Comodo Internet Security

• Introduction To Comodo Internet Security
  • Special Features
  • System Requirements
  • Installation
    • CIS Premium – Installation
    • CIS Pro - Installation And Activation
    • CIS Complete - Installation And Activation
    • Activating CIS Pro/Complete Services After Installation
      • Activating Your License
      • Activating Your Guarantee Coverage
      • Renewal Or Upgrading Your License
  • Starting Comodo Internet Security
  • The Main Interface
    • The Home Screen
    • The Tasks Interface
    • The Widget
    • The System Tray Icon
  • Understanding Security Alerts
• General Tasks – Introduction
  • Scan And Clean Your Computer
    • Run A Quick Scan
    • Run A Full Computer Scan
    • Run A Rating Scan
    • Run A Custom Scan
      • Scan A Folder
      • Scan A File
      • Create, Schedule And Run A Custom Scan
  • Instantly Scan Files And Folders
  • Processing Infected Files
  • Manage Virus Database And Program Updates
  • Manage Quarantined Items
  • View CIS Logs
    • Antivirus Logs
      • Filtering Antivirus Logs
    • Firewall Logs
      • Filtering Firewall Logs
    • Defense+ Logs
      • Filtering Defense+ Logs
    • Alerts Logs
      • Filtering Alerts Displayed Logs
    • Tasks
      • Filtering Tasks Launched Logs
    • Configuration Changes
      • Filtering Configuration Changes Logs
  • Manage CIS Tasks
  • View Active Internet Connections
  • View Active Process List
• Firewall Tasks – Introduction
  • Allow Or Block Internet Access To Applications Selectively
  • Stealth Your Computer Ports
  • Manage Network Connections
  • Stop All Network Activities
  • Advanced Firewall Settings
• Sandbox Tasks – Introduction
  • The Virtual Kiosk
    • Starting The Virtual Kiosk
    • The Main Interface
    • Running Browsers Inside The Virtual Kiosk
    • Opening Files And Running Applications Inside The Virtual Kiosk
    • Configuring The Virtual Kiosk
    • Closing The Virtual Kiosk
  • Run An Application In The Sandbox
  • Reset The Sandbox
• Advanced Tasks – Introduction
  • Create A Rescue Disk
    • Downloading And Burning Comodo Rescue Disk
  • Remove Deeply Hidden Malware
  • Submit Files
  • Identify And Kill Unsafe Running Processes
• Advanced Settings
  • General Settings
    • Customize User Interface
    • Configure Program And Virus Database Updates
    • Log Settings
    • Manage CIS Configurations
      • Comodo Preset Configurations
      • Importing/Exporting And Managing Personal Configurations
  • Security Settings
    • Antivirus Settings
      • Real-time Scanner Settings
      • Scan Profiles
      • Exclusions
    • Defense+ Settings
      • HIPS Behaviour Settings
      • Active HIPS Rules
      • HIPS Rule Sets
      • Protected Objects
        • Protected Files
        • Blocked Files
        • Protected Registry Keys
        • Protected COM Interfaces
      • Behavior Blocker
        • The Sandbox - An Overview
          • Unknown Files - The Auto - Sandboxing And Scanning Processes
      • Configure The Sandbox
    • Firewall Settings
      • Firewall Behavior Settings
      • Application Rules
      • Global Rules
      • Firewall Rule Sets
      • Network Zones
        • Network Zones
        • Blocked Zones
      • Port Sets
    • Manage File Rating
      • File Rating Settings
      • Trusted Files
      • Unrecognized Files
      • Submitted Files
      • Trusted Vendors List
• Comodo GeekBuddy
  • Overview Of Services
  • Activation Of Service
  • Launching The Client And Using The Service
  • Accepting Remote Desktop Requests
  • Chat History
  • Using Issue Tracker
  • Uninstalling Comodo GeekBuddy
• TrustConnect Overview
• Comodo Dragon
• Comodo BackUp
• Appendix 1 CIS How To... Tutorials
  • Enabling / Disabling Security Components Easily
  • Setting Up The Firewall For Maximum Security And Usability
  • Blocking Internet Access While Allowing Local Area Network (LAN) Access
  • Setting Up The HIPS For Maximum Security And Usability
  • Setting Up The Behavior Blocker For Maximum Security And Usability
  • Password Protect Your CIS Settings
  • Reset Forgotten Password (Advanced)
  • Running An Instant Antivirus Scan On Selected Items
  • Creating An Antivirus Scanning Schedule
  • Running Untrusted Programs Inside Sandbox
  • Running Browsers Inside Sandbox
  • Running Untrusted Programs Inside Virtual Kiosk
  • Running Browsers Inside The Virtual Kiosk
  • Restoring Incorrectly Quarantined Item(s)
  • Submitting Quarantined Items To Comodo For Analysis
  • Enabling File Sharing Applications Like BitTorrent And Emule
  • Blocking Any Downloads Of A Specific File Type
  • Disabling Behavior Blocker And Auto-Sandboxing On A Per-application Basis
  • Switching Between Complete CIS Suite And Individual Components (just AV Or FW)
  • Switch Off Automatic Antivirus And Software Updates
  • Suppressing CIS Alerts Temporarily While Playing Games
  • Renewing Your License
• Appendix 2 - Comodo Secure DNS Service
  • Router - Manually Enabling Or Disabling Comodo Secure DNS Service
  • Windows XP - Manually Enabling Or Disabling Comodo Secure DNS Service
  • Windows 7 / Vista - Manually Enabling Or Disabling Comodo Secure DNS Service
• Appendix 3 - Glossary Of Terms
• About Comodo Security Solutions

Protected Files

The Protected Files tab displays a list of files and file groups that are protected from access by other programs, especially malicious programs such as virus, Trojans and spyware. It is also useful for safeguarding very valuable files (spreadsheets, databases, documents) by denying anyone and any program the ability to modify the file - avoiding the possibility of accidental or deliberate sabotage. If a file is 'Protected' it can still be accessed and read by users, but not altered. A good example of a file that ought to be protected is your 'hosts' file (c:\windows\system32\drivers\etc\hosts). Placing this in the 'Protected Files and Folders' area would allow web browsers to access and read from the file as per normal. However, should any process attempt to modify it then Comodo Internet Security blocks this attempt and produce a 'Protected File Access' pop-up alert.

Clicking the handle at the bottom of the interface opens an options panel with the following options:

• Add – Allows you to add individual files, programs, applications to Protected Files.

• Edit – Allows you to edit the path of the file or group of a selected item in the Protected Files interface.

• Remove - Deletes the currently highlighted file or file group.

• Groups – Opens the Manage Groups interface that allows you to edit pre-defined file groups and define new file groups for inclusion in Protected Files list

• Purge - Runs a system check to verify that all the files listed are actually installed on the host machine at the path specified. If not, the file or the file group is removed, or 'purged', from the list.

To manually add an individual file, folder, file group or process

• Click the handle from the bottom center and select 'Add'.

You can add the files by following methods:

• Selecting from File Groups

• Selecting from currently running Processes

• Browsing to the File

• Browsing to the Folder

To edit an item in the Protected Files list

• Select the item from the list, click the handle from the bottom and select Edit. The 'Edit Property' dialog will appear.

• Edit the file path, if you have relocated the file and click OK

To delete an item from Protected Files list

• Select the item from the list, click the up arrow from the bottom and select 'Remove'.

The selected item will be deleted from the protected files list. CIS will not generate alerts, if the file or program is subjected to unauthorized access.

File Groups

File groups are handy, predefined groupings of one or more file types. Creating a file group allows you to quickly deploy a ruleset across multiple file types and applications.

To open the Manage File Groups interface

1. Click the handle from the bottom center of Protected Files interface and select 'Groups'.

The Manage File Groups interface will open.

This interface allows you to

• Create a new File Group

• Edit the names of an Existing File Group

• Add a file to an existing file group

• Remove existing file group(s) or individual file(s) from existing group

• To add a new group or add files to an existing group, click the handle from the bottom and click 'Add'.

• Add a new group - Select 'New Group' from the 'Add' drop-down, enter a name for the group in the 'Edit property' dialog and click OK

• Add files to a group - Select the Group, click the handle and click Add. Choose  from 'Files', 'Folders' or 'Running Processes' to add files by browsing to the file or folder or from currently running processes.

• To edit an existing group, select the group, click the handle and choose Edit. Edit the name of the group in the Edit Property dialog

• To remove a group, select the group, click the handle and choose Remove.

• To remove an individual file from a group, click + at the left of the group to expand the group, select the file to be removed, click the handle and choose 'Remove'.

Users can choose to selectively allow another application (or file group) to modify a protected file by affording the appropriate Access Right in 'Active HIPS Rules' interface. A simplistic example would be the imaginary file 'Accounts.ods'. You would want the Open Office Calc program to be able to modify this file as you are working on it, but you would not want it to be accessed by a potential malicious program. You would first add the spreadsheet to the 'Protected Files' area. Once added to 'Protected Files', you would go into 'Active HIPS Rules' and create an exception for 'scalc' so that it alone could modify 'Accounts.ods'.

• First add Accounts.odt to Protected Files area.

• Then go to HIPS Rules interface and add it to the list of applications. Click the handle at the bottom and choose 'Edit' after selecting the checkbox beside it.

• In the HIPS Rule interface, select 'Use a custom rule set'.

• Under the 'Access Rights' tab, click the link 'Modify' beside the entry Protected Files/Folders. The Protected Files and Folders interface will appear.

• Under the 'Allowed Files/Folders' tab, click the handle, choose 'Add' > 'Files' and add scalc.exe as exceptions to the 'Ask' or 'Block' rule in the 'Access Rights'.

Another example of where protected files should be given selective access is the Windows system directory at 'c:\windows\system32'. Files in this folder should be off-limits to modification by anything except certain, Trusted, applications like Windows Updater Applications. In this case, you would add the directory c:\windows\system32\* to the 'Protected Files area (* = all files in this directory). Next go to 'HIPS Rules', locate the file group 'Windows Updater Applications' in the list and follow the same process outlined above to create an exception for that group of executables.