Comodo One Client Security Auto Sandbox enabled causes issues with Printing


​I’ve come across the following issue today on one of my client’s machines.

When they open a PDF attachment from Outlook and then go to print from Adobe PDF it comes up with the following error message:
“Before you can perform print-related tasks such as page setup or printing a document, you need to install a printer”

If I disable the Auto sandbox feature of comodo one client security and reopen the PDF from outlook the print preview / options dialogue comes up as normal in adobe Acrobat Reader DC.

I’ve tried this in versions Adobe Reader DC and Adobe Reader XI with the same result.

If my client saves the PDF file and opens it from a folder this problem is not present it is only when they open the file from Outlook (latest version).

For now I am having to turn the Auto Sandbox feature off for my client which isn’t ideal. Can you provide another solution to this?

Hello @matthell ,

You can keep the Sandbox module enabled, this behavior is controlled by the option “Do Heuristic Command-line Analysis For Certain Applications” in HIPS Settings. Please note that this option is enabled even if HIPS is disabled, so in case that HIPS is disabled please enable it and uncheck this option, wait for the profile to be successfully applied on all the machines that you can turn off HIPS if you want to. With this option disabled PDFs will not be sandboxed, regardless the sandbox status.

@Nick Many thanks - once I’ve changed this on the device profile how long does it take to propagate through to the devices?

Perhaps this option should be disabled on the Default Profile ‘Recommended Windows Profile for ITSM 5.4’ if it is known to cause issues? I’d imagine that this could be a problem for a lot of people.

Hello @matthell ,
If the devices are online, the settings should propagate in a matter of minutes.

This is not an issue as it is expected behavior. Files opened directly as attachments are getting sandboxed so that malicious macros and scripts (responsible for the majority of cryptolocker infections) are getting contained.