How to Whitelist Non-Digitally Signed Application?

I have an application that I know is safe (Blender.exe from blender.org) that I would like to add to the whitelist.

When I try to run the application, Comodo displays the following message (see attachment):

===
[i]
Comodo Defense+ Alert:

blender.exe could not be recognized and requests unlimited access to your computer

blender.exe

Unidentified Publisher

Security Considerations

The publisher of blender.exe has NOT digitally signed their application. Hence the origin of this application should not be trusted. Digital Signing helps with verifying the authenticity of applications. If you are unsure, we strongly recommend you press the Sandbox button.
[/i]

===

I then check the “Always trust this file or package” and hit the “OK” button.

The application (Blender) opens fine, but if I close the application and then try to open it again, the same Comodo message appears again.

I have even added the application to the Trusted Applications via the Firewall tab → Define a New Trusted Application, but when I try to run the application, I still get the same Comodo message.

Is there any way to add the application to the whitelist and prevent Comodo from displaying a message everytime I want to execute the app?

FYI: I have tried this on two separate computers with the same results.

O/S: Win7 (64-bit) and Win Vista (32-bit)
Comodo Firewall: 5.0.163652.1142

[attachment deleted by admin]

Go to Defense+ → Computer Security Policy → Add → browse to the Blender.exe path and Use a Predefined Policy: Installer or Updater. Now Apply the changes. Report back if it works or not.

Thanks, that seems to have done the trick, but I have to say that the solution was definitely not self-evident and something that a common user would have tried.

The “Always trust this file or package” checkbox also didn’t seem to work as expected and should probably be fixed.

I have this same problem with an application and tried this solution but it did not work. I also tried “Tusted Application” to no avail. I get one error message per boot. I hope someone can help. Thanks and enjoy, John.

W7 x64 Ultimate, CIS 5.9.221665.2197.

Which application?

To both of you: If you trust your applications, you could insert them into the trusted files list. This should keep them from being put into the sandbox.
Personally, i would not give something installer rights, especially not permanent, if its not an installer.

clockwork, thanks. I have used the trusted file list with no help. I have still not gotten the first solution to work for me. My case is a little different from the original poster. My file is signed by the vendor and countersigned by VeriSign. I do not know why D+ keeps complaining. I continue to try settings. The application is RAIDXpert from AMD. I just set four running processes as Trusted Applications that are associated with RAIDXpert. If this works I will remove the Policy statements. I am running Proactive configuration. Thanks and enjoy, John.

Then make a screenshot of the error message that you get :slight_smile: . And of the defense+ logs of that time.

I dont know that program.

clockwork, thanks. Attached are the requested screen shots. The log shows server file not client as does the pop up. RAIDXpert from AMD comes with the onboard RAID in the 990FX chip set and probably many more. These routines, I suspect, are monitoring my array and will warn me with a balloon message that there is a problem. It is definitely something I want to be running. Thanks and enjoy, John.

[attachment deleted by admin]

What happens if the sandbox is disabled when this program starts?
It looks like this program is not fully functioning inside the sandbox. Its a question why you can not decide that it shouldnt be started in the sandbox permanent.
Isnt that normally managed by adding something to the trusted files list?

clockwork, thanks. I do not want to run this, or any other program I trust, in the Sandbox. I do not know what the behavior would be and its function is so important to me I do not want to discover. This program starts at boot. It appears I have fixed my problem and so far have no more pop up messages. Setting the four files to trusted applications did not solve the problem, but placing the WinMsgBalloonClient.exe and WinMsgBalloonServer.exe files into D+ as Installer or Updater (as recommended above) worked. The confusing factor was that I always got a message about the Client file and not the Server file. Thanks for your help. Enjoy, John.

I said, try to run it without sandbox.

I dont have the automatic sandbox enabled, i discover it all day :wink:
When you restart your computer, look what programs have been put into the sandbox.
If theres no “questionable” file running in it, what should happen if you make a restart without enabled sandbox?
To be honest, i disable the automatic sandbox, because i dont want to have ANY file running without me getting a question first :smiley:

The problem in your case seems to be related to files trying to start another file, and this was mixed up with it running in sandbox also. Personally, i would give these files the permission to start the SPECIFIC file. But i would not run them permanent as installers or updaters.
And i would not run “all day system files” inside the sandbox.

Thanks again, clockwork. I am currently happy with the way things are setup. I have zero files in the Sandbox and always check the “Always trust this…” on the pop up message. In the future I may try specifying the two WinMsg files as trusted files. I have not tried both since the pop up always just mentioned the one. Thanks and enjoy, John.

This looks a bit out of date with the newer Comodo CIS. Please see the following for what I did:
https://forums.comodo.com/defense-sandbox-help-cis/blender-and-defence-t71966.0.html;msg786455#msg786455

Please note last post 2012.

Thank you

Dennis

Topic Locked