Every PDF now causes 2 pop-ups

Since I updated Comodo CIS today, every PDF I open causes two pop-ups to appear saying:

“explorer.exe is a safe application. However the executable could not be recognized.”

The second message (after I click “Ok” for the first one) has the header:

“ is trying to modify the user interface of ctfmon.exe”

Clicking “Remember my answer” only works for that specific file so every time I open a pdf that I haven’t opened since the update, which is VERY often right now (writing a paper with lots of references), I have to click “Ok” twice.

I’m running Product Version 5.3.176757.1236.

Any ideas why it thinks that .pdf files are executables? Any guidance on preventing these messages?

It looks like there is some active content in the PDF. Can you attach a pdf file where this happens with?

What PDF reader are you using?

Thanks for your response.

I actually just realized that it only happens when I open PDFs from my flash drive. I don’t get anything when I open them from my hard drive. And I just use plain ol’ Adobe Reader.

Anyway, that solves my problem since I have a sync’ed back-up of my flash drive on my hard drive (wouldn’t want to lose a whole thesis, after all!), but it’s still a strange behaviour by Comodo.

I see. By design CIS does not trust files from external media. That is because they cannot be continuously monitored.

This is what the head developer tells us about it:

That’s fair enough. Thanks for clearing that up!

Is it really by design? This problem only happen when open pdfs in usb drive using adobe reader but not the other pdf readers.

The critical issue in this case is not the pop-ups, the sandboxed (unrecognized) pdf files were submitted to Comodo if cloud function is enabled. Personal confidential pdf files can be send to Comodo.

I have PM this critical privacy issue to Melih in Jan and he replied that they are in the middle of investigation on scenerios where this might happen and fix it immediately. EricJH’s reply seems like that the development team is not going to do anything on this problem.

I hope the problem is really being fixed asap. At the moment, I must disable the cloud function in CIS to prevent it submitting personal pdf files in usb drive back to Comodo.

Please make a wish in Wishlist - CIS in which you ask for not sending, or the possibility for a setting to enable/disable, documents to Comodo Cloud servers.

From my understanding pdf’s will only be sandboxed (and submitted) if they are opened from an external media. To avoid this always move them to your computer and then open them.

That said, I don’t think pdf’s, which could hold personal data, should be submitted at all without the users explicit consent. There could be personal information in them.

If someone makes the wish I’ll vote for it. :wink:

My guess is that if you make *.pdf an installer/updater in D+ rules, and move the rule to above the all applications group rule you will get over this. Have not tried it, though.

To create such a global, pathless, rule select any file in the browse dialog and then edit the resultant path.

Only do this if you will never open files ending in .pdf from untrusted sources.

Note that pdfs can be a security risk

If you know the path, but the name varies you can give the path. This is a little more secure.

If you know that the trusted pdf filenames will conform to a given pattern you can express this using the ? operator as a single space placeholder. This is much more secure.

Best wishes