What Protection Does BOClean Add Beyond COMODO Firewall and AV?

I’ve recently installed the COMODO firewall and Anti-Virus products and am now looking at BOClean. It may just be that I don’t understand the terminology, but I was under the impression that things like trojan horse programs, keyloggers, etc. were typically handled by an Anti-Virus product. What types of threats are handled by BOClean that are not handled by COMODO Anti-Virus and firewall?

Is there much of a cpu usage cost to running BOClean?

TIA,

Phil

G’day and welcome to the forums.

Where your typical AV examines a file when it is accessed, BOClean waits until the file components have been executed.

The critical difference is that a piece of malware could be packed/compressed/encrypted with a new packer/compressor/encryptor so, to a signature based scanner, it did not conform to any known signature. BOClean monitors all executions up to the point of where they go “active”. At this point, it is then looking at the executable code, rather than the pretty box it came in, so to speak.

In the past, this has been referred to as the “clothed lady - naked lady” approach. Of course, I’d never use such an analogy.

Is there much of a cpu usage cost to running BOClean?

Minimal. Very tight footprint.

Hope this helps,
Ewen :slight_smile:

Thanks for the reply, Ewen. And I like the analogy, makes the issue perfectly clear. :-TU

Phil