Free KGB Logger


I installed Free KGB Logger. BOCLEAN detected it and deleted it. Wonderful!
But i can´t find the protocol of deleting??!!


I’m glad you’re happy, Andreas.

However, could you please clarify what you mean when you say that you can’t find the protocol of deleting? Are you asking how to get BOClean to delete files, or not delete files?


I thought, BOClean created a protocol of all deleting files or a report of activities.
Such a protocol or a report i mean i didn´t find it.

If you click on BOClean “Configure COClean” you see “Create report when trojan found” (“Create report when trojan found” is activated)

I didn´t find this report. I was surprised. (:WAV)


Okay, I understand, I think. So you went to the file location given, to see the report, but it was not there.

If I understand correctly, that does seem odd. If it identified the file as a trojan, and removed it, then it should have created a report about it.


I think you understand me. BOClean detected the key logger and removed it. I know that because BOClean shows a message.

But i don´t find the report which “should have created”. >:(

I think we need a test trojan.


There is a post in the CBO forum here, with a link to a website with a “trojan simulator” sort of a trojan equivalent to the EICAR antivirus test file. CBO found it, deleted it, and created the report it was supposed to (for me).

You can find that and give it a shot; see what happens.


andreas, when you look in C-BOClean’s “configuration”, does it show what the file-path is for where the “report” will be generated? and did you look in the place that is indicated by the file-path?

i am running BOC 4.22 and, with BOC 4.22, the default file-path for the “report” is “C:\Documents and Settings\All Users\Documents”, i think…

that is an awkward location for the “report”… most people don’t normally use that folder, but i think that the “report” is put there in order to be convenient for “administrators”…

so, if you were looking at “my computer”, in “explorer”, you would see a folder at the top called “shared documents”, and the C-BOC “report” would be in that “shared documents” folder…

i change the file-path for the “report” to "C:" so that it is then generated in "C:"…

p.s. you can also test C-BOC with GRC’s “leaktest”… here is the link for it:

I looked in this path and i don´t find the report??!! Maybe my mistake??

I know the Do you mean i should test BOClean without CFP?


You don’t need to turn CFP off. Just download Steve’s leaktest.exe, then run it. CBO will stop it before it ever gets a chance to ■■■■ heads with the FW… :wink:

Just to make sure you know exactly where CBO’s report is going, you might edit that box and change the filepath to something more “user-friendly,” even just "c:" After it deals with the leaktest, it should put a file there named BOreport.txt