What would you run with Sandboxie?

sandboxie was not bypassed here it was human errors same will happen with hips
with sandboxie you must train the nooby users to avoid errors

 

Yes, it was. It was mentioned in Sandboxie forums. First, user Brummelchen (I believe that's the nickname ) reported it back then in Sandboxie forum, mentioning that an application installed inside Sandboxie managed to create user accounts in the real system.

This report went unnoticed for quite some time. Until some other person came out with a PoC, revealing precisely the flaw in Sandboxie, which Tzuk fixed.

So... I'm a proud user of Sandboxie (paid version)... but, also a proud user of AppLocker.

P.S: And, keeping the real system clean of clutter, by installed programs, is one of Sandboxie's features.

Source: http://www.sandboxie.com/

 

Currently using the same setup + Shadow Defender.
Malware Defender + Sandboxie has worked well for me in the past also.

 

good security aproach pete

 

Indeed thats a good 360 degree aproach.

 

That's the best type of stuff.

 

From what has been said, the one thing Sandboxie isn't good enough to protect us from is human error, and other programs are run to deal with that. The number of slip-ups I make has steadily declined since I've been reading here at Wilders, and my computer habits aren't very risky, other than using the internet hours each day for research, downloading, and watching videos and movies, all under the protection of Sandboxie. I try to use the least intrusive security, so EMET might be a good addition. In the past it prevented a few programs from working right, but I'll try it again and read up on how to deal with those problems.

And I'll look into Appguard.

 

I personally feel that Sandboxie is great for human error.

If you have a default sandbox and you run malware in it you get a full look at what the program really is. Hell, if it's a portable game that's secretly trying to hook you into a botnet you can continue to play the game and be just fine.

Of course, that's still relying on the user to run it.

 

I'm not too worried about what happens in the sandboxed browswer (there's always the Sandboxie 'Terminate All Programs' command when things go badly off the rails), for me 'human error' would be moving malware out of the sandbox somehow. Files can be checked with HMP or MBAM in the sandboxed Downloads folder before moving, but there may be some other way in that I haven't considered.

EMET loaded, set to maximum, everything okay so far.

 

Q. What would you run with Sandboxie?
A. From Firewalls and HIPS to BB and AntiKeyloggers.
AVs too. (Avira 2012 excluded).

 

Use what you like after all Tzuk has made his product compatible with most other security products out there however I think it is worth saying you can run it on its own.

It takes an understanding of where what you do might be a risk and how to use SBIE to plug that gap. For example I run the usual threatgates with start, run and internet restrictions as well as dropped rights. I don't allow quick recovery but do allow direct access to download directories that are in themselves forced to sandbox with similar restrictions. Everything is then scanned or uploaded to VT or run in the sandbox or all of these things before allowed out.

Is there a chance I will let something malicious out? Of course but there is a chance an AV would miss a given sample or I choose the wrong option in a HIPS alert. Nothing is full proof.

Add the layers you feel comfortable with but user error (or more worrying for me missing signatures or the limited protection scope of some traditional security apps) leaving you vulnerable is always applicable regardless of the number of layers.

Running only SBIE in the past made me more carefully but kept me fully protected.

Cheers

 

Online armor free (or Comodo, but just the Firewall, no Defense + or sandbox), and panda cloud free

Edit: If you want less pop-ups, I will go with Mumutu (if you have $) Or the free Threat Fire, but use Panda cloud as the AV.
Edit 2: For the On-demand scanners, Hitman Pro and MBAM (you can throw in CCE if you want)
Edit 3: After much consideration on this, I will also run Appguard.
Edit4: or you can just leave all of that, install Chrome or Firefox with WOT & Bitdefender traffic light, With Panda still as the AV and it's web guard. So your setup will be like this, Real-time AV: Panda Cloud | With Sandboxie and a protected browser. Light, fast and safe!

 

Outbound FW
HIPS
Router
On demand scanners: Hitman Pro, MalwareBytes
Backup/Imaging software: ShadowProtect, Macrium Reflect


Real-time AV, if you're unwilling to manually scan files before unboxing them. I rarely download anything anymore, I have a very static setup. I'm also running on 1 gig of ram. So for me it's not worth it to have a real-time AV using resources all the time. On the rare occassion I download something I right-click/scan them before unboxing. But that may not be practical for everybody. If I were to use one again I'd use something with a light footprint, like Panda Cloud.

 

sandboxie is a real gem in security

 

Just the firewall (w/o hips and other BS) and there's no need for anything else.
Maybe some on-demand (Hitman,MBAM) from time to time, to clear cookies and to clear your mind (paranoia)

 

i use sandboxie and Panda Cloud Pro both work well.

 

Myself, I don't want to run nothing along SBIE. Restricted, separate sandboxes is all I feel that I need normally. If I want to install something, I run the installer at VT, Jotti and run a HMP scan. Using SBIE this way, has worked well for me.

Bo

 

I'd Personally run MalwareDefender and Sandboxie together

 

Personally, I run Sandboxie with all my internet facing applications - Firefox, Thunderbird, Foobar2000 (I have a lyrics panel running), and uTorrent. I also have a sandbox for USB thumb drives or other removeable storage just in case they are infected.

I like to have AppGuard running as well...I consider it my safety net if something by-passes Sandboxie. I also run MalwareBytes and HitMan Pro on demand once in a while to check if anything can be found. For me, this is a light setup with no drag on my PC and it's quite effective, IMO.

Sandboxie is a truly wonderful product! In fact, I've setup my Wife's 88 year-old grandmother with Sandboxie since she clicks on anything that flashes or makes noise. Before Sandboxie, her PC was infested with malware. She's now been on Sandboxie for just over a year and she's has had no infections of any kind. Avast free is also running in real-time just in case, but the detection logs are empty.

 

see my signature

 

I am currently using this in my signature.

But I have used many programs it is very difficult to have any problem with Sandboxie.

In my opinion software is the closest to perfection I've ever used!