Killswitch
- Thread starter Gnosis
- Start date
- Status
Littlebits
Retired Staff
- May 3, 2011
- 3,893
Try all of them for yourself and be your own judge. I didn't find any advantages in Killswitch, it is so much slower than both PH and PE and uses more system resources, even with the added features you still have to use Google search to find info about many processes. If you enable verify signatures in both PH and PE, you can manually tell what is safe because malware never has valid signatures. Of coarse many other safe processes might not have signatures either but you can Google them.
Killswitch does have a better GUI maybe explains why it uses more resources than PH and PH, also Killswitch has some bugs like locking up on right clicks, hanging when selecting an option, etc.
Test them for yourself and share your experience.
Thanks.
Killswitch does have a better GUI maybe explains why it uses more resources than PH and PH, also Killswitch has some bugs like locking up on right clicks, hanging when selecting an option, etc.
Test them for yourself and share your experience.
Thanks.
I have replaced my task manager with Killswitch.. I am not having any problems with it being sluggish or parts of the application not working.. I granted Killswitch access to memory to keep the D+ logs from piling up, other then this, smooth as can be!
Only KS allow you to delete permanently a malicious file, the 2 others just let you kill the process.
Littlebits
Retired Staff
- May 3, 2011
- 3,893
umbrapolaris said:
On Process Hacker, you can right click "Suspend" process then right click "Open File Location" and easily delete the file from Windows Explorer.
It is not recommended to delete a file until you open the files location and check it out, deleting the wrong file can cause more damage than what a malware infection could do.
The delete option is not added because of safety, a user could get paranoid a delete an important file.
Has anyone noticed that on the Send To menu of the latest Process Hacker you now can send files to camas.comodo.com to scan?
Thanks.
I tried Killswitch, Process Explorer and Process Hacker and I find Process Hacker a bit better in my opinion.
Killswitch did cause a problem twice on a process that I wanted to terminate and couldn't terminate. I had to use Unlocker to do so, did it but then Killswitch crashed.
Tried to recreate the same scenario with Process Hacker and was able to terminate the piece of malware without a problem.
If only i could customize the look of Process Hacker. Ain't really a fan of the colours but I haven't really explored all the options on the application yet.
Killswitch did cause a problem twice on a process that I wanted to terminate and couldn't terminate. I had to use Unlocker to do so, did it but then Killswitch crashed.
Tried to recreate the same scenario with Process Hacker and was able to terminate the piece of malware without a problem.
If only i could customize the look of Process Hacker. Ain't really a fan of the colours but I haven't really explored all the options on the application yet.
Littlebits
Retired Staff
- May 3, 2011
- 3,893
biozfear said:
Don't forget about System Explorer it has a very nice GUI and one of the largest process info libraries.
I have found that Process Hacker is able to kill processes that no others can kill without any lockups or issues and is more stable than the rest. However I like System Explorer better because it has process info integrated so you don't have to Google them to find out what they are. Also has an integrated Security Scan which is more accurate and hardly ever has false positives.
System Explorer is Gizmo's top pick Process Viewer- http://www.techsupportalert.com/best-free-process-viewer.htm
That is completely true, however on the 6 different systems that I have tried Killswitch on, produced the exact same results, it was very slow and tend to lockup when I tried to use its features. It didn't appear to be very stable kind of like a beta test version. Of coarse it can improve with updates but right now is not stable enough for me to use.
Thanks.
pcjunklist
Level 1
- Dec 28, 2011
- 523
When first run it downloads a 210mb database of black-listed virus signatures, and when it flags a suspicious process that isn't in it's local database it connects to the cloud. Now if it's not connected to the internet I'm guessing it would block the process.
pcjunklist
Level 1
- Dec 28, 2011
- 523
pcjunklist said:
That's quite a hefty download, don't you think? Now I don't know if that's a good or bad thing?
I would like to see someone test KillSwitch without an Internet connection.
if you have CIS already installed you dont have to download the virus database again. CCE has a feature to import it from CIS.
Littlebits
Retired Staff
- May 3, 2011
- 3,893
Earth said:
Just the size alone makes it too much of an inconvenience for pc techs to use on infected systems and I have never any customers that already had CIS installed because importing is not an option.
Of coarse you can put CCE on portable device, but than you still have to constantly manually update it.
System Explorer uses a different approach, it already includes a list of safe and dangerous processes in the latest installer or portable version. It only connects to the internet if a process is unknown to the current list. It's total size is only 5.23MB including the lists, if it does have to connect to download process info which is rare because they have one of the largest process libraries available, it only downloads at the max under 5MB. Of coarse on a highly infected system with several zero-day malwares, the size could be larger.
Makes me wonder why Comodo's database is so huge. I don't think there is any way it could have more process info than System Explorer's database. (Contains 4,260,175 files and counting!)
Does anyone know how many files Comodo has in their database?
Thanks.
- Status
