Sandboxie - Browse the internet with ease.

By +Warwagon
in Member Reviews

 Share

Recommended Posts

Grand Master

+Warwagon MVC

Posted
  • MVC
Posted (edited)

Sandboxie 3.62

Trust No Program!

http://www.sandboxie.com

I just thought I?d write a little review to spread the word about a free, small (250kb) and very useful sandbox utility called ?Sandboxie?.

Depending on the person I explain it to, I usually get two completely different responses. When I explain what this program does, (which I?ll get to in a second) I?ve found that people who are tech oriented think the idea of this program is fantastic, while the average user responds with ?cool? which pretty much means ?whatever?.

How it works

The program lets you sandbox applications or the install of applications, so it does not have contract with the rest of your system. It does this by getting between the application and your computer and making it think its installing to c:\program files when in fact its installing to C:\Documents and Settings\(your username)\Application Data\Sandbox\DefaultBox\drive\C\Program Files, this goes for any directory on your hard drive. It also fakes the registry and it stores the registry entries for the application in a file called RegHive located in C:\Documents and Settings\(your user name)\Application Data\Sandbox\DefaultBox instead of the actual windows registry. An example of this would be to download an application that you are not quite sure about or just want to install without worrying about it damaging your system. You can right click the EXE and then choose ?Run Sandboxed? It then proceeds to install the application to the sandboxed location. Because it installs everything in the sanbox its very easy to remove every trace of the application from the hard drive. You simply have to tell Sandboxie to delete the sandbox (function menu / contents of sandbox / delete contents) and the application you just installed is now gone from your computer.

While using sandboxie to install and test applications is nice, where Sandboxie really shines is while browsing the internet. When you sandbox your web browser (Internet Explorer, Firefox, Opera, ect?) it makes a shadow copy of your web browser and all the files it requires and copies them to the sandbox as it does with any sandboxed application, this happens faster than you might expect, you really don?t notice it much at all. The benefits of this are many but I?ll mention a few. One is privacy, you could install this on someone?s computer or use it on your own,and at the end of your browsing session, delete the sandbox and all traces of your activates are gone and I mean ALL traces. The other benefit is virus and spyware protection / prevention. Any file that you download and open from within the sandboxed web browser willalso be contained in the sandbox. If you download a virus it will affect the sandbox and not your computer, so to remove it just delete the sandbox. Same goes for spyware. Now I?m not saying this is fool proof, there has been mention of some spyware which are sandbox aware and can escape the sandbox. Nothing is perfect but this is the closest thing to it.

Tests

I thought I would test it to see just how well this program really works. I started by installing Sandboxie inside a virtual XP install inside virtualbox (just in case it didn?t work), then I proceeded to install Kazaa while sandboxed. During the install it threw a few errors at me but after it installed it ran just fine. After exploring the program files folder located in the sandbox directory, you could see all the crap it installed. You could also see the famous p2p networking running under processes in the task manager. Sense the p2p networking.exe got installed along side kazaa it was also sandboxed. Getting rid of kazaa was so easy it was almost fun. First I Told sandbox to kill all sandboxed processes, this included all the exe?s which were running after the kazaa install. This was done very easily by clicking the function menu and choosing terminates sandboxed processes. Once all the kazaa processes vanished I told it to delete the sandbox and *Poof* no more kazaa.

That was too easy, I mean had a normal computer gotten infected with the wrath of kazaa, it could have been uninstalled and spyware removers could have taken care of the rest, it was nothing that would have required a reformat. So I thought I needed a better test. I needed to find what I call ?Pandora?s Box? I?m referring to one of those crack.exe files that are included in warez or program cracks, the kind of file that when you run it, it appears to have done nothing, but if you look at your process list, the CPU is spiked and you see so many random.exe files being loaded onto your system you just want to put your head between your legs and cry. I got a hold of one such file and downloaded it within a sandboxed Firefox and launched it. The only words to describe the activity that file produced is OMG. Because the file was opened with a sandboxed Firefox all the activity I saw on screen was also sandboxed. It took my running processes from 20 to 30. I then told it to Terminate all sandboxed processes, the processes list then dropped from 30 down to 20 instantly, I then told it to delete the sandbox and presto!, an event which had it occurred outside a sandbox would have required without a doubt a clean install of windows and a bleach bath. I preformed a boot time system scan with avast and current definition files. It found 27 infected files and all were located in the system restore directory, I?m not sure if that was from this test or a previous test I did before new about Sandboxie, in either case after an event like that its best to turn off system restore and turn it back on to delete all restore points. I was more than pleased with the results.

Conclusion

As you can tell I really love Sandboxie, I just wanted an opportunity to let otherwise know about this wonderful free little program. They do sell a version that does a few more things for $40/90 which is a life time of free upgrades (which I bought) but the free one does plenty. Included at the bottom is some screenshots of the interface, enjoy!

*Update 11/25/2011

I've been using sandboxie for the past 5 years (even before i wrote this review). Since writing the review Sandboxie now has a 64bit Version which runs great on Vista and Windows 7 64bit operating systems. Every machine in my home that is used to browse the internet has sandboxie installed.

Question - what happens if you get a malware infection?

Answer - If you get a malware infection from the internet, while your browser was being sandboxied, it's easy to remove. You simply tell Sandboxie to terminate all sandboxed processes. Then you tell sandboxie to delete the sandbox. That's it! The infection has been removed from your computer. It's not removed as it would be with a removal tools. With removal tools, while it might be removed you can never be sure you got it all.

Because the infection was sandboxed and contained you can be sure the entire infection was contained in the sandboxie and that you don't have anything left behind. It's as if the infection never happened.

post-4927-1180143449_thumb.jpg

post-4927-1180143455_thumb.jpg

post-4927-1180143461.jpg

Edited by warwagon
Grand Master

+Warwagon MVC

Posted
  • Author
  • MVC
Posted (edited)
How does this work with Windows Vista? It looks pretty neat.

it says its compatible

its kind of funny, last night I opened winamp and it said there was a important update I had to do, so I went and downloaded it with firefox. When I got done installing it I had this icon next to my clock that said "get 50 free mp3s"

I was like @(()#()# , but then I realized that because I installed it from firefox it was a sandboxed install. I was like yay! So I told sandboxie to kill all sandboxied processes, and just deleted the sandbox, then reinstalled winamp, and then this time unchecked that box, problem solved!

Edited by warwagon
Collaborator

haxaco

Posted
Posted

question: Lets say i run most of my installed programs through sandboxie (games, photoshop, etc) and i were to reinstall windows, could i save that sandboxie "program files" folder with its registry and just install sandboxie on the new windows install and have all my old programs back with my previous settings?

Grand Master

IceDogg

Posted
Posted

I have heard of this before and thought about trying it a few times, but until now I hadn't seen it explained in a way that made me want to try it so bad. Good explaining! I do however have a question. You said you installed it "inside a virtual XP install inside virtualbox"... I'm wondering would a virtualbox be better and maybe could you point to something or explain what that is a little bit? The differences mostly.

Grand Master

+Warwagon MVC

Posted
  • Author
  • MVC
Posted
question: Lets say i run most of my installed programs through sandboxie (games, photoshop, etc) and i were to reinstall windows, could i save that sandboxie "program files" folder with its registry and just install sandboxie on the new windows install and have all my old programs back with my previous settings?

That is a very good question, and i'm not sure, but I will test that out. Sandboxie does have the option to restore files from the sandbox. What that means is that when you are done or if you just feel like restoring a file it will move it from the sandbox location to the original location on the hard drive. It always gives you that option before you delete the sandox.

Collaborator

haxaco

Posted
Posted
That is a very good question, and i'm not sure, but I will test that out. Sandboxie does have the option to restore files from the sandbox. What that means is that when you are done or if you just feel like restoring a file it will move it from the sandbox location to the original location on the hard drive. It always gives you that option before you delete the sandox.

Yea if its possible, im in. Im a pretty safe guy about what programs i install on my pc but if what i asked is possible on sandboxie, hell that would open a world of possibilites xD

Grand Master

IceDogg

Posted
Posted
I have heard of this before and thought about trying it a few times, but until now I hadn't seen it explained in a way that made me want to try it so bad. Good explaining! I do however have a question. You said you installed it "inside a virtual XP install inside virtualbox"... I'm wondering would a virtualbox be better and maybe could you point to something or explain what that is a little bit? The differences mostly.

Never mind, I got it on my own.. thanks tho. Sandboxie is nice.

Grand Master

+Warwagon MVC

Posted
  • Author
  • MVC
Posted

hasn't happened yet, but if in some point in time he gets sandboxie working off a USB stick, then any app installed sandboxed on the stick automatically gets turned into a portable app.

There is a guy working a script to make this happen, its on the sandboxie forum.

Grand Master

+Audioboxer Subscriber²

Posted
  • Subscriber²
Posted

I'm running my iBook just now but I can't wait to try this on the home pc when im back from vacation!

Couple of questions though...

Does Sandboxie run programs at full speed? Meaning they load/run as quickly as they would without it? I wouldn't see why not but its worth asking.

Whats memory usage like and do you have to have a Sanboxie "process" running with windows at all times?

Thanks, can't think of anymore questions just now!

Grand Master

+Warwagon MVC

Posted
  • Author
  • MVC
Posted
I'm running my iBook just now but I can't wait to try this on the home pc when im back from vacation!

Couple of questions though...

Does Sandboxie run programs at full speed? Meaning they load/run as quickly as they would without it? I wouldn't see why not but its worth asking.

Whats memory usage like and do you have to have a Sanboxie "process" running with windows at all times?

Thanks, can't think of anymore questions just now!

The first time you start an application in sandboxie it does take a few extra seconds for sandboxie to transfer files the application requires over to the sandbox. Once thats done the startup time from there on is about the same, however if you tell sandboxie to delete the sandbox every time you exit the applications, then you are going to get the same few extra seconds every time. Sandboxie does have an option for multiple sandboxes (not sure if this is only in the paid version) you could then have sandboxie delete the contents of 1 application on exit and not others.

The memory usage with sandboxie is the following

sandboxiedcomlaunch.exe = 2,184k

sandboxieRpcSs.exe = 3,176k

SbieSvc.exe 2,120k

control = 2,732k

The sandboxiedcomlaunch.exe and sandboxieRpcSs.exe are running only when you have an application opened and sandboxe. SbieSvc.exe and control.exe remain even when not sandboxed

If you only have 256 megs of ram you might see a slight slow down with the amount of ram its using, if you have anything over 1 gig, I don't think it will matter

  • 3 weeks later...
Grand Master

+Warwagon MVC

Posted
  • Author
  • MVC
Posted

I use this program out at the local (little) airport for inside the break room, where they have a computer setup for pilots to come in and browse the net. Besides the computer being setup as a limited user, they are sandboxed in this.

Mentor

+orgitnized Subscriber¹

Posted
  • Subscriber¹
Posted

SO I take it your system admins aren't on top of things like this if the possibility exists that you could run it at school? Maybe via USB?

I'd have this blacklisted immediately. But then again I kill all access to USB drives for students but allow it for staffers. But yeah, I'd imagine most admins would blacklist the exe file - and if it has to install a service you can't just do it under any account.

So let's hope it doesn't allow you guys to run wild on school networks! :p

  • 2 weeks later...
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Microsoft finally launches WSL Containers in public preview

      By David Uzondu · Posted

      Microsoft finally launches WSL Containers in public preview by David Uzondu Microsoft has announced that WSL containers, a feature that allows developers to run Linux containers natively inside Windows without the need for Docker Desktop, is now available in public preview several weeks after Microsoft previewed it at Build 2026. To use the new container feature, you first have to install the latest pre-release version of the Windows Subsystem for Linux by running a quick update command in your terminal: wsl --update --pre-release After installing, you'd get access to the new Linux container CLI (wslc.exe) and the programmable API. Microsoft said that the CLI has a "familiar format" that matches the toolsets developers already use every day. If you know standard Docker commands, your muscle memory will translate directly to wslc.exe, which even features a built-in alias called container.exe. You can quickly run a full Ubuntu KDE desktop container by exposing ports, or pass your graphics card straight into a machine learning environment to run PyTorch workloads. Passing the --gpus all flag inside the run command instantly links your hardware. Image via Microsoft As for the API, developers can now embed Linux container operations directly inside native Windows applications without exposing the command line to users. The team integrated the API directly into MSBuild and CMake, so developers can define container steps directly in project files. Apart from bringing the CLI and API into public preview, Microsoft also said that it's working on a new default file system called virtiofs to speed up file transfer rates between Windows and Linux. Microsoft also introduced an experimental networking mode named consomme, which resolves compatibility issues with corporate VPNs by routing Linux network traffic straight through Windows. One thing to note about WSL containers is that they don't run in your standard WSL distributions; instead, every application and CLI session spawns its own lightweight Hyper-V utility VM in the background. This basically reduces the chances of one app snooping on the container of another app.
    • Google reportedly limited Meta's Gemini access over limited AI compute

      By Karthik Mudaliar · Posted

      Google reportedly limited Meta's Gemini access over limited AI compute by Karthik Mudaliar Google is reportedly limiting Meta's use of its Gemini AI models after Meta tried buying more computing capacity than even Google could supply. According to the Financial Times, Google told Meta in March that it could not provide the full Gemini capacity that Meta had requested. This shortfall even disrupted and delayed some of Meta's internal projects. Due to this, Meta even told its employees internally to use AI tokens more efficiently. Meta wasn't the only one to get hit by this sudden refusal by Google; even other customers were affected. But Meta was hit harder because of its unusually high demand for Google's models. The move from Google makes it evident that companies all over are in limited supply of both infrastructure and compute. Alphabet said in April that Google Cloud revenue grew 63% year-over-year to $20 billion in the first quarter, helped by enterprise AI infrastructure and AI solutions. In pursuit of more compute, Meta had earlier signed a multi-billion-dollar AWS agreement as well as a large AMD GPU deal for AI data centers. But the crunch would be short-lived as both Meta and Google have also ramped up infrastructure investments heavily. Meta said in November that it was committing more than $600 billion in the U.S. by 2028 for AI technology, infrastructure, and workforce expansion. In the first quarter of this year, Meta also raised its expected capital expenditure for 2026 to a range of $125 billion to $145 billion, citing higher component pricing and additional data center costs for future capacity. However, this doesn't make the company immune to the current dependence on outside suppliers. Meta has also spent many years promoting Llama as an open-weight alternative to closed models from Google, OpenAI, and Anthropic. But if the reported reliance on Google's Gemini models is severe enough for internal work to get impacted, then it looks like even frontier labs and Big Tech aren't fully self-sufficient. Source: Financial Times
    • Samsung, Amazon extend 990 PRO 2TB NVMe SSD deal beyond Prime Day 2026

      By seeprime · Posted

      I like to reminisce about the good old days, way back in autumn 2025 when building a gaming machine was fun and the drives were about $150 when you caught a deal. Yes duh, back in the day we had it gone. Then baby Skynet came along, hiding in AI datacenters demanding more processing power until it reached singularity. End of a not totally fictional story.
    • Bypassed Windows 11 shows surprising stability on ancient, completely unsupported hardware

      By +Spark99 · Posted

      My experience in the past with older Windows 11 builds was not great on unsupported machines but I recently used Rufus to put the latest build on a older 5th Gen Core Thinkpad T that we upgraded with a SATA SSD and 8GB of RAM four years ago when hardware was reasonable and it seemed pretty fast and solid. Customer is very happy with the performance and will probably get four more years out of that venerable laptop that he loves so much. Another customer just retired his Dell Studio laptop from 2009 running Windows 10. It got an SSD over 10 years ago and did everything he needed it to for 17 years but he also retired last year and is happy doing everything on his iPad now.
    • Apple's newest AirTag 2 gets first big discount

      By TarasBuria · Posted

      Apple's newest AirTag 2 gets first big discount by Taras Buria In late January 2026, Apple introduced its second-generation AirTag trackers, bringing a refresh to the old model that has been on the market for half a decade. Now, you can get these new trackers at an all-time low price, thanks to the first big discount that brought the price down by 17% on Amazon. While the second-generation AirTag looks identical to its predecessor, it packs meaningful upgrades inside. The second-gen ultrawideband chip works 50% farther than the original AirTag, allowing you to detect lost items in a wider range. In addition, the second-generation AirTag features an upgraded Bluetooth chip for extended range and a significantly louder speaker (up to 50%) so that you can hear it better when locating a lost item. Note that the second-gen AirTag only works with iPhones and iPads that run iOS/iPadOS 26 and newer, so you need a compatible device to use the tracker. Like the original AirTag, the AirTag 2 is available in two packs: one and four pieces. Both are now available at a notable discount on Amazon, and you can purchase them using the links below. Apple AirTag 2 tracker - $24 | 17% off on Amazon Apple AirTag 2 tracker (four-pack) - $89 | 10% off on Amazon Good to know This Amazon deal is U.S.- specific and not available in other regions unless specified. We only use first-party seller links (at the time of article publishing); ensure that you purchase from a first-party seller link only. Check out Today's Deals on Amazon | or our recent tech deals. Become a Prime member (for Students or SNAP) via Neowin Get Prime Access - Prime for half price (for qualifying Medicaid, EBT, SNAP) Subscribe to Prime Video, Audible Plus, Music Unlimited or Kindle Unlimited via Neowin As an Amazon Associate, we earn from qualifying purchases.

  • Recent Achievements

    • Reacting Well
      NovaEdgeX earned a badge
      Reacting Well
    • Week One Done
      NovaEdgeX earned a badge
      Week One Done
    • One Year In
      BA the Curmudgeon earned a badge
      One Year In
    • Conversation Starter
      rosiecharles earned a badge
      Conversation Starter
    • First Post
      KMilenkoski1202 earned a badge
      First Post

  • Popular Contributors

    1. 1
      +primortal
      538
    2. 2
      +Edouard
      269
    3. 3
      PsYcHoKiLLa
      150
    4. 4
      Steven P.
      98
    5. 5
      macoman
      66
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!