Question for SandboxIE users

Discussion in 'sandboxing & virtualization' started by ejr, Feb 2, 2007.

Thread Status:
Not open for further replies.
  1. ejr

    ejr Registered Member

    Joined:
    Nov 19, 2005
    Posts:
    538
    I have read about SanboxIE for a while now and have wanted to try it out. I downlaoded the program but have yet to install. I have a few questions before I install.

    1. I understand that I can set IE to run in the sandbox by default, correct? Will this impact updates I get from my other software vendors like my AV, Firewall, and antispyware program?

    2. People often email me MS Word files that I must save. If I run my email client (outlook express) in the sandbox, will I still be able to save these files? Presently, I have had 1300 files sent to me in 3 years that I have saved on my computer.
     
  2. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    1.Correct, but i think only in the paid version you can force programs to run in sandbox. Even forcing it, you can ask SandboxIE to run something unsandboxed. The AV, FW and AS won't be afected.

    2.SandboxIE has prebuilt rules for Outlook. It allows Outlook to save. I don't use it, but the SandboxIE site has info.

    If you just use the free version, you'll have time to get used to it. Nothing's automatic.
     
  3. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    I haven't run Sandboxie in a few days, but almost every program you have can be run sandboxed with a right click and selecting run sandboxed. Those that aren't selected won't be sandboxed.

    With either MSIE or Firefox sandboxed, I can still get my current antivirus updates without a problem and they aren't lost when I leave, and I can download mail with no problem. I have Sandboxie set to empty when I close my browser, so everything I've downloaded is gone unless I remove it from the sandbox. You can select the option NOT to empty if you want, and everything remains in the sandbox.

    It's a pretty simple program and takes only a few minutes to figure out.
     
  4. EASTER.2010

    EASTER.2010 Guest

    I rely solely on Power Shadow myself. I have desperately tried and wanted badly to use Sandboxie & Bufferzone. I liked the concept of both but with BufferZone i experienced a slowdown i couldn't live with, with Sandboxie i thought it would be sufficient since it seemed to contain the apps you place in it for security but it also presented issues that gave rise to disappointment.
    I don't understand why there are any issues at all except that with this latest introduction of HIPS going around, they somehow conflict which is probably a good guess as to why.

    For now and i dare say for now on, Power Shadow is about the only Safe & Stable sandbox anyone would ever need to turn to.

    I can't disrupt it no matter what malware i unleash in it. Fantastic creation.
     
  5. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Please elaborate on what disappointment. You're saying it wasn't stable on your machine? Possible conflicts, maybe SSM?
    Thx
     
  6. ejr

    ejr Registered Member

    Joined:
    Nov 19, 2005
    Posts:
    538
    Questions for you:

    1. What specific issues did you ahve with Sandboxie that you do not have with Power shadow?

    2. How does Power Shadow compare to Sanboxie in terms of system resource usage?

    3. I went to the power shadow website. It appears that you must you turn the computer to exit out of the sanbox mode?

    Not having tried power shadow I am looking for some specific as to it's advantages as well as disadvantages.
     
  7. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    Sandboxie failed me. Nothing serious, but that's the problem. Last night, I had Sandboxie running and it allowed 3 instances of Yahoo toolbar onto my computer. Don't know where they came from, how they got downloaded, or how they installed. I had my browser (MSIE7) up, stepped away from the computer for an hour or two. When I returned, Yahoo toolbar was there.

    There was no warning from Sandboxie that anything bypassed it - nothing. I had MSIE7 running and later discovered the toolbar was also on Firefox. When I ran a search for it, found three instances of the ytb.exe on my computer.

    If something like that can bypass Sandboxie, what else can?

    While running Powershadow, nothing has ever gotten through, mainly I think because my entire drive is shadowed. When I boot out of PS, every trace of my time in shadow mode is gone. I've downloaded various programs, opened and played with them, booted out of shadow mode, and all disappeared.

    Others have run malware tests in shadow mode. No problems whatever after they left it, and nothing remaining of the malware, and I gather some have run some pretty stiff tests with a lot of viruses, trojans, etc.

    Can't speak about resource useage numbers, but my browsers seem to run a bit faster in Powershadow.
     
  8. ejr

    ejr Registered Member

    Joined:
    Nov 19, 2005
    Posts:
    538
    Chuck...You don't think that:

    1. Anyone else might have used your computer while you were gone and opened your browser outside the sandbox or

    2. That any application on your system prior to installation of Sanboxie might have added the yahoo toolbar? For example, when you update CCleaner, it adds the yahoo toolbar unless you tell it not to.

    Anyway, that is really odd. Did you post this in the Sanboxie forum?
     
  9. EASTER.2010

    EASTER.2010 Guest

    Possibly. You see i reverted back to an earlier version of SSM at the point where they changed the registry page to a more confusing layout for me and also added the networking firewall even though i have the full registered program.

    To each his own but i found those two sections from SSM updates that don't meet with my own expectations although the program as a whole does perfect with the former versions.

    Now at some point Sandboxie users likely discovered a problem and that might already had been addressed in those later updates.

    At any rate Sandboxie, or any other sandbox is very unneccessary IMO once you have Power Shadow and see the absolute power of this shadowing app.
     
  10. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, folks: Hi, chuck57, how long have you had IE7 and Firefox? Before you installed PS or after?
     
  11. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    Nobody has used this computer. My wife has her own and she was with me during my time away from this thing.

    Also, downloaded MSIE 7 just recently, after I reformatted and reinstalled XP Pro, Powershadow and Sandboxie. For the first little while, I ran PS exclusively, then decided just a day or two ago to use Sandboxie for general surfing. Also, I have CCleaner installed and the latest update, but that was also done immediately after the reformat more than 2 weeks ago.

    While running under Powershadow, I know nothing remained of my internet time.

    It's a puzzle to me where it came from and how it got on my computer, especially 3 separate instances of the ytb.exe
     
  12. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, chuck57: So you say that you have PS installed before IE7. This is my speculation, strictly for your info only. I have IE7, which comes w/ yahoo BHO and tootbar as a package. There are three things in IE7's toorbar; yt.dll--toolbar; yt.dll--BHO and YIeTzBm.dll--BHO. Are these three the same as yours. These trouble three may have lived w/ IE7 since its installation w/o drawing any of your attention. Just my little observation for your consideration. Have a nice one.
     
  13. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    Perman, that would account for the 3 instances of Yahoo toolbar. Why would it suddenly decided to install after a couple of weeks, and how did it get onto Firefox?

    I didn't know IE 7 came with the Yahoo toolbar as part of the package. Obviously, I didn't pay much attention when I installed it.
     
  14. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Not only that, but as said above, CCleaner also installs yahoo toolbar, unless you untick it.
     
  15. Woody777

    Woody777 Registered Member

    Joined:
    Aug 29, 2006
    Posts:
    484
    I recently installed PowerShadow. This program is perfect. You can completely eliminate any malware trying to install by using it. It can also be scheduled to exit & reboot your computer at the end of the day. Booting isn't that hard anyway. If you want to retain data just put it on a separate Data partition. One thing that is never discussed is that Powershadow is a perfect Anonymity application. You reboot all traces of computer activity are gone.
     
  16. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    This is something else. I can,t believe that Yahaoo toolbar can bypass Sandboxie.
    I have tried many malware including toolbars in Sandboxie and it never failed.
     
  17. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    aigle, I've tried to figure it out as well. As I've said before, when I got this computer (brand new after the maker let his sons test it for a few weeks) it was loaded with junk, all sorts of viruses and a couple of trojans, spyware, and who knows what else.

    But, after spending hours cleaning, I gave up and reformatted and reinstalled XP Pro, so I have a clean hard drive. I installed MS Office, printer, then ccleaner, avg antispyware, antivirus, and firewall in that order. That was almost 3 weeks ago. Recently, about 2 weeks ago, I stepped up to MSIE 7. No Yahoo toolbar appeared until a couple of days ago, on both MSIE 7 and on Firefox. (?)

    I understand now that MSIE 7 comes with the yahoo toolbar, unless you custom install and don't want it. I just did a regular install. The thing that bothers me is that the toolbars were installed on both IE and Firefox while running under Sandboxie
    1. with no warning of any kind and,
    2. they remained after I left Sandboxie and emptied the entire contents of the folders.
    Maybe I'm missing something. I know if they had done that under Powershadow, there'd be no trace of them left once I booted out of PS. Does this mean if you have a rogue program of some kind that attaches stuff to your browsers, Sandboxie will just let it happen, not warn you, and not remove the program if you empty all folders on leaving Sandboxie?
     
  18. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    SandboxIE will prevent things inside the sandbox from changing the browser, provided you don't save changes made inside.
    If you install it outside, SandboxIE won't do anything, it's not designed that way.

    If you run FF with SandboxIE, and install the toolbar outside, next time you run FF, the toolbar will be there. Not on that session, i think, but next time you open it.
    If you run FF with SandboxIE, and install the toolbar from inside the sandbox, you see the changes, if it doesn't need reboot or something, but when you delete the contents, and open FF again, it's gone.
     
  19. simmikie

    simmikie Registered Member

    Joined:
    Nov 11, 2006
    Posts:
    321
    i am now using Sandboxie after a long Bufferzone experience.. i like Bufferzone and was a heavy advocate of the app. but after awhile for some reason, i becam e tired of it and began looking at something else.

    i had looked at Sandboxie, but did not take it seriously. i changed a lot of my security apps and after working out conflicts, i felt there was something missing. i installed Shadowsurfer for about a day, but tired of the reboot, and losing data. unlike some i don't download files to play with them. i download files to use them. i was close to biting the bullet on Shadowuser the paid version that allows you to save files if you choose before booting out of Shadow mode, and then i ran into the Power Shadow thread.

    after reading through every post, and seeing how impressed everyone was with it, i downloaded Power Shadow and copied the serial number to a notepad file. i was nearly ready to install it, but the one thing that kept bothering me was that i had to either lose my stuff that i wanted or move it to another partition/empty space on hardrive or evena dvd/cd/usb device. what stuck me was that i would then have to move it again to where i actually wanted it after booting out of Shadow mode. i really am not patient enough for that on a daily basis, so i looked around some more.

    i landed on Sandboxies website, and after spending hours researching and reading many threads on their forum, i downloaded and installed it. i liked it instantly, by the way installed the latest beta 2.76 i believe. i can run most any program inside the sandbox (and i believe it is every bit as secure as Powershadow) but i mainly use it for my browsers Opera 9.1 and IE7 and emule.

    what i like the most about Sandboxie is not only the security of running my major attack vectors sanboxed, but the ease with which i can recover files and programs. as Sandboxie users know, when something is saved within the sandbox, Sandboxie creates an exact replica of that installation and will run it from there forever. but once you determine it is safe, you merely right click on the tray icon, go to "content of sandbox" and then "recover contents" and Sandboxie sends it to the exact folder/location on your "real" system that it should be. i feel i have security and complete control. i run what i choose sandboxed, and save what i want saved to where i need it saved to.

    is it lightweight?

    SbieSvc.exe= 1004 KB/0 cpu/0 I/O (which i don't know what that means)
    SandboxieRpcSs.exe= 2.1mb/0 cou usage/0 I/O
    SandboxieDcomLaunch.exe= 1.3mb/0 cpu usage/0 I/O

    these measurements taken with Sysinternals Process Explorer

    i like this app. Security & Control!


    Mike
     
  20. pilotart

    pilotart Registered Member

    Joined:
    Feb 14, 2006
    Posts:
    377
    Could you elaborate on any issues you suffered with BufferZone?

    It was the opposite in my case, major issues with Sandboxie; (with IE6 my system would gradually [over several web pages] lock up, last time included shutdown of my AntiVir Guard's active protection. I recoverd from that with GoBack [Roxio/ nee Norton now] and that would be like action of Powershadow, except that it allows recovery of lost files wanted).

    Went to BufferZone six months ago and beyond a couple of very minor issues, easily solved, it has been doing an excellent job for me.

    No doubt that using a 'layered security approach' can cause some conflicts on some systems with some apps.
     
  21. EASTER.2010

    EASTER.2010 Guest

    The same here. Try as much as i may, i never did get Sandboxie to work for me and it bugged up my PC in more ways than one, but i really didnt expect a whole lot out of it.

    Now that Power Shadow is on the scene theres no need to go groping for a sandbox replacement.
     
  22. simmikie

    simmikie Registered Member

    Joined:
    Nov 11, 2006
    Posts:
    321
    no question Bufferzone is a super program.

    specifics:

    1) for me it became tedious transferring stuff out of the Bufferzone, prior to cleaning.
    sometimes files that i wanted out even after right clicking remove from Bufferzone, would still retain the red encirclement, then i would be apprehensive as to clean the zone for fear of losing the file(s)

    once after right clicking a file that was buffered, it refused to give me the option to remove it.

    2) i rarely install unknown new files through the dvd/cd/usb drives and did not want them buffered all of the time. i realise i could remove them, but then i would have to remember to include on the rare occasion that i would want to buffer a file through one of those mediums.

    3) for some reason Opera my non negotiable default browser developed the habit of needing constant refreshing to view updated messageboard content. i felt that had something to do with Bufferzone, though what i am unsure of. but the bottom line is since the uninstall of Bufferzone, this tedium has ceased.

    4) slow and unresponsive forum support/response toquestions.

    do not get me wrong i liked/like Bufferzone and was actually going to use the browser/p2p versions had i not come across Sandboxie. i felt very secure and the aforementioned items were more inconviences to me then absolute deal killers.

    now unlike yourself, i have had no problems with Sandboxie, you don't mention it but the version i am using 2.76, which from reading posts on sandboxies website does things diferently than did 2.64. in fact i am considering installing 2.77, but i am going to do so more reading first, to evaluate how it's doing on others boxes. but Sandboxie so far has been completely stable and accomodating on my system after approx. a week of habitation.

    Mike
     
  23. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    simmikie: it's awesome isn't it? I think you can even associate an eraser with SandboxIE, so you erase the content, instead of simply deleting it.
    I don't use that, but it goes to show that you can do what you need to do.

    It's so simple:thumb:

    Easter and Pilotart: that's conflict with other apps.
    I had to shut down a few things to make sure it would install properly. The first time i tried the install, a few months ago, i couldn't install properly because of this. Some security programs prevent a proper installation. And they could very well prevent proper use.:doubt:

    With SandboxIE, i keep what i want in a flash, and i think i'm as safe as with some other virtualization product. I don't virtualize the computer. VMware seems better for that. But hey, we're all about different approaches, and playing with all this:)
     
  24. pilotart

    pilotart Registered Member

    Joined:
    Feb 14, 2006
    Posts:
    377
    Given the almost universal glowing reports on Sandboxie, I have no doubt that this tiny (compared to BZ) program will be ideal for most users, just wanting a simple 'extra layer' of protection for some of their browsing activity.

    I had started with Sandboxie 1.4? in April 2005 and used it for shopping expeditions in Firefox. There were no problems with this at all, but soon realized that my Firefox (w/one of its extensions) was giving all the tracking cookie protection that I needed w/o sandbox. But the only Sandboxie stability issues for me were related to running Internet Explorer within it, these were constant and an update to 2.6? in August made no difference.

    For Internet Explorer, I have one site (excite.com) app that wants privacy settings too low and just finished a required re-current training program that required use of IE with even lower privacy settings. Had I tried this with Sandboxie, I would likely never be able to complete that course:)

    BufferZone 1.9 was installed in September and only issue was related to 'cleaning' BZ, which I rarely did anyway.

    BufferZone 2.1 replaced that in late December, it has worked perfectly with the stability needed and cleaning, or moving files in/out of Virtual Folders has been a one-click action.

    Only issues for 2.1 were solved by adding two archaic Win98 files that Windows wanted on load and a restructure of my Temp folders to allow Outlook its own repository :D

    For my needs (just Internet Explorer or anything opened by IE always starting 'un-trusted' and isolated) BufferZone's {Free} is perfect on my system.

    I do not like 'trialing' and 'training' many different security apps and am glad to have found one that is ideal for me.

    It is indeed fortunate that we have such a vast choice to choose from.

    Power Shadow looks like a very powerful system of protection, but would be way over-the-top for my needs:eek:

    For the past five years, I have depended on Roxio's GoBack, which with a tap on the spacebar (before Windows starts loading) allows a return to an earlier time (from a list) and removes any trace of what has been done since that date/time point. With Win98 all those files and settings are gone forever, but with WinXP GoBack creates a large, protected temp folder with the ability to pick and restore what you might want to save.
     
  25. simmikie

    simmikie Registered Member

    Joined:
    Nov 11, 2006
    Posts:
    321
    pilotart wrote:

    i am sandboxed and viewing and interfacing with this messageboard utilizing IE7 at this moment. IE7 is not my default browser, but a simple 'right-click' on the IE7 icon and it's sandboxed running fast & free.

    pilotart wrote:

    actually i probably would be using PowerShadow if it let me save my stuff without jumping through hoops. it sounds like a great app. but i would go ahead and spring for the $59 for Shadowuser as it does allow you to easily save what you want saved (and i am assuming this) to the folders and locations of your choice like Sandboxie allows.

    as you mentioned, a lot of great apps out there, for a lot of different needs and users.


    Mike
     
Loading...
Thread Status:
Not open for further replies.