Sandboxiecrypto.exe?

What is this? Ive got Sbie running on one of my machines. Its configured to allow only my browser to run and connect to the internet. Now Ive got a popup telling me the aforementioned exe cant run? What is this executable? Does it have anything to do with Sbie? Is it safe?

A check on google seems to suggest that its safe, atleast tzuk seems to recognise it. Also OA's OASIS trusts it. So what is this program and what does it do? Do I need to allow it to run, because my browsing experience does not seem to be affected by restricting it.

TIA.

 

May be some help below?
http://www.sandboxie.com/index.php?ServicePrograms

 

Thanks for that Franklin, it seems sbiecrypto is a safe exe, so I'm gonna allow it to run in the sandbox with internet access.

EDIT: So does this mean that I have to physically allow sbiecrypto.exe to run and access the internet, in addition to my browser? Is that how its supposed too work? Can someone else who has similar restrictions in place answer me?

 

Do I have to explicitly allow this exe to run and access the internet. For those who use the sandbox restrictions, do you have to explicitly allow sbiecrypto to run and access the net in addition to your browser on the sandbox settings page. Sholdnt this process be allowed by default since its an sbie pprocess?

 

I haven't had to explicitly allow it in either an IE 8 or Opera 10 SB.

FWIW, however, I do have to add different things depending on the browser/machine I am using.

For example, on my Vista machine, I have had to allow dllhost.exe explicity in my Opera SB but I have not had to do so in my Opera SB on my XP machine.

Also, I've had to explicitly allow swhelper.exe (shockwave updater) on my XP machine's IE 8 SB but I haven't had to do this on my Vista machine.

Sandboxie goes nuts about Versclid.exe in Opera SB on Vista but not in IE SB on the same machine even though it is explicitly allowed in neither....

I've given up thinking about why for now and just put it down to the OS/browser mix...

philby

 

Thanks for the response philby. It seems I editted my post, forgot about it, and then created another post LOL!


You're probably right philby, its just that one would assume if sbiecrypto was a part of sbie, that it would automatically have the permissions it needs and wouldnt be subject to my restrictions...or atleast thats what I think anyway, I might be wrong.

Hopefully someone with more knowledge of the program and computer security like ssj100, could get back to us! SSJ?

 

I certainly am only learning,and that slowly.
But for my Default browsing box,Restrictions+internet access+I have only
Firefox.exc.
On restrictions+start run access=I have "all Programs can start and run".

maybe I should add Firefox.exe,to the "restrictions+start run access" and just
monitor the messages Sandboxie sends about what ever else is needed?


I don't thank I have seen a message about sbiecrypto.exc.

 

Hi ssj,

Thanks for the response. You seem to know this program well so I trust your judgement on this.

A google search indicates the exe is safe. Restricting it doesnt seem to affect my browsing experience, except for the occassional popup informing me the exe was denied run access. So with this in mind is it worth allowing it run/internet access?

 

Hi ypestis,

you should really do this imo. This will greatly increase the security provided by sbie.

 

Hi,

I get it only on Online Armor Premium, and block it. Blocking it does not let me erase the sandbox. It does not affect net access.

Regards

 

ssj100:

Yea Im on Vista sp1. I tried uploading it to virstotal during a sandboxed session, but I got another pop-up saying that there were restrictions preventing dllhost.exe from running.

I eventually sent the file for analysis to virustotal via an unsandboxed browser. How exactlly does this work? How long does it take them to get back to you?

avboy: I guess its a piece of code which affects the deletion aspect of the sandbox.

 

hi check these.........
http://spywarefiles.prevx.com/RRDFII44186412/SANDBOXIECRYPTO.EXE.html
and
http://www.threatexpert.com/report.aspx?md5=0420120ccbabb785186db573d856c787

 

Thanks for that thathagat. Yea Im pretty sure its safe now. I think Im just going to allow it to run.

 

Okay so I gave sbiecrypto run access but not internet access, and immediately another exe called sandbo~4.exe was also given run access. What is this? Some sort of related executable? Can anyone shed any light?

 

Thats not what happened to me. I selected sbiecrypto, ticked the ssl connection tab and clicked upload. Then the page reset and the choose file bit, which a second ago had sbiecrypto, said no file chosen. Wtf? Any ideas on what happened? Remember this is via an unsandboxed browser.

 

Yea maybe ill try that. I only mentioned it was unsandboxed to make it clear it couldnt have anything to do with dllhost.exe.

 

Yup I tried it without ssl and it worked. 0/40. Its clean. Now the question is what is sandbo~4.exe and how is it linked to sbiecrypto. I have no idea where to find this fileit isnt in the sbie folder in program files, unlike sbiecrypto, yet it appears in the run access restrictions listed as one of the allowed files together with my browser and sbiecrypto.