questions about sandboxie 64 bit

hey wilders, im thinking about using sandboxie on my vista 64bit main computer and i have a couple of questions

1. when i first install it are there any changes i should make to the defaut configuration or is it fine?

2. i use keyscrambler and ad block plus with firefox and im just wondering if these are compatible with sandboxie 64 bit

3 is sandboxie sompatible with threatfire?

thanks in advance

EDIT: also i checked the sandboxie 3.44 installer from the offical sandboxie website and it shows 1 trojan winhorse from esafe
~ VirusTotal link removed per Policy ~

most likely a false psotive since sandboxie is a legit program righ?

 

anyone?

i installed it and seems to work fine but can anyone tell me why the installer has a trojan in it?

 

If you downloaded from Sandboxie's website then you are fine.
That one out of forty detection at VT most certainly is a false positive.

 

The trojan reported is most likely a false positive. I uploaded the file to jotti, scanned it with avira free, mbam and sas and they all reported the file clean.

1. The default setup is fine but you might want to limit what can run (start/run access) and have internet access through Sbie. It's also a good idea to block "sensitive" areas on your hard drive from what's running in Sbie (File Access > Blocked Access).

More info here: http://www.sandboxie.com/index.php?RestrictionsSettings and here http://www.sandboxie.com/index.php?ResourceAccessSettings#file

You may want to turn on Drop Rights since your running 64bit. See 7th paragraph here: http://www.sandboxie.com/index.php?NotesAbout64BitEdition

Look into Forced Programs and Forced Folders and see if it's something you would like. http://www.sandboxie.com/index.php?ProgramStartSettings

If your using ABP, you can create a rule that lets the filter rules pass through to your hard drive. My rule looks something like this: OpenFilePath=%AppData%\Mozilla\Firefox\Profiles\********.default\adblockplus\pattern*

The asterisks part is my profile name. You will need add yours instead and add it to your Configuration.

I hope this helps a little and don't be discouraged by all the available settings. Take your time and get to know sandboxie. The settings are easier than they appear and you can apply them at your leisure. If you want specific help, let us know what you want to run in the sandbox.

 

ok thx for the info, but adblock plus and keyscrambler seem to work fine with firefox in sandboxed mode, if it works fine do i ahve to create new rules for them?

and also whe n firefox updates to a newer version all i would need to do is run the regular firefox and just update it and then go back to the sandboxie short cut right?

 

You don't have to create the rules but the ABP does update it's patterns automatically so it's kind of nice for it to pass through.

To update firefox all that is needed to do is start a non sandboxed session and update FF and/or it's add-ons.

I would make sure the Drop Rights feature is on since your running 64bit .

 

1. It depends (are you paranoid or not). Read this thread and decide, what you looking for: https://www.wilderssecurity.com/showthread.php?t=240008
Default Sandboxie is good, but when you make some changes- its overkill

2. When you have Firefox sandboxed, you dont have to make each sandbox for any of addons, everything is going smoothly, only remember- new version of browser, addon, etc... Disable always force Firefox, and update- thats all

3. I really have no idea (I never used Sandboxie and Threatfire running altogether), but I think, you shouldn`t have big issues...

 

In testing on several PCs, I found no conflict between Sandboxie and Threatfire.

 

ok thanks guys, yea the drop rights is automatically enabled in the 64 bit version.

but im sorta confused about the start/run access and internet access settings.

if i want firefox just to have access to both start/run and internet in sanboxie should i just add firefox to the start run and internet access settings?

and for file access/blocked access, do i just add my C drive into this to not allow anything in sandboxie to access my harddrive?

 

Yes. You may also need to allow java.exe in certain situations but I wouldn't do that unless you have a site that needs it.

I would only block access to specific areas such as files or folders that contain personal or financial information. This is mainly to prevent keyloggers from accessing your info during the browsing session. Either way the keylogger or any changes would be gone when you empty the sandbox but it's nice to block access to those areas just in case.

 

to innerpeace, ok thanks but im having problems running firefox sandboxed if i block access to my C drive which is the only harddrive on my pc.

i get sbie 2204 and 2313 errors if i try to run firefox sandboxed with the blocked access to my harddrive.

is this because the sbierpcss.exe is in my program files?

see my other thread here:
https://www.wilderssecurity.com/showthread.php?t=265650

 

Hi watsup,

I saw that tzuk responded to your question. If you have any more questions ask away.

 

yep he replied to me on the sandboxie forums. i dont really ahve any senstivie data on my computer since it a gaming computer mostly, and some movies, music, family/friend phots etc etc

but i have another question innerpeace, sandbox is suppuse to add its own folder into my C drive right? has the sandboxie symbol instead of a folder icon

 

I'm still using version 3.40 and I have C:\sandbox. That is where everything is written during the session and when the contents of the sandbox are deleted so is the contents of C:\sandbox.

I think tzuk made a change in the recent versions to include the sandbox icon. There may have also been another change but I can't remember now. Ok, after searching I found the thread from the betas. The change should be in version 3.40 and up. I have no idea why I'm not seeing it. http://www.sandboxie.com/phpbb/viewtopic.php?t=6172