Stories of heroism and victory....against malware using KillSwitch :)

[Tech]

It's not a matter of failure. Every antivirus will fail. This was extensively discussed in a reserved part of avast forums and the technical conclusion is that, once loaded, the driver could do anything at kernel level.

[wj32]

This was extensively discussed in a reserved part of avast forums

http://forums.comodo.com/news-announcements-feedback-cis/mayday-mayday-this-is-not-a-joke-cis-processes-shutdown-t43832.0.html

[Topcat2456]

What you really need (as opposed to want) is feedback about problems and perceived issues....
Seems like a great program but to be truthful i am not too sure what one does with KillSwitch so I don't use it...

[disabled account 7]

indeed , I totally agree.

comodo's whitelist is superior and it makes the cleaning process with KillSwitch very convenient rather than other task managers that I have to go through all the running processes to find this nasty piece of  malware that is compromising the system !!.

On heavily infected systems you can get dozens of evil malware processes running , and sometimes it looks like legitimate processes exactly !!.

so without the comodo's whitelist ( like in anvir ! )  it will be just like searching for a needle in a haystack !!

and above all these features , It has DACS ! built in so u can also check for the unknown processes before terminating them and ruin your system ! , and this is awesome !!      

and let me tell u something , it's totally free !      

many thanks to melih and the developers team. you guys rock !
 

Couldnt have said it any better! The time it takes to hunt down a bad process with this tool is cut down to nothing compared to hunting manually! I cant thank Comodo enough for all these great programs they provide for free!

[Melih]

Couldnt have said it any better! The time it takes to hunt down a bad process with this tool is cut down to nothing compared to hunting manually! I cant thank Comodo enough for all these great programs they provide for free!

you are very welcome!

this is exactly what KillSwitch was designed to do.

thank you for your appreciation guys, it makes us feel good..

thank you

Melih

[gumcaj]

Great tool!

Helped me with cleaning my friend's PC which mostly had Gbot infection. I couldn't also access antivirus sites and resetting DNS using Quick Repair tool has fixed the problem.

By the way, yesterday I was testing CCE on virtual machine. I have opened few malicious samples including fake av. Killswitch was opened while I was opening malicious samples however one of them has closed Killswitch and I couldn't open it normally again. However Aggressive Mode (using SHIFT) has closed all malicious processes and Killswitch opened again without any problems. Great job!

Thanks.

[BoredNow]

...However Aggressive Mode (using SHIFT) has closed all malicious processes and Killswitch opened again...

Please excuse the stupid question, but...how do I use 'aggressive mode'?
Do I hold down shift and then click on the Killswitch icon?
thanks

[morphiusz]

Yes.. during opening killswitch.exe or CCE.exe hold a Shift button.
Press it first and then holding it open a program.

[Graham1]

Yesterday, thanks to KillSwitch, I was able to remove AVASoft Professional Antivirus from a work computer .

This one was a little crafty in that no executables could be run under the infected users account . Each time an executable was run, it was flagged as infected (by AVASoft) and didn't run (inc. CCE and KillSwitch). First, I tried booting from CRD (Comodo Rescue Disk) as I had CCE on the same USB pen drive but unfortunately, it didn't boot. Next, I managed to enable and update the current antivirus (Kaspersky) to it's latest definitions and ran a full scan. Whilst, it was doing this, I pondered my next move . I eventually decided to run KillSwitch as a different user (which to my surprize, worked). Although KillSwitch wasn't aware of this rouge malware (i.e not recognized), I instantly knew as this file wasn't legit (weird name). So a quick submit to Comodo, deleted executable from profile and rebooted and voila... gone!!! Logged back on as user and no icon in system tray and system running as normal.

Once again, thank you Comodo for rescuing this system . Keep up the great work.

[Graham1]

... and another success story using KillSwitch

Today KillSwitch removed "Internet Security 2013" from a computer at one of our remote sites. Kaspersky antivirus was up-to-date but didn't detect anything. Ran KillSwitch as a different user and was able to identify the culprit and voila...

[Melih]

... and another success story using KillSwitch

Today KillSwitch removed "Internet Security 2013" from a computer at one of our remote sites. Kaspersky antivirus was up-to-date but didn't detect anything. Ran KillSwitch as a different user and was able to identify the culprit and voila...

nice work!