SbieSvc.exe riskware

[tururu]

Hello:
I'm runninig SBIE 2.86 and once in a while I get this strange warn message by Kaspersky 6.0:

Running process C:\Archivos de programa\Sandboxie\SbieSvc.exe: detected modification of riskware 'Private data and passwords access'.

It appears mostly on boot-time, although I have set the AV to let SBIE work properly as far as I know; in fact I can use it whithout any other annoyance. So... Does the SBIE need to read any license file on startup? or Am I infected and the SbieSvc.exe is leaking my private information?. I run the AV very often and get no reports, should I check the file integrity by other means?. I'm quite shocked whith this behaviour , maybe I'm wrong whith AV privileges for the service....

Thanks.

[tzuk]

What you read below is merely a guess.



It may be over-protectiveness on the part of Kaspersky.

There is a mechanism called Protected Storage which stores 'Private data and passwords access' as Kaspersky calls them. To keep a sandboxed program from changing this store, the SbieSvc will access this store on behalf of the sandboxed program.

But this means that to a third-party observer, it would seem that SbieSvc, an administrative SYSTEM process, appears to be accessing Protected Storage. It's possible that Kaspersky sees this as something out of the ordinary, and warns about it.

[tururu]

Fastest and nicest support, tzuk!

I'll leave it go then, since the process is noy infected when scanning.
Topic solved in a few minutes! Thanks.