Antivirus/Anti-malware|SBIE v5+[working/not][Updated 7/14/17]

Please post your problem description here

Moderator: Barb@Invincea

bjm
Posts: 458
Joined: Sat Aug 02, 2008 4:24 pm

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 5/0

Post by bjm » Fri May 13, 2016 10:27 pm

Craig@Invincea wrote:Thanks! as for YMMV...so true. At home, I use Norton (free from Comcast/Xfinity) which is Norton 365....zero issues w/ SBIE with everything enabled. If I use plain ol 365, poof. Nothing works. Odd.
Well, besides Sandboxie breaking (my) Norton browser extension. I'll Exclude Sandboxie folder because Norton Wisdom of Crowds is not too favorable towards Sandboxie. https://community.norton.com/en/forums/ ... on-insight
Note: Sboxie breaking Norton Toolbar/IDSafe browser extension is no biggy. I'm not married to Norton, ...just used to Norton.
Sandboxie 5.25.2 - W10 Home 1703 (15063.1058) - WebrootSA 9.0.20.31 - Firefox 59.0.3

bjm
Posts: 458
Joined: Sat Aug 02, 2008 4:24 pm

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 5/0

Post by bjm » Thu Jun 16, 2016 2:03 am

Craig@Invincea
might quote from Wilders be related to Norton Security Not Currently Supported.
About the ntdll copy
Norton makes a copy of ntdll functions. Many security products (EMET, MBAE, Alert, Sandboxie, etc.) detour ntdll functions to provide additional security layers. If an attacker uses Norton's copies, they bypass the detours of these security products so these additional security layers are gone. Specifically a usable exploit gadget with a syscall instruction is not a gadget that can be easily found in entire process memory (mostly only in ntdll). With Norton on the machine, these gadgets can be found quite easily. And these gadgets affect the protections provide by above mentioned products.
Since Norton is one of the most used AV products, this MAY be a problem (since it is popular). I am not saying this IS a problem, but it MAY be a problem in the future.
http://www.wilderssecurity.com/threads/ ... st-2594714
Sandboxie 5.25.2 - W10 Home 1703 (15063.1058) - WebrootSA 9.0.20.31 - Firefox 59.0.3

Craig@Invincea
Sandboxie Support
Sandboxie Support
Posts: 3523
Joined: Thu Jun 18, 2015 3:00 pm
Location: DC Metro Area
Contact:

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 5/0

Post by Craig@Invincea » Thu Jun 16, 2016 11:30 am

Interesting. Thanks!

Peter2150
Posts: 879
Joined: Tue Mar 27, 2007 9:46 pm
Location: Washington DC

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 5/0

Post by Peter2150 » Sun Jun 19, 2016 8:42 am

I haven't read thru the whole thread, but I am setting up a new Win 10 home machine, and I put the free sophos home program on it. Works fine with SBIE.

Pete

justauser
Posts: 1
Joined: Mon Jun 20, 2016 11:50 am

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 5/0

Post by justauser » Mon Jun 20, 2016 11:56 am

I just tried to download 5.12 and Avira flagged it as malware

Craig@Invincea
Sandboxie Support
Sandboxie Support
Posts: 3523
Joined: Thu Jun 18, 2015 3:00 pm
Location: DC Metro Area
Contact:

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 5/0

Post by Craig@Invincea » Mon Jun 20, 2016 12:31 pm

justauser wrote:I just tried to download 5.12 and Avira flagged it as malware
This is a problem with AV suites that use virus signature dbases.
We cannot help if a product erroneously flags something based on a definition or database.
If its from our sandboxie.com site, it's safe.

I'd suggest a different AV product, we recommend Windows Defender.

2rrr
Posts: 5
Joined: Fri Aug 28, 2015 5:52 am

Re: Anti-Virus programs SBIE Beta v5 & Win 10 (working/not)

Post by 2rrr » Fri Aug 19, 2016 10:43 pm

henryg wrote:
Craig@Invincea wrote:Tested w/ SBIE Beta v5.01.4 and Win10x64 (not installed into a sandbox)(Standard install, standard options/scanning & browser extensions)

NOT Supported
Kaspersky Internet 2015
What will this mean to me as a long term KIS user; and have you tested 2016 which I believe is a beta but is available now?

This is one of the main and best a-v programs. You HAVE to get Sandboxe working with it somehow IMO.
I'm 200% agreed with you. I been try Kaspersky Antivirus 2017, problem still remain. As for long term Kaspersky users, I do believe SB developer will prefer not purchase SB due to they are no idea to solve compatible issue with Kaspersky. I shall uninstall SB trial version from my computer soon, as I thought compatible been solve since long time ago but as latest result I testing still not as expected.
Attachments
KAV2017_SB_Issue_20160820.png
KAV2017_SB_Issue_20160820.png (172.23 KiB) Viewed 5544 times

Craig@Invincea
Sandboxie Support
Sandboxie Support
Posts: 3523
Joined: Thu Jun 18, 2015 3:00 pm
Location: DC Metro Area
Contact:

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 8/2

Post by Craig@Invincea » Fri Aug 19, 2016 11:41 pm

KIS has not been fixed.
It may never be.
We've told them what needs to be fixed on their end. It's not a SBIE issue. Until THEY fix thier product, it remains a Known Conflict.
SBIE notifies you of that upon installation. It's not a surprise.
It's listed in our forums too.
And on our website.

The smart thing is to use SBIE, and then any plain old AV. But, you seem to know best.

Invincea and SBIE recommends Windows Defender.

bo.elam
Sandboxie Guru
Sandboxie Guru
Posts: 2809
Joined: Wed Apr 22, 2009 9:17 pm

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 8/2

Post by bo.elam » Sat Aug 20, 2016 12:41 am

2rrr, read this old thread. :)
http://forums.sandboxie.com/phpBB3/view ... =6&t=17569

And perhaps this FAQ about viruses and Sandboxie. If you use Sandboxie, you dont need KIS. Windows defender is more than plenty when you use it along Sandboxie. And no compatibility issues....ever (no headaches).
http://www.sandboxie.com/index.php?FAQ_Virus

Bo

Craig@Invincea
Sandboxie Support
Sandboxie Support
Posts: 3523
Joined: Thu Jun 18, 2015 3:00 pm
Location: DC Metro Area
Contact:

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 8/2

Post by Craig@Invincea » Sun Aug 21, 2016 11:22 am

Thanks Bo. I'll update the Known Conflicts page to add 2017. Maybe, it not being there gives people false hope.

Chri5
Posts: 1
Joined: Wed Aug 24, 2016 4:48 pm

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 8/2

Post by Chri5 » Wed Aug 24, 2016 5:17 pm

I have the same problem on Windows 7 64 bit and KIS 2016th
Is the problem here at KIS or SB ???
The recommendation KIS to uninstall and use the Defender software, can not be taken seriously or ??! The Defender software has not nearly the range of functions as a Security Suite !

I would like to know where the problem is and why this is not solved for so long. I would Sandboxie software buy but not in this state.

Craig@Invincea
Sandboxie Support
Sandboxie Support
Posts: 3523
Joined: Thu Jun 18, 2015 3:00 pm
Location: DC Metro Area
Contact:

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 8/2

Post by Craig@Invincea » Wed Aug 24, 2016 6:32 pm

Chri5 wrote:I have the same problem on Windows 7 64 bit and KIS 2016th
Is the problem here at KIS or SB ???
The recommendation KIS to uninstall and use the Defender software, can not be taken seriously or ??! The Defender software has not nearly the range of functions as a Security Suite !

I would like to know where the problem is and why this is not solved for so long. I would Sandboxie software buy but not in this state.
Why should we lower the protection of a proven industry leader for some 3rd party Antivirus? Sorry. That's not happening. Why it's not solved? Please go talk to KIS. They do regular antivirus and security suites like thousands of others do. Not very many do isolation containment. And no one does it better than SBIE.

If you're using SBIE, then why do you need the security suite? What has gotten by SBIE??? Yes, Our expert Devs and the user public have entrusted SBIE for over 12 years. That's what we recommend.

If you CHOOSE to use an AV software, then Windows Defender is all you need. If you're using SBIE, everything is in the SB. Nothing get's out of there unless you do something. If you do have malware, you simply delete the Sandbox contents.

The issues is with KIS and their failed SB attempt. Their code persists and it blocks SBIE.

So, you have to make a choice. SBIE or your run of the mill 3rd party suite. Remember, SBIE doesn't detect nor block any malware. It simply keeps it in the SB from reaching your computer.

Invincea & SBIE Holdings recommends Windows Defender something that is compatible. Sandboxie is your primary defense.

Syrinx
Sandboxie Guru
Sandboxie Guru
Posts: 620
Joined: Fri Nov 13, 2015 4:11 pm

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 8/2

Post by Syrinx » Wed Aug 24, 2016 6:52 pm

Chri5 wrote:I have the same problem on Windows 7 64 bit and KIS 2016th
Is the problem here at KIS or SB ???
The recommendation KIS to uninstall and use the Defender software, can not be taken seriously or ??! The Defender software has not nearly the range of functions as a Security Suite !

I would like to know where the problem is and why this is not solved for so long. I would Sandboxie software buy but not in this state.
I don't actually use KIS but I have tested it on my system at a couple points in the past few years [due to high scores in tests]. It wasn't for me but I think your statement about Windows Defender on Windows 7 not having nearly the same range of protection is accurate enough and I for one can feel your frustration.

My understanding is that it is not really a bug with SBIE but rather some stuff that was added to Kaspersky and from what I have read the SBIE devs did reach out to Kaspersky with the info they needed to resolve the conflict but many months later nothing has changed on THEIR end. Even reading the thread on their own forum at one point it appears a fix in the works but still nothing has changed (so far)!

(IF) neither product is willing to 'shoot themselves in the foot' so to speak you have can't really expect them to work together. That's just assuming that kaspersky has a reason for keeping the added code and just hasn't deigned to let the rest of the world in on it...

The question I'd suggest you ask yourself at this point is, "Do I trust 'solution so and so' to the point that the extra layer of containment SBIE provides is pointless? If the answer is No then a concession on the 'current av' might be in order." Does this mean you HAVE to stick with Windows Defender? No....you just need something that does play nice and their recommendation of Windows Defender (eg something they likely test) is the default, that does NOT mean it's the only option...

I have to say, Craig, your last post came off kinda /mad bro...maybe it's the beer on my end?
Last edited by Syrinx on Wed Aug 24, 2016 7:02 pm, edited 1 time in total.
Goo.gl/p8qFCf

Craig@Invincea
Sandboxie Support
Sandboxie Support
Posts: 3523
Joined: Thu Jun 18, 2015 3:00 pm
Location: DC Metro Area
Contact:

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 8/2

Post by Craig@Invincea » Wed Aug 24, 2016 6:56 pm

I have to say, Craig, your last post came off kinda /mad bro...maybe it's the beer on my end?
LOL. We only recommend Windows Defender, as It comes with Windows and it plays nice with SBIE. There is really no need for AV unless you're curious what may be in your SB or you don't/cannot use SBIE all the time for anything involving going online.. Which you might. As for stopping that, well, that's the point of SBIE.

It's also why there are many other options listed in this thread. Use whatever you want with SBIE if it works.

But, if you run into issues with running problems in the SB, the first thing you look at, is that 3rd party security product.

Syrinx
Sandboxie Guru
Sandboxie Guru
Posts: 620
Joined: Fri Nov 13, 2015 4:11 pm

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 8/2

Post by Syrinx » Wed Aug 24, 2016 7:39 pm

At the risk of hijacking the flow of this thread I wanted to respond to a few things.
If you're using SBIE, then why do you need the security suite? What has gotten by SBIE???
If all you are concerned about is the integrity of the system, nothing. However (as much as I love it) SBIE does NOT prevent temporary keyloggers, screenloggers and other assorted baddies from operating within. That's OK if you don't care about temporary issues and SBIE does its job VERY WELL but I am one of those weirdos that prefers prevention rather than containment. Obviously I enjoy (and trust in) the containment SBIE provides but it doesn't stop everything. Yes, the flexible rules aid in locking things down but there isn't the granularity that 'suits' can offer to aid those of us who like to be in control of the PC. With that I am mostly talking about HIPs and firewall rules...
If you CHOOSE to use an AV software, then Windows Defender is all you need.
Let's agree to disagree on this one? That said, I feel safe enough using the Win10 version for my childs PC, just not mine. Of course I also added SRP there....
The issues is with KIS and their failed SB attempt. Their code persists and it blocks SBIE.
Let's agree to agree on this one? That is of course, with me, assuming your statment is correct. You all haven't let me down yet (despite my many complaints and random nagging) so I'm willing to accept this as fact especially with what I have read on the K forum.
So, you have to make a choice. SBIE or your run of the mill 3rd party suite. Remember, SBIE doesn't detect nor block any malware. It simply keeps it in the SB from reaching your computer.
I suppose that depends how you define 'reaching your computer.' It doesn't 'infect' or 'perisist' but that doesn't mean it can't be active at any point within a SB! Circle back to my first quote... but yeah, if it isn't working together you need to find a different solution IF you want to have the containment SBIE provides.

I believe in prevention rather than containment but I still don't feel safe without my [SBIE] containment net and that's saying something!

yeah, I suppose I was /mad bro this time... hmph... Then I had a Crybaby moment wondering how often you all laugh at my odd comments in the office!
Goo.gl/p8qFCf

Post Reply

Who is online

Users browsing this forum: No registered users and 0 guests