Something worries me about Sandboxie...
2 posters
Page 1 of 1
Something worries me about Sandboxie...
by Solar 12/6/2011, 21:33
Hello, everybody. I'm new to these forums. It took months for me just to have enough courage to register on these forums. Since I consider this forum very friendly from what I've seen, I decided to give a shot what tortures me about Sandboxie (including the newest version):
Basically when I say "a torture" is hyper-exaggeration, but still represents a slight concern.
I found on you tube that Sandboxie failed to prevent Trojan.Spyeyes and Trojan.Banker from running, for example
https://www.youtube.com/watch?v=SpO35OM_6_w&feature=related
Here MBAM picked up Hijack.Help
Here Sandboxie left 3 malwares which MBAM picked it up:
https://www.youtube.com/watch?v=rPQui1fs6Lg&feature=related
It did let 3 malwares on the computer according to MBAM (MBAM=Malwarebytes Anti-Malware). Maybe that's only a mistake because the processes (exe.files) of malware samples are deleted/terminated, folders are not, like in GesWall testing???
Question: What is the difference between GesWall and Sandboxie: Does Sandboxie have more limitations than GesWall or DefenseWall and what are those limitations?
For example, I heard that Sandboxie can't prevent driver/kernel level malware installation???
That was 3 years ago written by Iliya on Wilders security forums, I read it.
I don't know if anything was changed since than?
However that was than, now it seems that Sandboxie is vulnerable to rogue anti-malware programs (like WinXP antivirus)?
Maybe that's only a mistake because the processes (exe.files) of malware samples are deleted/terminated, folders are not, like in GesWall testing...
From what I know: GeSWall uses windows internals, therefore it cannot overcome the limitations of NTFS security, while Sandboxie can?
And Geswall was bypassed exactly 1 year ago:
http://www.freepcsecurity.co.uk/2010/05/17/geswall-test/
The reason why I picked up Sandboxie is because of continuous testing against malware, excellent forum support and you're always here if I'm stuck with something.
Well I'd be happy if I could find the way to fully configurate Sandboxie and save that configuration if somehow possible.
And one more thing how can I change my administrator account to limited user account?
Am I safe to use sandboxie and surf the net as administrator?
Thanks to all.
Basically when I say "a torture" is hyper-exaggeration, but still represents a slight concern.
I found on you tube that Sandboxie failed to prevent Trojan.Spyeyes and Trojan.Banker from running, for example
https://www.youtube.com/watch?v=SpO35OM_6_w&feature=related
Here MBAM picked up Hijack.Help
Here Sandboxie left 3 malwares which MBAM picked it up:
https://www.youtube.com/watch?v=rPQui1fs6Lg&feature=related
It did let 3 malwares on the computer according to MBAM (MBAM=Malwarebytes Anti-Malware). Maybe that's only a mistake because the processes (exe.files) of malware samples are deleted/terminated, folders are not, like in GesWall testing???
Question: What is the difference between GesWall and Sandboxie: Does Sandboxie have more limitations than GesWall or DefenseWall and what are those limitations?
For example, I heard that Sandboxie can't prevent driver/kernel level malware installation???
That was 3 years ago written by Iliya on Wilders security forums, I read it.
I don't know if anything was changed since than?
However that was than, now it seems that Sandboxie is vulnerable to rogue anti-malware programs (like WinXP antivirus)?
Maybe that's only a mistake because the processes (exe.files) of malware samples are deleted/terminated, folders are not, like in GesWall testing...
From what I know: GeSWall uses windows internals, therefore it cannot overcome the limitations of NTFS security, while Sandboxie can?
And Geswall was bypassed exactly 1 year ago:
http://www.freepcsecurity.co.uk/2010/05/17/geswall-test/
The reason why I picked up Sandboxie is because of continuous testing against malware, excellent forum support and you're always here if I'm stuck with something.
Well I'd be happy if I could find the way to fully configurate Sandboxie and save that configuration if somehow possible.
And one more thing how can I change my administrator account to limited user account?
Am I safe to use sandboxie and surf the net as administrator?
Thanks to all.
Solar- New Member
- Posts : 2
Join date : 2011-06-12
Re: Something worries me about Sandboxie...
by ssj100 13/6/2011, 10:54
Hi Solar, I'd suggest posting your queries here if you don't get any replies:
http://www.sandboxie.com/phpbb/index.php
Cheers.
http://www.sandboxie.com/phpbb/index.php
Cheers.
ssj100- Administrator
- Posts : 1390
Join date : 2010-04-14 -
Re: Something worries me about Sandboxie...
by Solar 2/12/2011, 21:21
ssj100 wrote:Hi Solar, I'd suggest posting your queries here if you don't get any replies:
http://www.sandboxie.com/phpbb/index.php
Cheers.
No worries, I have contacted the tester "Ahmed" and he said to me that the only that was left were 3 empty temp files each with 0 bytes, malwares themselves were all deleted/terminated.
So, sandboxie protected against all malware samples in this test.
Solar- New Member
- Posts : 2
Join date : 2011-06-12
Similar topics» DefenseWall and Sandboxie together?
» Sandboxie bypassed
» Sandboxie testing x86 vs x64
» Sandboxie 3.46 released
» Sandboxie about to be bypassed?
» Sandboxie bypassed
» Sandboxie testing x86 vs x64
» Sandboxie 3.46 released
» Sandboxie about to be bypassed?
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum