Author Topic: Stories of heroism and victory....against malware using KillSwitch :)  (Read 57652 times)

Offline Tech

  • Usability Study Member
  • Comodo's Hero
  • *****
  • Posts: 3027
It's not a matter of failure. Every antivirus will fail. This was extensively discussed in a reserved part of avast forums and the technical conclusion is that, once loaded, the driver could do anything at kernel level.
avast! team member
Save freeware snapshot technology of Comodo Time Machine. Vote!

Offline wj32

  • Comodo's Hero
  • *****
  • Posts: 387
    • Process Hacker
MCTS: Windows Internals
Process Hacker, a free and open source process viewer.

Offline Topcat2456

  • Comodo Loves me
  • ****
  • Posts: 101
Re: Stories of heroism and victory....against malware using KillSwitch :)
« Reply #77 on: June 13, 2011, 01:06:02 AM »
What you really need (as opposed to want) is feedback about problems and perceived issues....
Seems like a great program but to be truthful i am not too sure what one does with KillSwitch so I don't use it...

Offline disabled account 7

  • Comodo Loves me
  • ****
  • Posts: 144
Re: Stories of heroism and victory....against malware using KillSwitch :)
« Reply #78 on: July 02, 2011, 09:59:44 AM »
indeed , I totally agree.

comodo's whitelist is superior and it makes the cleaning process with KillSwitch very convenient rather than other task managers that I have to go through all the running processes to find this nasty piece of  malware that is compromising the system !!.

On heavily infected systems you can get dozens of evil malware processes running , and sometimes it looks like legitimate processes exactly !!.

so without the comodo's whitelist ( like in anvir ! )  it will be just like searching for a needle in a haystack !!

and above all these features , It has DACS ! built in so u can also check for the unknown processes before terminating them and ruin your system ! , and this is awesome !!  :-TU  :-TU  :-TU

and let me tell u something , it's totally free !  :-TU  :-TU  :-TU

many thanks to melih and the developers team. you guys rock !
 




Couldnt have said it any better! The time it takes to hunt down a bad process with this tool is cut down to nothing compared to hunting manually! I cant thank Comodo enough for all these great programs they provide for free!

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14651
    • Video Blog
Re: Stories of heroism and victory....against malware using KillSwitch :)
« Reply #79 on: July 02, 2011, 12:59:01 PM »



Couldnt have said it any better! The time it takes to hunt down a bad process with this tool is cut down to nothing compared to hunting manually! I cant thank Comodo enough for all these great programs they provide for free!

you are very welcome!

this is exactly what KillSwitch was designed to do.

thank you for your appreciation guys, it makes us feel good..

thank you

Melih

Offline gumcaj

  • Newbie
  • *
  • Posts: 15
Re: Stories of heroism and victory....against malware using KillSwitch :)
« Reply #80 on: January 15, 2012, 05:16:30 AM »
Great tool!

Helped me with cleaning my friend's PC which mostly had Gbot infection. I couldn't also access antivirus sites and resetting DNS using Quick Repair tool has fixed the problem.

By the way, yesterday I was testing CCE on virtual machine. I have opened few malicious samples including fake av. Killswitch was opened while I was opening malicious samples however one of them has closed Killswitch and I couldn't open it normally again. However Aggressive Mode (using SHIFT) has closed all malicious processes and Killswitch opened again without any problems. Great job!

Thanks.

Offline BoredNow

  • Comodo's Hero
  • *****
  • Posts: 354
Re: Stories of heroism and victory....against malware using KillSwitch :)
« Reply #81 on: January 15, 2012, 10:35:02 AM »
...However Aggressive Mode (using SHIFT) has closed all malicious processes and Killswitch opened again...
Please excuse the stupid question, but...how do I use 'aggressive mode'?
Do I hold down shift and then click on the Killswitch icon?
thanks
Home built gaming rig
Windows 7 Home Premium 64-bit SP1
CCAV
Sandboxie 5.6

Offline morphiusz

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 3079
    • Suspicious file?
Re: Stories of heroism and victory....against malware using KillSwitch :)
« Reply #82 on: January 15, 2012, 10:41:04 AM »
Yes.. during opening killswitch.exe or CCE.exe hold a Shift button.
Press it first and then holding it open a program.


Offline Graham1

  • Comodo's Hero
  • *****
  • Posts: 1890
Re: Stories of heroism and victory....against malware using KillSwitch :)
« Reply #83 on: April 09, 2013, 04:07:58 AM »
Yesterday, thanks to KillSwitch, I was able to remove AVASoft Professional Antivirus from a work computer :-TU.

This one was a little crafty in that no executables could be run under the infected users account :'(. Each time an executable was run, it was flagged as infected (by AVASoft) and didn't run (inc. CCE and KillSwitch). First, I tried booting from CRD (Comodo Rescue Disk) as I had CCE on the same USB pen drive but unfortunately, it didn't boot. Next, I managed to enable and update the current antivirus (Kaspersky) to it's latest definitions and ran a full scan. Whilst, it was doing this, I pondered my next move :). I eventually decided to run KillSwitch as a different user (which to my surprize, worked). Although KillSwitch wasn't aware of this rouge malware (i.e not recognized), I instantly knew as this file wasn't legit (weird name). So a quick submit to Comodo, deleted executable from profile and rebooted and voila... gone!!! Logged back on as user and no icon in system tray and system running as normal.

Once again, thank you Comodo for rescuing this system :-TU. Keep up the great work.

:)
Ubuntu 18.04 LTS | Chromium | uBlock Origin | Privacy Badger | HTTPS Everywhere
https://www.thevenusproject.com | Beyond Politics Poverty and War

Offline Graham1

  • Comodo's Hero
  • *****
  • Posts: 1890
... and another success story using KillSwitch :-TU

Today KillSwitch removed "Internet Security 2013" from a computer at one of our remote sites. Kaspersky antivirus was up-to-date but didn't detect anything. Ran KillSwitch as a different user and was able to identify the culprit and voila...

:)
Ubuntu 18.04 LTS | Chromium | uBlock Origin | Privacy Badger | HTTPS Everywhere
https://www.thevenusproject.com | Beyond Politics Poverty and War

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14651
    • Video Blog
... and another success story using KillSwitch :-TU

Today KillSwitch removed "Internet Security 2013" from a computer at one of our remote sites. Kaspersky antivirus was up-to-date but didn't detect anything. Ran KillSwitch as a different user and was able to identify the culprit and voila...

:)

nice work! :)

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek