CAVS and BoClean

[Guest]

[ngolian]

I've been using BoClean for a while and I'm quite pleased with it; it's unobtrusive and it seems effective because it instantly alerted me when I tried to open an infected zip. But I can't work out the difference between BoClean and CAVS. BoClean says it's "full spectrum" protection, so doesn't that mean it protects against viruses as well as spyware? If so, why is there a separate AV product? Are they supposed to be run together without getting in each other's way?

It's a bit of a moot point on my Vista 64 PC though, because support isn't expected until CAVS v3 and even v2 is still in beta .

[Rednose]

Hi ngolian, welcome to the forum

The best thing I can do is to point you at a post from Kevin :

... but best way to explain it is that antiviruses are designed to work at the FILE level ... better antiviruses can examine files more deeply, have perhaps an "emulator" or other "heuristics" that may or may not help, but in the end EVERY AV (even ours) does its thing by stopping a file from loading, and then examining it in hopes of matching a signature of some sort TO that file before it is allowed to be loaded/run.

 BOClean was always designed on a philosophy of "you already HAVE an antivirus" ... if the FILE wasn't detected as harmful, then BOClean will sit there like a bouncer inside the lobby and whatever gets past the front door is OURS. We do a MEMORY scan of a process which has already loaded and begun to execute. Once it's actually started up, all of those obfuscations at the file level are no longer in use since a computer can ONLY execute a valid program. And to BE valid, any obfuscations must be completely disarmed by the program to allow it to run. So BOClean goes in at THAT level and gives anything which runs a "second opinion." And yes, we also check associated files and connections after the fact as well ... in case the AV misses it. That was ALWAYS the purpose of BOClean, and why it's proven so useful for over ten years now.   

From here :

http://forums.comodo.com/comodo_boclean_antimalware/why_use_boclean-t22796.0.html;msg160516#msg160516

If you have still questions, feel free to ask them

Greetz, Red.

[ngolian]

I've yet to find a free AV that does a good job of stopping files getting infected, so I'm going to carry on using BoClean and look forward to CAVS being available for Vista 64.

[Rednose]

Ngolian

I strongly recommend you to install an AV right now, and not to wait !

Good free AV's are :

- AntiVir : http://www.free-av.com
- Avast! : http://www.avast.com

Greetz, Red.

[ngolian]

OK, I'm giving AntiVir a try.

[LeoniAquila]

There are differences between BOClean and CAVS like Rednose refers to. Also, a reason why they both cover similar threats, is that Comodo bought BOClean last year whilst they already had CAVS (in the same version - 2.0 - as today). In other words, Comodo already had CAVS, then they bought BOClean which was developed by another company.

BTW AntiVir is what I also would recommend currently, or as an alternative, avast! Antivirus.

LA

[3xist]

BTW... CAV 3 will incorporate BOClean Signatures.

Josh

[Tags:]