Can I Search through Network Security Policy to find Filename when Path is UNK?

Ronny posted a very helpful item in 2008 that is now locked against the following corollary to his Q&A. How to search when Path+Filename is NOT exactly known? It is noticeable that, Comodo’s Alert balloons do not seem to be providing any method for Finding a fileby Filename only or by a partial, dimly remembered Filename, because the Alert balloons do not reveal to the user the Path to a file that is causing (or is the target, either) of an attempt that produces an Alert balloon. Please consider this: It is possible for your clients MISTAKENLY to click an Allow with Remember, or a Block, without being certain that it is the correct decision. . This is easy to do, and I have done this, more than once, I regret to say. And as we make this mistake, the balloon vanishes instantly and NEVER will that filename (action with source or target) be revisited with a chance to correct that individual mistake cleanly and simply; FOREVER! Since the Path is unknown, the My Safe Files window cannot Find the file, unless I undertake a laborious, time-consuming review of every line item among uncounted hundreds. And these mistakes will provide some uncorrected vulnerabilities, and the vulnerabilities will accumulate without end, presumably until Comodo is uninstalled. Now, it is, of course, the client’s responsibility to avoid his/her own mistakes; nevertheless, one feels that Comodo I.S. ought to be more forgiving, ought to provide a simple and sure method for correcting a mistake. Comodo should not “stick” its clients with a serious set of vulnerabilities, nor with only the choice between two problematic outcomesI.e., either to take a lot of eyeball time reviewing the list windows, or to accept the mistake and let it remain avulnerability indefinitely.

The best method IMHO would provide a list window of all Allowed files (including Path) with both full and partial text Search, and selection by line item, and correcting buttons including delete the Item from this list, let it Alert again, next time. The same applies to the list of Files Blocked, we should be shown and enabled to Search for parts of Path and Filename with selection and correction enabled. It would be well perhaps to include both lists in the same window, but this is not critically important; the Search and Correction capabilities are critically important, to this user. The My Safe Files and the My Blocked Files windows provide all this except the true partial-Path/Filename search. This, although not reportable as a "bug", is IMHO a deficiency in Comodo's UI that is serious. I am sure this can be corrected, and it is so serious as to cause this user to hesitate about purchasing the complete version of CIS 4 (and 3 before it, for several months now). [F.Y.I. - My system is Windows XP Professional SP3, Firefox 3.6.3 with NoScript, M$IE8, planning upgrade soon to Win 7 when a nagging malware symptom can be corrected, etc.] Your consideration of this matter is respectfully requested.

When the alert is on screen, you can click on the executables name and CIS will display the path.

In both the firewall and Defense + policy windows, if you start typing a path (i.e. “c:\program”), CIS will display a list of all files named in a rule that correspond to what you have typed. While this won’t take you directly to a file, it does priune down what you have to search for significantly.

Of course, it would be better if we could just search for the executable name, but CIS stores all entries with their full name (i.e. “drive:\path\path\name.exe”).

Hope this helps,
Ewen :slight_smile: