Please post your screenshots of KillSwitch

Hi Guys

the Hide Safe Object feature of KillSwitch is one of my favorite features! It makes life so much easy to hunt down malware, I get excited everytime I press that button (no joke :slight_smile: ). Because I know that if i have a malware, its more likely to be within what is being shown after I clicked that “Hide Safe Object” menu item.

So, Please post your screenshots of what you see when you click that “Hide Safe Object” menu item.

I posted mine! There were only 3 that was unknown…and no malware :slight_smile:

thank you!

Melih

[attachment deleted by admin]

Okay we’re on, here are mine ;D

[attachment deleted by admin]

Here’s mine

John

[attachment deleted by admin]

Yes, option to hide safe objects is awesome! It is very easy (and quick) to remove malware on infected PC that way. Below is my screenshot with unknown objects.
Only problem I have with KillSwitch is that I can’t replace it with Task Manager (see the second screenshot). I already reported it in section “Comodo Cleaning Essentials BETA Bug Reports”, but no one found an answer. And I really want KillSwitch to be my Task Manager. :slight_smile:
New version of CCE (1.2.174769.31) doesn’t resolve this problem either.

[attachment deleted by admin]

Here’s mine

[attachment deleted by admin]

Nothing is shown because of the whitelist. :slight_smile:

[attachment deleted by admin]

[attachment deleted by admin]

Mine

[attachment deleted by admin]

All those unknown are benign.

[attachment deleted by admin]

anyone who has any files that are unknown and you are 100% sure they are safe, please pack them in a ZIP file and submit them to be added to the cloud white list.

Thanks.

All safe here… :-TU

[attachment deleted by admin]

Many unknown and two false positives. Already reported but yet not solved.

It’s a great improvement! Thanks.
It’s better than first scannings of my disks with CIS.

Oh… Is it CCE scanning for PUPs ???
I used to get these false positives (or PUPs):

Application.Win32.LeakTest.~B@124754821
Comodo\Comodo Leak Test\clt.exe

UnclassifiedMalware@17128083
Emsa Save My Work 1.0.46.exe

UnclassifiedMalware@9569708
PsExec.zip|PsExec/psexec.exe

Heur.Suspicious@125403149
Fresh Diagnose 8.4.5.exe|{app}\fdiag.exe

Application.Win32.LeakTest.PCFlank@6745921
PCFlankLeaktest.exe

UnclassifiedMalware@8792030
GMail\GmailSync (04052006).zip|stunnel/libeay32.dll

UnclassifiedMalware@89272120
Asterisk Key 8.3.exe|ariskkey.dll

ApplicUnsaf.Win32.NirCmd.A@5756747
Flash_Disinfector.exe|UPX|Unsfx|nircmd.exe

Heur.Suspicious@105184144
ComboFix.exe

UnclassifiedMalware@122756603
AutoIt\Flush DNS.exe (it’s my compiled AutoIt).

Heur.Suspicious@2071324
PowerToys/TweakUI XP 1.0.exe

TrojWare.Win32.TrojanDropper.Delf.etf@99528598
PCHand Screen Capture\ImageEditor.exe

Heur.Suspicious@125403149
FreshDiagnose\fdiag.exe

TrojWare.Win32.TrojanDownloader.Dadobra.~J3@107318840
Aulete\BuscaAtualizacao.exe

Heur.Suspicious@19876175
PDF Split and Merge\uninstall.exe

TrojWare.Win32.Buzus.vbf@101147794
PDF to Excel\WS_AgentProcess.dll

Application.Win32.LeakTest.~B@124754821
Comodo Leak Test Suite\clt.exe

[attachment deleted by admin]

Loving our whitelisting!!! Keep them coming guys…

lets reduce the “unknowns” even more!!!

So if you a malware the no of files you have to analyse is on average around 5 :slight_smile: this is a great achievement!

thanks

Melih

My first post. :slight_smile: :wink:

[attachment deleted by admin]

Welcome to Comodo Forums :slight_smile:
Hope you have a wonderful time here.

Thanks for the Screenshot!

Here’s Mine…

Just some addtional Info…

Only CoreTemp is said suspicious but thats safe… ;D

[attachment deleted by admin]

mine.

Only two unknown :slight_smile:

[attachment deleted by admin]

Are the sole files enough or do you want us to provide download links or/and a description?

http://i.imgur.com/tyOQ6.png

Submitted here some files with URLs to download site/link where possible:
https://forums.Comodo.com/news-announcements-feedback-cis/submit-applications-here-to-be-whitelisted-2011-t66773.0.html;msg475118#msg475118

A whole lot more unknown images in memory :stuck_out_tongue:

Edit: Submitted files are now recognized as safe:-)

However you see the Absent explorer.exe and Unknown YahooMessenger.exe multi processes… There only like that because i have modified them. The Explorer.exe to change the start menu botton and the YahooMessnger.exe to be able to open multi messegers at one time also removed there ad banners and it saw that… Two thumbs up for DACS!!.. :-TU :-TU

Thanks Comodo team and forum folks for yet another fine product. 
                                                                                         ,Richard

[attachment deleted by admin]

thanks guys…keep it coming…

one thing to take away from these screenshots is that there aren’t many running processes tha we don’t know of ;)…welldone to the whitelisting team for doing an excellen job! This makes our hunting easier :slight_smile: