AppGuard+Sandboxie+Antivir free on x64 Win7

Rivalen · #1 December 13th, 2011, 11:23 AM

This will be my setup and now I must make it work optimum together.

AppGuard is set at Lockdown. Sandboxie at default = not experimental - yet.

AppGuard works great but block some SB things - which could mean SB is not working properly. SB can start and browse - slow - and some videos etc doesnt open - so I need to do something.

I have read all over the place, but could someone make a summery of the actions I need to take?

Remember - I am more security interested than computer savvy.

Thank you

Dark Shadow · #2 December 13th, 2011, 11:53 AM

There are some known compatability issues with 64 Bit with SBIE and AppGuard,But If you put the C:\ Sandboxie in the exceptions and that should take care of the slowness,not sure about videos.Also change type to read&write.

Rivalen · #3 December 13th, 2011, 12:39 PM

Thanks djohn - I added Sandbox with the diagonal yellow logo to exceptions with read/write and now I dont see a trace of SB in AG logs, Thats what we wanted isnt it?

Speed might be up a bit - still to early to tell for sure.

If something breaches through SB will the IE8 still be under AG protection? I am not savvy enough to know if I - with this setting - is browsing only relying on SB or if I have the double of SB sandboxing IE and AG backing it all up since IE is a guarded app. Did that question make sence?

Next step might be to go Experimental in SB. Any opinions on that?

Thank you very much

chris1341 · #4 December 13th, 2011, 04:57 PM

@Rivalen you wont get AppGuard and SBIE paid to open forced programs properly at lock down on 64 bit. You can get it to work on High if you change the Privacy settings in the screenie posted by djohn to 'NO' for browsers.

SBIE free/paid right click send to Sandbox or desktop start browser sandbox shortcut should work as they are initiated by Start.exe. See

http://www.sandboxie.com/phpbb/viewt...?p=74164#74164

Cheers

Rivalen · #5 December 14th, 2011, 06:34 AM

Quote:

Originally Posted by chris1341

@Rivalen you wont get AppGuard and SBIE paid to open forced programs properly at lock down on 64 bit. You can get it to work on High if you change the Privacy settings in the screenie posted by djohn to 'NO' for browsers.

SBIE free/paid right click send to Sandbox or desktop start browser sandbox shortcut should work as they are initiated by Start.exe. See

http://www.sandboxie.com/phpbb/viewt...?p=74164#74164

Cheers

Thanks. Should I understand this so that I remove Sandbox folder from Guarded Apps exception and do what tzuks bottom line says and then I am as good as I can be?

tzuks BOTTOM LINE: "In the Guarded Apps tabs, modify the browser settings to have Privacy=No. Also, add SandboxieRpcSs.exe to the Memory Guard exceptions in the Advanced tab.

I don't know to what extent this affects the protection of AppGuard, but it is the only way to make a guarded SandboxieRpcSs.exe talk to a guarded browser process."

If I do like this - tzuk says he doesnt know if this still makes AG a fully functionql layer extra behind SB. Does anyone know?

Best Regards

Rivalen · #6 December 14th, 2011, 09:34 AM

Quote:

Originally Posted by chris1341

@Rivalen you wont get AppGuard and SBIE paid to open forced programs properly at lock down on 64 bit. You can get it to work on High if you change the Privacy settings in the screenie posted by djohn to 'NO' for browsers.

SBIE free/paid right click send to Sandbox or desktop start browser sandbox shortcut should work as they are initiated by Start.exe. See

http://www.sandboxie.com/phpbb/viewt...?p=74164#74164

Cheers

Chris - I checked - I dont have any programs under forced programs and I thought thats as it should be = default settings of SB? Does all you guys customize/configure forced programs? Edit; I am on free SB sofar and the forced program feature isnt available and I dont know if I want it or need it. Does that make things easier when it comes to how I should set it up to ensure layered protection?

Best Regards

chris1341 · #7 December 14th, 2011, 12:14 PM

Quote:

Originally Posted by Rivalen

Chris - I checked - I dont have any programs under forced programs and I thought thats as it should be = default settings of SB? Does all you guys customize/configure forced programs? Edit; I am on free SB sofar and the forced program feature isnt available and I dont know if I want it or need it. Does that make things easier when it comes to how I should set it up to ensure layered protection?

Best Regards

If you are only running your browser from the desktop shortcut on free (or by right clicking and send to) then the AppGuard confict should not impact on you as the sandboxed session is initiated by Start.exe . If you force programs sandboxierpcss.exe initiates the sandbox and this is where the issue lies.

Multi threads about sandbox settings here to help you if you want to tighten free or go for paid and forced processes.

Sandboxing & virtualisation forum is the best place to start http://www.wilderssecurity.com/forumdisplay.php?f=98

Cheers

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search