I have a game installed on my computer named “PokerTH”. Every time I run it, I get the popup warning that CIS Sandbox “pokerth.exe could not be rcognized and requests unlimited access to your computer”. Every time this happens I check the box that says “trust this application”, then click on “Run Unlimited”, but it still happens. It’s listed in the Auto Sandbox as “Ignore” under “Action” and “Trusted” under “Reputation”. It’s set to “Allow All Incoming and Outgoing Requests” under the Firewall settings “Application Rule”, and it’s also set as an “exclusion” under the AV exclusions.
What do I need to do for CIS to recognize this program as safe so I can stop getting the popup every time I want to play the game?
I’m not sure if this is what you are looking for, so if you need different information, please let me know.
Comodo ver. 18.104.22.16826
Database ver. 21529
Comodo – Proactive Security
Realtime Scan – Enabled
Scanning Optimization – Enabled
Run cache builder when computer is idle – checked
Decompress and scan archive files of extensions – checked
Use heuristics scanning - checked
HIPS – Not Eneabled
Set pop up alerts to verbose mode – checked
Enable adaptive mode under low system resources – checked
Enable enhanced protection mode – checked
Do heuristic command-line analysis for certain applications – checked
Detect shellcode injections – checked
Do not virtualize acces to …. - checked
Show highlight frame for virtualized programs – checked
Detect programs which require elevated privileges – checked
Show privilege elevation alerts for unknown programs – checked
This is a sandbox alert and it means that pokerth.exe matches some of the existing Auto-Sandbox rules.
“Proactive Security” configuration defines all Unrecognized applications to be launched in the Sandbox.
The most suitable solution here is to update existing Ignore Auto-Sandbox rule you mentioned. Please open this rule and a) change Reputation to Unrecognized or b) switch off Reputation checkbox.
This is a known issue in last release and will be addressed in the coming release.