Why Clean PC mode learning to modify files?

Clean PC is my favourite mode because that has me fewer popups to check.However, i have a question that why Clean PC mode learning to modify my protected files.

in my opinion,for a safe executable file, it’s safe for CIS to learn to execute files existed in our system, but it’s not necessary to learn to modify them, this action must be confirmed manually.

thanks.

The catch is that when a file changes CIS has no way of knowing why it changed. It may have been updated (not a problem), it may have been injected by malware (that would be a problem).

I agree with you.

However, I think the reason is to prevent a pop-up when people download executable files from the internet.

I think defence+ should differentiate between saving an executable file and writing to an existing one.

Yes, you are right, for most people, they hope CIS have functions of “modifying” and “creating” files.

And I have another suggestion.

If a safe executable file learn to modify other files, for example, abc.exe, can CIS produce a rule “allow abc.exe” , not “allow *.exe” ? I think “allow *.exe” is so dangerous.

That’s the whole dilemma with security software…

People want it quiet, yet secure. To get quiet (and functional*) you lose security. At some point you just have to say that you can’t have both.

*Please nobody point out the ‘Parental’ option. Yes, you have maximum security with no pop-ups, but you also have limited functionality.

You have full functionality with the Parent mode enabled. How do you figure you lose functionality?

Program updates and other installations are blocked.

I don’t think so. We know that learning rules of “*.exe” is not safe, however, learning to modify a specific existing file(for example, abc.exe) by producing a rule of “allow abc.exe”(not *.exe) is convenient and secure for people who want CIS quiet. And if an executable file is about to create a new prtected file, CIS should generate a popup for security. In fact, a safe executable file doesn’t have so much activity of creating new exe files.

I would much rather safe applications only learned what they have to do and the rules are not set to a blanket allow. This blanket allow does not reduce pop-ups and reduces security. It also stops you training defence+ and later switching to paranoid mode. What is the point of paranoid mode if everything is already allowed.