Funny Issue with Sandboxie

Discussion in 'ESET NOD32 Antivirus' started by Galaxykiss, Oct 3, 2011.

Thread Status:
Not open for further replies.
  1. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    Today I found that the sandbox cannot be remove if you run eav 5.0 in Sandboxie (latest version). The reason is I can't terminate eav's Egui.exe in the sandbox.

    here are some option I may have to try, but I am confused and don't know if this works.
    1. uninstall the Sandboxie
    2. uninstall the eav 5 in the sandboxie

    if you know any solution, please tell me

    thank you and regards!

    Galaxy
     
  2. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    I would do the opposite: uninstall the AV and then uninstall the Virtual Environment
     
  3. Sacles

    Sacles Registered Member

    Joined:
    Dec 8, 2004
    Posts:
    372
    Location:
    Belgique
    Hello,

    I do not see the need to launch NOD2 (or any other protection software) in a sandbox. It is even harmful.
     
  4. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Are you testing EAV5 in sandboxie?.Did you try to terminate programs running inside sandboxie?

    Eset Has Self protection enabled by default,could it be that.I am not exactly sure what your doing.
     
  5. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    I ran a trojan sample in the Sandboxie and I wanted to test the ELG Progress information so I ran the eav5 in the sandbox. Because the eav ouside the sandboxie can't dectect the progress in the ELG Progress information and can't show me the reputation of the trojan and its baby.
     
  6. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Got it know,Perhaps open Esets gui and uncheck self protection and then try terminate its processes from inside the box.I Never tried Eset inside the box before so not quite sure whats going on.
     
  7. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    The truth is Sandboxie can't terminate the processes of ESET and this sand box which is running eset cannot be removed.

    I am not sure which side is this issue related to. Is that because our eset is too strong or there's some weak point in Sandboxie. So this is funny to me.

    ;)

    The shutdown of the self-protection needs a reboot of the computer. I cannot find the reboot option in Sandboxie.o_O
     
  8. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    I think uninstall the sandboxie would solve everything. but that doesn't help much to this issue.
     
  9. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    I like to think ESET is that strong and sandboxie is perfect but thats a fantasy.The two together maybe creating havoc like malware.:eek: Something went wrong obvious but to pinpoint what is difficult.
     
  10. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    Use a VirtualMachine instead, and you will find the reboot option ;)
     
  11. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Actually SBIE must be able to kill/ delete anything running inside SBIE. If deleting SBIE doesn,t removes Eset, it might be a bug in SBIE. you must post on their forums I think.
     
  12. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    By default ESET doesnt allow the killing/deleting of their processes/files/registry keys. You can only do that after disabling selfDefense and a reboot.

    Because you cannot do a reboot in Sandboxie (the purpose of sandboxes are different), but you can restart the service -assuming that is possible-, or restarting the host, both procedures should perform similar to a reboot.

    This is not a bug from ESET or Sandboxie, virtual environments have their limitations and different purposes than providing full-time usability, this possibly requires more in-depth knowledge on how virtualization technologies work.
     
  13. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    I totally agree with you. I'll try to do that.
     
  14. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    I know that may be not a bug. it just to funny things. eset should stand any attack and SBIE should have wipe out all the things inside it.

    Finally, I solved it by restart my computer. ESET doesn't run again in SBIE and I can remove the sandbox now.:D
     
Thread Status:
Not open for further replies.