Does BoClean actually CLEAN?

Discussion in 'other anti-trojan software' started by hojtsy, Aug 12, 2005.

Thread Status:
Not open for further replies.
  1. hojtsy

    hojtsy Registered Member

    Joined:
    Dec 28, 2003
    Posts:
    351
    I would like to know if BoClean does actually delete the data, dll and executable files and delete/fix the registry entries of identified malwares or only kill it from memory?
    -hojtsy-
     
  2. muf

    muf Registered Member

    Joined:
    Dec 30, 2003
    Posts:
    926
    Location:
    Manchester, England
    Taken from their website:
    Any time any process or dependency is started, BOClean stops the program (momentarily) the moment it's ready to actually start running. This allows the program to UNPACK (unwrap, decompress, etc.) in memory whereupon BOClean halts it, sniffs it and if it ISN'T a nasty, then lets it proceed. If it smells like a nasty, BOClean halts it completely and then throws up a box asking if you want to remove it and its entrails completely

    And also:
    Destroy trojans and remove registry entries

    And when i've tested BOClean, it stops the threat when it executes and then asks me if i want to remove the originating file as well.

    Hope that helps.

    muf
     
  3. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    2,825
    I have had the same experience as you muf with BOClean.
     
  4. illukka

    illukka Spyware Fighter

    Joined:
    Jun 23, 2003
    Posts:
    633
    Location:
    S.A.V.O
  5. muf

    muf Registered Member

    Joined:
    Dec 30, 2003
    Posts:
    926
    Location:
    Manchester, England
    Thanks illukka, Tremendous read. The first video was quite scary, watching those nasties keep restarting and BOClean breaking a major sweat trying to get rid. The second video shows just how much an Anti-malware is needed. With the correct signature in BOClean's database, it nailed it no problem. I read the whole thread over at DSLR, and must say with the various people chipping in(especially Kevin and Eric) that it turned out to be excellent. It was also good to see that the Anti-malware vendors are working together, well some of them. ;)

    muf
     
  6. 4A6F4A6F

    4A6F4A6F Registered Member

    Joined:
    Dec 23, 2003
    Posts:
    34
    Mhh looking at the video it looks like BoClean detects winldra.exe only after 13 seconds!! In the meantime it was able to drop a DLL and could have also easily killed BoClean or even change important Windows settings, quickformat the harddisk etc.

    Dr. Web, for example, detects winldra.exe instantly before it can even start up - which is waaay more secure ...

    By the way, looking at your website:

    Why wasn't it recognized then earlier? Before it could actually run and drop that DLL?
     
  7. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
    You still need a library card to even check out the .dll book and use it's contents... :D

    I think you missed the point..but then BOClean still would have been one of the products that would have told you something 'stinks" and all iterations of
    winldra.exe.

    http://castlecops.com/s7807-load32.html

    Your instant vs. drop..is just all fuzzy logic.
     
  8. ?-?-?

    ?-?-? Guest

    There is no black & white.

    Frequently, BOC properly cleans an infection. Sometimes, it fails (although the malware is detected). I do not think that this has changed since BOC 4.11 which was reviewed by us.
     
  9. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743

    Sometimes it doesn't rain..and the weather man is wrong.

    Sometime your test bed is correct for the application under test..and sometimes it is not.

    Sometime the tester makes an error..but the real world is still out there.

    Sometimes guest really have nothing to say..and this is one of them...even though they type it in black and white.

    :)
     
  10. Atomic_Ed

    Atomic_Ed Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    389
    Not to sidetrack the subject of this thread but I was wondering if this boclean runs on x64 XP Pro?
     
  11. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    LOL, oh the poetry of online forums :) :D
     
  12. ?-?-?

    ?-?-? Guest

    "Sometimes guest really have nothing to say..and this is one of them...even though they type it in black and white."

    I thought you would remember the "BOClean is not able to clean Beast" story. I noticed another problem in respect of Anal FTP. You should have read this already ;-)

    I do not consider it necessary to explain the technical details again. It simply as I said. Frequently, BOC can clean malware. Sometimes not.
     
  13. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743

    :D

    And here I thought you would help me with my poetry..but I will have tataye post also when his beastdoor wakes up tomorrow and we can have old home week.. :ninja: gathering up some more Proof of Concept goodies and have a nice party.

    all of them are such a dangerous threat :p to the whole internet community there would really be no reason to stay SOBER.

    May the force of Delphi be with us all very long time..

    Happy hunting :) And keep your eye on the Yellow hats.
     
  14. Nancy_McAleavey

    Nancy_McAleavey Expert Member

    Joined:
    Feb 10, 2002
    Posts:
    244
    Location:
    Voorheesville, NY, USA
    We've done some testing, so far no issues.
     
  15. Atomic_Ed

    Atomic_Ed Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    389
    Thank you for the reply, I am considering this program and was curious if it would run on x64 as that is what my new system has on it. Also will it coexist ok with Avast! Pro? That is the anti-virus I recently purchased for my system. Also how is the program's RAM requirements? Thanks for the info.
     
  16. Nancy_McAleavey

    Nancy_McAleavey Expert Member

    Joined:
    Feb 10, 2002
    Posts:
    244
    Location:
    Voorheesville, NY, USA
    I'm not aware of anything negative about the combination.

    Very very slim. Uses a minimum of resources, the program itself is under 500K.

    Hope this helps! :)
     
  17. passing thru

    passing thru Guest

    (OT) On my x64 system, BOClean is showing memory usage of about 8,300K (about 20% greater than on my XP 32-bit system). However, the periodic CPU spikes range between 0% and 1.56% (about 80% less). More often than not, I see no spikes using Process Explorer or TM.
     
  18. Atomic_Ed

    Atomic_Ed Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    389
    That sounds good to me. I can't seem to locate the trial version though. I am interested in seeing how it runs on my machine. Do you have a link for their trial version download?
     
  19. snowbird

    snowbird Guest

    There isn't one but they do have a 30 day moneyback guarantee.
     
  20. Smokey

    Smokey Registered Member

    Joined:
    Apr 1, 2002
    Posts:
    1,513
    Location:
    Annie's Pub
    Wow Primrose!!!:D
     
  21. Atomic_Ed

    Atomic_Ed Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    389
    Thanks, sure explains why I couldn't find one. Think I may just research a bit more on the net then before I decide if I want to buy.
     
Thread Status:
Not open for further replies.