Why keep Boclean?.

[Guest]

[dave1234]

  i often wonder why Bo clean is  still around as i would assume that as Cis has AV already, which i further assume  has Trojans in its data base, then if so why bother to integrate or  have as a standalone, a programme which at best has around 70,000 trojans in its data base?. this seems insignificant to me, compared to some other programmes that have up to a million trojans ( A Squared), as to the logic behind integrating it into Cis, or the need for it in the first place. i  need enlightening on this one, and am i misunderstanding some different benefits  of the programme in comparison to the av, in Cis?.

[panic]

BOClean works slightly differently to most malware detectors. An on demand malware scanner is looking at files in the file system (files on your hard disk). BOClean is examining each object at the instant it is about to be executed, after it has been unpacked or created dynamically.

This has been referred to as the "naked lady" approach, where BOClean inspects each object before it is executed and after it has been stripped of any packaging.

Hope this helps,
Ewen :-)

[Beanie]

at best has around 70,000 trojans in its data base?

That is true, but BOClean - AFAIK - uses an advanced heuristic technique which enhances this dramatically. Its a very effective security layer, and I can't wait for it to be integrated into CIS. 

[LeoniAquila]

Well over a million malware I've read at the website

[Beanie]

Well over a million malware I've read at the website

Precisely.

BOClean is very much worth keeping! I don't use it anymore because my setup is pretty strong without it (CIS and Sandboxie).

But if you're looking for added peace of mind, then it's a very effective additional layer 

[cassianoqs]

at best has around 70,000 trojans in its data base?

Listings do not include variants which are already covered. As of this date, COMODO's BOClean analysts have seen a total of 340,566 specific variations of various malware and behaviors as well as additional characteristics and components, all of which are covered in the Update file. This does not include "duplicates" and "copycats" as typically reported by others as "unique" based upon a lack of an "MD5 signature match." Add so-called "traces" and handling each individual piece as a separate "signature" detection as is done by our competitors and BOClean is well past 2,000,000 "signatures" or more as a quantification of "effectiveness by numbers." Our definition of "unique" is based upon specific code written by an original "single author" for use by others. The relative scarcity of "unique authors" is taken advantage of in our design by our ability to "know the actual author" rather than their varying output. Over ten years, we've gotten to know many of them personally in their designs. And the "trojan authors" of yore are today's scammers.

 

[Tags:]