Configure CIS to ignore eveything in a sandbox (Sandboxie)

The server kept disconnecting when I tried to update CIS so I downloaded the offline installer. Problem is, I forgot to back up all my settings so I’m starting fresh.

On the older CIS version I had HIPS ignore everything that was in Sandboxie’s sandbox (E:\Sandboxie*) because it would lockup games which would lock up my computer. With the current CIS version it doesn’t work. I have over 40 sandboxes and every time I run something HIPS is always giving me a pop-up for a response.

This is the steps I took:


ADD - E:\Sandboxie*

Tick “Use a Custom Ruleset” and in Copy From drop-down box, select Ruleset\Allowed App

In ACCESS RIGHTS, row RUN AN EXECUTABLE, click on MODIFY (0\0) to open a new window.

Click on ADD button and then select FOLDERS

In the BROWSE FOR FOLDER windows navigate to Sandboxie’s main folder

Click OK on all the relevant boxes.

I’m not sure what I’ve done wrong. Am I missing something?
Auto-Containment & VirusScope are disabled. HIPS is set to Safe Mode.

To save your settings to use for later use the Import/Export in configuration section.

As to create a HIPS rule to apply to a group of files or folders, you first need to create a file group then use the file group as the bases for the rule.

I created a new File Group called “Sandboxie” and then I add the main folder that has all of the sandboxes (E:\Sandboxie). Now I’m stumped. I’m not familiar with using the file rating. How do I use this group to get HIPS to ignore it?

Just create a new HIPS rule and use that file group by clicking on browse > file groups.

Oh, I think I understand. I create a new HIPS rule by selecting Sandboxie File Group. Then I create the steps I mention in my original post and now HIPS should ignore everything in a sandbox, right?

It didn’t work. HIPS is still prompting me with items in a sandbox. I don’t understand why this isn’t working.

Can you show the rule you made and what type of HIPS alert you are getting? Are you sure the applications are being run from sandboxies folder? Next time you get a HIPS alert, click on the application name in the alert to bring up the file properties window and check location area.

I have Skype installed in a sandbox and when I ran it, HIPS popup says:

Skype.exe is trying to execute cmd.exe

I can confirm it is sandboxed. As far as the rule, I did as you suggested - created a new File Group called Sandboxie and then add it’s main folder so it would apply to all the sandboxes within that folder.

Then I went into HIPS, clicked on ADD to bring up the Rule window. I clicked on BROWSE for the Name and went to: File Group\Sandboxie.


In the Access Rights panel, the row that says RUN AN EXECUTIBLE
Under Exclusions I clicked on Modify.

In the Allowed Files/Folders tab, I clicked on ADD went to Folders and selected SANDBOXIE which for me is E:\Sandboxie. Clicked all the OK buttons to finish it up.

I thought this would work but I’m definitely missing something. Do you have any idea?

cmd.exe is not located in the sandbox folder, so the rule will only work for applications wanting to execute other applications that are located in the sandbox folder. Instead you should add the executables file group to the allowed section of run an executable access right.

Sweet! You’re the best, Futuretech. Thank you! :-TU :slight_smile: