How to identify malicious programs in Sandboxie

[Bizarre™]

@shought:

Well it's your choice if you want to execute an unknown .exe file.

As for me, I always stay on the safe side.

But hey, each to his own ;)

[shought]

@shought:

Well it's your choice if you want to execute an unknown .exe file.

As for me, I always stay on the safe side.

But hey, each to his own ;)

Live on the edge man! :w00t:

[karachidude]

@ Shought

i hope u got my last PM.It was a thank u and a suggestion.

My connection is crapy and bails on me a lot :)

[manpe]

I'm with shought here :P I'm too lazy to use sandboxie. I just take a hunch running an executable. If I get infected, well... yeaaah :afro:

[DKT27]

+1. Even I'm too lazy to run it. :P

But I do run it on special programs that have 99% chances of gettin infected.

[karachidude]

i have learnt my lesson..lol...i will use sandboxie from now on to execute keygens :)

[DKT27]

Good. Even I will do the same from now on.

But I have a question.

Suppose I downloaded a keygen in .zip, .rar whatever format. And I open the compressed file in sandbox. Now when I try to extract/open the keygen, will it be extracted from outside the sandbox from my temp files or inside the sandbox?

[karachidude]

that depends on ur choice,u can force ur FF to always start in sandboxie mode like i do with chrome and IE8,now when u download through a sandbox brower,at the end of the download sandboxie will ask u if u want to recover the file to some folder,if u want to recover the file use the browse option and select any folder u want to send it to.

If u dont recover ur keygen to another place,the keygen wll stay in the sandbox.u can do to the C: drive and explore and find the keygen,or u can explore ur sandbox through provided options in the sandboxie control.Now in this situation the keygen is the sandbox and u can easily run and use it.

But as a matter of fact u dont need to keep the sandbox,u can extract it anywhere on ur harddisk like on the desktop because extration cannot cause exucution of any .exe inside the Winrar or Winzip.

What u really need to do is just drag the keygen to the sandboxie control,and let the sandboxie execute it,and look for bad behaviour.

If u want to play the safest,just let it download in the sandbox,and execute it there directly.Anything executed in the sandbox in safe.

[DKT27]

Well I wanted the answer for Winzip etc. ANW i got my answer anyway.

[karachidude]

i think i covered that.if it isnt sufficient for u,u can always ask others for advice.

[Bizarre™]

Live on the edge man! :w00t:

Been there, done that.

I'm a changed man.

I don't like living on the edge any longer.

[Jota.Ce]

I'm with shought here :P I'm too lazy to use sandboxie. I just take a hunch running an executable. If I get infected, well... yeaaah :afro:

xDDDDDDDDDDDDDDDDD

I've survived 2 MF rootkits which took me many hours to be free from, and a lame keylogger VERY easy to get rid of.

I'm always saying i'll try Sandboxie, but... i'm way tooooooooooooooo lazy to try new software.

[DKT27]

I have faced two stealers before I came to know about sandbox. Many people would be knowin that stealers are not easily detectable.

[shought]

I'm with shought here :P I'm too lazy to use sandboxie. I just take a hunch running an executable. If I get infected, well... yeaaah :afro:

xDDDDDDDDDDDDDDDDD

I've survived 2 MF rootkits which took me many hours to be free from, and a lame keylogger VERY easy to get rid of.

I'm always saying i'll try Sandboxie, but... i'm way tooooooooooooooo lazy to try new software.

@manpe

I was actually thinking about using that emote as well :P

@Jota.Ce

I just had to clean my parent's PC of a really annoying rootkit. The thing is you can't be 100% sure if you actually fixed it... So I'll have to monitor the situation for a few days :)

[box]

Please remember, Sandboxie, by default in the settings, allows all programs to read all the data on your computer. So a special malware that knows where to look may see what it wants then phone home. It doesn't take much to steal passwords. You still need HIPS, firewall, and antimalware while running programs in Sandboxie. Also make sure that you terminate and delete all the contents in Sandboxie as soon as possible.

I too once used to be lazy. Then I realized that it was more work.

[DKT27]

Box you are right. How could I miss that. :)

BTW there is nothin to download on the Post #1 and #2 on this thread as your siggy has mentioned. :P

[karachidude]

@Box

thankx for the input

[Bizarre™]

I too once used to be lazy. Then I realized that it was more work.

+1 Finally, someone who understands my POV :dance2: