Sandboxiecrypto.exe?

Discussion in 'sandboxing & virtualization' started by Dregg Heda, Jul 30, 2009.

Thread Status:
Not open for further replies.
  1. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    What is this? Ive got Sbie running on one of my machines. Its configured to allow only my browser to run and connect to the internet. Now Ive got a popup telling me the aforementioned exe cant run? What is this executable? Does it have anything to do with Sbie? Is it safe?

    A check on google seems to suggest that its safe, atleast tzuk seems to recognise it. Also OA's OASIS trusts it. So what is this program and what does it do? Do I need to allow it to run, because my browsing experience does not seem to be affected by restricting it.

    TIA.
     
  2. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
  3. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    Thanks for that Franklin, it seems sbiecrypto is a safe exe, so I'm gonna allow it to run in the sandbox with internet access.

    EDIT: So does this mean that I have to physically allow sbiecrypto.exe to run and access the internet, in addition to my browser? Is that how its supposed too work? Can someone else who has similar restrictions in place answer me?
     
    Last edited: Jul 31, 2009
  4. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    Do I have to explicitly allow this exe to run and access the internet. For those who use the sandbox restrictions, do you have to explicitly allow sbiecrypto to run and access the net in addition to your browser on the sandbox settings page. Sholdnt this process be allowed by default since its an sbie pprocess?
     
  5. philby

    philby Registered Member

    Joined:
    Jan 10, 2008
    Posts:
    940
    I haven't had to explicitly allow it in either an IE 8 or Opera 10 SB.

    FWIW, however, I do have to add different things depending on the browser/machine I am using.

    For example, on my Vista machine, I have had to allow dllhost.exe explicity in my Opera SB but I have not had to do so in my Opera SB on my XP machine.

    Also, I've had to explicitly allow swhelper.exe (shockwave updater) on my XP machine's IE 8 SB but I haven't had to do this on my Vista machine.

    Sandboxie goes nuts about Versclid.exe in Opera SB on Vista but not in IE SB on the same machine even though it is explicitly allowed in neither....

    I've given up thinking about why for now and just put it down to the OS/browser mix... o_O

    philby
     
  6. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    Thanks for the response philby. It seems I editted my post, forgot about it, and then created another post LOL!


    You're probably right philby, its just that one would assume if sbiecrypto was a part of sbie, that it would automatically have the permissions it needs and wouldnt be subject to my restrictions...or atleast thats what I think anyway, I might be wrong.

    Hopefully someone with more knowledge of the program and computer security like ssj100, could get back to us! SSJ?
     
  7. ypestis

    ypestis Guest

    I certainly am only learning,and that slowly.
    But for my Default browsing box,Restrictions+internet access+I have only
    Firefox.exc.
    On restrictions+start run access=I have "all Programs can start and run".

    maybe I should add Firefox.exe,to the "restrictions+start run access" and just
    monitor the messages Sandboxie sends about what ever else is needed?


    I don't thank I have seen a message about sbiecrypto.exc.
     
  8. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    Hi ssj,

    Thanks for the response. You seem to know this program well so I trust your judgement on this.

    A google search indicates the exe is safe. Restricting it doesnt seem to affect my browsing experience, except for the occassional popup informing me the exe was denied run access. So with this in mind is it worth allowing it run/internet access?
     
  9. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    Hi ypestis,

    you should really do this imo. This will greatly increase the security provided by sbie.
     
  10. avboy

    avboy Registered Member

    Joined:
    Feb 11, 2008
    Posts:
    165
    Hi,

    I get it only on Online Armor Premium, and block it. Blocking it does not let me erase the sandbox. It does not affect net access.

    Regards
     
  11. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    ssj100:

    Yea Im on Vista sp1. I tried uploading it to virstotal during a sandboxed session, but I got another pop-up saying that there were restrictions preventing dllhost.exe from running.

    I eventually sent the file for analysis to virustotal via an unsandboxed browser. How exactlly does this work? How long does it take them to get back to you?

    avboy: I guess its a piece of code which affects the deletion aspect of the sandbox.
     
  12. thathagat

    thathagat Guest

  13. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    Thanks for that thathagat. Yea Im pretty sure its safe now. I think Im just going to allow it to run.
     
  14. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    Okay so I gave sbiecrypto run access but not internet access, and immediately another exe called sandbo~4.exe was also given run access. What is this? Some sort of related executable? Can anyone shed any light?
     
  15. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    Thats not what happened to me. I selected sbiecrypto, ticked the ssl connection tab and clicked upload. Then the page reset and the choose file bit, which a second ago had sbiecrypto, said no file chosen. Wtf? Any ideas on what happened? Remember this is via an unsandboxed browser.
     
  16. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    Yea maybe ill try that. I only mentioned it was unsandboxed to make it clear it couldnt have anything to do with dllhost.exe.
     
  17. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    Yup I tried it without ssl and it worked. 0/40. Its clean. Now the question is what is sandbo~4.exe and how is it linked to sbiecrypto. I have no idea where to find this fileit isnt in the sbie folder in program files, unlike sbiecrypto, yet it appears in the run access restrictions listed as one of the allowed files together with my browser and sbiecrypto.
     
Thread Status:
Not open for further replies.