Page 1 of 1
Sandboxie and Rootkits
Posted: Fri Jan 05, 2007 11:45 pm
by Unknown_User_575
I have Webroot Spy Sweeper set up on my computer to run a full scan at a specific time each day.
It has now happened on two separate occasions that while I have been browsing with Firefox in Sandboxed mode, Webroot has proceeded to do a scheduled full scan and found a Potentially dangerous Rootkit.
I have not been to any dubious sites and I have never had this happen before and so I was just wondering whether Firefox running in the Sandboxed mode could possibly be seen by Webroot Spy Sweeper as a Rootkit and therefore a false alarm?
I did run Web root again in regular mode and no Rootkit was found.
Can anybody please advise.
Thank you.
Posted: Sun Jan 07, 2007 6:04 pm
by tzuk
It's probably not a rootkit ... just Sandboxie.
The way Sandboxie 2.64 (and earlier) extend the OS is considered rootkit-like.
Version 2.7 does things very differently. It still hooks into the OS, for sure, but not in a way that rootkits do it. (I think.)
Posted: Sun Jan 07, 2007 8:39 pm
by Guest
I am using the current version of Webroot's Spy Sweeper along with Sandboxie 2.64 and have not had the problem you described. It has never reported a rootkit.
BTW, I'm also using Firefox 2.xx with lots of extensions.
Hope that helps.
I expect the problem is caused by some other program rather than Sandboxie.
Posted: Sun Jan 07, 2007 8:46 pm
by Unknown_User_575
Anonymous wrote:I am using the current version of Webroot's Spy Sweeper along with Sandboxie 2.64 and have not had the problem you described. It has never reported a rootkit.
BTW, I'm also using Firefox 2.xx with lots of extensions.
Hope that helps.
I expect the problem is caused by some other program rather than Sandboxie.
I have not had the rootkit problem again but admittedly I am somewhat less keen on Sandboxie since I discovered I was unable to restore or save Bookmarks that I acquired while Sandboxed using Firefox.
Have you been able to discover whether this is possible?
Posted: Wed Feb 07, 2007 1:35 am
by Unknown_User_632
symiggy wrote:Anonymous wrote:I am using the current version of Webroot's Spy Sweeper along with Sandboxie 2.64 and have not had the problem you described. It has never reported a rootkit.
BTW, I'm also using Firefox 2.xx with lots of extensions.
Hope that helps.
I expect the problem is caused by some other program rather than Sandboxie.
I have not had the rootkit problem again but admittedly I am somewhat less keen on Sandboxie since I discovered I was unable to restore or save Bookmarks that I acquired while Sandboxed using Firefox.
Have you been able to discover whether this is possible?
Search for "bookmarks" and you will see a thread of about 14 posts which gives a solution.
Posted: Wed Feb 07, 2007 8:39 am
by Unknown_User_633
Webroot spysweeper is otherwise a very handy software to eliminate any form of malacious thing but the only problem is it can get into you with some issues where it does not even allow the smooth operations of the essential software thinking it to be a malware. So I am sure this is the same problem that has happened in your case too, I think there is no need to be concerned for this.
Posted: Wed Feb 07, 2007 8:50 am
by tzuk
This looks like super-spam. I can't even tell if it's spam or a a real comment.
http://spam.tinyweb.net/article.php/do- ... st-ssl.com