1. What actually happened or you saw:
Currently, there is no option through CIS to terminate all processes except CIS and System Critical processes. This can be done through CCE, which can be downloaded through CIS, but not through CIS itself.
2. What you wanted to happen or see:
The idea is that CIS should have some sort of hot-key combination to force kill all running processes, except it’s own and system critical processes.
3. Why you think it is desirable:
The point of this wish is that if you happen to “catch” winlocker type malware, or other malware that takes the whole screen and basically prevents you from doing anything, you use the key combo to terminate all non-critical processes (that should include malware processes), so you could get to your desktop and begin cleaning. Currently under default settings (Partially limited auto-sandbox) winlocker type malware is still able to execute and “steal” the screen, though I don’t know if it’ll still be there after restart.
Also there are other ways user can catch said malware even if CIS is installed, like ignoring antivirus warning \ adding virus to exclusions, out of curiosity…like when a page or a “friend” says something like “this file is clean but antiviruses give false positives on it, so add it to exclusions”. Thus, for those sort of situations having the ability to kill all unnecessary processes would be very helpful.
4. Any other information:
This may cause problems if it were possible for the user to press the key combination by accident, so I suggest using a 3 or 4 key combo (like CTRL+SHIFT+ALT+T).
Confirmation \ warning window may be ineffective due to the fact that user may not see it because of winlocker grabbing all available screen. Thus, a warning window would probably not be a good idea for this.
CCE already has this option. i dont think its needed in CIS since CIS is meant to keep the system clean not clean the system
- To start the CCE application
- Navigate to the CCE folder containing the files
- Double-click on the CCE.exe file
- To start CCE in aggressive mode, press and hold 'Shift' key and double click on the file 'CCE.exe'.
In aggressive mode, CCE forcibly terminates all the running applications and processes created by currently logged-in user before it starts, for fast and efficient scanning.
When you are starting the application for the first time, you will be asked to accept the End-User License Agreement (EULA). It is mandatory for you to read and accept the EULA to continue using the application.
And how do you start CCE with winlocker blocking your screen?
Since CCE is part of CIS now, why not add a key combination to start CCE in agressive mode, assuming CIS actually loads in background when you’re infected with winlocker type malware?
Although, I think Cryptolocker \ cryptowall type malware are more “popular” now, and you can’t do much once you get it…
Let me see if I am correctly understanding this. The worry here is that something may infect the system such that it is necessary to kill all non-essential processes in order to clean it.
However, if CIS is on the computer it would have prevented the malware from being able to do that. Thus, I do not see the need for this in CIS itself. However, CCE is meant to be used on systems which are infected, and were not adequately protected. Thus, it makes sense to include it with CCE.
Perhaps I am misunderstanding this, but can you please explain again why this would need to be included in CIS itself?
As there has been no response I will move this Wish Request to the Rejected section. Maniak2000, if you still believe that this wish would be valuable please do comment on the points I brought up in my previous reply. I could then move this back to the main Wish board for continued processing.
The point of this wish is that if you happen to “catch” winlocker type malware, or other malware that takes the whole screen and basically prevents you from doing anything, you use the key combo to terminate all non-critical processes (that should include malware processes), so you could get to your desktop and begin cleaning.
I think it is known (unless it’s changed recently) that under default settings (Partially limited auto-sandbox) winlocker type malware is still able to execute and “steal” the screen…Though I don’t know if it’ll still be there after restart…
Also there are other ways user can catch said malware even if CIS is installed, like ignoring antivirus warning \ adding virus to exclusions, out of curiosity…like when a page or a “friend” says something like “this file is clean but antiviruses give false positives on it, so add it to exclusions”…but that going off topic.
Anyway, this wish is to give user a chance to recover if (s)he infects her \ his pc regardless of CIS presence.
I will move this back to the main Wish board for continued processing and discussion.
I suppose it is true that under some configurations it is possible for this to take control. However, is it also not possible to download CCE in those situations? If a malware were able to take control of the screen is it also possible that it could prevent CIS from connecting to the internet and downloading CCE?
If someone can comment on that scenario I think we can put this Wish together in a very strong fashion.
Umm… That is why I’m suggesting that this function should come with CIS, so you have it as long as CIS is installed.
It is simple idea really (how simple or hard to program it in, is another question), when all you see on screen is malware window, you press CTRL+ALT+SHIFT+T (or other user defined combo) and it closes everything (except CIS and system critical processes), so you get your desktop back, then you download CCE, malwarebytes or whatever you like cleaning with and there you go.
If you are comfortable with setting up KillSwitch to replace your Task Manager, then you can use SHIFT + TAB + ESC to launch it in safe mode (i.e kill lotsa stuff) I realize that may not be what this wish is for, not everyone wants to replace their task manager, just pointing out the possibility to do it just in case someone didn’t know and would like to set it up in that way…
Yes, and there are other rescue CDs out there, but people usually don’t bother to make one untill they actually can’t get into Windows… at which point they either call their tech-savvy friend, or look for another pc \ notebook to actually make that cd.
And for example if you happen to be that tech-savvy friend, witch is easier: explain your friend (usually over the phone) that he needs to make a rescue cd (and how to do that…from another PC), or ask him to press 3 buttons to get back to desktop and, I don’t know, use TeamViewer or something to clean things up?
Thank you for submitting this Wish Request. I have now moved this to the WAITING AREA.
Please be sure to vote for your own wish, and for any other wishes you also support. It is also worthwhile to vote against wishes you think would be a waste of resources, as implementing those may slow down the wishes you would really like to see added.