allo i have cis instaled and recently i found out that it let a trojan pass through my memory it was siting there,it apeard also in sanbox but also in task memory, , i removed it with malwarebites, my question is: i have configurated the defense+to treat unreconize files as restricted, and set the antivirus for medium heuristic analises , i realy was disapoited with thiis.Can someone help me try to undersand what happened? thank you i love cis
It sounds like you ran a program but it turned out to be a virus. CIS kicked in and sandboxed the trojan as untrusted so it would do very little or no damage to your computer. It’s normal to see a sandboxed program in taskmanager because sandboxed or not, the program is still running.
In short, CIS locked down the trojan so it does next to nothing to your system and the antivirus didn’t detect anything. You ran malwarebytes and the virus was deleted. In the end, your computer is clean.
the trojan is only treat as untrusted in the sandbox, if you set it to. in this case it was set to restricted. in default cases it would have been partially limited.
we can not say clearly, NOTHING was done, just by looking at the fact “was running in the sandbox”.
but assuming, the trojan was part of a program that has been executed, the sandbox was usefull.
while, if it was running on its own without user consent, defense+ had asked suddenly and the trojan had never ran at all, when the sandbox wouldnt allow things to run inside her.
the automatic sandbox has two sides.