recommended AV? [SOLVED]

[shmu26]

Are there certain anti-virus programs that work particularly well with SBIE?
Can any of them protect inside a sandbox?
What about Windows Defender, can it protect inside a sandbox?
Are there certain anti-virus programs that are NOT recommended to use with SBIE?
I am asking specifically for:
Windows 10 pro x64
chrome x64

[Craig@Invincea]

Invincea/Sandboxie recommends Windows Defender. It does what it needs to, shows you if your sandbox had any malware present there.

Your best protection is of course SBIE, then a 2nd layer of AV for detection, etc of what may be in the SB. Since SBIE doesn't stop, identify or detect malware. It only stops the malware from ruining your host and your installed programs on your host.... Stopping anything from leaving that sandbox. However, if you recover an infected file from the SB to your host, well... That isn't the fault of SBIE

Yes, I've tested many over the year: http://forums.sandboxie.com/phpBB3/view ... 11&t=21539

I don't know of any A/V that can't protect you and SBIE, SBIE is just a folder on your computer, the A/V programs can see into. But when it comes to removing malware, you only need to delete the contents of your sandbox and move on. Remediation is not needed.

[bo.elam]

Are there certain anti-virus programs that work particularly well with SBIE?
Can any of them protect inside a sandbox?
What about Windows Defender, can it protect inside a sandbox?

Hi shmu26. I always recommend Windows defender. It has worked very well along Sandboxie for the last 6 years. The only time it conflicted with SBIE was in early versions 1. I think thats a huge plus for using WD when you are a Sandboxie user. I also believe its a lot better than its claimed by some of the people who write articles about antiviruses.

You might like to read the FAQ about Sandboxie and viruses and how antiviruses interact with SBIE.
http://www.sandboxie.com/index.php?FAQ_Virus

Bo

[gizmo77]

I have run Sandboxie as my 'protector' for several years and have yet to have any malware of any kind get past the 'Box.....unless invited out, as Craig referred. At this point I still feel a 'reactionary' A/V has enough Zero-Day exploit potential to make it not worth the trouble. However, I do try to cut back possibilities of anything coming down to my 'Box by having "NO" Flash Player installed [i.e. in use], and the browser of my choice has it's own built-in ad blocker. I understand 'ads' are a popular path for malware. Oh, so far, there was only one URL to which I went that required 'Flash'....Pandora Music.

Giz

[shmu26]

I see that Webroot SA is not listed under applications/security/privacy, and SBIE doesn't seem to detect its presence on my system.
Is there any special reason for omitting WSA?

[Craig@Invincea]

I see that Webroot SA is not listed under applications/security/privacy, and SBIE doesn't seem to detect its presence on my system.
Is there any special reason for omitting WSA?

We haven't updated those templates since Invincea bought Sandboxie. They are what they are. We recommend Windows Defender.

[shmu26]

thanks.
I saw that in the list of supported AVs you have:
BitDefender Anti Virus [Free Edition] [Win10/64]

that's interesting, because I thought BD free doesn't officially support win10. Has this changed, or have you received reports that BD free is now fully compatible with win10?

[Craig@Invincea]

Good question. Originally when I started to test a few of these, BD didn't fully support Win 10. However as of early 2016.... BD total security 2016 trial does support Win 10 when tested. I want to say that was late Nov 2015 specifically when I had retested because I I mentioned that lack of Win 10 support (believe August/sept.)

There still is some tweaking that needs to be done however with BD to get it to fully work won't SBIE (win 10 or otherwise)

We have updated other templates, FF being one several months ago. Adding Google Hangouts for the qwave accesss and we will update Opera for the changes they have made to the profile/bookmarks etc.

[shmu26]

I don't know of any A/V that can't protect you and SBIE, SBIE is just a folder on your computer, the A/V programs can see into.

So why is there a need for templates for AVs, if they all can see into the SBIE folder anyway?

[Craig@Invincea]

I don't know of any A/V that can't protect you and SBIE, SBIE is just a folder on your computer, the A/V programs can see into.

So why is there a need for templates for AVs, if they all can see into the SBIE folder anyway?

Because the templates are needed to allow these products to work is the easier answer.

Yes, there is a SBIE folder. But we have a driver, services and deep and aggressive hooks into Windows and have to sit between the Kernel and app layer to supervise programs. Some A/V and others don't understand this and will cause severe issues.

Some companies, such as Kaspersky, have attempted sandboxing..and failed. But their failed code remains in their products, thus one of the reasons it doesn't work with SBIE, it actually blocks us.