Killswitch

[Littlebits]

Does anyone know how many files Comodo has in their database?

Over 14.5 million.

I wasn't talking about their Anti-Malware database, I'm talking about their process library for Killswitch. Or are their just using their Anti-Malware database and whitelists instead in the cloud for Killswitch and Autoruns?

The reason I used Killswitch is their verdict system that added and its likely to be an accurate much possible due to their heuristics analysis.

That isn't very useful for one simple fact, if a file has been verified with digital signature there is no way it can be malicious malware because malware can't be verified. Even Process Hacker has this option, if a file is digitally signed like by Microsoft, there is no reason to scan it because it can not be malware.

Is Killswitch scanning files with digital signatures? Because there is no need to.
Most security solutions always skip scanning digitally signed files to speed up scanning.

Thanks.

 

[Amiga500]

Killswitch was actually based on process hacker.
I love system explorer its an excellent program.

I would not trust the comodo database too much as malware has been known to get into it as whitelisted and still does from what i can gather.

 

[Jaspion]

Amiga500 can you provide a link to an example of Comodo-whitelisted malware?

 

[Amiga500]

Do a search on the comodo forum."whitelisted malware"

 

[Jaspion]

I see. Thank you.

 

[Amiga500]

@jaspion.
I would like to add that i think CIS is a superb security application and i use it myself right now.

But comodo do sometimes have problems with their cloud functions and whitelisted malware is quite rare now.

Thanks.

 

[Amiga500]

I dont see the point in CCE to be honest.
Why on earth dont comodo just merge the CCE with its antivirus.

They both use the same database and it seems pointless having 2 separate products when they can be united into one single program.

 

[Ink]

Nor did I, but then I realised it's Comodo's cleaning counter-part for heavily infected systems. Just like Norton has Norton Power Eraser, that requires the users to download. Except CCE is for Advanced users, and less user friendly.

Most of all, for the standard user of Comodo, CCE is not needed.

 

[Littlebits]

I will have to agree with Earth, everyone talks about CIS excellent bulletproof protection why would it need a remove tool?
Has anyone ever come across a system heavily infected while running CIS?

CCE would only be needed for systems of reckless users and/or system without proper protection and would require an advanced user to know how to use it correctly. CCE was only added to please the fanboys, it is completely unnecessary.

For a heavily infected system, CCE would not be the choice removal tool since most others are much easier to use and are much smaller in size.

Thanks.

 

[Amiga500]

CIS is more about preventing malware installation in the first place.
If a system is heavily infected then its the user who is at fault rather than the security solution.

Killswitch is based on the process hacker by WJ32.
personally i prefer the process hacker to killswitch.

 

[illumination]

I may be wrong, but i do believe CCE was incorporated into CIS upon the request of forum members for the sole purpose of cleaning already infected systems that they were placing CIS onto. Im sure it being in the suite may be tied into CRD as well "comodo rescue disk"..

 

[Littlebits]

I also prefer Process Hacker over KillSwitch because it is fast, small and does the job just as well.
All of the features added to KillSwitch (CCE) made it slow, buggy and simply not a good option for manual malware removal unless you have plenty of time to mess with it. Time is important to me, I like to get the job done quick as possible.
It can also be very dangerous if it is not used with skills.

Thanks.