Unknown application and the BB auto sandbox feature

Hi, I have some trouble with an application (game actually) which is not digitally signed and thus is sandboxed the first time

The game is Auto Club Revolution which is a free to play, browser based game with an installed client (which is controlled by the browser i believe)

I have CIS v6 and Proactive config. sandbox as partially limited
When run for the first time, CIS sanboxed the exe. Which is as expected
I said ‘do not sandbox again’.
The game crashes (perhaps because it ran inside the sandbox)
I restarted the game and it starts. the game startes another exe which is also sandboxed and i repeated the steps i did with the primairy exe

Because the game updates very often, the exes get other hashes and CIS stops trusting the exe.
I added the files manually to the trusted files in file rating, which will be reset (or rendered obsolete by updating the exe and its hash i think)

I ended up excluding the whole dir of the installed client which i am not comfortable with
The game uses the client app to download new content and is using mutiple exe’s and dll’s to do its job

What if the main exe is not sandboxed and other exe’s it starts are sandboxed. The content gets downloaded and registered somewhere.

Does this situation mess my system/installed application up?
Is my real system not affected by changes made by the child-exe’s? (these are sandboxed)

I ask this because the sandboxed main exe does not run properly so i can kill it easy and start it outside the sandbox, but the sandboxed child exes immidiately start doing stuff like downloading files (which is allowed btw).

I will sumbit all relavant files to Comodo for analysis

You can choose while adding things to the exclusion if it should depend on the “name/location”.
That way you just need to exclude the often changing files by name.

Make sure that your antivirus scans this files.

I will check to make sure, but i am under the impression that i did not exclude the files/dir from CAV. Only BB
I can add the relevant files and exclude them by name instead of excluding the whole dir
If the files are not sandboxed, my proactive HIPS will catch any suspicious behavior i hope

Try giving the primary.exe the Installer/Updater policy. That way all siblings will be allowed to start without notification.