This file (VSSVC.exe) is in C:\Windows\System32 & from my reading should be there, however it's just appeared in WSA in 'Protected Applications' as a single file. It's never been there before & the only change made to this PC in the last few days was the update of DropBox today - Any ideas why it's protected? Win7 64 Bit. It's not shown as unknown but in the scan log it does show as modified: Tue 22-01-2013 00:46:40.0749 Determination flags modified: c:\windows\sysnative\vssvc.exe - MD5: B60BA0BC31B0CB414593E169F6F21CC2, Size: 1600512 bytes, Flags: 00000000 Though why the file would be modified at that time is unknown as the PC was idle?
I have this for the same file: [G] c:\windows\sysnative\vssvc.exe [MD5: B60BA0BC31B0CB414593E169F6F21CC2] [Flags: 00110000.2546] It's not in my Protected Applications list.
As I foolishly removed it from protection I've imaged the C:\ drive back to yesterday & will see if the file is modified again, I'm always suspicious of system files changing without good reason so I'll see what occurs
The problem hasn't occurred again so must have been a glitch somewhere? However it was most useful for WSA to show that the file had changed! And frequent images of your C:\ are IMHO essential for prevention of sleepless nights & infrequent usage of your Windows discs
It could have been started by a protected application, which may add it to the list intentionally. As long as you're not seeing anything strange happening on your system, I wouldn't be worried