Skip to main content
Question

Box Drive 2.52.313 – Code Integrity Event ID 3033 Involving BoxShellExtShim DLL and MsSense.exe

  • July 2, 2026
  • 0 replies
  • 7 views

Hello Box Support,

I am seeing recurring Windows Security notifications on a Windows 11 system that appear to correlate with Code Integrity Event ID 3033 involving a Box Drive shell extension DLL.

Environment

  • Product: Box Drive
  • Box Drive version: 2.52.313.0
  • BoxShellExtShim version: 2.52.313.0
  • Operating System: Windows 11
  • Microsoft Defender for Endpoint installed and active
  • Smart App Control: Off
  • Box Drive is actively used and functioning normally

Symptoms

Windows Security periodically displays notifications indicating that content has been blocked by an administrator. While investigating, I reviewed the Microsoft-Windows-CodeIntegrity/Operational log and found repeated Event ID 3033 entries.

Event Details

Event ID: 3033

 

Code Integrity determined that a process

 

\Device\HarddiskVolume3\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe

 

attempted to load

 

\Device\HarddiskVolume3\Program Files\Box\Box\BoxShellExtShim-2.52.313.dll

 

that did not meet the Windows signing level requirements.

 

 

The event is immediately followed by Event ID 3089 entries stating:

Signature information for another event. Match using the Correlation Id.

 

I have confirmed:

  • The file exists.
  • The DLL is digitally signed.
  • Windows reports the signature as valid.
  • Box Drive continues to operate normally.
  • The issue is reproducible and generates repeated Event 3033 entries.

Additional Information

I verified the following:

Box.exe 2.52.313.0

BoxShellExtShim-2.52.313.dll 2.52.313.0

 

Smart App Control is disabled:

SmartAppControlState : Off

 

Code Integrity policy registry values currently show:

HKLM\SYSTEM\CurrentControlSet\Control\CI\Policy

 

EmodePolicyRequired 0

SkuPolicyRequired 0

VerifiedAndReputablePolicyState 0

SAC_PreviousState 0xffffffff

 

Request

Could you please confirm:

  1. Whether Box is aware of any compatibility issues between Box Drive 2.52.313 and Microsoft Defender for Endpoint (MsSense.exe) resulting in Code Integrity Event ID 3033.
  2. Whether BoxShellExtShim-2.52.313.dll is expected to generate these events.
  3. Whether there is a newer shell-extension build or hotfix available.
  4. Whether Box has guidance for environments where Microsoft Defender for Endpoint is generating signing-level requirement failures against the Box shell extension.

I can provide additional event logs, signature details, file hashes, and system information if needed.