Viruscope
Viruscope monitors the activities of processes running on your computer and alerts you if they take actions that could potentially threaten your privacy and/or security. Viruscope represents a valuable addition to the core process-monitoring functionality of CCS by introducing the ability to undo the potentially undesirable actions of software without necessarily blocking the software entirely. This feature can provide you with more granular control over otherwise legitimate software which requires certain actions to be implemented in order to run correctly.
Viruscope alerts give you the opportunity to quarantine the process & reverse its changes or to let the process go ahead. Be especially wary if a Viruscope alert pops up 'out-of-the-blue' when you have not made any recent changes to your computer.
The 'Viruscope' configuration panel can be accessed by clicking 'Tasks > Advanced Tasks > Open Advanced Settings > Security Settings > Advanced Protection > Viruscope'.
Viruscope Settings
Viruscope monitors the activities of all processes, regardless of whether they are running normally or inside the container. If suspicious activity is detected, Viruscope will generate a pop-up alert that allows you to block or allow the activity.
- Enable Viruscope - Allows you to enable or disable Viruscope. If enabled, the Viruscope monitors the activities of all the running processes and generates alerts on suspicious activities. (Default = Enabled )
- Do not show popup alerts - Allows you to configure whether or not to show Viruscope alerts when a suspicious activity is recognized. Choosing 'Do not show popup alerts' will minimize disturbances but at some loss of user awareness. If you choose not to show alerts then detected threats are automatically quarantined and their activities are reversed. (Default = Enabled)
- Monitor contained applications only – If enabled, Viruscope will only monitor the processes of contained applications. It will not monitor processes running directly on the host. (Default = Enabled)
Manage the status of recognizers installed on this computer
Viruscope
detects zero-day malware by analyzing the behavior and actions of an
application using the periodically updated 'Viruscope Recognizer'
files.
Each
'recognizer' file installed on your system during periodical program
updates of CCS, contains the sets of behaviors that Viruscope needs
to look out for. If you disable a particular recognizer, then
Viruscope will no longer raise an alert if an application exhibits
the behaviors referenced in the file. We recommend most users to
leave the 'Status' of recognizers at their default settings. Advanced
users, however, may want to try disabling recognizers if they are
experiencing a large number of Viruscope false positives.
The table below the 'Manage the status of recognizers installed on this computer' displays the list of recognizer file available on your system with their version details.
-
To disable a recognizer, use the toggle switch in 'Status' column.