COMODO Cleaning Essentials ( Wishlist )

[wj32]

I think that's far beyond the scope of the program. You'll also have to clarify what operations you intend to track, because many (e.g. terminating a process, sending network data) are not reversible. Why not just use a sandbox program?

[Chiron]

This concept by elliotcroft may be an interesting addition to Killswitch.

Elliotcroft suggests a "process tracking" feature that logs the activities of a process. The user would designate which process he wishes to track, and then Killswitch will create a log for that process.  The tracker may help with debugging and with malware research.

Elliotcroft also proposes a rollback (or "undo") feature. If a process is malicious or causing crashes/freezes, the user can undo all the activities created by the process (it should probably also terminate the main process and all the processes it spawned). Kind of like Time Machine for processes.

In my opinion this option could only belong in a program that is meant to keep a computer clean. From my understanding CCE is meant to clean a computer that is already infected or ensure that it is not infected. Thus I don't see the purpose of tracking processes as killswitch already can tell you which are dangerous and which are safe.

Maybe I'm missing something. Please enlighten me if I am.

Thanks.

[Whoop-dee-doo]

I don't see the purpose of tracking processes as killswitch already can tell you which are dangerous and which are safe.

I am no expert, but it seems to me that Killswitch cannot identify 100% of malicious processes, and it sure cannot predict which non-malicious processes are causing conflicts/freezes. I thought process tracking may be helpful in identifying the activity of zero-day malware (no detections yet) and for monitoring processes that you suspect may be causing a conflict or crash. I do not fiddle much with process snooping, so those who have more experience with these issues can determine the utility of the suggestion. I merely bring it to your attention.

[salaficall]

2) When scan is finished Close button should return user to the main window.

+1000

It's so annoying right now.

[JoWa]

KillSwitch:

Add Comodo File Intelligence as search engine in right-click menu.

Add Verified Signer in Modules tab in Properties.

Thanks.

[wj32]

Add Verified Signer in Modules tab in Properties.

I've already implemented this in Process Hacker 2.9. Seems like they were using an old version for KillSwitch.

[lordraiden]

Have you already any idea how to improve the whitelist using DACS?
What about something like this:
If after 2 weeks of an undetected file by DACS the file remains undetected, the file goes to the whitelist. The file also need to be seem several times, so you can be sure that the file is quite extended, so have more chances to be a popular safe file



Is not 100% perfect, anyway you are having problems with some trusted certificates in malware so I guess that this process is not completely manual either

[kinemitor]

Have you already any idea how to improve the whitelist using DACS?
What about something like this:
If after 2 weeks of an undetected file by DACS the file remains undetected, the file goes to the whitelist. The file also need to be seem several times, so you can be sure that the file is quite extended, so have more chances to be a popular safe file



Is not 100% perfect, anyway you are having problems with some trusted certificates in malware so I guess that this process is not completely manual either

we cannot asume a file is safe only for the quantity of users uploading it or the time being undetedted
but if no antivirus detect it in one week... i think its other case. but im not sure on how to implement it
it would be like in the future cis vercion with dacs, to stop autosanboxing old files

[wasgij6]

i just recently tested CCE to clean a friends computer and love it. one thing that i would like to see get added is a new tab to killswitch that has the startup programs. This would be good to stop any malware from starting especially because a lot of malware disables the run feature to run msconfig.

i liked the restart feature cuz there was a rogue and after it restarted cce blocked the rogue from starting up so it could scan with no problems.
keep up the great work.

[lordraiden]

A way to report false positives in KillSwitch
And what it is the FLS scanner?

[kinemitor]

And what it is the FLS scanner?

i wan to know what mean the "absent" verdicct fls sometimes give

[Budda]

I wish I wish with all my heart. . . . .

That somewhere on the CCE GUI and Killswitch GUI there was an indicator informing us if DACS is up and working.

Also, I know one wish per post but a Web page as well we could visit giving us the status of DACS  as well would be alright.  Like which current AV's are being supported, if they are on or off, and maybe even server load?

[Valentin N]

I wish I wish with all my heart. . . . .

That somewhere on the CCE GUI and Killswitch GUI there was an indicator informing us if DACS is up and working.

Also, I know one wish per post but a Web page as well we could visit giving us the status of DACS  as well would be alright.  Like which current AV's are being supported, if they are on or off, and maybe even server load?

I find the idea good. It can be good to know if the servers of DACS is overloaded.

Take care all!

Regards,
            Valentin N

[kinemitor]

dacs dont use servers
remember its a p2p client

to implement something like this it should be like
see how much "antivirus A" contributors are online and so on

[Budda]

dacs dont use servers
remember its a p2p client

to implement something like this it should be like
see how much "antivirus A" contributors are online and so on

I get the idea of the difference and I am still interested in finding out about what is online, how much of a given av product is represented on that p2p, and how congested some of the p2p connections might be (say one group of av users have slower bandwidth than the rest of the norm, we would expect given the same amount of traffic on the network they would be backed up in comparison to the other users).