It’s not a behavior-based application; it’s a definitions-based app. But it’s not a file-scanner like your normal AV or anti-spyware. It’s a real-time memory-scanner. The reason being, in order to do something, malware has to execute (access memory/CPU), so that’s where BOC watches and waits. The way it does so allows it to use its database of some 34,000 signatures to detect a million or so malware (since most are variants, but traditional AVs can’t find without individual definitions). The explanation is (in non-techy terms) that it can see the malware with their clothes off, so their techniques to hide what they are really don’t matter.
Oh yes i understand now… Ok its just that COMODO gives a non technical way of describing how its done, and its too simple for me to understand… instead of using the terms needed to describe it… Ok I get it now… Its very simple and I would consider using it, since it only scans memory items and watches for start up entries ect. Sounds good.
Well I installed it under safe mode and im am VERY pleased. BOclean scans after the application has been launched so it does not interfere with any of my security products. Allows all updates, and no visible conflictions! I have to say BOclean is a very good new layer of protection, and since it is so light weight, I dont have to worry about computer slow downs!
You summarised it perfectly Info-Sec.
Thats exactly what Boclean is designed to do. And the other advantage is that malware comes in many different disguises to defeat AV products (called Packers… think of it as clothes)… AV sees a new kind of packing (clothes) and it thinks its a new person and not a baddie and it doesn’t catch it. however boclean, because it lets the application get “naked” (as you have to be to execute the application in your CPU) before it checks, none of these disguises will work Hence make Boclean a very effective “Last Layer” protection. Its your insurance in case your AV fails! (and they do!).
I am just wondering is there an advantage to installing in safe mode. I installed from the web site not using safe mode and don’t see any thing that could be lacking.
By installing in safe mode, you reduce the risk of the install conflicting with any running programs or services. It isn’t a must do, but it can help prevent conflicts and is often recommended - especially for security applications.