Author Topic: Stories of heroism and victory....against malware using KillSwitch :)  (Read 55246 times)

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14651
    • Video Blog
Hi Guys

We would love to see/hear/watch stories of how you used KillSwitch to slay the nasty malware dragon. We want to see the power of KillSwitch in action...pls post here with whatever you can ...video...screenshots...drawing....stone tablets...whatever..:)


thanks

Melih

Offline kazza5

  • Comodo's Hero
  • *****
  • Posts: 263
Re: Stories of heroism and victory....against malware using KillSwitch :)
« Reply #1 on: December 25, 2010, 09:32:13 PM »
i am still waiting on languys review maybe someone can make a review?

Offline pc_pete

  • Comodo's Hero
  • *****
  • Posts: 363
  • No idea where this came from!
Re: Stories of heroism and victory....against malware using KillSwitch :)
« Reply #2 on: December 25, 2010, 09:44:56 PM »
Ok. How or where can I get killswitch?

What's this about?

"This is a private BETA and must not be used for any other purpose than testing. It can contain serious bugs and must be used only by community members. Please do NOT distribute it outside this forum as it is not intended for end-users even for testing purposes."

Offline kazza5

  • Comodo's Hero
  • *****
  • Posts: 263
Re: Stories of heroism and victory....against malware using KillSwitch :)
« Reply #3 on: December 25, 2010, 09:50:35 PM »
ummm......... if you asking were the download information and what it does it's right here in this thread.

http://forums.comodo.com/comodo-cleaning-essentials-cce-killswitch/comodo-cleaning-essentials-1117429427-beta-ready-t66867.0.html

Offline languy99

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 3981
Re: Stories of heroism and victory....against malware using KillSwitch :)
« Reply #4 on: December 25, 2010, 09:51:57 PM »
problem right now is dacs is overloaded and not giving answers. That will basically make the coolest part of CCE impossible to show how it works. Once they bring it back online and working good a review will be coming.
http://www.youtube.com/languy99

Software Reviews for all.

Follow me on Twitter http://twitter.com/#!/languy99

Offline pc_pete

  • Comodo's Hero
  • *****
  • Posts: 363
  • No idea where this came from!
Re: Stories of heroism and victory....against malware using KillSwitch :)
« Reply #5 on: December 25, 2010, 11:06:11 PM »
I was looking for a stand-alone Killswitch download but I've gone cold on the idea since reading that thread.

Offline jay2007tech

  • Malware Research Group
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 2121
Re: Stories of heroism and victory....against malware using KillSwitch :)
« Reply #6 on: December 26, 2010, 02:03:57 PM »
Sweet, I have the first story here,  
Oddly enough It wasn't too much about malware (In this Case), it was more about what the computer is doing this very second and figuring out why the computer was slow as hell.

It was a Vista computer that barely meet the real world requirement to run it (not the microsoft requirements)
This computer was running 3 different IM software at once, it was using Norton(trial period) a few toolbars (it went 3 rows deep) :-TD.  With all kinds of online and offline games

The first thing I did was run Comodo system cleaner and ccleaner to get some of the obvious crap out.  Next was to get rid of all the IM softwares to be replaced with a lightweight all-in-one IM called "Pigion"
For those that never heard of Pigion, It's a open-source all-in-one IM (because it's open source, NO Spyware)
Quote
Pidgin is a chat program which lets you log in to accounts on multiple chat networks simultaneously. This means that you can be chatting with friends on MSN, talking to a friend on Google Talk, and sitting in a Yahoo chat room all at the same time.

Pidgin runs on Windows, Linux, and other UNIX operating systems.

Pidgin is compatible with the following chat networks out of the box: AIM, ICQ, Google Talk, Jabber/XMPP, MSN Messenger, Yahoo!, Bonjour, Gadu-Gadu, IRC, Novell GroupWise Messenger, QQ, Lotus Sametime, SILC, SIMPLE, MySpaceIM, and Zephyr. It can support many more with plugins.
After installing Pigion, got all the plug-ins that they wanted for their new Instant Messenger and or needed

Lauched up "KillSwitch", things were finally looking better

Next all the toolbars got to go except 1 of them,  The one toolbar had some convent features on it, so that stayed.  I got rid of Nortan and put Comodo on

lauched up KillSwitch again

Sweet, it's looking good

So I changed some things, so it has to run manual insead  of always running it tweak it a bit


So overall, I'm very happy with it.  I'm giving it the five star rating
 (:s*) (:s*) (:s*) (:s*) (:s*)

It's hard being a crooked Admin when the files won't pass an md5checksum test.  But like any other good crooked Admin it can be done, it just takes time(and lots of it) and a few aspirins

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14651
    • Video Blog
Re: Stories of heroism and victory....against malware using KillSwitch :)
« Reply #7 on: December 26, 2010, 02:09:40 PM »
Nice one Jay2007tech ;) thanks for sharing it..

any more?

Offline troy1987

  • Newbie
  • *
  • Posts: 6
Re: Stories of heroism and victory....against malware using KillSwitch :)
« Reply #8 on: December 26, 2010, 02:58:19 PM »
Hi ...... ;)

test file Infected by sality

This video illustrates the test performance  ............  Comodo Cleaning Essentials

http://www.mediafire.com/?sihc7r2sjrrl2zw


Offline brucine

  • Comodo's Hero
  • *****
  • Posts: 1533
Re: Stories of heroism and victory....against malware using KillSwitch :)
« Reply #9 on: December 29, 2010, 07:38:10 AM »
Does not bring anything more or less than whatever other process manager, and does not chain a given process to the software/plugin/utility it cames from (all of the remote desktop, modem dial-up and server utilities in XP Pro are good examples).

Excepting malwares, these softwares allow to kill or delete some process or another.

But they would really be efficient only if coupled with some unused services utility, both from third-party software and from Windows itself (e.g. XPLite Pro and alike).

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14651
    • Video Blog
Re: Stories of heroism and victory....against malware using KillSwitch :)
« Reply #10 on: December 29, 2010, 08:07:53 AM »
Does not bring anything more or less than whatever other process manager, and does not chain a given process to the software/plugin/utility it cames from (all of the remote desktop, modem dial-up and server utilities in XP Pro are good examples).

Excepting malwares, these softwares allow to kill or delete some process or another.

But they would really be efficient only if coupled with some unused services utility, both from third-party software and from Windows itself (e.g. XPLite Pro and alike).


I didn't know other process managers have the ability to verdict a file?
Can you pls show me which Process Manager have this ability? thanks

Offline lordraiden

  • Computer Security Testing Group
  • Comodo's Hero
  • *****
  • Posts: 921
Re: Stories of heroism and victory....against malware using KillSwitch :)
« Reply #11 on: December 29, 2010, 09:37:05 AM »
I didn't know other process managers have the ability to verdict a file?
Can you pls show me which Process Manager have this ability? thanks

Here: http://www.anvir.com/

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14651
    • Video Blog
Re: Stories of heroism and victory....against malware using KillSwitch :)
« Reply #12 on: December 29, 2010, 09:42:29 AM »
Here: http://www.anvir.com/

Not sure they have a whitelist like ours or have the ability to "show untrusted processes" only. (patented)..


Offline lordraiden

  • Computer Security Testing Group
  • Comodo's Hero
  • *****
  • Posts: 921
Re: Stories of heroism and victory....against malware using KillSwitch :)
« Reply #13 on: December 29, 2010, 09:48:53 AM »
Not sure they have a whitelist like ours or have the ability to "show untrusted processes" only. (patented)..

But all the other thigs yes, and much more detailed, anyway how needs to hide the safe process if you can see the dangerous ones in red? or order them by column?. The idea of killswhich it's not new, not even a bit, the only new thing is integrate multi av with a process manager, thats all.

I hate one thing about USA and is the ability of patent stupid things like "show untrusted processes only"
« Last Edit: December 29, 2010, 09:50:32 AM by lordraiden »

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14651
    • Video Blog
Re: Stories of heroism and victory....against malware using KillSwitch :)
« Reply #14 on: December 29, 2010, 09:54:48 AM »
But all the other thigs yes, and much more detailed, anyway how needs to hide the safe process if you can see the dangerous ones in red? or order them by column?. The idea of killswhich it's not new, not even a bit, the only new thing is integrate multi av with a process manager, thats all.

I hate one thing about USA and is the ability of patent stupid things like "show untrusted processes only"

two different things

1)Identify whats bad (works if you know the malware and its in your db etc)
2)Identify whats bad thru "elimination".

The way I would find a malware that AVs miss is thru this method.

So KillSwitch helps me identify by "reducing" the pool of processes I have to check by  only showing "untrusted" processes..this, believe it or not, makes the whole process of fighting the malware much more managable and will (is) being appreciated by all the guys who clean malware day in day out.

Melih

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek