3rd party AV with Sandboxie, or not?

Discussion in 'Sandboxie (Invincea)' started by shmu26, May 12, 2016.

  1. shmu26

    shmu26 Level 57

    Jul 3, 2015
    Windows 10
    I understand that Sandboxie has not updated their templates since they were bought by Invincea, and that there is a potential for Sandboxie to interfere with the functioning of the AV, due to Sandboxie's agressive hooks into the Windows kernel, and other reasons. They recommend to use the native Windows Defender, which doesn't conflict.

    What do you Sandboxie users run on your PCs? WD, or third-party AV? Or you aren't so concerned about AV, since you are sandboxed anyway?

    I was using Webroot SA, but I saw that SBIE doesn't even have a template for it at all, and furthermore, webroot has its own sandbox feature, and that made me concerned about hidden conflicts.
    Sunshine-boy and Yash Khan like this.
  2. Sandboxie Help

    Sandboxie Help From Sandboxie

    Feb 26, 2016
    Correction. A/V conflicts with Sandboxie. Please get that straight. And we list the conflicts. We don't hide that.

    The aggressive hooks are needed, but unless you're a Dev supporting a program that has to work with Windows XP -Win 10 while working with a multitude of browsers, programs, security, tokens, etc.etc.etc.etc.etc. it's hard to grasp.

    There are 6 million A/V vendors it seems like. It's not our job to work with EVERY ONE of them. As we have our own proven, industry leading function to do...sandboxing-isolation- A container. Sorry we didn't dedicate resources to one particular A/V vendor. Your priorities are wrong it appears. Do you want to rely on A/V? Or proven containment????

    The templates open up holes in the sandbox and/or allow the A/V to work by ignoring the SB container. There are many other A/V software we've tested that works with SBIE. That's updated in our forum regularly and other long term, seasoned SBIE users have agreed Defender is all you need if your are curious what MAY be in the sandbox.

    Again, if SBIE is your primary protection, then the "extra" layer is just that...a feel good layer to see what is in the Sandbox.

    As for templates, That's not only an invincea issue. The original creator of SBIE wasn't a fan of templates either. Why should we waste resources on making A/V work with us when it's not needed overall & usually directly interferes with our product? We do that as a courtesy.

    As for other "Sandboxing" programs, well.... All I can say, there is only one Sandboxie. Proven. For over a decade. With 4+ million users.

    But you have Webroot....
  3. shmu26

    shmu26 Level 57

    Jul 3, 2015
    Windows 10
    Hey, I use Sandboxie too, my intent was not to criticize. You're doing a great job over there. I am just asking the community for input and advice, since I'm not a dev or a tester, and an ordinary user like me will let files out of the sandbox sooner or later, so it's good to have an effective AV as well. After all, some malware hides itself in a virtualized environment, so you can never be sure.
    The goal is multi-layered protection, in my opinion.
  4. Morvotron

    Morvotron New Member

    Mar 24, 2015
    I can think on many ways to say that without being so agressive.

    Regarding to your question @shmu26, i've only used Sandboxie back on Windows 7 or virtual machines. On this Windows version, Sandboxie seemed to work well with my antivirus software, which name i can't remember right now. On virtual machines, i only tested Sandboxie on its own. Here on Windows 10 i've had way too many problems to install it and make it work, and very little time to ask for assistance on the forums, so i just rely on my main AV and tiny weightless complements to maximize security. Now about compatibility, Sandboxie Help Account has just said everything that could be said.
    Yash Khan, TerrakionSmash and davisd like this.
  5. FleischmannTV

    FleischmannTV Level 7

    Jun 12, 2014
    Windows 10
    I am of sorry if this sounds condescending, but in my opinion this so called "multi-layered protection" approach is a fallacy advertised by security forums and producers of companion products. The foundation of falling for this fallacy is the lacking of understanding how 1. Windows works, 2. malware works, 3. how malware prevention products work.
    TerrakionSmash and Yash Khan like this.
  6. XhenEd

    XhenEd Level 27
    Content Creator Trusted

    Mar 1, 2014
    Windows 10
    Someone's having a bad day at Invincea. :D

    Anyway, if a software is not in the current incompatibility list of Sandboxie, then I think that it may work fine. But, of course, any problem should be reported, so that adjustments can be made.
    Yash Khan likes this.
  7. Umbra

    Umbra Level 61
    Content Creator

    May 16, 2011
    Beta tester
    Europe > S-E Asia
    Windows 10
    #7 Umbra, May 12, 2016
    Last edited: May 12, 2016
    i disagree, an OS should be protected from all attack vectors , if a single product does it , good, if not you need to fill the holes; in that case you need other softs , this is called the "multi-layer".

    you have a firewall = layer
    you have a AV = layer
    you have an anti-exploit = layer

    now those layers can be covered by a single product or by many.

    i'm using WD because i use Win10 ; i don't like Real-time AV.

    sandboxie is a full virtualization mechanism while the one in WSA is policy-one. nothing to conflict. at one time time i used both together but never used WSA sandbox; Sandboxie was safer and more convenient.
  8. shmu26

    shmu26 Level 57

    Jul 3, 2015
    Windows 10
    that's interesting, so what is your security
    could you please elaborate a little bit?
    I assume your approach is to use a single security product to its max?
    Sunshine-boy and Yash Khan like this.
  9. shmu26

    shmu26 Level 57

    Jul 3, 2015
    Windows 10
    I saw from your security configuration that you use kaspersky. That's probably why you had grief from SBIE on windows 10.
    The only way I could get chrome to start up sandboxed with your configuration was by temporarily exiting kaspersky.
    Sunshine-boy and Yash Khan like this.
  10. Duotone

    Duotone Level 9

    Mar 17, 2016
    Windows 7
    #10 Duotone, May 13, 2016
    Last edited: May 13, 2016
    Yash Khan likes this.
  11. Kubla

    Kubla Level 3

    Jan 22, 2017
    United States
    #11 Kubla, Jan 22, 2017
    Last edited: Jan 22, 2017
    I have Kaspersky Total Security working with Chrome in Sandboxie but I had to disable scanning encrypted connections in Kaspersky but this is only for Chrome.

    Hitman Pro Alert works as well.

    * Note I found that running Chromium or Chromium trunks like Iron browser or Brave Browser disabling encrypted connections scaning was not needed.
    Yash Khan and shmu26 like this.
Similar Threads Forum Date
Add-on 3P Request Blocker blocks all third-party requests in Firefox Browsers and Extensions Feb 9, 2018
Unlimited Giveaway Digiarty Giveaway Party- 7 Software Programs Free Download (Total Worth $434) Giveaways Archive Jan 30, 2018
Poll Prevent 3rd-Party Apps from "Spying" within Firefox Browsers and Extensions Dec 22, 2017
  • About Us

    Our community has been around since 2010, and we pride ourselves on offering unbiased, critical discussion among people of all different backgrounds about security and technology . We are working every day to make sure our community is one of the best.
  • Need Malware Removal Help?

    If you're being redirected from a site you’re trying to visit, seeing constant pop-up ads, unwanted toolbars or strange search results, your computer may be infected with malware. We offer free malware removal assistance to our members in the Malware Removal Assistance forum.
  • Quick Tip

    Without meaning to, you may click a link that installs malware on your computer. To keep your computer safe, only click links and downloads from sites that you trust. Don’t open any unknown file types, or download programs from pop-ups that appear in your browser.