why no purge for special rules? great open door for copy paste threats

if you take a surface look in the rules, you think, “i can purge uninstalled program rules out of the list”.

but when you purge out this rules, there are still rules left. for example:
“explorer.exe, start this program”.
so a malware writer could trust in luck to find usual folders for special programs. as in a lottery he would find someone using comodo cis who had uninstalled a normal program out of the default folder.

now you just simply have to “copy paste” something in this folder adress. with the same name as the uninstalled program.

and it will be executable through explorer.exe. as i showed in another case, there are malicious effects that can be triggered without any further question. the only needed question was: explorer.exe tries to start “test.exe”. after this question all the stuff happened.

and copy and paste is not guarded by comodo cis.
today i erased a lot of “explorer.exe” rules, inside the rules set for defense+ . i dont think that normal users ever see this rules list for each single program itself.

why are not ANY related rules to an uninstalled program cleaned away? until now ONLY the direct program rules can be purged with a button.

You have a valid point. Somewhere over the last month in one of the Wish boards somebody asked to add the Purge function for that. I will move your post to one of the Wish boards.

Towards the end of the month we are expecting the first beta version of the upcoming v4 which will hold a lot of usability enhancements. Let’s keep our fingers crossed for this one.