HGAJUA.exe And HNL.exe Runs in sandbox, possible malware?

Since I have installed Comodo, I have the sandbox pop-up occur about every hour saying that HGAJUA.exe and HNL.exe are running in the sandbox. I have removed HGAJUA.exe once before, but am unable to find it this time, and HNL.exe is an unkown to me.

I run a complete scan every night and have found nothing, along with multiple malware and spyware scanners.

Any help finding out what these are and/or how to remove them would be of great assistance. Thank you. O0 :-TU

The sandbox will sandbox many safe applications.

Can you please go to Defense+ / Common Tasks / My Pending Files. Then tell me the file paths listed here.

When a file is sandboxed it is automatically sent to Comodo to be analyzed and so the file and its path should be listed under My Pending Files.

Knowing the file path should allow you to properly investigate the files to make sure they are safe.

seems like you might have something on the system. To locate the files go to D+ tab and look at pending files. If you find the files please submit them here so we can see what they are:

Virustotal http://www.virustotal.com/

CIMA http://camas.comodo.com/

anubis http://anubis.iseclab.org/

please provide links to all the results.


Funny timing. This was probably going to be my next post.

You’re quick, but in this case I’m quicker. ;D

They are not currently in the pending files… But when they come up, I will definitely post them as soon as they occur. IDK why they wouldnt be in there, but I will update this very soon.

NOTE:: When HGAJUA.exe runs in sandbox, HNL.exe runs right after. Perhaps they are connected?

from what I can tell one is creating the other. I did some searching on hnl.exe and found it to be a trojan. hgajus.exe seems to be a file that is created with random letters. This is why sandbox is important, something unknown is trying to run and it is stopping it. How long have you been getting these pop-ups?

Maybe it is specific to Vista darker edition!

Try the methods described here:
How to check if your computer is infected
and let us know if Comodo Cloud Scanner or Hitman Pro report any suspicious files.

At this point I’m not sure if this is indicative of malware or whether this is a bug with the sandbox. After all, the sandbox is new. 88)

I have run all requested scans, and nothing has come up in any of them. Perhaps these programs are a false positive?

And yes I run a customized version of windows, but in no way is it bootlegged. I have a legitimate key.

Probably. Next time the alert comes up see if you can figure out the file path.

May be worth checking for a scheduled task with no known purpose. Sandbox appears to detect these, possibly when they run unpackers at regular intervals?

Best wishes