Sandbox Observer

Utilities designed for use with Sandboxie
Ruhe
Posts: 803
Joined: Thu Jul 03, 2008 8:56 am
Location: Germany
Contact:

Post by Ruhe » Sun Apr 25, 2010 7:31 am

v1.5

- Added online version check on every startup. Add "NewVersionCheck=n" (default) or "NewVersionCheck=y" to [Settings] in SBObserver.ini, or just delete the existing SBObserver.ini before starting this new version

Ruhe
Posts: 803
Joined: Thu Jul 03, 2008 8:56 am
Location: Germany
Contact:

Post by Ruhe » Tue Apr 27, 2010 3:28 am

v1.6

- Changed online version check from "Check on every startup" to "Check every 7 days"
- New version check is enabled by default
- New version check will be disabled after several failed checks
- Added "Edit settings" to tray menu
- Added "About" to tray menu

Ruhe
Posts: 803
Joined: Thu Jul 03, 2008 8:56 am
Location: Germany
Contact:

Post by Ruhe » Tue Apr 27, 2010 4:47 pm

Currently I'm working on an adjustable feature to just inform about processes that aren't digitally signed.
Example: There is a notification for IrfanView but not for Firefox, because the Firefox executable is digitally signed.

Coding is nearly done...

Ruhe
Posts: 803
Joined: Thu Jul 03, 2008 8:56 am
Location: Germany
Contact:

Post by Ruhe » Wed Apr 28, 2010 9:10 am

Ruhe wrote:Currently I'm working on an adjustable feature to just inform about processes that aren't digitally signed.
Example: There is a notification for IrfanView but not for Firefox, because the Firefox executable is digitally signed.
Interested persons can download and try a beta version.

You have to add UnsignedOnly=n or UnsignedOnly=y. Default is UnsignedOnly=n, "n" means to observe all (signed + unsigned) processes.
Last edited by Ruhe on Sun Jul 18, 2010 5:08 am, edited 1 time in total.

Ruhe
Posts: 803
Joined: Thu Jul 03, 2008 8:56 am
Location: Germany
Contact:

Post by Ruhe » Thu Apr 29, 2010 5:23 am

The next version will also include a module, like the one for digital signed files, to only inform about packed/crypted files.

Mark_
Posts: 111
Joined: Wed Dec 31, 2008 3:48 pm

Post by Mark_ » Thu Apr 29, 2010 9:48 am

Ruhe wrote:The next version will also include a module, like the one for digital signed files, to only inform about packed/crypted files.
PEiD?

Ruhe
Posts: 803
Joined: Thu Jul 03, 2008 8:56 am
Location: Germany
Contact:

Post by Ruhe » Thu Apr 29, 2010 10:33 am

Mark_ wrote:PEiD?
Yes, as DLL with embedded PEiD + UserDB

The author told me some minutes ago that he is working on the upcoming version of PEiD.

Buster
Posts: 2576
Joined: Mon Aug 06, 2007 2:38 pm
Contact:

Post by Buster » Thu Apr 29, 2010 10:42 am

BoB?

Ruhe
Posts: 803
Joined: Thu Jul 03, 2008 8:56 am
Location: Germany
Contact:

Post by Ruhe » Thu Apr 29, 2010 10:56 am

Buster wrote:BoB?
Yes.

Buster
Posts: 2576
Joined: Mon Aug 06, 2007 2:38 pm
Contact:

Post by Buster » Thu Apr 29, 2010 11:01 am

I saw him posting at kernelmode.info. :)

Ruhe
Posts: 803
Joined: Thu Jul 03, 2008 8:56 am
Location: Germany
Contact:

Post by Ruhe » Thu Apr 29, 2010 3:46 pm

Ruhe wrote:The next version will also include a module, like the one for digital signed files, to only inform about packed/crypted files.
A new beta with the above feature is online.

Settings (or just delete existing SBObserver.ini before starting SO)
; Observe unsigned processes only, can be combined with TreatedOnly
UnsignedOnly=n
; Observe packed/crypted processes only, can be combined with UnsignedOnly
TreatedOnly=n
; Enable ("y") / Disable ("n") heuristic
TreatedHeuristic=n
You should also set
[Settings]
Logging=y
[Internal]
LogLevel=0
and take a look at the log during testing.
Last edited by Ruhe on Sun Jul 18, 2010 5:08 am, edited 1 time in total.

Ruhe
Posts: 803
Joined: Thu Jul 03, 2008 8:56 am
Location: Germany
Contact:

Post by Ruhe » Sun May 02, 2010 7:55 am

v1.7

- Added “Visit website” to tray menu
- “New version found” dialog shows local and current (online) version number
- Added "Show log" to tray menu
- Added module to check for files without digital signature
- Added module to check for packed/crypted files
- Added GUI for initial settings during first application start or missing config file
- Executable is digitally signed

mossman

Post by mossman » Tue May 04, 2010 9:49 am

I get an error when starting under Vista x64:

Error opening Sandboxie DLL:

C:\Program Files\Sandboxie\SbieDll.dll

Buster
Posts: 2576
Joined: Mon Aug 06, 2007 2:38 pm
Contact:

Post by Buster » Tue May 04, 2010 9:53 am

Most probably that´s because Sandbox Observer is a 32bit application so under 64bits OSs it must open SbieDllX.dll, not SbieDll.dll.

Ruhe
Posts: 803
Joined: Thu Jul 03, 2008 8:56 am
Location: Germany
Contact:

Post by Ruhe » Tue May 04, 2010 9:58 am

There will be no version or support for 64bit, as I don't use it.

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest