Antivirus/Anti-malware|SBIE v5+[working/not][Updated 7/14/17]

Please post your problem description here

Moderator: Barb@Invincea

nicknomo
Posts: 89
Joined: Mon Aug 02, 2010 3:15 am

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 8/2]

Post by nicknomo » Tue Jun 27, 2017 10:31 pm

Barb@Invincea wrote:
Tue Jun 27, 2017 11:57 am
Hello nicknomo,

You can either disable BitDefender, or add "WriteFilePath=C:Program Files\Bitdefender Antivirus Free\*" to your Global configuration in Sandboxie.

Open Sandboxie Control --> Configure --> Edit configuration
Paste the following at the end of [GlobalSettings]
WriteFilePath=C:\Program Files\Bitdefender Antivirus Free\*

Let me know if that works.

Regards,
Barb.-
Thanks for the help...

Chr1s
Posts: 14
Joined: Sat May 25, 2013 2:37 am

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 8/2]

Post by Chr1s » Fri Jun 30, 2017 6:55 pm

nicknomo wrote:
Tue Jun 27, 2017 10:31 pm
Barb@Invincea wrote:
Tue Jun 27, 2017 11:57 am
Hello nicknomo,

You can either disable BitDefender, or add "WriteFilePath=C:Program Files\Bitdefender Antivirus Free\*" to your Global configuration in Sandboxie.

Open Sandboxie Control --> Configure --> Edit configuration
Paste the following at the end of [GlobalSettings]
WriteFilePath=C:\Program Files\Bitdefender Antivirus Free\*

Let me know if that works.

Regards,
Barb.-
Thanks for the help...
Finally found a solution to this issue... thanks.
Isn't it possible for sanboxie to automatically change its config if bitdefender free is detected?

lopezgreat
Posts: 11
Joined: Sat May 16, 2009 8:45 am

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 8/2]

Post by lopezgreat » Mon Jul 03, 2017 10:02 am

report: firefox will not work with sandboxie using symantec endpoint protection (generic exploit mitigation enabled)

btw so what antivirus & firewall is compatible with sandboxie now?

Barb@Invincea
Sandboxie Support
Sandboxie Support
Posts: 2470
Joined: Mon Nov 07, 2016 3:10 pm

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 8/2]

Post by Barb@Invincea » Mon Jul 03, 2017 10:50 am

Hello lopezgreat,

What is the exact issue that you are experiencing?

See the first page of this post for possible options:
viewtopic.php?f=11&t=21539

Regards,
Barb.-

Barb@Invincea
Sandboxie Support
Sandboxie Support
Posts: 2470
Joined: Mon Nov 07, 2016 3:10 pm

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 8/2]

Post by Barb@Invincea » Fri Jul 07, 2017 9:58 am

All,

Regarding ESET and a possible SBIE2101 error with Firefox:

viewtopic.php?f=61&t=24329&p=129027#p129021

Regards,
Barb.-

Syrinx
Sandboxie Guru
Sandboxie Guru
Posts: 620
Joined: Fri Nov 13, 2015 4:11 pm

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 7/14/17]

Post by Syrinx » Tue Aug 01, 2017 3:30 pm

I took BitDefender Total Security 2018 for a test run in a Windows 10 x64 CU VM after seeing some posts here and also got the -4 errors.

Longish story short I found that I could stop these errors and prevent the program (in this case firefox) from crashing by blocking the related "BitDefender Active Threat Control Usermode Filter" dll from getting loaded in the sandboxed process.
Adding something like ClosedFilePath=*atcuf*.dll did the trick in my tests and should work across BitDefender builds with different folder structures but carries a small risk of catching a similarly named (but unrelated) dll

In the end using something like

Code: Select all

ClosedFilePath=*BitDefender*atcuf*.dll
wouldn't carry such a risk and it should do the trick across build types [untested].

This method would be slightly better IMO as it blocks access to the involved dll in order to prevent the crash but also allows the other BD dlls to get injected normally so that less 'potential protection' is lost for the sandboxed app(s).
Goo.gl/p8qFCf

Syrinx
Sandboxie Guru
Sandboxie Guru
Posts: 620
Joined: Fri Nov 13, 2015 4:11 pm

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 7/14/17]

Post by Syrinx » Wed Aug 02, 2017 1:29 am

I looked over the first page again and noticed the Kaspersky entry still says:
Kaspersky Internet 2015/16 (Windows 10, and 8/8.1 as well) (Must be removed for SBIE to function correctly) [On Win 7/8.1 that have SBIE excluded in KIS 2015, users have had some success ]
I haven't checked it recently but back when I did last a similar .dll block as the BD one mentioned above did the trick in my tests.

viewtopic.php?f=11&t=23420&p=124072#p124069

Code: Select all

ClosedFilePath=*klsihk*.dll
Figured I might as well tack it on here as well even if it is rather belated.
Goo.gl/p8qFCf

searchlight4759
Posts: 36
Joined: Wed Oct 25, 2006 8:27 pm

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 7/14/17]

Post by searchlight4759 » Wed Aug 02, 2017 8:39 am

Syrinx wrote:
Tue Aug 01, 2017 3:30 pm
I took BitDefender Total Security 2018 for a test run in a Windows 10 x64 CU VM after seeing some posts here and also got the -4 errors.

Longish story short I found that I could stop these errors and prevent the program (in this case firefox) from crashing by blocking the related "BitDefender Active Threat Control Usermode Filter" dll from getting loaded in the sandboxed process.
Adding something like ClosedFilePath=*atcuf*.dll did the trick in my tests and should work across BitDefender builds with different folder structures but carries a small risk of catching a similarly named (but unrelated) dll

In the end using something like

Code: Select all

ClosedFilePath=*BitDefender*atcuf*.dll
wouldn't carry such a risk and it should do the trick across build types [untested].

This method would be slightly better IMO as it blocks access to the involved dll in order to prevent the crash but also allows the other BD dlls to get injected normally so that less 'potential protection' is lost for the sandboxed app(s).
I have the same BitDefender as you, and same problem. I inserted this line at the end of Global Settings, and now there is no conflict while running with BTS 2018, no error messages appear. I am assuming this is correct, and will not compromise my PC or Browser security?

Btw, will this custom workaround be added or hard coded into v5.21 so that BTS 2018 can work with Sandboxie with no further conflicts?

Syrinx
Sandboxie Guru
Sandboxie Guru
Posts: 620
Joined: Fri Nov 13, 2015 4:11 pm

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 7/14/17]

Post by Syrinx » Wed Aug 02, 2017 5:20 pm

searchlight4759 wrote:
Wed Aug 02, 2017 8:39 am
I have the same BitDefender as you, and same problem. I inserted this line at the end of Global Settings, and now there is no conflict while running with BTS 2018, no error messages appear. I am assuming this is correct, and will not compromise my PC or Browser security?
It will not compromise your PC or general browser security per se as it will only affect applications ran inside sandboxie. Most of the BitDefender protections will still be applied normally, including traditional signature scans and the Active Virus Control Usermode Filtering Library. By denying access to the ATC dll, which is involved in the crash, we have specifically cut out part of the usermode side of BitDefenders ATC Monitoring but just for sandboxed apps. I'm fairly at ease saying you won't be missing out on much in the case of BD ATC, so far as I understand it, because most of its protections are redundant or irrelevant when the application in question is already running inside SBIE IMHO.
Goo.gl/p8qFCf

searchlight4759
Posts: 36
Joined: Wed Oct 25, 2006 8:27 pm

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 7/14/17]

Post by searchlight4759 » Wed Aug 02, 2017 5:26 pm

Thanks for the reply.

Is this workaround going to appear in v5.21 when it is released, or will it be standard for those using BitDefender to manually make the adjustment as you described in the global settings?

Barb@Invincea
Sandboxie Support
Sandboxie Support
Posts: 2470
Joined: Mon Nov 07, 2016 3:10 pm

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 7/14/17]

Post by Barb@Invincea » Wed Aug 02, 2017 5:31 pm

Hello searchlight4759,

After workarounds are reviewed by the devs, they might get added to a future beta / release of Sandboxie.
When that happens, a notification is added to the original posts, and there is also a mention in the build's notes about it.

Regards,
Barb.-

bjm
Posts: 462
Joined: Sat Aug 02, 2008 4:24 pm

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 7/14/17]

Post by bjm » Sun Sep 03, 2017 11:05 am

FWIW
ZoneAlarm Free Antivirus + Firewall version: 15.1.504.17269 feels okay.
Sandboxie processes may be set to any Trust Level.
972.png
YMMV

W10 + Fx55.0.3
Sandboxie 5.25.4 - W10 Home 1709 - WebrootSA 9.0.20.31 - Chrome

Syrinx
Sandboxie Guru
Sandboxie Guru
Posts: 620
Joined: Fri Nov 13, 2015 4:11 pm

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 7/14/17]

Post by Syrinx » Tue Sep 05, 2017 1:29 pm

It seems a newer version of AVG (17) now causes problems with some apps, mainly browsers and pdf readers when they are ran in SBIE.
viewtopic.php?f=11&t=24849
viewtopic.php?f=11&t=24840
viewtopic.php?f=11&t=24841

You can add this in the boxes you are having problems with alongside the new version of AVG to prevent the crash.

Code: Select all

ClosedFilePath=*avg*snxhk*.dll
or via the GUI Sandbox Settings > Resource Access > File Access > Blocked Access > Add >

Code: Select all

*avg*snxhk*.dll
Goo.gl/p8qFCf

Tambourineman
Posts: 1
Joined: Mon May 11, 2015 11:16 am

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 7/14/17]

Post by Tambourineman » Thu Sep 07, 2017 8:14 pm

Syrinx wrote:
Tue Aug 01, 2017 3:30 pm
I took BitDefender Total Security 2018 for a test run in a Windows 10 x64 CU VM after seeing some posts here and also got the -4 errors.

Longish story short I found that I could stop these errors and prevent the program (in this case firefox) from crashing by blocking the related "BitDefender Active Threat Control Usermode Filter" dll from getting loaded in the sandboxed process.
Adding something like ClosedFilePath=*atcuf*.dll did the trick in my tests and should work across BitDefender builds with different folder structures but carries a small risk of catching a similarly named (but unrelated) dll

In the end using something like

Code: Select all

ClosedFilePath=*BitDefender*atcuf*.dll
wouldn't carry such a risk and it should do the trick across build types [untested].

This method would be slightly better IMO as it blocks access to the involved dll in order to prevent the crash but also allows the other BD dlls to get injected normally so that less 'potential protection' is lost for the sandboxed app(s).
BitDefender just updated my Total Security 2017 to 2018 and Sandboxie stopped starting. I tried disabling every BD TS module, but no joy. I un-installed BD TSand now Sandboxie starts and runs again. I will reinstall BD TS and try these fixes. Thanks so much for posting them.

lopezgreat
Posts: 11
Joined: Sat May 16, 2009 8:45 am

Re: Antivirus/Anti-malware|SBIE v5+[working/not][Updated 7/14/17]

Post by lopezgreat » Fri Sep 15, 2017 3:32 am

report:
sandboxie 5.20 NOT working with Symantec endpoint protection v14 when Generic Exploit Mitigation enabled (tried sandboxied firefox with error 0xc0000142)

works when Generic exploit mitigation turned off

btw so with sandboxie we can only use windows build-in firewall?

Post Reply

Who is online

Users browsing this forum: Majestic-12 [Bot] and 13 guests