Sandboxie/CIS Start Problem - workaround from Tzuk

I made the following post over at the Sandboxie Forums to get their response to the problem of CIS not letting Sandboxie Start on some Windows operating systems and fortunately it drew an official response from tzuk the designer of Sandboxie…

Posted: Sun Jun 06, 2010 4:23 pm

Maxxwire wrote:
A Comodo Global Moderator named languy99 recently made this statement concerning the Sandboxie kernel driver not being able to start under Comodo v4.1…

“what I think is going on is that sandboxie hooks into the kernel just like CIS does, well with this update CIS is protecting the kernel and hooks a lot more and basically breaks sandboxie by not letting it in. This fix from CIS came from the problem reported by matousec on kernel hooking. http://www.matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php

Because of these Comodo kernel security improvements it sounds like the last version of CIS that will work with Sandboxie is v4.0.

~Maxx~

[b]No, kernel protection is not relevant to this problem.

On Windows 7, CIS is blocking SbieSvc (the Sandboxie service) from being able to start SbieDrv (the Sandboxie driver). The service gets access denied error with no prompt from COMODO. But you can go to a administrator commad prompt and enter “net start sbiedrv” to start the driver manually.

I’m sure this problem is not intentional, and it is interesting to note that it does not happen on Windows XP. But it serves no purpose to make complicated guesses about the cause of this . . . What they should do is fix the problem.


tzuk[/b]

I can confirm this aswell there is no problem manually starting the driver then manually starting the service.

But CIS 4.1 will not allow the sandbox service to start the driver even though the default rules for SbieSvc.exe allow this.

Dennis

[attachment deleted by admin]

I think I will sticky this

Hope that’s OK

Mouse

So something like the following should automate it:

Make a restore point first!

Set both services (Sbiesvc & SbieDrv) to manual in control panel ~ admin tools ~ services. And disable autostart of GUI program (if any), maybe using sysinternal autoruns.

Create following text file in notepad, and save as sandboxie.cmd

NET START “SbieSvc”
NET START “SbieDrv”
START <path\executable name> for the sandboxie GUI (I presume there is one)

Then make a shortcut to sandboxie.cmd in the startup folder.

If you try this and have to mod it please post mods here, I will unlock. I don’t have sandboxie so I cannot test - sorry!

Best wishes

Mouse

Todays update has fixed the SBIE problem,at least for me anyway. :wink:

That’s great to know. Thanks.

Mouse

Yup that the least I expected from you guys ,

that’s what comodo is all about , they listen to their users and bring it in reality in the next release

a big thanks from SA :ilovecomodo: