Problem with Sandbox

ZikO · September 11, 2010, 12:57pm

Hi,

I hope that someone help me how to properly use Sandbox in CIS.

The first is that I have a problem with one file in my system, which is “svchost.exe”. Sandbox is continuously trying to isolate this program. The very odd thing about it is that when I click on the program name in the window which appears to inform me that Sandbox is about to isolate this program, the another message appears: “Windows cannot find ‘C:\Users<login name>\AppData\Local\Temp\svchost.exe’. Make sure you typed the name correctly, and then try again.” I am confused seriously. What is happening here?

The second thing … I have noticed that recently Sandbox started to appear much I mean really much more often that it used to, right after I installed CIS. Why has it been changed.

Thanks for any suggestions

Regards

ZikO

Tech · September 11, 2010, 1:24pm

Legit svchost.exe runs always at C:\Windows\system32\svchost.exe and it is a Microsoft signed file. Are you sure your computer is not infected? Did you run a full scanning?

Citizen_K · September 11, 2010, 3:54pm

Having svchost.exe in a non standard place is a very suspect. Please follow What to do if you’re infected - eXPerience Rev.3 and report back.

Chiron494 · September 11, 2010, 8:27pm

Can you please follow the methods in the link on How to Know If Your Computer Is Infected and let us know what you find?