Funny Issue with Sandboxie

Today I found that the sandbox cannot be remove if you run eav 5.0 in Sandboxie (latest version). The reason is I can't terminate eav's Egui.exe in the sandbox.

here are some option I may have to try, but I am confused and don't know if this works.
1. uninstall the Sandboxie
2. uninstall the eav 5 in the sandboxie

if you know any solution, please tell me

thank you and regards!

Galaxy

 

I would do the opposite: uninstall the AV and then uninstall the Virtual Environment

 

Hello,

I do not see the need to launch NOD2 (or any other protection software) in a sandbox. It is even harmful.

 

Are you testing EAV5 in sandboxie?.Did you try to terminate programs running inside sandboxie?

Eset Has Self protection enabled by default,could it be that.I am not exactly sure what your doing.

 

I ran a trojan sample in the Sandboxie and I wanted to test the ELG Progress information so I ran the eav5 in the sandbox. Because the eav ouside the sandboxie can't dectect the progress in the ELG Progress information and can't show me the reputation of the trojan and its baby.

 

Got it know,Perhaps open Esets gui and uncheck self protection and then try terminate its processes from inside the box.I Never tried Eset inside the box before so not quite sure whats going on.

 

The truth is Sandboxie can't terminate the processes of ESET and this sand box which is running eset cannot be removed.

I am not sure which side is this issue related to. Is that because our eset is too strong or there's some weak point in Sandboxie. So this is funny to me.



The shutdown of the self-protection needs a reboot of the computer. I cannot find the reboot option in Sandboxie.

 

I think uninstall the sandboxie would solve everything. but that doesn't help much to this issue.

 

I like to think ESET is that strong and sandboxie is perfect but thats a fantasy.The two together maybe creating havoc like malware. Something went wrong obvious but to pinpoint what is difficult.

 

Use a VirtualMachine instead, and you will find the reboot option

 

Actually SBIE must be able to kill/ delete anything running inside SBIE. If deleting SBIE doesn,t removes Eset, it might be a bug in SBIE. you must post on their forums I think.

 

By default ESET doesnt allow the killing/deleting of their processes/files/registry keys. You can only do that after disabling selfDefense and a reboot.

Because you cannot do a reboot in Sandboxie (the purpose of sandboxes are different), but you can restart the service -assuming that is possible-, or restarting the host, both procedures should perform similar to a reboot.

This is not a bug from ESET or Sandboxie, virtual environments have their limitations and different purposes than providing full-time usability, this possibly requires more in-depth knowledge on how virtualization technologies work.

 

I totally agree with you. I'll try to do that.

 

I know that may be not a bug. it just to funny things. eset should stand any attack and SBIE should have wipe out all the things inside it.

Finally, I solved it by restart my computer. ESET doesn't run again in SBIE and I can remove the sandbox now.