Comodo sandbox is repeatedly reporting that it has sandboxed Xq0.exe and the separately Xq1.exe. It has been happening now for a week. How can this be repaired or stopped? No upgrades are available.
Go in Sandbox and see what is there and remove or Add what you want: Defence+ → Sandbox → Add a Program to Sandbox
Please add the files to My Safe Files and re-start them, or reboot the computer.
those look like malware, don’t add to safe list.
submit them to virustoal.com to make sure they are safe first.
Agreed. If languy thinks its malware it probably is! Will leave it to him to guide you!
Can you please upload these files to virustotal and post a link to the results?
Original Poster used “Report to moderator” to reply, not sure why but I’ll post the reply here:
Comodo points to; c:\users\gordon\appdata\locals\temp\Xq0.exe
If these files don’t show up in explorer there are 2 possibilities
- the files are hidden, either for explorer or by a rootkit.
- the files where present but are no longer there, only some shortcut, or Scheduled Task still tries to execute them.
Can you please verify if there are Scheduled Tasks that try to start these files, if so then Sandbox will still alert you that these run sandboxed, even though the files no longer exist.
Thanks to Ronny’s assistance I think we have found scheduled tasks using autoruns that mention xq0.exe and xq1.exe. These have been deleted and I’ll see if I get anymore Comodo sandboxing questions. Thanks Ronny!