MSE detected a rogue in sandboxie so I removed it and then emptied the sandbox.

I ran a scan and it found 2 traces of it. 0_o How come? I emptied the sandbox? The traces said they were in sandboxie even after I emptied it after I deleted the detection. I scanned again with MSE, Hitman Pro, Superantispyware and Malwarebytes and they came up clean after MSE got rid of the left over files.

 

Are you sure the rogue was inside SandBoxie?
Traces are leftover files/registry settings that may have been caused by a rogue (according to MSE).

 

I never released it from the sandbox and what was detected was in sandboxie as temp files from when I saw the destination of the files. I scanned with MBAM, SAS, Spyware Terminator and Hitman Pro again and they all came up empty.

 

Malware in your sandbox isn't a problem. Just empty the sandbox, and it's gone.

 

I don't think you read the post.

 

If that true then it still in sandbox ok? Not on real system. May be didnt delete like you thought.

 

Are you sure that you deleted the contents and not just Terminated Programs?

Can you check the MSE log and find the exact path of the traces found.

 

Unfortunately I deleted the history. But I scanned with my programs and its clean now and I emptied temp files. I emptied the sandbox after MSE reported it was found and I deleted it. Then I ran a scan and it did find 2 temp files within sandboxie with it in but MSE said that it was suspended. So I guess MSE detected it in that and thats why it found it during a scan was because it picked it up out of the sandbox.

 

Anti virus programs can maintain a lock on files in the sandbox even
though they run outside of the sandbox. May be that's what happen
here. In other words, you surfed and something got detected by MSE
and even though you deleted the sandbox, those files remained locked
by your Anti virus. Trying to make sense of what you describe, that is
the best explanation I can come up with. The best part is that you are
clean.
Bo

 

As Franklin pointed out, the log should definitely show the 'traces' were in the C:\sandboxed location, but would have since disappeared as sandboxie's contents were emptied.

 

Thats the best way I can think of it Bo.