New Update Sandboxie-Plus v1.6.6

bjm_

Level 14
Thread author
Verified
Top Poster
Well-known
May 17, 2015
667
Sandboxie Plus v1.6.6 - Latest
https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.6.6
Improved trace log and fixed a few bugs.

You can support the project through donations, any help will be greatly appreciated.
If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build.


As far as I'm aware. DavidXanatos does not monitor MalwareTips.
Maybe, post over on Wilders - Sandboxie-Plus v1.6.6

Also for improved reliability you can check the downloads on the project homepage: Downloads | Sandboxie-Plus where only known good builds are posted about a week or two after the github release.

Sandboxie-Plus Migration Guide
https://github.com/sandboxie-plus/sandboxie-docs/blob/main/Content/PlusMigrationGuide.md
 
Last edited:

zkSnark

Level 5
Verified
Well-known
Jan 13, 2019
203
I downloaded Sandboxie-Plus v1.6.6 from Github. While installing, Emsisoft did not let it install and quarantine as shown in screenshot below. I can manually allow to install but why is Emsisoft blocking this?

sandboxieplus.png
 

bjm_

Level 14
Thread author
Verified
Top Poster
Well-known
May 17, 2015
667
FWIW ~ OSArmor blocks 1.6.6 tmp files because they're not signed.
Maybe, Emsisoft has similar internal rule.
Code:
Process: [11120]C:\Users\bjm\AppData\Local\Temp\is-B5TN5.tmp\Sandboxie-Plus-x64-v1.6.6.tmp
Process Size: 2.87 MB (3,014,144 bytes)
Process MD5 Hash: D3DB824399FF824208F538ADC536A7F7
Parent: [11228]C:\Users\bjm\Desktop\1.6.6\Sandboxie-Plus-x64-v1.6.6.exe
Parent Process Size: 17.64 MB (18,499,984 bytes)
Rule: BlockUnsignedProcessesAppDataLocal
Rule Name: Block execution of unsigned processes on Local AppData
Maybe, Emsisoft Behavior Blocker is on the job.
To stop new and emerging threats, Emsisoft Anti-Malware Home continuously monitors the behavior of all active processes and immediately raises an alert if suspicious activity is detected.
 
Last edited:

zkSnark

Level 5
Verified
Well-known
Jan 13, 2019
203
FWIW ~ OSArmor blocks 1.6.6 tmp files because they're not signed.
Maybe, Emsisoft has similar internal rule.
Code:
Process: [11120]C:\Users\bjm\AppData\Local\Temp\is-B5TN5.tmp\Sandboxie-Plus-x64-v1.6.6.tmp
Process Size: 2.87 MB (3,014,144 bytes)
Process MD5 Hash: D3DB824399FF824208F538ADC536A7F7
Parent: [11228]C:\Users\bjm\Desktop\1.6.6\Sandboxie-Plus-x64-v1.6.6.exe
Parent Process Size: 17.64 MB (18,499,984 bytes)
Rule: BlockUnsignedProcessesAppDataLocal
Rule Name: Block execution of unsigned processes on Local AppData
Emsisoft says

Behavior Blocker detected suspicious behavior "HiddenInstallation" of C:\Users\King\AppData\Local\Temp\is-N5ETA.tmp\Sandboxie-Plus-x64-v1.6.6.tmp (SHA1: FBA85962F6C6AA2E0B193035639BB86D63A1B2DE)

A notification message "Suspicious behavior has been found in the following program: C:\Users\King\AppData\Local\Temp\is-N5ETA.tmp\Sandboxie-Plus-x64-v1.6.6.tmp" has been shown
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top