I am testing an application wich I am %100 shure has a lot of viruses. Is capable of disconnect my vpn secure client connection (proxpn and anchorefree and trustconnect) Its also capable belive it or not to avoid and dodge sandboxie protection. The problem is it wont start if I sandbox it with comodo CIS. I put the level of sandbox in minimum, partially limited I think, and even there it wont start. What you guys recommend me to do, I wanna give it a shot and see if comodo sandbox is stronger and capable of stop any malicious activity like the one discribed above from this application. I am kinda noob with comodo sandbox part only, I haven study very well that part.
Can some one help me? If you guys need anything from me just tell me.
As far as I know, there are some programs which can detect the presence of Sandbox or any virtual environment and they simply stop executing. If yours is such a case, there is no easy workaround.
May be some one else can tell some other idea…
With sandboxie is capable of running the infected application with no problems. In the past sandboxie did the trick, and the virus isolated was not capable of disconnect vpn secure connection client. Then they release an update for this virus or infected application that is capable of dodge sandboxi security, and now able to disconect your vpn no matter if is inside of sandboxie.
Thats why I wanna make the infected application run but with CIS sandbox. To see if is capable of stop this intrusion. But like I said before, it wont start
Ohh I see. Well I was trying to run the exe file of the infected application that was installed on my pc, and didnt open.
Now I am running the installer of the infected application and lucky me, it works, it opens the application once it has been installed. The only problem is once it gets installed I need to close it completly and then open it again. But I dont see where the infected application has been installed, is there a folder where I can go to open the exe file? There is no shorcuts on desktop. How can I reopen it. OMG it kinda work after all. I am pretty shure that if I do this in comodo, virus is not going to be able to disconnect my vpn. Which is great news
If you have proves of bypassing sandboxie, let them know.
Does the bypass work with “lowered user rights” checked in sandboxie?
Are the disabled things enabled again after you close the last program in sandboxie?
Gets your sandboxie erased after closing the last program?
I havent try what you are describing about, what do you mean: Does the bypass work with “lowered user rights” checked in sandboxie? Where can I found this option, so I can enable it.
Maybe that would do the trick with sandboxie, but I dont see the option check mark or something
Open the main window of sandboxie.
Switch “View” to: Programs
Right click on Sandbox default sandbox in the list then.
Choose: Sandboxie settings
There
Restrictions
Restrict rights: x Restrict the rights for administrator and user groups
If you are anyway in contact with the developer of sandboxie in this case, you could suggest him to make the settings better accessable. Especially if it would do the trick against your file example
