I would like to know if BoClean does actually delete the data, dll and executable files and delete/fix the registry entries of identified malwares or only kill it from memory?
-hojtsy-

Taken from their website:
Any time any process or dependency is started, BOClean stops the program (momentarily) the moment it's ready to actually start running. This allows the program to UNPACK (unwrap, decompress, etc.) in memory whereupon BOClean halts it, sniffs it and if it ISN'T a nasty, then lets it proceed. If it smells like a nasty, BOClean halts it completely and then throws up a box asking if you want to remove it and its entrails completely

And also:
Destroy trojans and remove registry entries

And when i've tested BOClean, it stops the threat when it executes and then asks me if i want to remove the originating file as well.

Hope that helps.

muf

I have had the same experience as you muf with BOClean.

same here ;D
stops 'em . then cleans its traces with the minimum of fuss.
it just does its job, and does it well, period

btw eburger68 posted a nice video of boclean stopping a serious nasty at dslr reports
http://www.spywarewarrior.com/elh/boclean_kl.wmv

here's the thread there:
http://www.dslreports.com/forum/remark,14093526~mode=flat~days=9999~start=20

Thanks illukka, Tremendous read. The first video was quite scary, watching those nasties keep restarting and BOClean breaking a major sweat trying to get rid. The second video shows just how much an Anti-malware is needed. With the correct signature in BOClean's database, it nailed it no problem. I read the whole thread over at DSLR, and must say with the various people chipping in(especially Kevin and Eric) that it turned out to be excellent. It was also good to see that the Anti-malware vendors are working together, well some of them. ;)

muf

Mhh looking at the video it looks like BoClean detects winldra.exe only after 13 seconds!! In the meantime it was able to drop a DLL and could have also easily killed BoClean or even change important Windows settings, quickformat the harddisk etc.

Dr. Web, for example, detects winldra.exe instantly before it can even start up - which is waaay more secure ...

By the way, looking at your website:

-{ Quote: "Any time any process or dependency is started, BOClean stops the program (momentarily) the moment it's ready to actually start running." }-

Why wasn't it recognized then earlier? Before it could actually run and drop that DLL?

-{ Quote: "Mhh looking at the video it looks like BoClean detects winldra.exe only after 13 seconds!! In the meantime it was able to drop a DLL and could have also easily killed BoClean or even change important Windows settings, quickformat the harddisk etc.

Dr. Web, for example, detects winldra.exe instantly before it can even start up - which is waaay more secure ...

By the way, looking at your website:



Why wasn't it recognized then earlier? Before it could actually run and drop that DLL?" }-

You still need a library card to even check out the .dll book and use it's contents... ;D

I think you missed the point..but then BOClean still would have been one of the products that would have told you something 'stinks" and all iterations of
winldra.exe.

http://castlecops.com/s7807-load32.html

Your instant vs. drop..is just all fuzzy logic.

There is no black & white.

Frequently, BOC properly cleans an infection. Sometimes, it fails (although the malware is detected). I do not think that this has changed since BOC 4.11 which was reviewed by us.

-{ Quote: "There is no black & white.

Frequently, BOC properly cleans an infection. Sometimes, it fails (although the malware is detected). I do not think that this has changed since BOC 4.11 which was reviewed by us." }-


Sometimes it doesn't rain..and the weather man is wrong.

Sometime your test bed is correct for the application under test..and sometimes it is not.

Sometime the tester makes an error..but the real world is still out there.

Sometimes guest really have nothing to say..and this is one of them...even though they type it in black and white.

:)

Not to sidetrack the subject of this thread but I was wondering if this boclean runs on x64 XP Pro?

-{ Quote: "Sometimes it doesn't rain..and the weather man is wrong.

Sometime your test bed is correct for the application under test..and sometimes it is not.

Sometime the tester makes an error..but the real world is still out there.

Sometimes guest really have nothing to say..and this is one of them...even though they type it in black and white." }-LOL, oh the poetry of online forums :) ;D

"Sometimes guest really have nothing to say..and this is one of them...even though they type it in black and white."

I thought you would remember the "BOClean is not able to clean Beast" story. I noticed another problem in respect of Anal FTP. You should have read this already ;-)

I do not consider it necessary to explain the technical details again. It simply as I said. Frequently, BOC can clean malware. Sometimes not.

-{ Quote: ""Sometimes guest really have nothing to say..and this is one of them...even though they type it in black and white."

I thought you would remember the "BOClean is not able to clean Beast" story. I noticed another problem in respect of Anal FTP. You should have read this already ;-)

I do not consider it necessary to explain the technical details again. It simply as I said. Frequently, BOC can clean malware. Sometimes not." }-


;D

And here I thought you would help me with my poetry..but I will have tataye post also when his beastdoor wakes up tomorrow and we can have old home week.. :lurking: gathering up some more Proof of Concept goodies and have a nice party.

all of them are such a dangerous threat :P to the whole internet community there would really be no reason to stay SOBER.

May the force of Delphi be with us all very long time..

Happy hunting :) And keep your eye on the Yellow hats.

-{ Quote: "Not to sidetrack the subject of this thread but I was wondering if this boclean runs on x64 XP Pro?" }-

We've done some testing, so far no issues.

-{ Quote: "We've done some testing, so far no issues." }-
Thank you for the reply, I am considering this program and was curious if it would run on x64 as that is what my new system has on it. Also will it coexist ok with Avast! Pro? That is the anti-virus I recently purchased for my system. Also how is the program's RAM requirements? Thanks for the info.

-{ Quote: "Thank you for the reply, I am considering this program and was curious if it would run on x64 as that is what my new system has on it. Also will it coexist ok with Avast! Pro? That is the anti-virus I recently purchased for my system. " }-

I'm not aware of anything negative about the combination.

-{ Quote: "Also how is the program's RAM requirements? Thanks for the info." }-

Very very slim. Uses a minimum of resources, the program itself is under 500K.

Hope this helps! :)

(OT) On my x64 system, BOClean is showing memory usage of about 8,300K (about 20% greater than on my XP 32-bit system). However, the periodic CPU spikes range between 0% and 1.56% (about 80% less). More often than not, I see no spikes using Process Explorer or TM.

-{ Quote: "(OT) On my x64 system, BOClean is showing memory usage of about 8,300K (about 20% greater than on my XP 32-bit system). However, the periodic CPU spikes range between 0% and 1.56% (about 80% less). More often than not, I see no spikes using Process Explorer or TM." }-
That sounds good to me. I can't seem to locate the trial version though. I am interested in seeing how it runs on my machine. Do you have a link for their trial version download?

-{ Quote: " Do you have a link for their trial version download?" }-
There isn't one but they do have a 30 day moneyback guarantee.

-{ Quote: "Sometimes guest really have nothing to say..and this is one of them...even though they type it in black and white.
:)" }-
Wow Primrose!!!;D

-{ Quote: "There isn't one but they do have a 30 day moneyback guarantee." }-
Thanks, sure explains why I couldn't find one. Think I may just research a bit more on the net then before I decide if I want to buy.