Author Topic: COMODO Cleaning Essentials ( Wishlist )  (Read 112753 times)

Offline BoredNow

  • Comodo's Hero
  • *****
  • Posts: 354
Re: COMODO Cleaning Essentials ( Wishlist )
« Reply #120 on: July 06, 2011, 12:34:53 AM »
My apologies if this has been mentioned somewhere in the proceeding 8 pages.

I was wondering if we could get a keyboard shortcut that would terminate any unknown/malicious processes.
This might only be possible if Killswitch is the default task manager...I don't know.

The reason I ask is that a Blackhole or Screen-Jacker will cover the screen, which means you don't have access to the Killswitch window...or anything else.

Also, in a similar vein, sometimes a malware window will cover the "are you sure you want to terminate this process" window.
It would be nice to be able to hit... "Enter"...like with Windows Task Manager.

Thanks
« Last Edit: July 06, 2011, 12:37:07 AM by BoredNow »
Home built gaming rig
Windows 7 Home Premium 64-bit SP1
CCAV
Sandboxie 5.6

Offline morphiusz

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 3082
    • Suspicious file?
Re: COMODO Cleaning Essentials ( Wishlist )
« Reply #121 on: July 06, 2011, 10:27:12 AM »
I like it, some malware can cover your desktop and you can't click anything.
« Last Edit: July 06, 2011, 01:48:04 PM by morphiusz »

Offline BoredNow

  • Comodo's Hero
  • *****
  • Posts: 354
Re: COMODO Cleaning Essentials ( Wishlist )
« Reply #122 on: July 06, 2011, 01:24:56 PM »
Also, it would be nice if CCE/KillSwitch could always be on foreground, in case some fullscreen (ransom) malware is running.
I tested one today (which for some reason didn't fill the whole screen) and couldn't terminate it via KillSwitch, just because the "are you sure you want to terminate this program" dialog box was hidden behind the malware.

Yes, this is another approach to the problem....+++

Of all the malware I've tested, I dread the "screen-jackers" and "blackholes" the most.

Does anyone have tricks to escape these malwares?

Since I always sandbox my browser (inside VMware) I can just power off the machine and the malware can't start up with Windows because it's just sitting in the sandbox.
But are there alternate methods?
Home built gaming rig
Windows 7 Home Premium 64-bit SP1
CCAV
Sandboxie 5.6

Offline w-e-v

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1503
  • BETA FORCE MEMBER
Re: COMODO Cleaning Essentials ( Wishlist )
« Reply #123 on: July 11, 2011, 01:17:05 AM »
It would be awsome if KS could display the SHA1 of a file (safe or malware).
That we could compare it with many online tools, as for example Valkyrie and File Intelligence.

Or even better to add into KS a submenu for any file, where it allows you to look for the file in Valkyrie and FI services.

For example, I am using KS and this file is unknown for KS:
C:\TOSHIBA\E-KEY\CeEKey.exe

However, I looked for it in VirusTotal, Valkyrie and File Intelligence, and they all said it was SAFE:
http://www.virustotal.com/file-scan/report.html?id=881f7ba506f176adb3ce814448b88eb6f26ffb2cfda3c897a80ebd07b4d0abc0-1310360596

http://file-intelligence.comodo.com/index.php (using SHA1: a8510e731763f0bf6ab5e6a927b3291cb62a258e)

http://v.comodo.com/Result.aspx?sha1=a8510e731763f0bf6ab5e6a927b3291cb62a258e&&query=0&&filename=CeEKey.exe


Of course all this I submitted manually (except for the VirusTotal submission).
If we users where able to do this automatically, would save a lot of time and set a veredict faster, even if KS shows that a file is Unknown.

Offline w-e-v

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1503
  • BETA FORCE MEMBER
Re: COMODO Cleaning Essentials ( Wishlist )
« Reply #124 on: July 13, 2011, 07:55:44 PM »
It would also be great that KS could be able to send through email some information about an active process.
Some info like:

SHA1, MD5, location, etc.

And specially if the active file itself can be send through email for further analysis!

Offline matu

  • Newbie
  • *
  • Posts: 1
Re: COMODO Cleaning Essentials ( Wishlist )
« Reply #125 on: July 18, 2011, 03:24:31 AM »
KIllswitch: Can you put Services and Drivers on different tabs please? (or make that an option)

Offline wj32

  • Comodo's Hero
  • *****
  • Posts: 387
    • Process Hacker
Re: COMODO Cleaning Essentials ( Wishlist )
« Reply #126 on: July 18, 2011, 05:34:30 AM »
KIllswitch: Can you put Services and Drivers on different tabs please? (or make that an option)

They're all services, and it happens that "driver" is a type of service. Actually loaded drivers are viewed by double-clicking System (this includes drivers that are not loaded through the service manager).
MCTS: Windows Internals
Process Hacker, a free and open source process viewer.

Offline SivaSuresh

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1377
  • Avert the danger that has not yet come
Re: COMODO Cleaning Essentials ( Wishlist )
« Reply #127 on: July 18, 2011, 01:55:13 PM »
Can we have a verdict of the services/drivers in KillSwitch ?

Known good services (Safe), Known Bad (rootkits, etc...), Unknown...

Currently the services list is very big, and hard to look at and decide....isn't it ?
with love Siva Suresh
|| Windows7 x64 | CIS 10 | Firefox | Thunderbird | CCleaner | Evernote | PStart | UltraCopier | Dropbox | TeamViewer | Screenshot Captor ||
|| AMD Phenom II x4 955B | ASUS M4A88TD | 8GB DDR3 RAM | 240GB Sandisk SSD  || 6TB SATA II HDD 6Gb/s

Offline Tech

  • Usability Study Member
  • Comodo's Hero
  • *****
  • Posts: 3025
Re: COMODO Cleaning Essentials ( Wishlist )
« Reply #128 on: July 18, 2011, 09:07:23 PM »
SivaSuresh, services are, after all, a process running.
The answer will be, in my opinion, in the processes tab already.
avast! team member
Save freeware snapshot technology of Comodo Time Machine. Vote!

Offline SivaSuresh

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1377
  • Avert the danger that has not yet come
Re: COMODO Cleaning Essentials ( Wishlist )
« Reply #129 on: July 19, 2011, 02:10:32 AM »
No. Services are not just processes, they are lot more than that...

Besides, there are many services scheduled to start with system. It is very important to have verdict for services (If possible)
« Last Edit: October 07, 2011, 09:15:04 PM by SivaSuresh »
with love Siva Suresh
|| Windows7 x64 | CIS 10 | Firefox | Thunderbird | CCleaner | Evernote | PStart | UltraCopier | Dropbox | TeamViewer | Screenshot Captor ||
|| AMD Phenom II x4 955B | ASUS M4A88TD | 8GB DDR3 RAM | 240GB Sandisk SSD  || 6TB SATA II HDD 6Gb/s

Offline karl1986

  • Comodo Loves me
  • ****
  • Posts: 156
Re: COMODO Cleaning Essentials ( Wishlist )
« Reply #130 on: July 21, 2011, 05:34:58 AM »
Windows 7 Ultimate BlackShine 2011.5 [SP1]  32bit 
Comodo Internet Security 5.10.228257.2253  + MBAM (Pro) , CCleaner, Comodo Dragon, COMODO Time Machine, ССЕ

Offline karl1986

  • Comodo Loves me
  • ****
  • Posts: 156
Re: Comodo Cleaning Essentials ( Wishlist )
« Reply #131 on: July 21, 2011, 05:40:23 AM »
I wish that  DACS results, where virus is detected will be marked on red, like malicious processes in KillSwitch.
You know what i mean? When you open "Verdict" than you see smoething like that:




Thank u flash Paweł:P


+1
Windows 7 Ultimate BlackShine 2011.5 [SP1]  32bit 
Comodo Internet Security 5.10.228257.2253  + MBAM (Pro) , CCleaner, Comodo Dragon, COMODO Time Machine, ССЕ

Offline karl1986

  • Comodo Loves me
  • ****
  • Posts: 156
Re: Comodo Cleaning Essentials ( Wishlist )
« Reply #132 on: July 21, 2011, 05:42:29 AM »
What I would like to see is for CCE to show the results after the scan has finished (Just like Comodo Antivirus currently does). There should also be the option, next to each result, to check it with DACS.

This would make it much easier to differentiate malware and false positives.

+1
Windows 7 Ultimate BlackShine 2011.5 [SP1]  32bit 
Comodo Internet Security 5.10.228257.2253  + MBAM (Pro) , CCleaner, Comodo Dragon, COMODO Time Machine, ССЕ

Offline karl1986

  • Comodo Loves me
  • ****
  • Posts: 156
Re: COMODO Cleaning Essentials ( Wishlist )
« Reply #133 on: July 21, 2011, 05:53:17 AM »
  Question: What will be further from the CCE, whether integration into the CIS or become self-loading the program as other programs from the developers of "COMODO", it would be nice and a beta version and boot program as an assistant to anti-virus.

  Sorry for my English.
Windows 7 Ultimate BlackShine 2011.5 [SP1]  32bit 
Comodo Internet Security 5.10.228257.2253  + MBAM (Pro) , CCleaner, Comodo Dragon, COMODO Time Machine, ССЕ

Offline wasgij6

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 5717
Re: COMODO Cleaning Essentials ( Wishlist )
« Reply #134 on: October 07, 2011, 06:08:37 PM »
1. change name of the new autoruns to comodo autorun manager and integrate into CFM

2. develop a small tool into killswitch that allows the user to unlock exe's from other process
here a great example unlocker

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek