Media Discovers Spyware

Yes, but still P2K...for two years now and the ones I saw (that's a lot of logs lol) with boclean in their setup where good to go except for a few neglectible startup items...
Afaik, Boclean is a nice program which plays nicely with the rest of my programs and it does it's job...with not much resources (not everywhere though...) and I rather believe users about "their" software then their vendors (ain't we all?)...

I didn't meant to judge Boclean on the appearance in hjt logs...I can judge it from my own user experience too but that would be another topic.

Take care

 

We've been handling them for several years. They're only news to M$.

 

The whole point behind this HJT log discussion is that the lack of logs seen including BOClean signifies that BOClean is functioning and detecting nasties, eliminating the need for the user to ever need to run an HJT log.

 

Since February, when BOClean 4.12 was released, I have only seen 1 HJT log posted at DSLR where the poster was running BOClean. It turned out that he wasn't infected with anything.

Prior to that, I have seen just a few (I could probably count them on one hand). In all cases BOClean was unable to remove the infection, because other programs, such as SpySweeper and SpyBot, held open the files making them "Access denied - in use"

I know that this was, in part, the reason for introducing 4.12, to overcome this particular problem.

 

Hi all,

I think that the original skeptical reaction to the paper was less due to any issues with BOClean per se, but more to do with the test "evidence" that was presented. To be fair to the other AT vendors, I do not think I have seen many (any?) Hijack logs that include any of the top AVs (e.g. KAV) or ATs (e.g. Ewido, TDS-3). Am I mistaken?

Rich

 

nope Rich, most probs would be resolved with good security software...

 

As a rule Specialist niche products (practically all Anti-trojans) will always tend to attract more security conscious users anyway, which makes it even less likely they will require a service of a HJT log read.

Of course, you have the rare newbie who uses a product because his more experienced friend recommends it, but that's not too often.

And of course Paranoid2000 has a point about users who install trial versions of TH, TDS-3 because their Norton tells them they have a trojan:scaryname..

 

Yes, but the point I was making was that most HJT log posters would not have been running any anti-trojan scanner prior to being infected, and the entries seen for other products would have been due mainly to them installing trial downloads once they suspected something was wrong. Since no trial of BOClean is available, this would be the main reason for it having little to no presence here (which is probably a mixed blessing - users with compromised systems are more likely to go with whatever they have trialled so PSC is missing out on potential sales here).

This isn't saying that BOClean is not providing good protection, but that judging competitors based on HJT numbers is going to give an inaccurate picture of their effectiveness.

 

I don't see the logic in that. If a person that actually has an infection, installs a trial software, and still has an infection, then the trial software failed to stop it, neccessitating HJT as a last resort. The software that prevents the need to go to an HJT to begin with would be the most desireable, don't you think?

 

well ive seen many logs with the trial version of TH, TDS and EWIDO there..
usually installed on my request to be exact
as a part of the cleaning process..

the tds trial is limited in functionality, its not that simple..

but i agree of course: the removal abilities of AT's are as important as detection abilities..

 

I didn't mean any specific software.....sometimes people, thinking they may be infected as their system slows down, may install one of the free AS packages to no avail. IMHO, I would expect scans with TDS would nail nasties more often than not.

 

Detecting and preventing malware from getting installed in the first place is a lot easier than removing it - especially if that malware actively tries to counter security program installation (monitoring subsequent software installations and renaming key files immediately to stop them from being run later would seem an especially effective approach).

Prevention is certainly better than cure but first-time HJT posters are generally only just finding this out.

The only way to guarantee removal of malware would be to restart a system from a "known clean" source (e.g. Windows/Linux CD-ROM). It is therefore (sadly) not realistic to expect any anti-trojan to be able to remove the very worst malware.

 

yep, a fresh/clean install is the only 100% secure way to clean a machine

my point is that many tests do only the detection part.. leaving the removal part untouched..

 

true, detection may be one part, cleaning and removal is another (p)art...

the thing is...if there were trials available of boclean, we would get a bigger picture on how it stands...against malware in general...while this won't give any details about boclean...
And now when I think of it: the fact that we cannot find any boclean copies on most of hjt logs is prolly the fact that there is no trial...this probably has been discussed anyway.

 

Me thinks that was Nancy's point, but then again what do I know I can not speak for others. But I for one have always tried to prevent it. Fresh Install last resort

 

Exactly the point I have been trying to make - HJT logs are most often posted by those who have been running without adequate protection, got hit by a nasty and then installed trial versions of other software. As such, the only conclusion that can be drawn is that these cannot always remove embedded malware - nothing (good or bad) can be proven about BOClean from this.

 

Other than BOClean eliminating (for lack of a better word, as nothing is quite that absolute) the need for an HJT log (and the risk of being online to download, post and wait for a solution while one's system is exposed) to begin with.

 

I'm sorry to have to keep going on at this - but how does the lack of posted HJT logs with BOClean entries prove its effectiveness? An alternative explanation (the lack of a free trial, which means that helpers have to recommend other software) has been given so unless PSC change this and offer a trial, no assessment of BOClean can be made from "in the field" system logs.

By a similar token, I've never been infected by a trojan while wearing 3-day old unwashed socks. Should I be arguing that these have protective properties as a consequence?

 

My experience is atypical, then.

I've worked on many machines that have had up-to-date antivirus and anti-spyware apps that have been infected by drive-by's and hijackers--I remember one in particular that I ended up nuking.

I have never worked on a computer with BoClean installed that has had this problem.

Doesn't prove anything. Just my experience.

 

Yes but in your case you had computers with BOClean installed which allows you to draw a comparison. People posting HJT logs would not which means that those who draw conclusions here are doing so from BOClean's absence - another matter entirely.

 

most of the people posting hjt logs will not know the existance of boclean or processguard or whatever...the fact that boclean doesn't have a trial version available will not help a lot for that matter...but indeed another matter and another topic...

@ P2K: would you care to lend me your socks? quite interested

 

The lack of BOClean being present in HJT logs is not relevant to it's effectiveness. But it is a pity that BOClean has no trial available. I mean, you tend to take a car on a test drive before deciding to buy it - yes? Does the saleman give you a guaranteed 30 day money back guarantee if you buy it without first test driving it? The money back guarantee is all well and good but people want to try BEFORE they buy. It's ridiculous that there is no trial available, and always has been ridiculous. It must of AT LEAST halved the sales of the product. In fact i'd suspect that BOClean would have shifted as many as 75% more sales if a trial was available.

I took the chance and purchased BOClean about two years ago. Great software and the support is top notch. I'm sure many more would find the same if a trial was made available. But you have to ask that if you DID make a trial available and you shifted 75% more sales then could you cope with the extra required resource of a LOT MORE people asking for help.

muf

 

Send me your address and I'll post some - in an air-tight container with biohazard warnings of course...

 

LOL
How many pairs of 3-day socks have you got available?
Could be a big market.

Can we have the socks on a trial basis?
If we keep them for A month in their unwashed state will they be even better security?
What will the annual upgrade/membership fee be.
If you update to clean socks what will happen.
A new first :retro updates to keep the socks dirtier!!



Sorry , don't mean to belittle this thread which is a serious discussion, but, couldn't resist.

 

All,
You know, except for the EZ AV promo if you want to consider that a free trial, I have never trialed a single product. I do research listen to others who are using it and make a decision. I do not do beta testing either. I am not a technology guru or as I think someone put it, on the "edge of security" (use the latest stuff).
I am one who follows the pc, network security industry and am also very, very pc security aware...you must portect yourself or else. I am always amazed at the come what may, I will be o. k., attitude of most users. Including those doing transactions over the net.

I am a little off topic here so this is my point: There are many like me, I believe who do not have the skills or knowledge to understand these technical details, (but I am attempting to learn). They want security, they want someone to make thinks better, make it safe, do it for me. I am not talking about gamers or avid surfers either. I am talking average, but those who need and want security beyond AV and Firewall. They must be sure. This would include small office and small business and home user too. PSC may have said why they do not offer trial, I do not recall, but Muf makes a good point. You can not and should not grow the business beyond what you can handle or grow so fast you can not keep up the quality. I would like to hear from Nancy or Kevin on the trial issue. But like I said I have never trialed and Muf said he took a chance. So is there really an issue here. What would a trial do for the spread or expansion of sales of a product? Maybe someone has some data they would share with us. Very interesting fellow creatures.