memory.
    C:\WINDOWS\IFINST27.EXE contained the trojan.
    Active trojan horse WAS shut down. System now safe.

    I also installed it fine on Windows 2008 Server VM snapshot with no other security software
     
  5. jimboo21

    jimboo21 Registered Member

    Joined:
    May 22, 2008
    Posts:
    3
    Yea I actually do think it's a false positive because I have seen several people show off this program on Youtube.

    How can Comodo be notified of this problem? Don't people from Comodo check out this forum?
     
  6. thanatos_theos

    thanatos_theos Registered Member

    Joined:
    Apr 28, 2007
    Posts:
    540
    jimboo21, welcome to Wilders. You can send the file to this address. Tell them that you suspect it's a false alarm.

    thanatos
     
Thread Status:
Not open for further replies.