I have heard alot about this program so I just want to know.
BTW
Is this program Anti-Malware or Anti-Trojan or both?

and the last question
what do you think about this Security Suite:
NOD32 , BOClean , AVG Anti-Spyware (Paid) , WindowsXP Pro SP2 Firewall.
( for gaming & internet machine )

thats like the ultimate setup for a gaming machine!
have you got a hardware nat router?
lodore

-{ Quote: "thats like the ultimate setup for a gaming machine!
have you got a hardware nat router?
lodore" }-
Nope, 1 Comp 1 Internet connection 1 firewall.

its still worth investing in getting a firewalled router if you only using windows firewall aka one way firewall.
ive only got one pc but i fell alot better protected with my router there.
lodore

As far as I'm concerned BOClean is an Excellent program and I know many other users think the same!

I even Recommend it to family and friends!

HTH,

TH ;D

two things I couldn't do without, Boclean and as @lodore says a firewalled router, both essential for venturing into the big wide world _ IMHO

I wouldn't be without BOClean either.
It's light on resource usage and support is top-notch.

Those apps you have listed are perfect for gaming.
I've never tried BOClean myself (no trial around) so I can't say much about that one, but the rest is for the secure gamer.

BOClean saved me a few times, I especially like to install alot of programs I know nothing about, BOClean stops bad stuff before you get into trouble.

There will be NO Pc/Laptop of me without BoClean :thumb:

-{ Quote: "There will be NO Pc/Laptop of me without BoClean :thumb:" }-

Same here!

Haven't used BOclean before but i've heard great things about it. I don't believe you would need both boclean and avg as running at the same time. If thats the free avg as then that would be great for on demand, but nod32 + boclean and xp firewall would be excellent for a gaming machine. On my gaming machine all i use is avg pro, gss and windows firewall.

-{ Quote: "I wouldn't be without BOClean either.
It's light on resource usage and support is top-notch." }-Could not have said it better myself. Exactly. :thumb: :thumb:

Also lodore has given good advice as well get a hardware firewall between you and the outside world. ;) Might as well make it a NAT Router so you will be ready for future expansion. :)

As for what it protects against just check one of the update notices found right here at the Wilders ;)
http://www.wilderssecurity.com/showthread.php?t=161975

-{ Quote: "boclean:antimalware" }-
boclean is a nice, light program with excellent backing against malware (http://www.nsclean.com/trolist.html).
I like how boclean achieves what it does, stable, without argument.

Is this program Anti-Malware or Anti-Trojan or both

-{ Quote: "Is this program Anti-Malware or Anti-Trojan or both" }-
boclean (http://www.nsclean.com/boclean.html)
-{ Quote: "Internet trojan horse programs, spyware, keyloggers, rootkits, pseudorootkits, hijackers, adware, annoyware, email relays, spam proxies, spam relays, scam downloads and email/spam robots ("bots") are perhaps the greatest security threat to individuals and institutional networks in existence. By installing malware (short for MALicious softWARE) on a machine, computer crackers can go anywhere, see and do anything they want with your computer, including..." }-

I have been using Bo Clean for five year's or more and have to say that is the only program that never leaves my computer. I do have to say i have never seem it in action but i like it that way.

And another happy user here of BOClean :)
In no way I want to run a (Windows-) computer without it.
It is one of my most important programs.
In case friends or family ask me to do "some" maintenance on their computer, there is one "conditio sine qua non" : they have to run BOClean!

PS: yes, I have some other AT's too.

Nice light, stable program, you won't even know it's there and support is second to none.The bonus , one license enables you to install on up to 5 PC.

One final point I would make. You did ask about it's effectiveness. I would add that some new user may wonder is it working how do I know? The program is such a "silent running" app. one might wonder if it is working.

Just stare at the little icon in your system tray from time to time for about 10 seconds if it flashes green or blue it's on the job. Also when logging in and rebooting you will get a longer scan (couple of minutes). It should not slow you down much if at all on boot up. After so many years of useage I assume to much and say wait a minute if I were a new user I would wonder about these things. Hope that helps. ;)

Finally this is only a precaution open it up every now and then and check to make sure you are getting your updates, however unless they are being blocked the updating is reliable. :thumb:

I can add that their support is great!
But i must admit that it hasn't found anything on my computer. O yes, once, when i tried to install AOL Instant Messenger. AOL tried to install some spyware said BoClean. Still, i like the idea of an extra layer of protection, so BoClean stays on my machine.

Had trialled BOClean 4.11 when my lack of knowledge kept me from understanding just what a fine program it was. Became more of a pain to this at the time "noobie" so I un-installed it. It became lost in the maze of other collected\installed\dumped programs most of us have. A couple years later I became aware of the program again and several upgrades it had gone through. Contacted PSC. Their response was prompt and positive. I received the newest vers. as of that date. A couple PCs` and multiple formats later it got lost in the shuffle again. Fast forward to today. I contacted them with all the necessary info. and with in the hour of having sent my request as to obtaining 4.22 I again was very pleased to receive the needed links for the latest ver. Although I would have totally understood if a new purchase would have been required. :thumb: :thumb: To PSC for a fine product and outstanding support. This time it will not get lost in the shuffle.

Good support but honestly it hasn't done anything but give me 5 FPs in the last couple years which were quickly fixed.

Necessary? No. These days AVs are targeting malware outside of viruses so the need and usefulness of BOClean is much lower than it used to be.

The BOClean team provides excellent and fast support and service !!!
For myself: no computer without BOClean!

-{ Quote: "I don't believe you would need both boclean and avg as running at the same time. " }-

Far from the truth You SHOULD run BoClean with any AV. It catches stuff the AV doesn't. Why because it catches stuff run in mem that AV mem scanners don't. In other words it catches packed stuff when it goes to run in mem.
Don't cut Kevin shot as far as advanced knowledge when it comes to maleware. BoClean is not only a trojan tool but an over all malewar tool also, including rootkits.
If you are going to spend your money on an app, you can not go wrong with BoClean. One of the few programs I ever bought.


controler

-{ Quote: "-{ Quote: "I don't believe you would need both boclean and avg as running at the same time." }-
Far from the truth You SHOULD run BoClean with any AV. It catches stuff the AV doesn't. Why because it catches stuff run in mem that AV mem scanners don't. In other words it catches packed stuff when it goes to run in mem." }-

Hi controler,

I believe you missed the "as" after avg in farmerlee's post. I suppose that running BOTH BOclean AND AVG "Anti-Spyware" resident is open for debate....

-{ Quote: "Don't cut Kevin shot as far as advanced knowledge when it comes to maleware. BoClean is not only a trojan tool but an over all malewar tool also, including rootkits.
If you are going to spend your money on an app, you can not go wrong with BoClean. One of the few programs I ever bought." }-

as for this, though, you make a good point :thumb:

Controller - you are correct.
From personal correspondence with the BoClean folks:
"Your antivirus gets the things we don't, and we get the things your AV doesn't. Spambots are one recently widely seen example. They tend to get past the AV, and BOClean nails them. For optimal protection you need both. BOClean is designed to work with an AV, not against it."

-{ Quote: "Controller - you are correct.
From personal correspondence with the BoClean folks:
"Your antivirus gets the things we don't, and we get the things your AV doesn't. Spambots are one recently widely seen example. They tend to get past the AV, and BOClean nails them. For optimal protection you need both. BOClean is designed to work with an AV, not against it."" }-

dholiday,

you need to RE-READ farmerlee's quote!

-{ Quote: "Haven't used BOclean before but i've heard great things about it. I don't believe you would need both boclean and avg as running at the same time. If thats the free avg as then that would be great for on demand, but nod32 + boclean and xp firewall would be excellent for a gaming machine. On my gaming machine all i use is avg pro, gss and windows firewall." }-

He is NOT referring to AVG "ANTI-VIRUS"....he's referring to the ANTI-SPYWARE!

I'm sure that controler will own up to this slight oversite and mistake as soon as he reads it.....but dholiday, you just tried to reinforce controler's mistake here....::)

I actually bypassed BoClean a year ago in favour of Ewido when looking for a real time monitor of malware, because I didn't really understand the differences and BoClean can come across as complicated to the not-so-great computer user (comme moi :P ). Following the takeover of Ewido by AVG, I felt obliged to look at BoClean again, in particular reading up on some of the excellent explanatory posts made by the McAleaveys in forums. Now I'm a confirmed BoClean user (and dumped Ewido) and wonder why I overlooked it in the first place; and the Support is top notch.

Didn't read "avg as" as referring to AVG-AS.

-{ Quote: "Didn't read "avg as" as referring to AVG-AS." }-

I never noticed that either since some post English the best they can when their first language is something else. I guess when referring to a product we need to capitalize the abbreviation LOL
I thought the poster meant AVG Antivirus also.


controler

Bo Clean should drop their price to $19.99. I would bet to wager they would see a huge jump in sales at a time when other products are starting to add features and/or protection that Bo Clean offers.

-{ Quote: "Bo Clean should drop their price to $19.99. I would bet to wager they would see a huge jump in sales at a time when other products are starting to add features and/or protection that Bo Clean offers." }-


The price has dropped considerably from the 4.11 days when I first discovered\bought it. I still have the receipt somewhere. Believe I paid $49.00 U.S.D. :o Must add though that they have been more then fair with their upgrade policy as they have provided the newest versions without hesitation when provided with the original purchase order number. :thumb:

-{ Quote: "Bo Clean should drop their price to $19.99. I would bet to wager they would see a huge jump in sales at a time when other products are starting to add features and/or protection that Bo Clean offers." }-
That would be an extremely stupid move on their part, mostly because the anti-trojan market is very small...and most vendors will not be there in 2 years & thrieving............they should instead introduce a yearly fee to survive, i know not what we want to hear, but do we want to keep an effective program or just a cheap, but not very efficient AT, all AT's are being beaten on response times etc by the bigger AV's, it's not like 2-3 years ago when some AV's arrogantly stated "X AV is not an anti-trojan" when asked why they didn't cover a particular trojan, so to keep their customers they need analysts/programmers to keep a high detectionrate and they are not cheap at all.

-{ Quote: "That would be an extremely stupid move on their part, mostly because the anti-trojan market is very small...and most vendors will not be there in 2 years & thrieving............they should instead introduce a yearly fee to survive, i know not what we want to hear, but do we want to keep an effective program or just a cheap, but not very efficient AT, all AT's are being beaten on response times etc by the bigger AV's, it's not like 2-3 years ago when some AV's arrogantly stated "X AV is not an anti-trojan" when asked why they didn't cover a particular trojan, so to keep their customers they need analysts/programmers to keep a high detectionrate and they are not cheap at all." }-

Bingo, I would gladly pay a yearly fee to keep BoClean a top notch AT.

-{ Quote: "That would be an extremely stupid move on their part, mostly because the anti-trojan market is very small...and most vendors will not be there in 2 years & thrieving............they should instead introduce a yearly fee to survive, i know not what we want to hear, but do we want to keep an effective program or just a cheap, but not very efficient AT, all AT's are being beaten on response times etc by the bigger AV's, it's not like 2-3 years ago when some AV's arrogantly stated "X AV is not an anti-trojan" when asked why they didn't cover a particular trojan, so to keep their customers they need analysts/programmers to keep a high detectionrate and they are not cheap at all." }-
As always Don, you are correct. I didnt think about it that way. But it is true. Thank you my friend.

-{ Quote: "all AT's are being beaten on response times etc by the bigger AV's" }-

Absolutely WRONG, please do not speculate, do you have test results ? brand new malware tested constantly against every AV and AT's - the topic one BOClean as well as TH, to see when it got detected ?

We fill a gap, personally I LOOK for a) new stuff and b) undetected stuff. I WILL grant you that there are BIG malware items which we do leave to the AV's.

I beat them daily not just one AV and not just one trojan. I cannot waste valuable analysis time trying to post proof of scan results etc, when I feel I do not have to prove it. Anyone with the time is free to gather brand new samples and test them daily against every scanner for up to 30 days.

An example would be the very useful MIRT list from CastleCops, sometimes within minutes of coming in we have detection added for LiveUpdate. Lots of ordinary users also send in files. Often at least the day it comes in.. still undetected to many AV ?

NO program detects everything. A good amount of the TH database is undetected by many top AV programs. On a side note, I recommend NOD32, KAV, and have a newfound respect for BitDefender ;)

Please see the attached image for a 'new' submission.

I first received a couple of these about 6 months ago. 6 months of non detection for at least KAV seen in the image, 6 months protection for TH users from a little key stealer

VB dropper. It drops a legit program, plus the 2nd EXE.

Seen here are many things.

In hex, top right, see the VB dropper clearly being a dropper.. no detection on this or similar files sent to many AV that long ago, it may have simply been overlooked ! highlighted are some OLD AV / AS programs.. shows how much this attacker has to bother updating his KILL list.. all he has done is recompiled this VB file to be different. Less than a minute work and more infections..

KAV incidentally detected EXE-File attached to the dropper, scanned it, said PE-PATCH.UPX, yet didn't alarm a bit !

Here's the bodged UPX file, both in an editor at the OEP, and up pops THGuard detecting it once unpacked - it was that long ago I added this detection it isn't funny ! Think its maybe a FP ? look at the other hex viewer..

Note also the dropped MSI filename and hence this droppers EXE is clearly in view for all to see. Helpers will recognise this filename as something they have had to submit.

Hi Gavin,
Good to see you back, what's happened with DCS and Processgaurd, no one from there will talk to us, can you throw any light on the situation.

Sorry I do not know, I do not work for DiamondCS. I'm sure something will shed some light for you sooner or later :) I hope this screenshot is a little enlightenment

Another point to remember is that anti detection work goes towards AV moreso, especially with the professional attackers. They know what the popular AV's are. A file I once analysed included "kisses to McAfee" and "kisses to TrojanHunter" in plaintext.. but this was some time ago. I'd guess the most checked for detection by attackers (and then modified) are AVG and Norton, but that would take a massive study in itself to determine..

No I know you don't work there now, but you did and I see your still in Perth so I thought you might have heard something on the grapevine

1) the VB dropper.. granted that it will have changed a lot in some ways, its still the same dropper. Badly detected overall my scan didn't finish but hey:

Service is stopped in this moments. Scanning of your sample has not been finalized and results has been lost. If you wish to scan it, please send it again.

Antivirus Version Update Result
AntiVir 7.3.1.34 02.02.2007 TR/Agent.YC.1
Authentium 4.93.8 02.01.2007 no virus found
Avast 4.7.936.0 02.01.2007 no virus found
AVG 386 02.01.2007 no virus found
BitDefender 7.2 02.02.2007 no virus found
CAT-QuickHeal 9.00 02.01.2007 no virus found
ClamAV devel-20060426 02.02.2007 no virus found
DrWeb 4.33 02.02.2007 Trojan.FWB
eSafe 7.0.14.0 02.01.2007 no virus found
eTrust-InoculateIT 30.4.3364 02.02.2007 no virus found
eTrust-Vet 30.4.3364 02.02.2007 no virus found
Ewido 4.0 02.01.2007 no virus found
Fortinet 2.85.0.0 02.02.2007 no virus found
F-Prot 4.2.1.29 02.01.2007 no virus found
Ikarus T3.1.0.31 02.02.2007 no virus found
Kaspersky 4.0.2.24 02.02.2007 no virus found
McAfee 4954 02.01.2007 no virus found
Microsoft 1.2101 02.02.2007 no virus found
NOD32v2 2029 02.02.2007 no virus found
Norman 5.80.02 02.02.2007 no virus found
Panda 9.0.0.4 02.02.2007 no virus found

2) the actual problem, the dropped trojan ! better detection, but months later and no detection by many. Not a zoo sample this is well and truly in use out there.

Complete scanning result of "drop2.exe", received in VirusTotal at 02.02.2007, 10:36:01 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.34 02.02.2007 TR/Agent.YC.1
Authentium 4.93.8 02.01.2007 no virus found
Avast 4.7.936.0 02.01.2007 Win32:Trojan-gen. {Other}
AVG 386 02.01.2007 no virus found
BitDefender 7.2 02.02.2007 Trojan.Agent.YC
CAT-QuickHeal 9.00 02.01.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 02.02.2007 no virus found
DrWeb 4.33 02.02.2007 Trojan.FWB
eSafe 7.0.14.0 02.01.2007 suspicious Trojan/Worm
eTrust-InoculateIT 30.4.3364 02.02.2007 no virus found
eTrust-Vet 30.4.3364 02.02.2007 no virus found
Ewido 4.0 02.01.2007 no virus found
Fortinet 2.85.0.0 02.02.2007 suspicious
F-Prot 4.2.1.29 02.01.2007 no virus found
Ikarus T3.1.0.31 02.02.2007 no virus found
Kaspersky 4.0.2.24 02.02.2007 no virus found
McAfee 4954 02.01.2007 no virus found
Microsoft 1.2101 02.02.2007 no virus found
NOD32v2 2029 02.02.2007 no virus found
Norman 5.80.02 02.02.2007 W32/Malware.IAF
Panda 9.0.0.4 02.02.2007 Suspicious file
Prevx1 V2 02.02.2007 no virus found
Sophos 4.13.0 01.31.2007 no virus found
Sunbelt 2.2.907.0 02.01.2007 no virus found
Symantec 10 02.02.2007 Trojan Horse
TheHacker 6.0.3.162 02.02.2007 no virus found
UNA 1.83 02.01.2007 no virus found
VBA32 3.11.2 02.01.2007 no virus found
VirusBuster 4.3.19:9 02.01.2007 no virus found

Aditional Information
File size: 25454 bytes
MD5: 6ad87eedbd0d7c562678dfcd380435dc
SHA1: 3d44967fc2256778010bca164736be97183797f6
packers: UPX
packers: UPX
packers: UPX


yes.. sorry I cannot help :(

Another happy Boclean user here. Run it with Kav 5.0 antivirus. They play well together. I think I've been using Boclean for 3 years, possibly 4.

Is it effective? Definately. Kills trojans as easily as "Matt Dillon" Kills cowboys on gunsmoke show. ;D

Why TH is not included on Virustotal so we can compare?

I am not sure if they allow a Windows version - Jotti does not and needs a *nix scanner port hence being better used for improving TH

As I know VirusTotal is on Windows platform.

I wouldn't touch BoClean with a ten-foot pole.





Not.

Only Joking of course. Bo Clean loyals are many and i have read nothing but sparkling reviews on it for years now and am amazed at it's longetivity. Guess that speaks volumes for it's publisher eh?

I sometimes wish that i also could reap some of that joy many others of you experience with it but since i selected other apps to cover those duties back then i tend to stick with what i'm used to.

BoClean does have a very long-lasting following and satified customers from all the reports that i've reviewed then and even now.