Here is what the CIS User Guide says about Clean PC Mode:
“Clean PC Mode: From the time you set the slider to ‘Clean PC Mode’, Defense+ will learn the activities of the applications currently installed on the computer while all new executables introduced to the system are monitored and controlled. This patent-pending mode of operation is the recommended option on a new computer or one that the user knows to be clean of malware and other threats. From this point onwards Defense+ will alert the user whenever a new, unrecognized application is being installed. In this mode, the files in ‘My Pending Files’ are excluded from being considered as clean and are monitored and controlled.”
How this works is clear when Clean PC Mode is selected on installation. I have been using Clean PC Mode for about a month, and I want to understand better what happens before I change the D+ security level. Please clarity what happens when I change the D+ security level to disabled, training mode, safe mode or paranoid mode and then back to Clean PC Mode.
How does Clean PC Mode know which files are new since it was invoked?
Does Clean PC Mode store a date and time for when it was invoked?
When changing the D+ security level back to Clean PC Mode, is the date/time updated to the present date/time?
Does it depend on what D+ security levels are used in between going from Clean PC Mode back to Clean PC Mode?