Comodo Help
Find the desired product help
Comodo Internet Security

Comodo Internet Security

Version 5.9/5.10

English

Print Help Download Help
Defense+ Tasks - Introduction > Computer Security Policy > Protected Files And Folders
  • Introduction To Comodo Internet Security
    • Special Features
    • System Requirements
    • Installation
      • CIS Premium Installation
      • CIS Pro-Installation And Activation
      • CIS Complete-Installation And Activation
        • Installing Comodo Internet Security 2012 Complete
        • Activating Online Backup, TrustConnect And Guarantee
        • Installing Comodo Backup
        • Installing Comodo TrustConnect
      • Activating Pro/ Complete Services After Installation
        • Activating Your License
        • Activating Your Guarantee Coverage
        • Renewal Of Your License
    • Starting Comodo Internet Security
    • Comodo Internet Security - Overview Of Summary Screens
      • Comodo Internet Security – Summary
      • Comodo Antivirus – Summary
      • Comodo Firewall – Summary
    • Comodo Internet Security - Navigation
    • Understanding Alerts
  • Antivirus Tasks-Introduction
    • Run A Scan
    • Update Virus Database
    • Quarantined Items
    • View Antivirus Events
    • Submit Files To Comodo For Analysis
    • Scheduled Scans
    • Scan Profiles
    • Scanner Settings
      • Real Time Scanning
      • Manual Scanning
      • Scheduled Scanning
      • Exclusions
  • Firewall Tasks-Introduction
    • View Firewall Events
    • Define A New Trusted Application
    • Define A New Blocked Application
    • Network Security Policy
      • General Navigation
      • Application Rules
      • Global Rules
      • Predefined Policies
      • Network Zones
      • Blocked Zones
      • Port Sets
    • View Active Connections
    • Stealth Ports Wizard
    • Firewall Behavior Settings
      • General Settings
      • Alert Settings
      • Advanced Settings
  • Defense+ Tasks - Introduction
    • View Defense+ Events
    • Trusted Files
    • Unrecognized Files
      • Unrecognized Files
      • Submitted Files
    • Computer Security Policy
      • Defense+ Rules
      • Predefined Policies
      • Always Sandbox
      • Blocked Files
      • Protected Files And Folders
      • Protected Registry Keys
      • Protected COM Interfaces
      • Trusted Software Vendors
    • The Sandbox - An Introduction
      • Unknown Files - The Sand-boxing And Scanning Processes
    • View Active Process List
    • Run A Program In The Sandbox
    • Defense+ Settings
      • General Settings
      • Execution Control Settings
      • Sandbox Settings
      • Monitoring Settings
  • More Options-Introduction
    • Preferences
      • General Settings
      • Parental Control Settings
      • Appearance
      • Log Settings
      • Connection Settings
      • Update Settings
    • Manage My Configurations
      • Comodo Preset Configurations
      • Importing/Exporting And Managing Personal Configurations
    • Diagnostics
    • Check For Updates
    • Manage This Endpoint
    • Browse Support Forums
    • Help
    • About
  • Comodo GeekBuddy
    • Overview Of Services
    • Launching The Client And Using The Service
    • Accepting Remote Desktop Requests
    • Registration
    • Activation Of Service
    • Uninstalling Comodo GeekBuddy
  • TrustConnect Overview
    • Microsoft Windows - Configuration And Connection
    • Mac OS X - Configuration And Connection
    • Linux / OpenVPN - Configuration And Connection
    • Apple IPhone / IPod Touch - Configuration And Connection
    • TrustConnect FAQ
  • Comodo Dragon
  • Appendix 1 CIS - How To... Tutorials
    • Setting Up Security Levels Easily
    • Setting Up The Firewall For Maximum Security And Usability
    • Blocking Internet Access While Allowing Local Area Network (LAN) Access
    • Setting Up Defense+ For Maximum Security And Usability
    • How To Password Protect Your CIS Settings
    • How To Reset Forgotten Password (Advanced)
    • Running An Instant Antivirus Scan On Selected Items
    • Creating An Antivirus Scanning Schedule
    • Running An Untrusted Program Inside Sandbox
    • Restoring Incorrectly Quarantined Item(s)
    • Submitting Quarantined Items To Comodo For Analysis
    • Enabling File Sharing Applications Like BitTorrent And Emule
    • Blocking Any Downloads Of A Specific File Type
    • Disabling Defense+ And Sandboxing For Specific Files Selectively
    • Switching Between Complete CIS Suite And Individual Components (just AV Or FW)
    • Switch Off Automatic Antivirus And Software Updates
    • Suppressing CIS Alerts Temporarily While Playing Games
  • Appendix 2 Comodo Secure DNS Service
    • Router - Manually Enabling Or Disabling Comodo Secure DNS Service
    • Windows XP - Manually Enabling Or Disabling Comodo Secure DNS Service
    • Windows 7 / Vista - Manually Enabling Or Disabling Comodo Secure DNS Service
  • Appendix 3 CIS Versions
  • About Comodo Security Solutions

Protected Files and Folders

 

Protected Files and Folders setting allows you to protect specific files and folders against unauthorized modification especially by malicious programs such as virus, Trojans and spyware. It is also useful for safeguarding very valuable files (spreadsheets, databases, documents) by denying anyone and any program the ability to modify the file - avoiding the possibility of accidental or deliberate sabotage. If a file is 'Protected' it can still be accessed and read by users, but not altered. A good example of a file that ought to be protected is the your 'hosts' file. (c: windows system32 drivers etc hosts). Placing this in the 'Protected Files and Folders' area would allow web browsers to access and read from the file as per normal. However, should any process attempt to modify it then Comodo Internet Security blocks this attempt and produce a 'Protected File Access' pop-up alert.

 

To access Protected Files, navigate to: Defense+ Tasks > Computer Security Policy > Protected Files and Folders.

 



 

To manually add an individual file, file group or process

  1. Click the 'Add' button. Click here for a description of the choices available when selecting a file.



Exceptions

 

Users can choose to selectively allow another application (or file group) to modify a protected file by affording the appropriate Access Right in 'Computer Security Policy'. A simplistic example would be the imaginary file 'Accounts.ods'. You would want the Open Office Calc program to be able to modify this file as you are working on it, but you would not want it to be accessed by a potential malicious program. You would first add the spreadsheet to the 'Protected Files and Folders' area by clicking the 'Add' button then 'Browse...' to 'Accounts.ods'. Once added to 'Protected Files', you would go into 'Computer Security Policy' and create an exception for 'scalc' so that it alone could modify 'Accounts.ods'.

  1.  First Add Acconts.odt to Protected Files and Folders


     2.   Then go to Defense+Rules tab and add it to the list of applications and click 'Edit'.



     3.   Click the 'Customize' link.




     4.   Under the 'Access Right' tab, click the link Modify beside the entry Protected Files/Folders.



     5.   Under the 'Allowed Files/Folders' tab click 'Add' then 'Browse...'. Add Accounts.odt and exceptions to the 'Ask' or 'Block' rule in the 'Access Rights'.





Another example of where protected files should be given selective access is the Windows system directory at 'c:windowssystem32'. Files in this folder should be off-limits to modification by anything except certain, Trusted, applications like Windows Updater Applications. In this case, you would add the directory c:windowssystem32* to the 'Protected Files and Folders' area (* = all files in this directory). Next go to 'Computer Security Policy', locate the file group 'Windows Updater Applications' in the list and follow the same process outlined above to create an exception for that group of executables.

 

The 'Groups...' button allows the user to access the 'File Groups' interface.

 



File groups are handy, predefined groupings of one or more file types. Creating a file group allows you to quickly deploy a Defense+ Rule  across multiple file types and applications.

This interface allows you to

  • Create a new File Group by clicking the 'Add' button.

  • Edit the names of an Existing File Group or File by right-clicking and selecting the 'Edit' button.

  • Add a file to an existing file group by selecting the File Group name from the list then clicking Add > Select From >....'

  • Re-assign files to another file group by dragging and dropping.

Note: This area is for the creation and modification of file groups only. You cannot modify the security policy of any applications or files from here. To do that, you should use the Defense+ Rules interface or the Predefined Policies Interface.

 

Comodo Internet Security User Guide | © 2012 Comodo Security Solutions Inc. | All rights reserved

 

Our Products
  • Free Antivirus
  • Free Internet Security
  • Website Malware Removal
  • Free Anti-Malware
  • Anti-Spam (Free Trial)
  • Windows Antivirus
  • Antivirus for Windows 7
  • Antivirus for Windows 8
  • Antivirus for Windows 10
  • Antivirus for MAC
  • Antivirus for Linux
  • Free Endpoint Security
  • Free ModSecurity
  • Free RMM
  • Free Website Malware Scanner
  • Free Device Manager for Android
  • Free Demo
  • Network Security
  • Endpoint Protection
  • Antivirus for Android
  • Comodo Antivirus
  • Wordpress Security
Cheap CDN
  • Bootstrap CDN
  • Semantic UI CDN
  • Jquery CDN
  • CDN Plans
  • CDN
  • Free CDN
Enterprise
  • Patch Management Software
  • Patch Manager
  • Service Desk
  • Website Down
  • Endpoint Protection Solutions
  • Website Security Check
  • Remote Monitoring and Management
  • Website Security
  • Device Manager
  • ITSM
  • CRM
  • MSP
  • Android Device Manager
  • MDR Services
  • Managed IT Support Services
  • Free EDR
Free SSL Certificate
Support Partners Terms and Conditions Privacy Policy

© Comodo Group, Inc. 2025. All rights reserved.