Q&A Do I need Sandboxie?

Spawn

Administrator
MalwareTips Staff
Verified
Joined
Jan 8, 2011
Messages
17,548
OS
Windows 10
Antivirus
Microsoft
#4
Sandboxie is great for any application that you use daily; browsers, email and messaging clients. You can run File Explorer under SBIE supervision, so any apps and files opened from the Downloads folder will be isolated. And it's useful for testing out legitimate software you may not want to keep.

SBIE has a greater purpose rather than being used to run malware. It's secure and proven to be solid protection against unwanted system changes.

I don't think SBIE supports Windows Apps from Store.

SBIE cannot protect you against online scams or phishing websites, and data may be affected when shared in the isolated environment. For example, uploading of documents. The Internet is not safe. :)
 

Kubla

Level 5
Joined
Jan 22, 2017
Messages
231
#5
The only time I don't use a browser with sandboxie is when they or their extensions need to be updated or I want to add some bookmarks this way my browsing history or any cookies that I may have accumulated during my browsing session are never saved on my system.
 
Likes: Rengar

Umbra

Level 85
Content Creator
Verified
Joined
May 16, 2011
Messages
18,427
OS
Windows 10
Antivirus
Default-Deny
#6
I don't think SBIE supports Windows Apps from Store.
It doesn't, in fact no software at the moment covers Metro Apps.

Did anyone of you guys tested it against malware :)?
Yes, nothing bypassed it yet if you tighten it a bit via its settings; however in default settings it may be bypassed ( i remember it was one time in the past).
 

Duotone

Level 9
Verified
Joined
Mar 17, 2016
Messages
449
OS
Windows 7
Antivirus
Default-Deny
#8
@RXZ6Q just ask @cruelsister with regards to malware test... do you need it?!
That question really depends w/ you, I use it for both malware protection and keeping my browser clean.
 
Joined
Feb 13, 2017
Messages
1,468
OS
Windows 10
Antivirus
Emsisoft
#10
Did anyone of you guys tested it against malware :)?
Keep in mind that the more advanced malware codes know how to "recognize" when they are executed in a sandbox (or in a virtual environment) and self-terminating almost immediately.

In some cases, a malware running in the sandbox might not have the same behavior as outside (rootkits, for example: in the sandbox are not able to install kernel drivers, outside yes).

Also, Sandboxie prevents writing to the real system (on the filesystem and the registry), but NOT the reading, and it doesn't prevent the malware from communicating with the outside: if you have personal data on the PC you are at risk.
 

Umbra

Level 85
Content Creator
Verified
Joined
May 16, 2011
Messages
18,427
OS
Windows 10
Antivirus
Default-Deny
#11
Also, Sandboxie prevents writing to the real system (on the filesystem and the registry), but NOT the reading, and it doesn't prevent the malware from communicating with the outside: if you have personal data on the PC you are at risk.
By default settings , you are right; if with customized settings, the malware can't connect outside the sandbox.
 

DJ Panda

Level 29
Verified
Joined
Aug 30, 2015
Messages
1,811
OS
Windows 10
Antivirus
Emsisoft
#12
I used to use Sandboxie. Wasn't bad at all! More didn't find a whole lot of use in it. Hopefully it can support MS Edge at some point. (I am enticed by reward points. LOL) :)
 

WinXPert

Level 24
AV-Tester
Verified
Joined
Jan 9, 2013
Messages
1,354
OS
Windows 7
Antivirus
Qihoo 360
#14
Sandboxie is great for any application that you use daily; browsers, email and messaging clients. You can run File Explorer under SBIE supervision, so any apps and files opened from the Downloads folder will be isolated. And it's useful for testing out legitimate software you may not want to keep.

SBIE has a greater purpose rather than being used to run malware. It's secure and proven to be solid protection against unwanted system changes..
That's how I test limited trial softwares or suspicious ones or for those that I would only run once.

Another use is a quickie analysis of malwares without rebooting the PC.