In January I tested the files an executable.The portable file from an already old program Power DVD 7.3 and Richvideo.exe, and analyzed these files.
I made some in different environments 2 Sandbox, VM Win7 SP1 and WinXP SP3, the result was unbelievable, send these files to quarantine and submitted for analysis.
But as we know it is working or do not know, had the scanning button, disappeared, until the previous version was still there. Also send form of malware samples and a file were created a detection.
Sandboxie 5.22 date 07.10.17
During execution, we wait for a few minutes.
The folders 400000700002i, 4000003400002i, 4000004400002i.The files have 8 KB
SandboxieCrypto.exe
https://www.virustotal.com/#/file/e477045e396f01a6bd1c29740a56e1f69ab276238f7db4f1fd197b0e48492f43/detection
igfxext.exe
https://www.virustotal.com/#/file/21e28d57211ed9867a5f3924c483d9024a636dcd891e2acdc43395b5c54fbb0e/detection
igfxsrvc.exe
https://www.virustotal.com/#/file/beb29ab6fd51e7f5a4034aa06445ac9fb0d3abd81816c6457bca29df95b8280d/detection
Shade Sandbox
The folders 400000700002i, 4000003400002i, 4000004400002i
RichVideo.exe
https://www.virustotal.com/#/file/c47e4db40e2776e485f9194d682aaaf819ed540b73a403f126fc4e4f8c292460/detection
igfxext.exe
https://www.virustotal.com/#/file/21e28d57211ed9867a5f3924c483d9024a636dcd891e2acdc43395b5c54fbb0e/detection
igfxsrvc.exe
https://www.virustotal.com/#/file/beb29ab6fd51e7f5a4034aa06445ac9fb0d3abd81816c6457bca29df95b8280d/detection
They are the same files and made previously,it makes little difference, in the first test he created svchost.exe.
Windows XP SP3 was what showed it was not seen
The folders 4000002a00002i, 1000000500002i, 1000000600002i
RichVideo.exe
https://www.virustotal.com/#/file/c47e4db40e2776e485f9194d682aaaf819ed540b73a403f126fc4e4f8c292460/detection
svchost.exe
https://www.virustotal.com/#/file/08f61097b0290035ef21740b963eb5d9bd607d1e97f33bd0c8627182b9e6ca01/detection
If the detection was added in hh.exe as FileRepMalware, although the detection is in VT (Vírus total), it is not detecting anymore. Why did the heuristic not compare thes files and could not add detection?
F-Secure in cloud detection because this is not listed in Vírus total.Screenshots are attached.