Welcome, Guest. Please login or register.
November 22, 2009, 06:33:51 PM

Login with username, password and session length

336910 Posts
37285 Topics
84529 Members

Latest Member: dninke

Search:     Advanced search | Tag Cloud
+  Welcome to the Comodo Forum
|-+  Archive Boards
| |-+  Comodo BOClean Anti-Malware
| | |-+  Bad experience
« previous next »
Pages: [1] Go Down Print
Author Topic: Bad experience  (Read 3073 times)
Gravity
Newbie
*
Offline Offline

Posts: 22



« on: April 23, 2007, 01:12:47 PM »

After installing BOClean last night, wish went smootly btw, this morning after turning on the pc, this happend :
 
Winsock damaged. Why?  (The only thing I deed was testing BOClean with leaktest from grc.com)
Hosts file deleted. Why ? (This was a host file, with entry's made by my self)
And every item in  C:\Windows\Downloaded Program Files,  damaged. Why ?

BOClean reported nothing, and the system  consist of XP SP2 / fully patch. NOD32 , spywareblaster, and Spybot immunization.

At this time everything is rolling again, but witout boclean.
Logged
TonyKlein
Comodo Family Member
***
Offline Offline

Posts: 85



« Reply #1 on: April 23, 2007, 02:06:17 PM »

BOClean configuration:

Quote
The third checkbox on the right is marked "Automatic cleanup of HOSTS file." By default this is also checked because once again, the majority of malware will write to the HOSTS file to block access to antivirus and antimalware updates and this file is also commonly used to redirect you from sites you intend to visit to rogue sites instead. Some people and some programs make use of the HOSTS file to block other sites however it is not possible to programmatically determine which sites are safe and which aren't and therefore in the event of malware detected by BOClean, we want to reset the HOSTS file to the Microsoft default of EMPTY in order to prevent reinfection. You should UNCHECK this item ONLY if you actually use a HOSTS file and are willing to check it manually yourself to ensure that all entries are what you intend. We recommend leaving this checked however.

The fourth checkbox is marked "Automatic cleanup of TEMP folder." Windows uses a TEMP folder for each user as a temporary storage location for files until they can be copied to their final location. As a result, the TEMP folder should be empty except during installation of movement of data from one place to another. Some programs fail to empty out the TEMP folder when they're finished copying data and this TEMP location is often used by malware to store a copy of malware so that it can be resurrected. It is strongly advised to allow BOClean to clean the TEMP folder when any malware is found and therefore this box should remain checked.

The fifth checkbox is marked "Automatic cleanup of ActiveX downloads." The ActiveX cache or "downloaded program files" area in Windows is a storage location for programs downloaded from the internet to be used in conjunction with your browser. Unfortunately, it is also a location where malware will be stored so that any time you open your browser, the malware can download another copy and restore itself. When this box is checked, BOClean will clean the entire ActiveX cache and any programs stored here can be readily downloaded again with adequate warning such as online scanners and other "features" which require a program on your end for the web page to function. We recommend that this box remain checked as well.

The sixth checkbox is marked "Automatic cleanup of winsock connectivity." This item is turned on by default as well. However, this checkbox controls a number of additional cleanups which reflect the latest tendencies to corrupt the winsock "Layered Service Provider" (or "LSP") stack as well as the winsock itself. When certain malware inserts itself into the winsock stack and is subsequently removed, you lose all internet connectivity as a result of the "missing piece." Leaving this checkbox checked will cause BOClean to examine the "winsock stack" and repair the sequence to prevent loss of connectivity. We strongly advise leaving this box checked.



Logged

Gravity
Newbie
*
Offline Offline

Posts: 22



« Reply #2 on: April 23, 2007, 02:44:22 PM »

Thank you.     ...simple case of "RTFM"

Last night there were no problems with the same hosts file , so why was it reset to the deafult MS version this morning  Huh

If Boclean "examine the "winsock stack" and repair the sequence to prevent loss of connectivity",    why deed I still lost my connectivity  Huh

 
Logged
~cat~
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 969


CBO "...there is nothing better."


« Reply #3 on: April 23, 2007, 02:55:05 PM »

Yep, we really need to get the support documentation up and include it with the download link.
http://nsclean.com/supboc.html
Logged

Parched dry and thirsty, knee deep in the river of life.
cheater87
Comodo Loves me
****
Offline Offline

Posts: 133


« Reply #4 on: April 23, 2007, 03:05:54 PM »

About the HOST file thing. What if you have Spyware Blaster installed?
Logged
TonyKlein
Comodo Family Member
***
Offline Offline

Posts: 85



« Reply #5 on: April 23, 2007, 03:18:24 PM »

About the HOST file thing. What if you have Spyware Blaster installed?

You can certainly use SpywareBlaster to create an encrypted copy of the Hosts file in the SpywareBlaster directory. Always useful to have a backup in case it is hacked by malware (or deleted, be it by malware,  by accident,  or indeed by BOClean Wink ...)
« Last Edit: April 23, 2007, 03:20:07 PM by TonyKlein » Logged

Wingnut
Comodo Family Member
***
Offline Offline

Posts: 71


« Reply #6 on: April 23, 2007, 04:34:07 PM »

After installing BOClean last night, wish went smootly btw, this morning after turning on the pc, this happend :
 
Winsock damaged. Why?  (The only thing I deed was testing BOClean with leaktest from grc.com)
Hosts file deleted. Why ? (This was a host file, with entry's made by my self)
And every item in  C:\Windows\Downloaded Program Files,  damaged. Why ?

BOClean reported nothing, and the system  consist of XP SP2 / fully patch. NOD32 , spywareblaster, and Spybot immunization.

At this time everything is rolling again, but witout boclean.


See http://forums.comodo.com/index.php/topic,8170.0.html for my experiences with a corrupt winsock. And for the host file, i use a modified one and have a few self-added entries in there, but i always keep it read-only so when testing BOclean (with a really bad experience) my hosts file were still intact after that. So, make it read-only.....
Logged
Gravity
Newbie
*
Offline Offline

Posts: 22



« Reply #7 on: April 24, 2007, 10:05:04 AM »

Thank you all, gonna try again....
Logged
Tags:
Pages: [1] Go Up Print 
« previous next »
Jump to:  

SSL Certificate Free Virus Removal Firewall
Page created in 0.044 seconds with 19 queries.
Powered by SMF 1.1.10 | SMF © 2006, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks
Design by 7dana.com