Hot Take Comodo Kill Switch, is it malware?

Abdel-Rezak

Abdel-Rezak

Level 1
Thread author
Verified
Dec 2, 2018
15
Is Comodo Kill Switch actually malware? Because according to Virus Total it is, it's flagged as trojan malware by 9 security vendors and one security sandbox!

VirusTotal

VirusTotal
www.virustotal.com www.virustotal.com

COMODO KILL SWITCH 2023-12-23_214012.png
 
Last edited by a moderator:
  • Like
Reactions: ZeroDay, ForgottenSeer 100397, Nevi and 1 other person
ErzCrz

ErzCrz

Level 21
Verified
Top Poster
Well-known
Aug 19, 2019
1,023
Abdel-Rezak said:
Is Comodo Kill Switch actually malware? Because according to Virus Total it is, it's flagged as trojan malware by 9 security vendors and one security sandbox! I
Click to expand...
Old News.
It's been detected for some time as a PUP but it's not. I believe it's something to do with how Comodo used to try and upsell you 3rd party apps. Comodo bought killswitch many years ago and was available as a separate stand alone download but for whatever reason, these vendors still detect it as a PUP even though it's a very useful tool and I've never seen any evidence of it being malware or a PUP.

1703365846921.png
 
Last edited:
  • Like
  • +Reputation
  • Hundred Points
Reactions: ZeroDay, Dave Russo, harlan4096 and 7 others
Anthony Qian

Anthony Qian

Level 9
Verified
Well-known
Apr 17, 2021
448
I have previously used Comodo KillSwitch and did not realize that it attempts to sell additional products. Bitdefender classifies it as a PUP with a specific detection name, indicating that Bitdefender intentionally detects it and it is not a false positive.The reason for this classification may be that the ARK tool has the capability to "Kill All Untrusted Processes" with just one click. This function becomes dangerous when exploited by malware.
 
  • Like
  • +Reputation
Reactions: Dave Russo, Abdel-Rezak, harlan4096 and 3 others
ErzCrz

ErzCrz

Level 21
Verified
Top Poster
Well-known
Aug 19, 2019
1,023
Anthony Qian said:
I have previously used Comodo KillSwitch and did not realize that it attempts to sell additional products. Bitdefender classifies it as a PUP with a specific detection name, indicating that Bitdefender intentionally detects it and it is not a false positive.The reason for this classification may be that the ARK tool has the capability to "Kill All Untrusted Processes" with just one click. This function becomes dangerous when exploited by malware.
Click to expand...
I was referencing to the Comodo installer in Comodo Stable versions prior to .8012. I don't know enough about it myself, using it to only monitor for sandboxed processes. Interesting about Bitdefender. Undecided what configuration I'll run for the coming year.
 
  • Like
Reactions: Dave Russo, Abdel-Rezak, ForgottenSeer 100397 and 2 others
F

ForgottenSeer 100397

If you downloaded it from the Comodo forum or website, you should be fine. The detection could be because of the advanced tools. From what I remember, the standalone KillSwitch never included bundled products.
 
  • Like
  • Hundred Points
Reactions: Nevi, roger_m, oldschool and 3 others

Similar threads

Gandalf_The_Grey
    • Like
Mozi malware botnet goes dark after mysterious use of kill-switch
Replies
1
Views
544
News Archive
ForgottenSeer 97327
F
upnorth
    • +Reputation
    • Like
    • Thanks
New Update TunnelCrack VPN Leak
Replies
0
Views
641
F-Secure
upnorth
upnorth
hmattyarty25
Malware Analysis Help
Replies
7
Views
490
Malware Analysis
Practical Response
Practical Response

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top