Jump to content
Login new information ×
Login new information

Sandboxie 5.41.0

Karamjit

By Karamjit
in News & Updates

Recommended Posts

Karamjit

Karamjit

Posted
Posted

Sandboxie is a software uses isolation technology to separate programs from your underlying operating system preventing unwanted changes from happening to your personal data, programs and applications that rest safely on your hard drive. With it, you can secure your favorite web browser and block malicious software, viruses, ransom-ware and zero day threats by isolating such attacks in the Sandbox; leaving your system protected. You can also run your favorite email program in Sandboxie so you never have to worry about suspicious attachments or spear phishing attacks. It provides data protection as it restricts and blocks internet websites and programs from accessing your personal data (i.e. My Documents), files & folders on your system. With it, you can safely test and try new programs and applications within Sandboxie and prevent unauthorized changes to your underlying system that may occur. Sandboxie runs on all the latest operating systems, supports all major web browsers and comes with small footprint on the hard drive space with simple installation.


Download

Link to comment
Share on other sites
  • Replies 9
  • Views 3.1k
  • Created
  • Last Reply
HJSC

HJSC

Posted
Posted

This has never happened before, but Bitdefender has detected the SbieDrv.sys file as a trojan. This happened in the 64-bit installer.

 

VirusTotal analisys:

 

SbieDrv.sys (64-bits installer) 

https://www.virustotal.com/gui/file/ff07f539c9ec3ae8931d08f7bdd6e256c9982032667f741549e4d6f4443e3d46/detection

SbieDrv.sys (32-bits installer) 

https://www.virustotal.com/gui/file/792fb214123523384e1044a6fae6e1143793bc6ba15a7d7d9d9837a95cec37e1/detection

 

Link to comment
Share on other sites
RecursiveRegistrations

RecursiveRegistrations

Posted
Posted

@HJSC This is happening because Sandboxie is now open source, and the version that is being shared was built by someone on GitHub using a leaked signing certificate for signing the drivers.

Link to comment
Share on other sites
senchi

senchi

Posted
Posted
19 minutes ago, HJSC said:

This has never happened before, but Bitdefender has detected the SbieDrv.sys file as a trojan. This happened in the 64-bit installer.

 

VirusTotal analisys:

 

SbieDrv.sys (64-bits installer) 


https://www.virustotal.com/gui/file/ff07f539c9ec3ae8931d08f7bdd6e256c9982032667f741549e4d6f4443e3d46/detection

SbieDrv.sys (32-bits installer) 


https://www.virustotal.com/gui/file/792fb214123523384e1044a6fae6e1143793bc6ba15a7d7d9d9837a95cec37e1/detection

 

 

According to the Author :

 

Quote

The SbieDrv.sys driver must be signed, and since the appropriate certificates are prohibitively expensive, I head to use a leaked code signing certificate I found laying around the Internets.
This means some anti malware applications flag it as potentially dangerous: https://www.virustotal.com/gui/file/f1587c91eb6ff49c20fa1f026358ebe8f9bc10625f86013c975abe894cd146ac/detection

 

Link to comment
Share on other sites
nanana1

nanana1

Posted
Posted
43 minutes ago, HJSC said:

This has never happened before, but Bitdefender has detected the SbieDrv.sys file as a trojan. This happened in the 64-bit installer.

 

VirusTotal analisys:

 

SbieDrv.sys (64-bits installer) 


https://www.virustotal.com/gui/file/ff07f539c9ec3ae8931d08f7bdd6e256c9982032667f741549e4d6f4443e3d46/detection

SbieDrv.sys (32-bits installer) 


https://www.virustotal.com/gui/file/792fb214123523384e1044a6fae6e1143793bc6ba15a7d7d9d9837a95cec37e1/detection

 

 

I have the same trojan detection by ESET who immediately deleted the 64-bit installer exe file upon complete download 😣 

Link to comment
Share on other sites
BogusByte

BogusByte

Posted
Posted

...so until someone with a real legit code signing certificate takes it under their wings...  this is just another on the "Good while it lasted" software list :(

Link to comment
Share on other sites
HJSC

HJSC

Posted
Posted

@RecursiveRegistrations Well, I noticed that the Sandboxie-Plus was posted in another section, so I thought this version was from Sophos.

 

@senchi It is a somewhat complicated subject, as the author should already have in mind that this lack of signature would bring a lot of headaches.

I remember that an app was posted on the forum that digitally signed the SbieDrv.sys file when Sandboxie was still being paid. But I don't think it is a viable solution on this issue.

 

@nanana1 Here the Bitdefender does not detect the installer as malicious, it just blocked the SbieDrv.sys file and removed it after a restart. The ESET NOD32 is one of the best AVs that I have had the opportunity to use. It takes up little space, great detection rate, low resource consumption, etc.

 

@BogusByte That's what it looks like, unfortunately. I really liked the Sandboxie, so I bought a lifetime license.

Link to comment
Share on other sites
yaschir

yaschir

Posted
Posted
7 hours ago, HJSC said:

This has never happened before, but Bitdefender has detected the SbieDrv.sys file as a trojan. This happened in the 64-bit installer.

 

VirusTotal analisys:

 

SbieDrv.sys (64-bits installer) 


https://www.virustotal.com/gui/file/ff07f539c9ec3ae8931d08f7bdd6e256c9982032667f741549e4d6f4443e3d46/detection

SbieDrv.sys (32-bits installer) 


https://www.virustotal.com/gui/file/792fb214123523384e1044a6fae6e1143793bc6ba15a7d7d9d9837a95cec37e1/detection

 


The digital certificates of these files are not detected as malware when removed.

VTR: https://www.virustotal.com/gui/file/06417f675957ea4d27c821abb19c4cdf6be300a28863a7a2f8ab05d5f9ccff13/detection

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...