Comodo Help
Find the desired product help
Endpoint Manager

Endpoint Manager

Comodo Client Security 8.3

English

Print Help Download Help
General Tasks – Introduction > View CCS Logs > Viruscope Logs > Filtering Viruscope Logs
  • Introduction To Comodo Client Security
    • Special Features
    • System Requirements
    • Install Comodo Client Security
    • Starting Comodo Client Security
    • The Main Interface
      • The Home Screen
      • The Tasks Interface
      • The Widget
      • The System Tray Icon
    • Understanding Security Alerts
  • General Tasks – Introduction
    • Scan And Clean Your Computer
      • Run A Quick Scan
      • Run A Full Computer Scan
      • Run A Rating Scan
      • Run A Custom Scan
        • Scan A Folder
        • Scan A File
        • Create, Schedule And Run A Custom Scan
    • Instantly Scan Files And Folders
    • Processing Infected Files
    • Manage Virus Database And Program Updates
    • Manage Quarantined Items
    • View CCS Logs
      • Antivirus Logs
        • Filtering Antivirus Logs
      • Viruscope Logs
        • Filtering Viruscope Logs
      • HIPS Logs
        • Filtering HIPS Logs
      • Containment Logs
        • Filtering Containment Logs
      • Firewall Logs
        • Filtering Firewall Logs
      • Website Filtering Logs
        • Filtering Website Filtering Logs
      • Alerts Logs
        • Filtering Alerts Displayed Logs
      • Tasks
        • Filtering Tasks Launched Logs
      • File List Changes Logs
        • Filtering File List Changes Logs
      • Trusted Vendors List Changes Logs
        • Filtering Trusted Vendors List Changes Logs
      • Configuration Changes
        • Filtering Configuration Changes Logs
      • Device Control Logs
        • Filtering Device Control Logs
    • View Active Process List
    • View Active Internet Connections
  • Firewall Tasks – Introduction
    • Allow Or Block Internet Access To Applications Selectively
    • Stealth Your Computer Ports
    • Manage Network Connections
    • Stop All Network Activities
    • Advanced Firewall Settings
  • Containment Tasks - Introduction
    • Run An Application In The Container
    • Reset The Container
  • Advanced Tasks - Introduction
    • Create A Rescue Disk
      • Downloading And Burning Comodo Rescue Disk
    • Submit Files
    • Identify And Kill Unsafe Running Processes
    • Remove Deeply Hidden Malware
    • Manage CCS Tasks
  • Advanced Settings
    • General Settings
      • Customize User Interface
      • Configure Program And Virus Database Updates
      • Log Settings
      • Manage CCS Configurations
        • Comodo Preset Configurations
        • Importing/Exporting And Managing Personal Configurations
    • Security Settings
      • Antivirus Settings
        • Real-time Scanner Settings
        • Scan Profiles
        • Exclusions
      • Advanced Protection Settings
        • HIPS Behavior Settings
        • Active HIPS Rules
        • HIPS Rule Sets
        • Protected Objects
          • Protected Files
          • Blocked Files
          • Protected Registry Keys
          • Protected COM Interfaces
          • Protected Data Folders
        • HIPS Groups
          • Registry Groups
          • COM Groups
        • Comodo Containment
          • The Container - An Overview
          • Unknown Files - The Scanning Processes
        • Configuring Containment Settings
        • Configuring Rules For Auto-Containment
        • Viruscope
        • Device Control Settings
      • Firewall Settings
        • Firewall Behavior Settings
        • Application Rules
        • Global Rules
        • Firewall Rule Sets
        • Network Zones
          • Network Zones
          • Blocked Zones
        • Port Sets
        • Website Filtering
          • Creating And Modifying Website Filtering Rules
          • Defining And Modifying Website Categories
      • Manage File Rating
        • File Rating Settings
        • File Groups
        • File List
        • Trusted Files
        • Unrecognized Files
        • Submitted Files
        • Trusted Vendors List
  • Appendix 1 CCS How To... Tutorials
    • Enable / Disable AV, Firewall, Auto-Containment And Viruscope Easily
    • Set Up The Firewall For Maximum Security And Usability
    • Block Internet Access While Allowing Local Area Network (LAN) Access
    • Setting Up HIPS For Maximum Security And Usability
    • Create Rules For Auto-Containing Applications
    • Running An Instant Antivirus Scan On Selected Items
    • Creating An Antivirus Scanning Schedule
    • Run Untrusted Programs Inside The Container
    • Run Browsers Inside The Container
    • Restore Incorrectly Quarantined Item(s)
    • Submit Quarantined Items To Comodo For Analysis
    • Enable File Sharing Applications Like BitTorrent And Emule
    • Block Any Downloads Of A Specific File Type
    • Disable Auto-Containment On A Per-application Basis
    • Switch Off Automatic Antivirus And Software Updates
    • Suppressing CCS Alerts Temporarily While Playing Games
    • Control External Device Accessibility
  • Appendix 2 - Comodo Secure DNS Service
    • Router - Manually Enabling Or Disabling Comodo Secure DNS Service
    • Windows XP - Manually Enabling Or Disabling Comodo Secure DNS Service
    • Windows 7 / Vista - Manually Enabling Or Disabling Comodo Secure DNS Service
  • About Comodo Security Solutions

Filtering Viruscope Logs


CCS allows you to create custom views of all logged events according to user defined criteria. You can use the following types of filters:

  • Preset Time Filters
  • Advanced Filters

Preset Time Filters:


Clicking on the handle at the bottom enables you to filter the logs for a selected time period:




  • Today - Displays all logged events for today.
  • Current Week - Displays all logged events during the current week. (The current week is calculated from the Sunday to Saturday that holds the current date.)
  • Current Month - Displays all logged events during the month that holds the current date.
  • Entire Period - Displays every event logged since Comodo Client Security was installed. (If you have cleared the log history since installation, this option shows all logs created since that clearance).
  • Custom Filter – Enables you to select a custom period by choosing the 'From' and 'To' dates under 'Please Select Period'.

Alternatively, you can right click inside the log viewer module and choose the time period.




Advanced Filters

Having chosen a preset time filter you can further refine the displayed events according to specific filters. You can filter by:

  • Action - Displays events according to the response (or action taken) by the Viruscope
  • Location - Displays only the events logged from a specific location
  • Malware Name - Displays only the events logged corresponding to a specific malware
  • Status - Displays the events according to the status after the action taken. It can be either 'Success' or 'Fail'

To configure Advanced Filters for Viruscope events

  1. Click the funnel button from the title bar. The Advanced Filter interface for Firewall events will open.

  2. Select the filter from the 'Advanced Filter' drop-down and click 'Add' to apply the filter.





Each of these 4 categories can be further refined by either selecting or deselecting specific filter parameters or typing a string into the field provided.

  1. Action: The 'Action' option allows you to filter the entries based on the actions taken by CCS against the detected threat. Selecting the 'Action' option displays a drop down field and a set of specific filter parameters that can be selected or deselected.





  1. Select 'Equal' or 'Not Equal' option from the drop down. 'Not Equal' will invert your selected choice.

  2. Now select the check boxes of the specific filter parameters to refine your search. The parameter available are:

  • Quarantine: Displays events where the user chose to quarantine a file
  • Remove: Displays events where the user chose to delete an item
  • Ignore: Displays events where the user chose to ignore an item
  • Detect: Displays events for detection of a malware
  • Ask: Displays events when user was asked by alert concerning some Defense+ or Antivirus event
  • Restore: Displays events of the applications that were quarantined and restored
  • Block: Displays events of the applications that were blocked
  • Add To Trusted Files: Displays events of the applications that were added to trusted files 
For example, if you checked the 'Quarantine' box then selected 'Not Equal', you would see only those Events where the Quarantine Action was not selected at the virus notification alert.

  1. Location: The 'Location' option enables you to filter the log entries related to events logged from a specific location. Selecting the 'Location' option displays a drop-down field and text entry field.




a. Select 'Contains' or 'Does Not Contain' option from the drop-down field.

b. Enter the text or word that needs to be filtered.

For example, if you select 'Contains' option from the drop-down and enter the phrase 'C:/Samples' in the text field, then all events containing the entry 'C:/Samples' in the Location field will be displayed. If you select 'Does Not Contain' option from the drop-down field and enter the phrase 'C:/Samples' in the text field, then all events that do not have the entry 'C:/Samples' will be displayed.

  1. Malware Name: The 'Malware Name' option enables you to filter the log entries related to specific malware. Selecting the 'Malware Name' option displays a drop-down field and text entry field.




  1. Select 'Contains' or 'Does Not Contain' option from the drop-down field.

  2. Enter the text in the name of the malware that needs to be filtered.

For example, if you choose 'Contains' option from the drop-down and enter the phrase 'Bluto-Force' in the text field, then all events containing the entry 'Bluto-Force' in the Malware Name field will be displayed. If you choose 'Does Not Contain' option from the drop-down and enter the phrase 'Bluto-Force' in the text field, then all events that do not have the entry 'Bluto-Force' in the 'Malware Name' field will be displayed.

  1. Status: The 'Status' option allows you to filter the log entries based on the success or failure of the action taken against the threat by CCS. Selecting the 'Status' option displays a drop-down field and a set of specific filter parameters that can be selected or deselected.





  1. Select 'Equal' or 'Not Equal' option from the drop-down field. 'Not Equal' will invert your selected choice.

  2. Now select the checkboxes of the specific filter parameters to refine your search. The parameter available are:

  • Success: Displays Events that successfully executed (for example, the malware was successfully quarantined)
  • Failure: Displays Events that failed to execute (for example, the database malware was not disinfected)

Note: More than one filter can be added in the 'Advanced Filter' pane. After adding one filter type, select the next filter type and click 'Add'. You can also remove a filter type by clicking the 'X' button at the top right of the filter pane.


  • Click 'Apply' for the filters to be applied to the Viruscope log viewer. Only those entries selected based on your set filter criteria will be displayed in the log viewer.

Our Products
  • Free Antivirus
  • Free Internet Security
  • Website Malware Removal
  • Free Anti-Malware
  • Anti-Spam (Free Trial)
  • Windows Antivirus
  • Antivirus for Windows 7
  • Antivirus for Windows 8
  • Antivirus for Windows 10
  • Antivirus for MAC
  • Antivirus for Linux
  • Free Endpoint Security
  • Free ModSecurity
  • Free RMM
  • Free Website Malware Scanner
  • Free Device Manager for Android
  • Free Demo
  • Network Security
  • Endpoint Protection
  • Antivirus for Android
  • Comodo Antivirus
  • Wordpress Security
Cheap CDN
  • Bootstrap CDN
  • Semantic UI CDN
  • Jquery CDN
  • CDN Plans
  • CDN
  • Free CDN
Enterprise
  • Patch Management Software
  • Patch Manager
  • Service Desk
  • Website Down
  • Endpoint Protection Solutions
  • Website Security Check
  • Remote Monitoring and Management
  • Website Security
  • Device Manager
  • ITSM
  • CRM
  • MSP
  • Android Device Manager
  • MDR Services
  • Ransomware Prevention
  • Managed IT Support Services
  • Free EDR
Free SSL Certificate
Support Partners Terms and Conditions Privacy Policy

© Comodo Group, Inc. 2024. All rights reserved.