VirusScope Settings
- Click 'Settings' > 'Advanced Protection' > 'VirusScope'
- VirusScope monitors the activities of processes running on your computer and alerts you if they take actions that could threaten your privacy or security.
- VirusScope also allows you to reverse the actions of software without blocking the software itself. This provides more flexibility over legitimate software which requires certain actions to be implemented in order to run correctly.
- This provides more flexibility over legitimate software which requires certain actions to be implemented in order to run correctly.
- VirusScope alerts give you the opportunity to quarantine the process & reverse its changes, or to let the process go ahead.
- Be especially wary if a VirusScope alert appears 'out-of-the-blue' when you have not made any recent changes to your computer.
Open the 'VirusScope' settings section:
- Click 'Settings' on the CCS home screen
- Click 'Advanced Protection' > 'VirusScope':
VirusScope monitors running processes and alerts you to suspicious activity. You then have the option to quarantine the suspicious file and undo its activities.
- Enable VirusScope - Activate VirusScope. If enabled, VirusScope monitors the activities of running processes and generates alerts if suspicious activity is detected. (Default = Enabled)
- Do not show pop-up alerts - Whether CCS should show an alert if VirusScope detects suspicious activity. (Default = Disabled)
- If you choose not to show alerts then detected threats are automatically quarantined and their activities are reversed.
- Monitor only applications in the container - VirusScope only tracks the activities of processes that a running in the container. It will not track processes directly running on the host (Default = Enabled)
- Applications can be made to run in the container in two ways:
- Run a program in the container on a 'one-off' basis. See Run an Application in the Container for more details.
- Create a rule to auto-contain programs that match certain criteria. See Auto-Containment Rules for more details.
Manage the
status of recognizers
- VirusScope detects zero-day malware by analyzing the behavior and actions of an application.
- If the detected behavior corresponds to that of known malware, then VirusScope will generate an alert which allows you to quarantine the application and reverse any changes that it made.
- A 'recognizer' file contains the sets of behaviors that VirusScope needs to look out for.
- If you disable a recognizer, VirusScope will no longer show an alert if an application exhibits behavior described by the recognizer.
- We recommend most users to leave the 'Status' of recognizers at their default settings.
- Advanced
users, however, may want to try disabling recognizers if they are
experiencing a large number of VirusScope false positives.