sandboxie

found this one in sandboxie, is this for real or just a fp.
c:\sandbox\admin\defaultbox\user\current\appdata\local\microsoft\windows\temporary internet files\content.ie5\9cj6dvff\fastdownload[1].exe

 

Is that contents in sandboxie from a download you did not delete from invocation or what.

 

did delete that, that was in quarantaine by webroot, so no prob

 

Was it a FP or not sure yet? If not then nice job by webroot.

 

Can't really say much from a filename.

Got an MD5?
In the scan logs, the program logs are at the end and should include the filename for the detection and an MD5. Then a WSA person can peek.

Or check on the Webroot Community with the MD5 info and you might get a faster answer. I'd say shout out to Kit (He's helpful), but he'd probably die from overwork if everybody did that. He used to be an escalation engineer but he's QA now and everything he does on the community is on his own time.