Windows 7: returnil & sandboxie freeware

Ive been useing this combo for sometime now, and i havent found any malware able to bypass as of yet. So why do you need antivirus, hipps, bb, firewalls, etc?

Sandboxes and other virtual environments have their place but I would say only for testing purposes or for developers. E.g. when you run your browser, it makes changes to your system- registry settings, internet caches, browsing history etc. Plus downloads including any malware and spyware install themselves onto your hdd. When you run the same thing in a sandbox, all those changes still appear to be happening, but they're never actually permanently written to disk- when you exit the browser and the sandbox, all those changes disappear.

So what if I want to save all the history or make a persistent change? Yes, if you mean the user decides to do all the "risky" browsing in sandboxie, thats a good idea. But then these days, malware comes in so many shapes and sizes and from so many sources that its impossibe to categorize risky or safe. So should I run in sandboxie all the time? Thats not a feasible idea.

Thats where an AV comes in. A good layered security with an AV, firewall and on-demand scanner will save you from all kinds of attacks wherever they may be coming from- the user doesnt have to take the dicey decision of what to browse in a sandbox and what outside.

Also, Sandboxie runs only in 32 bit windows. Plus there is a bit of a learning curve about handling a virtual environment. I'll need to do some R&D but i think there are some malwares designed for sandboxes as well. A sandbox is also not a firewall, it cant save you from hacking attacks. Even in a sandbox, your IP address remains unchanged and is visible.

I am running windows 7 64, but thank you for your reply.
You maybe right about the rest.

Source: Sandboxie - Notes About 64 Bit Edition

At the very least, a firewall should be used to keep intruders/hackers out.

Unless you use the Restriction settings of Sandboxie and/or the Anti-Execute setting of Returnil, there is nothing stopping malware from downloading, executing and performing certain actions such as keylogging.

I wouldn't recommend using a computer without at least a few (on-demand) anti-virus/anti-malware. Any website can be hacked and there is no way you can know that a certain download is safe (without viewing every single byte of code).
Many users do. There are easy ways of saving any created or changed file with Sandboxie.

I guess there are people who prefer technical solutions to a little bit of common sense.

Common sense is enough?

Sandboxie - Quick Recovery

Sandboxie - Immediate Recovery

Sandboxie - Applications Settings

It would appear so- for most people. AFAIK, most people work in a real environment and use AVs, firewalls etc. combined with common sense to keep themselves safe. What about you- do you work in a sandbox all the time?

What's wrong with replacing that AV with Sandboxie? For starters, it is more reliable, historically.

Nobody said theres anything wrong, we're only discussing pros and cons. If the OP is happy with sandboxie, I'm happy.

But tell me, when you make a hole in sandboxie to save changes etc. permanently, isnt that also an entry door for malware?