Endpoint Manager

• Introduction To Comodo Client Security
  • Special Features
  • System Requirements
  • Install Comodo Client Security
  • Start Comodo Client Security
  • The Main Interface
    • The Home Screen
    • The Tasks Interface
    • The Widget
    • The System Tray Icon
  • Understand Security Alerts
  • Password Protection
• General Tasks - Introduction
  • Scan And Clean Your Computer
    • Run A Quick Scan
    • Run A Full Computer Scan
    • Run A Rating Scan
    • Run A Custom Scan
      • Scan A Folder
      • Scan A File
      • Create, Schedule And Run A Custom Scan
    • Automatically Scan Unrecognized And Quarantined Files
  • Instantly Scan Files And Folders
  • Process Infected Files
  • Manage Virus Database Updates
  • Manage Blocked Autoruns
  • Manage Quarantined Items
• Firewall Tasks - Introduction
  • Configure Internet Access Rights For Applications
  • Stealth Your Computer Ports
  • Manage Network Connections
  • Stop All Network Activities
  • View Active Internet Connections
• Containment Tasks - Introduction
  • Run An Application In The Container
  • Reset The Container
  • Identify And Kill Unsafe Running Processes
  • Open Shared Space
  • The Virtual Desktop
    • Start The Virtual Desktop
    • The Main Interface
    • Run Browsers Inside The Virtual Desktop
    • Open Files And Run Applications Inside The Virtual Desktop
    • Pause And Resume The Virtual Desktop
    • Close The Virtual Desktop
  • Containment Statistics Analyzer
• DLP Tasks - Introduction
  • Run Data Loss Prevention Scans
  • Manage DLP Quarantined Files
• Advanced Tasks - Introduction
  • Create A Rescue Disk
    • Download And Burn Comodo Rescue Disk
  • Remove Deeply Hidden Malware
  • Manage CCS Tasks
  • View CCS Logs
    • Antivirus Logs
    • VirusScope Logs
    • Firewall Logs
    • HIPS Logs
    • Containment Logs
    • Website Filtering Logs
    • Device Control Logs
    • Autorun Event Logs
    • Alert Logs
    • CCS Tasks Logs
    • File List Changes Logs
    • Vendor List Changes Logs
    • Configuration Changes Logs
    • Virtual Desktop Event Logs
    • Data Loss Prevention Event Logs
    • Search And Filter Logs
  • Submit Files For Analysis To Comodo
  • View Active Process List
• CCS Advanced Settings
  • General Settings
    • Customize User Interface
    • Configure Virus Database Updates
    • Log Settings
    • Manage CCS Configurations
      • Comodo Preset Configurations
      • Personal Configurations
    • Manage Performance
  • Antivirus Configurations
    • Real-time Scanner Settings
    • Scan Profiles
  • Firewall Configuration
    • General Firewall Settings
    • Application Rules
    • Global Rules
    • Firewall Rule Sets
    • Network Zones
      • Network Zones
      • Blocked Zones
    • Port Sets
  • HIPS Configuration
    • HIPS Settings
    • Active HIPS Rules
    • HIPS Rule Sets
    • HIPS Groups
      • Registry Groups
      • COM Groups
  • Protected Objects
    • Protected Objects - HIPS
      • Protected Files
      • Blocked Files
      • Protected Registry Keys
      • Protected COM Interfaces
    • Protected Objects - Containment
      • Protected Files And Folders
      • Protected Keys
  • Data Loss Prevention
    • DLP Monitoring Rules
    • DLP Discovery Rules
    • DLP Keyword Groups
  • Containment Settings
    • Containment Settings
    • Auto-Containment Rules
    • Virtual Desktop Settings
    • Containment - An Overview
    • Unknown Files - The Scanning Processes
  • File Rating Configuration
    • File Rating Settings
    • File Groups
    • Submitted Files
  • Advanced Protection
    • VirusScope Settings
    • Scan Exclusions
    • Device Control Settings
    • Script Analysis Settings
    • Miscellaneous Settings
  • Web Filter Settings
    • Website Filtering Rules
    • Website Categories
• Appendix 1 - CCS How To... Tutorials
  • Enable / Disable AV, Firewall, Auto-Containment And VirusScope Easily
  • Set Up The Firewall For Maximum Security And Usability
  • Block Internet Access While Allowing Local Area Network (LAN) Access
  • Set Up HIPS For Maximum Security And Usability
  • Create Rules To Auto-Contain Applications
  • Run An Instant Antivirus Scan On Selected Items
  • Create An Antivirus Scan Schedule
  • Run Untrusted Programs Inside The Container
  • Run Browsers Inside The Container
  • Restore Incorrectly Quarantined Items
  • Submit Quarantined Items To Comodo Valkyrie For Analysis
  • Enable File Sharing Applications Like BitTorrent And Emule
  • Block Any Downloads Of A Specific File Type
  • Disable Auto-Containment On A Per-application Basis
  • Switch Off Automatic Antivirus Updates
  • Suppress CCS Alerts Temporarily
  • Control External Device Accessibility
• Appendix 2 - Comodo Secure DNS Service
  • Router - Manually Enable Or Disable Comodo Secure DNS
  • Windows - Enable Comodo Secure DNS
• About Comodo Security Solutions

Real-time Scanner Settings

• Click 'Settings' > 'Antivirus' > 'Realtime Scan'

• The real-time scanner automatically checks for viruses whenever you open or move a file. It also monitors background activity for malicious processes.

• The real-time scanner also scans:

• System memory on system startup

• Any plugged-in removable storage devices

• You can specify that CCS does not show you alerts when it finds a threat, but automatically deals with the threat. You can choose to automatically quarantine or delete threats if you disable alerts.

• We strongly recommend you leave the real-time scanner enabled at all times.

Configure real-time scans

• Click 'Settings' at the top of the CCS home screen

• Click 'Antivirus' > 'Realtime Scan' on the left

• Enable Realtime Scan – Activate or deactivate real-time scanning. The real-time scanner continually monitors your computer for malicious activity and protects you from threats as soon as they occur. Comodo strongly recommends you keep this option enabled. (Default=Enabled)

• Enable scanning optimizations - Will enable various techniques during a virus scan to reduce resource usage and speed-up the scan process. For example, antivirus scans will run in the background. (Default = Enabled)

• Do not show auto-scan alerts - Select whether CCS alerts you when you plug a removable device into your computer (USB stick, portable HDD etc). The alert asks you whether you want to scan the device for viruses.

• Enabled = Alerts are not shown. CCS will automatically take the action shown in the drop-down box next to the setting.

• Disabled = Alerts are shown when you plug a removable device into your computer. You can choose to scan the device, or skip the scan. An example is shown below:

• Ignore - The device is not scanned

• Scan – The device is automatically scanned for viruses. The scan uses the settings in the 'Manual Scan' profile. If this is not available then the scan uses the settings in the 'Full Scan' profile.

Detection Settings

• Scan computer memory after the computer starts - The antivirus scans system memory immediately after your computer starts up. Disable to remove the scan from the list of Windows startup processes. (Default = Disabled)

• Do not show antivirus alerts - Configure whether or not alerts are shown to end-user when CCS finds malware.

'Do not show antivirus alerts' will minimize disturbance but at some loss of user awareness. If you disable alerts alerts then please choose the default responses that CCS should take:

• Quarantine Threats - Prevents the threat from running and moves it to quarantine (Default). You can review quarantined files at 'Tasks' > 'Advanced Tasks' > 'View Quarantine'.

• Block Threats - Prevents the threat from running then deletes it from your computer.

• Decompress and scan archive files of extension(s) - Comodo Antivirus will scan all types of archive files. Archive file types include .jar, RAR, WinRAR, ZIP, WinZIP ARJ, WinARJ and CAB files. You will be alerted to the presence of viruses in compressed files before you even open them. (Default = Enabled)

You can add the archive file types that should be decompressed and scanned by Comodo Antivirus.

• Click file type link next to the setting (*.exe, *.jar)

• Click 'Add' to add another file type to the list.

• Enter the extension type you wish to scan and click 'OK'.

• Example archive extensions include .zip , .rar, .msi, .7z , .jar and .cab.

• Set the max. size of this file type that CCS should scan. Files larger than this will not be scanned.

• Repeat the process to add more extensions

• Click 'OK' in the 'Manage Extensions' dialog

• Set new on-screen alert timeout to - Specify the length of time that virus alerts should stay on the screen. (Default = 120 seconds)

• Set new maximum file size limit to -Specify the largest file size that the antivirus should scan. CCS will not scan files bigger than the size specified here. (Default = 40 MB)

• Set new maximum script size to -Specify the largest script size that the antivirus should scan. CCS will not scan scripts bigger than the size specified here. (Default = 4 MB)

• Use heuristics scanning - Enable or disable heuristic scans, and define the sensitivity of the scanner. (Default = Disabled)

Background. Heuristics is a technology that analyzes a file to see if it contains code typical of a virus. It is about detecting 'virus-like' attributes rather than looking for a signature which exactly matches a signature on the blacklist. This allows CCS to detect brand new viruses even that are not in the current virus database.

If enabled, please select a sensitivity level. The sensitivity level determines how likely it is that heuristics will decide a file is malware:

• Low - Least likely to decide that an unknown file is malware. Generates the fewest alerts.

Despite the name, this setting combines a very high level of protection with a low rate of false positives. Comodo recommends this setting for most users.

• Medium - Detects unknown threats with greater sensitivity than the low setting, but with a corresponding rise in possible false positives.

• High - Highest sensitivity to detecting unknown threats. This also raises the possibility of more alerts and false positives.

• Enable realtime scanning of files on network - Activate or deactivate automatic scans of files on network drives (Default = Enabled)

• If enabled, the scanner will check all files you interact with on a network drive, even if you do not copy them to your local machine.

• If disabled, network files are not checked unless you copy them to your local machine.

• Use Windows Anti-malware Scan Interface (AMSI) technology – Microsoft AMSI technology allows 3rd party applications to request scans from antivirus products installed on the machine. CCS is on the AMSI provider's list. (Default = Enabled)

• Enabled - CCS will accept scan requests from AMSI enabled applications.

• Disabled - CCS removes itself from the local AMSI providers list, and will not respond to scan requests.

• Use cloud services while scanning via AMSI - Available if 'Use Windows Anti-malware Scan Interface (AMSI) technology' is enabled. (Default = Disabled)

• Enabled - CCS check a file's trust rating on our cloud severs as part of the AMSI scan process.

• Note - Cloud Lookup must also be enabled in 'File Rating Settings'.