Sandboxie and Rootkits

Unknown_User_575 · Post by **Unknown_User_575** » Fri Jan 05, 2007 11:45 pm

I have Webroot Spy Sweeper set up on my computer to run a full scan at a specific time each day.
It has now happened on two separate occasions that while I have been browsing with Firefox in Sandboxed mode, Webroot has proceeded to do a scheduled full scan and found a Potentially dangerous Rootkit.
I have not been to any dubious sites and I have never had this happen before and so I was just wondering whether Firefox running in the Sandboxed mode could possibly be seen by Webroot Spy Sweeper as a Rootkit and therefore a false alarm?
I did run Web root again in regular mode and no Rootkit was found.
Can anybody please advise.
Thank you.

tzuk · Post by **tzuk** » Sun Jan 07, 2007 6:04 pm

It's probably not a rootkit ... just Sandboxie.

The way Sandboxie 2.64 (and earlier) extend the OS is considered rootkit-like.

Version 2.7 does things very differently. It still hooks into the OS, for sure, but not in a way that rootkits do it. (I think.)

Guest · Post by **Guest** » Sun Jan 07, 2007 8:39 pm

I am using the current version of Webroot's Spy Sweeper along with Sandboxie 2.64 and have not had the problem you described. It has never reported a rootkit.

BTW, I'm also using Firefox 2.xx with lots of extensions.

Hope that helps.

I expect the problem is caused by some other program rather than Sandboxie.

Unknown_User_575 · Post by **Unknown_User_575** » Sun Jan 07, 2007 8:46 pm

Anonymous wrote:I am using the current version of Webroot's Spy Sweeper along with Sandboxie 2.64 and have not had the problem you described. It has never reported a rootkit.

BTW, I'm also using Firefox 2.xx with lots of extensions.

Hope that helps.

I expect the problem is caused by some other program rather than Sandboxie.

I have not had the rootkit problem again but admittedly I am somewhat less keen on Sandboxie since I discovered I was unable to restore or save Bookmarks that I acquired while Sandboxed using Firefox.
Have you been able to discover whether this is possible?

Unknown_User_632 · Post by **Unknown_User_632** » Wed Feb 07, 2007 1:35 am

symiggy wrote:
Anonymous wrote:I am using the current version of Webroot's Spy Sweeper along with Sandboxie 2.64 and have not had the problem you described. It has never reported a rootkit.

BTW, I'm also using Firefox 2.xx with lots of extensions.

Hope that helps.

I expect the problem is caused by some other program rather than Sandboxie.
I have not had the rootkit problem again but admittedly I am somewhat less keen on Sandboxie since I discovered I was unable to restore or save Bookmarks that I acquired while Sandboxed using Firefox.
Have you been able to discover whether this is possible?

Search for "bookmarks" and you will see a thread of about 14 posts which gives a solution.

Unknown_User_633 · Post by **Unknown_User_633** » Wed Feb 07, 2007 8:39 am

Webroot spysweeper is otherwise a very handy software to eliminate any form of malacious thing but the only problem is it can get into you with some issues where it does not even allow the smooth operations of the essential software thinking it to be a malware. So I am sure this is the same problem that has happened in your case too, I think there is no need to be concerned for this.

tzuk · Post by **tzuk** » Wed Feb 07, 2007 8:50 am

This looks like super-spam. I can't even tell if it's spam or a a real comment.

http://spam.tinyweb.net/article.php/do- ... st-ssl.com

Sandboxie Support

Sandboxie and Rootkits

Sandboxie and Rootkits

Who is online