Sandboxie

Can i ask, if SB was configured say, for banking, you had a special box.The only program allowed internet access and the right to run was say, firefox.exe, then absolutely no other program, including malware, could run. As long as the pc was clean, you would be ok ?
If you visited a malicious website , would you not get a message, for instance that virus.exe was not configured to run in that particular box.Access denied

 

Yes, you can have multiple sandboxes for say Firefox, with differing configurations. You can have these individual Firefox.exe sandboxes running at the same time. If you right click Firefox icon and click Run Sandboxed, that brings up A Sandboxie popup with all the sandboxes you have available. I have a banking sandbox that I use for IE. Only IE can access the Internet and Start within.

And yes no other application can start unless you give it those starting rights. Sandboxies rights override in this situation. I'm sure someone with a deeper knowledge of how Sandboxie has such elevated system rights can explain better for you how this is done.

@Sully

I only really figured how Sandboxie works with Windows by adding C:\ to Read-Only Access - File Access. You can give the sandbox registry read-only rights, and everything works fine - nothing is noticeable - but sandboxes with file-read only renders applications mostly unusable. Windows OS is the enabler for what is running inside the sandbox, good/ or bad. Up untill then I hadn't figured you could have malware running in the sandbox - it could be interacting as programmed. I had thought Sandboxie was totally buffering all the bad stuff.

.

 

i tried sandboxie today and it kept freezing my computer every 10 minutes or so. A popup came up when i installed it telling me about compatibility with avast but i clicked ok not sure if i was suppose to do something there because sandboxie freezes my computer every 10 minutes it seems and then unfreezes after about 2 minutes.

 

What other programs do you have running? Also are you getting any error messages? You should try to uninstall, run a cleaner (cclearner) and then re-install.

 

Chris - there are gonna be much more sophisticated solutions, but here is what I would do.

Firstly, my Sandboxie went in perfect - not a hiccup and worked immediately. I have opted for the Free version. It has worked without a single problem ever since.

Uninstall Sandboxie using Control Panel>Add/Remove.

Check the Sandboxie garble to see if there is any compatibility problem with your system or if any programs you have are not acceptable to Sandboxie.

Once Sandboxie is gone, look for stragglers :-
Start>Search>All files and folders>Enter "sandb">Local Hard Drives>More advanced options - check the lot>Search.

With Sandboxie fully installed, my search reveals 29 files, but with Sandboxie uninstalled there will be a lot less - stragglers. Delete them -> Recycle Bin. If normal delete has some alert rubbish, use Unlocker Assistant - http://ccollomb.free.fr/unlocker/ That will do it on shut down, BUT not to the Recycle Bin.

NOTE ! When deleting files manually, you must be certain they are related to Sandboxie and not some other program. - be careful. If they go into the Recycle Bin, fine, you can recover them, but if not - they are GONE.

THEN, take a deep breath and re-install Sandboxie.
From then on all I can do is wish you good luck.

John Bull

 

If the uninstall is giving problems or you question it, try this.

Uninstall SBIE, reboot. Be sure the service and driver are gone (check from services and device manager).

If the c:\Sandbox directory remains, simple rename it (ie. c:\XXsandbox).

Reinstall.

If you want to uninstall but have things in the sandbox you wish to keep, you can shut the sandboxie service down and copy the contents of c:\sandbox. Then you uninstall or whatever else you need, and you still have all the contents of the sandbox (if you need them) until you figure out what the issue is.

Sul.

 

To add to this, if the service IS still listed in services.msc (this is where I go to find services on my Win 7 system), you can delete them manually by doing the following:

1. Open a command prompt (run as admin if on Vista/7)

2. Type in, without quote marks: "sc delete (services name)"

3. Hit enter and then press F5 to refresh the services list. The service should now be gone.

I had to do this to get rid of "gupdate" which is the update service for Google products. Always, always, check for this thing even if you think you have everything Google-related deleted by the way. Google infests your system.

Anyway, yeah, I just wanted to add to the subject on that.

 

Good add-on. Lets go further with it then. The service name is SbieSvc in win7, I think it is the same in XP as well.

Stop the service like this
sc stop sbiesvc

Start the service like this
sc start sbiesvc

As dw426 pointed out, delete by
sc delete sbiesvc

but, you might have to change its state from automatic to disabled. Do this then.
sc config sbiesvc start disabled

You can also use the 'net' command to start/stop services, like this
net stop "sandboxie service"

But, do note that net start/stop is a slower method, and with the net command you use the "service name" and the sc command you use the "section name".

Just another tidbit to put in your database

Sul.

 

Yeah, change the service to disabled first, just to be safe about it, then go through with the deletion

 

Just a small point aimed at our generous helpers.

Sandboxie is taking 40 seconds to load up from hitting the Desktop icon.

Surely this is far too long, can you come up with a reason and how I can improve this slow response ?

I run the Free version, but that time does not include the Nag panel.

John B

 

Try deleting the contents of your sandbox.

 

J_L, Don`t be naughty, my sandbox is auto-deleted on shut down.

John

 

John, my sandboxes will come up fast or slow depending on the application. For example Media Player is almost instant, where a browser is slower. Firefox is really slow, Kmeleon and Opera about the same (not too fast) and Iron is perhaps 3 seconds. Iron by itself is instant off the SSD drive I have. Do you see a difference for different programs being sandboxed?

I have had issues in the past with sluggishness, and it amounted to a different version making things right.

Sul.

 

How long is really slow? FF takes 4- sec to open here and Opera 1,5 or so. Both when already started and closed before. When already open it's instant.

@ John Bull : of course you've already done so, but look in taskmanager what's maybe interfering when starting SB.

 

Thanks Get.

Sully is usually a pearl in the oyster and though I will look in Task Manager and see if I can spot something, I suspect that the long delay is just designed for me and my retired status or I am taking advantage of the FREE edition.

If you are critically dependent on rapid response to put the final touches to the orbit of a planned Pluto probe on your laptop whilst on the subway going to work, then seconds count. If you are a retired Fuddy-Duddy like me and have all the time in the world, it does not matter much does it ? Roll on death.

John B

 

Dear Stapp - love ya Seahorse. Thanks for responding.

It is 17.00 BST = GMT +1 here and Sandboxie has only taken 8 seconds. I reckon there is nothing wrong, it depends on world activity coming on line (night and day), plus the Server`s characteristics.

With all of Asia, Oceania, most of Russia and 1/3 Africa in darkness at the time above, that accounts for a huge shutdown, perhaps 1,000 million users or half the worlds total. The worst time is probably when most of North and South America, some of West Europe and most of East Asia + Oceania are in non-sleep periods (daytime or evening).

Another factor is that I use Hibernation and it takes a while to come out of it, Stand-by is very quick.

Sorry to have troubled you all, but I did think 40 seconds was a little too much, I could feel my hair growing longer.

Thank you all
John B

 

I think with 40 seconds there is no reason to worry. On my old notebook with Windows XP it also often takes quite long (sometimes about 40 seconds too, I assume). On the other hand I have a new computer with Windows 7, the configuration of Sandboxie is exactly the same as on my old notebook but the starting time is only about 5 to 10 seconds I would say.

---> Starting time seems to depend on various (unknown) circumstances, and in case that it is not extremely long, we should not worry about it.

 

Firefox opens the first time after boot in approx. 12-15 seconds. Subsequent openings are about half that. Firefox without the sandbox takes perhaps 5 seconds on first run, subsequent maybe 2-3.

Conversely Opera/Kmeleon take about 5 seconds first boot, maybe 3 seconds subsequent in sandbox. Near instant without sandbox.

There is a very slight delay when rendering pages or fetching data, don't know which. You can tell the difference, but if you always sandbox, it is quite acceptable. Only when you open sandboxed then unsandboxed do you see the slight delay.

Sul.

 

Sorry for intruding into the thread, but I was wondering if anyone had any thoughts about a recent post over on the Sandboxie forums. I'm a user of Windows 7 x64, and as such I've always been concerned with the fact that PatchGuard effectively cripples security and makes for a more vulnerable system. Tzuk has been very forthright and upfront about the difficulties in designing an x64 version of Sandboxie, and I applaud his honesty in that matter.

Someone over on his forums posted this thread which points to a possible x64 Sandboxie bypass (located in another thread -http://ssj100.fullsubject.com/sandboxie-f1/breakout-sandboxie-346-x64-t223.htm#1615- on a different forum). The ensuing conversation was confusing to me, particularly when Tzuk starting talking about "full session sandboxing".

Bottom line, is this a threat to x64 users? Should I be worried about it? Sorry I'm so dense, but the conversation is hard for me to follow, and I'm just trying to keep myself as safe as I can.

 

Please excuse me asking this question, but the matter keeps popping up in my mind and whilst I do not have a clue, others no doubt will.

Basic question :- Has Sandboxie the unique privilege of having no equivalent competitor product on the market ? I personally cannot find one at present.

I have been totally converted to Sandboxie, mainly by Wilders posts. I have used the Free version for about 3 months and find it impeccable. Not a single problem since installation and not a single complaint to make.

I have been around a long time and never once in my life have I seen any product on Earth from the most exclusive military hardware to a special beer not have a competitor. In every case, the product is copied in some way to provide an alternative. It sometimes takes a while, but it always happens. In many cases the alternative product is infinitely better, since the designers have the original product`s performance to serve as a test bed.

Not a single innovation has escaped competition in our entire history and no product ever will. Exclusive rights do not exist.

So, Sandboxie ? If it is enjoying the free-play of an empty stadium now - it will not be long before another team or teams appear on the scene. Such market competition is unstoppable.

Your comments please.

John Bull

 

The only 'active' competitor to Sandboxie is Bufferzone, who also offers a freebie.

I am afraid Sandboxie (application virtualisation sandbox) and DefenseWall PFW (firewall plus policy management sandbox HIPS) are one man bands who are able to survive in relatively small market segments.

You can't see breaking news of a Proof Of Concept or malware breaking something or SBIE and DW are resistant to it. They are really the champions in their class to such an extend there is hardly competition (DefenseWall has one competitor, GeSWall, but is barely giving signs of life).

Regards Kees

 

Kees, I am told on the grapevine that you are a highly respected and extremely intelligent personality on this Forum and I endorse this view completely. A very informative reply.

If the Sandboxie market is significant, profitable and has a growth potential, then everything I have said WILL happen. If not, then SBxie just "may" be allowed to walk it alone unmolested.

Patents are a legal joke. If Robert Oppenheimer ever filed a patent for his beneficial gift to mankind, then the Russian`s took no notice of it.

You can buy a "genuine" Rolex watch in Bangkok for a few bucks or a customized AK47 if that is your fetish.

Kees, I simply cannot see poor old Ronan kicking that ball about on his own for long, before the big boy`s or even a few little boy`s snatch it from him.

Salute - John

 

I say the most likely candidate is Symantec.. they offer a huge $$ and say "keep working for us". I think most of us know what happens next..just another song and dance. They could call it SymandboxIE.

Maybe Symantec should buy Microsoft and bring it into the borg as well. Maybe SymSoft MicroBoxIe then.

Sul.