COMODO Cleaning Essentials ( Wishlist )

[Guest]

[fake5]

What does Comodo Cleaning Essentials need or you wish it could have ?

As a side note:  Cleaning certian TDSS infections will have to wait, but it's been noted

I wish that we can have a chinese simplified version killswitch

[dudewekillviruses4aliving]

ClickClean.exe, 4696, FLS.Unknown, Not Trusted, , , , , 168 kB, 1 MB, , should  be fine whitelist it plz

[wj32]

I wish that we can have a chinese simplified version killswitch

Unless there is some kind of miracle, this is impossible.

[EricJH]

Verdict and Verified Signer in Services tab.

+1

[wasgij6]

it would be cool to see some of the features that cis has such as adaptive mode and block all unknown request if application is closed. these are really useful when cleaning and they should be easy to implement since the code is already written

[jovan111p]

Does someone knows when will be out CCE final version? Thanks

[lordraiden]

You could you DACS to improve the whitelist.

If a file has appeared in the 5% or more of your costumers and it's 2 weeks old or more will be scanned by DACS (+30 av's) if the results is clean from all of them the files will be marked as potentially trusted and will not run inside the sandbox.

You could say this is not 100% safe, ok but the actual method either, everyweek there is a lot of new malware whitelisted posted here: http://forums.Comodo.com/av-false-positivenegative-detection-reporting/report-trusted-and-whitelisted-malwares-here-dont-attach-live-malware-t67172.0.html

But the questions is, how many virus well spread (in the 5% of the computers or more) remains more than 2 weeks without being detected by any of the av's in the market, I would say none.
Any virus well spread remains undetected a few days as much.

You can modify the % or/and the time and the idea is still good.

[atomas31]

What I wish for :


A hotkey to terminate all unsafe process like Brute Force in Hitman pro is a good idea  Thumb Up or some technologie like rkill (http://www.bleepingcomputer.com/forums/topic308364.html) or roguekiller (http://www.sur-la-toile.com/RogueKiller/) should be integraded...

A portable version is also a must!!!

Also, it would be nice if CCE could do a preliminary scan to see if the internet (proxy) and different window utilities (ex. : task manager) have been disabled or changed and repair it...

Thanks,

[EricJH]

What I wish for :


A hotkey to terminate all unsafe process like Brute Force in Hitman pro is a good idea  Thumb Up or some technologie like rkill (http://www.bleepingcomputer.com/forums/topic308364.html)

That is already there. Look under Killswitch in the menu bar.

or roguekiller (http://www.sur-la-toile.com/RogueKiller/) should be integraded...

I am not familiar with the program but catching rogues should be a task for the AV scanner of CCE.

A portable version is also a must!!!

It already is.

Also, it would be nice if CCE could do a preliminary scan to see if the internet (proxy) and different window utilities (ex. : task manager) have been disabled or changed and repair it...

Thanks,

+1

[Arkose]

That is already there. Look under Killswitch in the menu bar.

No, the function in the programs mentioned is a bit different; while the program is starting up it forcibly launches itself in a way that bypasses rogue antiviruses and other malware that otherwise stop all programs from launching. For Hitman Pro this has to be initiated manually by holding Ctrl while launching while for the other two it's always active. Neither CCE nor KillSwitch are able to do anything like this from what I've seen.

A portable version is also a must!!!

It already is.

Not quite; there are portability problems with all current versions of this product; settings and logs for both programs are saved in the registry and user profile rather than in the program's own folder, which makes it impossible to pre-configure either program for use on other systems.

[wj32]

Not quite; there are portability problems with all current versions of this product; settings and logs for both programs are saved in the registry and user profile rather than in the program's own folder, which makes it impossible to pre-configure either program for use on other systems.

You can start PH/KS with the "-settings" parameter to specify the location of the settings file:

KillSwitch.exe -settings settings.xml

[kinemitor]

include both x86 and x64 executables in one package, to be run manually or automatically
also this is very important

Also, it would be nice if CCE could do a preliminary scan to see if the internet (proxy) and different window utilities (ex. : task manager) have been disabled or changed and repair it...

Thanks,

[Arkose]

You can start PH/KS with the "-settings" parameter to specify the location of the settings file:

KillSwitch.exe -settings settings.xml

Wow, that's perfect. Thanks for that. Now if only CCE had such an option.

include both x86 and x64 executables in one package, to be run manually or automatically

+1. Having a unified package would save a lot of space (no more double antivirus definitions) and be easier to work with.

[Graham1]

Hi

Apologies if this has already been mentioned (if so, please remove my post). Rather than KillSwitch list different detections (i.e from different engines) for the same process, list only the process that is infected with the detections from different engines shown underneath (so it's reversed). Hope the above makes sense.

[Valentin N]

Would it be possible to give CCE the same ability that CTM has? CTM console can come before the computer boots.

Regards,
            Valentin N

[Tags:]