Endpoint Manager

• Introduction To Comodo Client Security
  • Special Features
  • System Requirements
  • Install Comodo Client Security
  • Start Comodo Client Security
  • The Main Interface
    • The Home Screen
    • The Tasks Interface
    • The Widget
    • The System Tray Icon
  • Understand Security Alerts
  • Password Protection
• General Tasks - Introduction
  • Scan And Clean Your Computer
    • Run A Quick Scan
    • Run A Full Computer Scan
    • Run A Rating Scan
    • Run A Custom Scan
      • Scan A Folder
      • Scan A File
      • Create, Schedule And Run A Custom Scan
    • Automatically Scan Unrecognized And Quarantined Files
  • Instantly Scan Files And Folders
  • Process Infected Files
  • Manage Virus Database Updates
  • Manage Blocked Autoruns
  • Manage Quarantined Items
• Firewall Tasks - Introduction
  • Configure Internet Access Rights For Applications
  • Stealth Your Computer Ports
  • Manage Network Connections
  • Stop All Network Activities
  • View Active Internet Connections
• Containment Tasks - Introduction
  • Run An Application In The Container
  • Reset The Container
  • Identify And Kill Unsafe Running Processes
  • Open Shared Space
  • The Virtual Desktop
    • Start The Virtual Desktop
    • The Main Interface
    • Run Browsers Inside The Virtual Desktop
    • Open Files And Run Applications Inside The Virtual Desktop
    • Pause And Resume The Virtual Desktop
    • Close The Virtual Desktop
  • Containment Statistics Analyzer
• DLP Tasks - Introduction
  • Run Data Loss Prevention Scans
  • Manage DLP Quarantined Files
• Advanced Tasks - Introduction
  • Create A Rescue Disk
    • Download And Burn Comodo Rescue Disk
  • Remove Deeply Hidden Malware
  • Manage CCS Tasks
  • View CCS Logs
    • Antivirus Logs
    • VirusScope Logs
    • Firewall Logs
    • HIPS Logs
    • Containment Logs
    • Website Filtering Logs
    • Device Control Logs
    • Autorun Event Logs
    • Alert Logs
    • CCS Tasks Logs
    • File List Changes Logs
    • Vendor List Changes Logs
    • Configuration Changes Logs
    • Virtual Desktop Event Logs
    • Data Loss Prevention Event Logs
    • Search And Filter Logs
  • Submit Files For Analysis To Comodo
  • View Active Process List
• CCS Advanced Settings
  • General Settings
    • Customize User Interface
    • Configure Virus Database Updates
    • Log Settings
    • Manage CCS Configurations
      • Comodo Preset Configurations
      • Personal Configurations
    • Manage Performance
  • Antivirus Configurations
    • Real-time Scanner Settings
    • Scan Profiles
  • Firewall Configuration
    • General Firewall Settings
    • Application Rules
    • Global Rules
    • Firewall Rule Sets
    • Network Zones
      • Network Zones
      • Blocked Zones
    • Port Sets
  • HIPS Configuration
    • HIPS Settings
    • Active HIPS Rules
    • HIPS Rule Sets
    • HIPS Groups
      • Registry Groups
      • COM Groups
  • Protected Objects
    • Protected Objects - HIPS
      • Protected Files
      • Blocked Files
      • Protected Registry Keys
      • Protected COM Interfaces
    • Protected Objects - Containment
      • Protected Files And Folders
      • Protected Keys
  • Data Loss Prevention
    • DLP Monitoring Rules
    • DLP Discovery Rules
    • DLP Keyword Groups
  • Containment Settings
    • Containment Settings
    • Auto-Containment Rules
    • Virtual Desktop Settings
    • Containment - An Overview
    • Unknown Files - The Scanning Processes
  • File Rating Configuration
    • File Rating Settings
    • File Groups
    • Submitted Files
  • Advanced Protection
    • VirusScope Settings
    • Scan Exclusions
    • Device Control Settings
    • Script Analysis Settings
    • Miscellaneous Settings
  • Web Filter Settings
    • Website Filtering Rules
    • Website Categories
• Appendix 1 - CCS How To... Tutorials
  • Enable / Disable AV, Firewall, Auto-Containment And VirusScope Easily
  • Set Up The Firewall For Maximum Security And Usability
  • Block Internet Access While Allowing Local Area Network (LAN) Access
  • Set Up HIPS For Maximum Security And Usability
  • Create Rules To Auto-Contain Applications
  • Run An Instant Antivirus Scan On Selected Items
  • Create An Antivirus Scan Schedule
  • Run Untrusted Programs Inside The Container
  • Run Browsers Inside The Container
  • Restore Incorrectly Quarantined Items
  • Submit Quarantined Items To Comodo Valkyrie For Analysis
  • Enable File Sharing Applications Like BitTorrent And Emule
  • Block Any Downloads Of A Specific File Type
  • Disable Auto-Containment On A Per-application Basis
  • Switch Off Automatic Antivirus Updates
  • Suppress CCS Alerts Temporarily
  • Control External Device Accessibility
• Appendix 2 - Comodo Secure DNS Service
  • Router - Manually Enable Or Disable Comodo Secure DNS
  • Windows - Enable Comodo Secure DNS
• About Comodo Security Solutions

View Active Process List

  

Click 'Tasks' > 'Advanced Tasks' > 'View Active Processes' 

• The active process list shows all processes started by applications currently running on your system.

• CCS can identify the parent application of a process to detect when a non-trusted application is trying to spawn a trusted application. CCS can then deny access rights to the trusted application.

• This deep level of inspection protects you against malware that tries to use trusted software to launch an attack.

• The interface also lets you run an online lookup on the parent application. Here, you can check its trust rating on the latest cloud databases. You can also submit an application to Comodo for analysis.

View the active process list

• Click 'Tasks' > 'Advanced Tasks'

• Click the 'View Active Processes' tile:
  

 

• Application - The name of the parent executable of the process.

• PID - The unique process identifier.

• Company - The vendor who created the software

• User Name - The user account under which the program is run

• Restriction - The security limitations placed on the program by the CCS containment module.

• Rating- The trust level of the program as per the local file list ('Settings' > 'File Rating' > File List')

• Right-click on any process to open the context sensitive menu:

• Show Full Path – View the install location of the parent program

• Show Contained Only – Hides all processes except those running in the container.

• Show COMODO Processes Running Inside the Container – Hide all processes except Comodo processes running in the container.

• Add to Trusted Files – Assign 'Trusted' status to the executable that started the process. This allows the file to run as normal in future. You can view trusted files in the CCS 'File List' ('Settings' > 'File Rating' > 'File List').

• Online Lookup – Search for the executable in Comodo's global blacklist and whitelist. The results will tell you if the file is clean, malicious or unknown.

• Submit to Valkyrie - Uploads the parent executable to Comodo Valkyrie for analysis. Valkyrie is Comodo’s file testing and verdicting system that analyzes the submitted files with a range of static and dynamic tests to determine the file’s trust rating. The files are added to the Comodo safe list (white-listed) or to the database of virus signatures (blacklisted) depending on the results.

• Jump to Folder - Opens the folder containing the executable.

• Show Activities - Shows all actions by processes of the application. This option is available only for contained applications and if VirusScope is enabled ('Settings' > 'Advanced Protection > 'VirusScope').

• Click the 'More' button to open Comodo KillSwitch - an advanced system monitor that lets you quickly identify and terminate any unsafe processes on your system.

If KillSwitch is not yet installed, clicking this button will prompt you to download the application. See Identify and Kill Unsafe Running Processes for more details.

View 'Active Processes' list of contained applications

 

Click the shortcut on the widget to view processes by applications inside the container. These applications include:

• Auto-Containment - Applications that are made to run in the container by a containment rule. See 'Auto-Containment Rules' for more details on defining auto-containment rules.

• Run Virtual - Applications that were manually run in containment. See 'Run an Application in Containment' for more details.

• Applications that are run inside the containment using the context sensitive menu - Click here for more details.

• Running browsers inside the containment from widget - Click here for more details.

• Programs that are added manually - See 'Auto-Containment Rules' for more details.

View active process from contained applications

• Click the first box in the second row in the CCS Widget.

The Active Processes List (Contained Only) screen appears: