DDE_Server

Level 12
Verified
An Introduction and a Quick Guide to Sandboxie
Last updated by Anupam on 01. March 2013 - 13:48

Introduction
We are all aware of the dangers of malware infection from the Internet these days. The danger has always been there, but this has increased a lot more because people with malicious intents are constantly devising new methods to infect the systems, and the inexperienced, naive, general-users/elderly/teens are the most affected by it. Malware infection from the Internet can occur in many ways, a few of which are:
  • Downloading a malware infected setup/file from a malicious site
  • Venturing to a malicious site
  • Clicking on a bad link in an email, or on a page, or on a bad advertisement
  • Clicking on links that fool you into believing that there is a malware on the system and prompt you to install rogue software etc.
Although there are many ways of getting infected by malware it does not mean that we need to become paranoid, or live in constant fear of the possible consequences. With a little effort, precaution, and by using common sense we can easily avoid getting systems infected with malware. Different safe practices have already been covered in various articles on this site, and can be read to learn how you can stay safe by following a few guidelines. We will all agree that precaution is always the best option.
In this article, we are going to learn about an excellent software called Sandboxie, which will keep you safe while surfing on the Internet.
Table of Contents:
  1. Purpose of the article
  2. What is Sandboxie?
  3. Benefits of Sandboxie
  4. Uses of Sandboxie
  5. Installation
  6. Usage
  7. Setting Up Sandboxie
  8. Conclusion
  9. Related Links
Purpose of the article
The purpose of this article is to make people, especially the general users, aware of this wonderful software Sandboxie. To general users, Sandboxie appears a difficult software to use, or even understand what it's about, and its settings may also seem a bit intimidating. This article is an attempt to explain about Sandboxie in a very simple way, and to help get it up and running with only the minimum and necessary changes to its settings. Just a little bit of patience is required to read through this article, but I am sure it will increase your knowledge of how to use Sandboxie.
Sandboxie has many settings and, if so desired, with the help of those settings an experienced user can further enhance and tighten security. But for general users, these changes are not required. Hence, this article will not cover the settings in depth, but only a few necessary ones. Detailed help for Sandboxie is available on its own site and is very well written.
What is Sandboxie?
Sandboxie

is a unique security product based on the principle of sandboxing. In simple computer terms, a sandbox is an isolated environment for running programs. The environment will be exactly like the real system, the only difference being it's isolated from the real system. This technique is also being used in other programs, such as Google Chrome, and some of the antivirus software. Inside Sandboxie, the programs will run normally, like they do outside the sandbox, but whatever changes are made, stay inside the sandbox, and the actual system remains unaffected by those changes.

Let's say you are running a web browser in Sandboxie. Everything will be done in the normal way, you can click on links, visit sites, and download files etc, but, it will all take place in an isolated environment. Therefore, even if you go to a malicious site, or click on a malicious link, or even download a malicious file, the actual system will not be affected.
Now suppose while surfing inside Sandboxie, you click on a malicious link, and start seeing signs of malware infection, and/or the antivirus alerts you about it, all you have to do is, delete the contents of Sandboxie. That's it. The malware will be gone, and the system will remain safe, since the malware was not able to come out of Sandboxie. Nothing can come out of the sandbox environment until you allow it.
Note: This article is about Sandboxie's free version. The free version misses a few features - ability to force programs/folders to open in Sandboxie, and running programs in more than one sandbox at the same time. While these features are great, but they are not necessary, and the free version of Sandboxie is quite enough for general and home usage.
After 30 days of usage, the free version of Sandboxie also shows a pop-up window as a reminder to upgrade to the commercial version, with a 5-second delay when it starts. But, this is just a small inconvenience which can be overlooked, considering the excellent security and safety that Sandboxie provides. Use it for a few days, and you will agree with this.
Benefits of Sandboxie
Sandboxie makes surfing the web really secure and safe: you can always be relaxed and be sure that no malware can infect your system. Also, while surfing, various temporary files, cookies, cache, etc, are created and downloaded to the computer. All the aforementioned remain inside Sandboxie and can be easily cleaned by deleting the Sandboxie contents, and without worrying about where to look for them on your computer. Just one click to delete the Sandboxie contents, and it's all gone.
The biggest benefit is the peace of mind, and assured security, which is offered by the excellent protection of Sandboxie. Even if you come across a malware inside Sandboxie, there is no need to panic, because you can be assured that the malware won't be able to escape to the real system. Deleting the contents of Sandboxie is all that is required to get rid of any malware encountered.
Uses of Sandboxie
The main use of Sandboxie is for surfing the web where it keeps the browser isolated, and the system remains safe from various malware infections.
But, since Sandboxie offers an isolated environment, it can be used to test software too. The software will run in Sandboxie, and the changes made during the installation, or its running, will not affect the system. If you do not like the software, or if it's malicious, all you have to do is delete the contents of Sandboxie. No changes will be made to the actual system at all. If the software is safe to use, then you can install the software actually on the system, by installing it out of Sandboxie.
Installing software in Sandboxie also helps in knowing what files and folders the software installs on the system. The files and folders will be created in Sandboxie, and can be seen, and explored, from within Sandboxie itself. As a check, if you look for these specific files and folders on your operating system, you won't be able to locate them because they are simply not there. They are inside the Sandboxie's isolated space, which shows that the changes made inside Sandboxie do not affect the actual system.
Installation
Installation of Sandboxie is pretty simple and straightforward. Just run the setup, and follow the instructions. After installation of Sandboxie it will generally show a window titled Software Compatibility, where it shows a list of software for which Sandboxie has made adjustments for compatibility. It is just for information. Finally, it will show a very short interactive tutorial on how to use Sandboxie.
On completion of installation, Sandboxie will also place a shortcut named Sandboxed Web Browser on the desktop, which when clicked, will run the default web browser of the system, inside Sandboxie. However, if you use a different browser for your normal everyday work, then a shortcut for it can also be created very easily, which we will learn about in the next section.
Usage
When Sandboxie is installed and runs, it will show a window titled Sandboxie Control, as shown in the image below. This is the main Sandboxie window. With no programs running inside Sandboxie, it will simply show a yellow wedge shaped icon named Sandbox Defaultbox in the window.
Sandboxie Control window with no running programs

The same yellow wedge shaped icon will be in the system tray too.
Sandboxie tray icon with no running programs

When a program is running inside Sandboxie, the main window will show the list of programs/processes running currently inside Sandboxie, and the icon will change to yellow with red dots.
Sandboxie Control windows with running programs

The Sandboxie icon in system tray will also change to yellow with red dots.
Sandboxie tray icon with red dots

That's how you know that something is running in Sandboxie.
Now to find if a program is running in Sandboxie or not. Let's say you are running a web browser in Sandboxie (our prime example for this article). If you take the mouse cursor towards the top of the web browser (i.e. the title bar), you will see a yellow border appear around the edges, as shown in the image below. You will also see a [#] sign on either side of the name of the program in the title bar on the top, and/or in the taskbar.
Sandboxed Firefox

These are ways to know, and confirm that the web browser is running in Sandboxie because otherwise it will simply feel that the web browser is running normally: you won't notice the difference at all, that's how convenient and non-intrusive Sandboxie is.
The yellow Sandboxie control icon in the system tray can be used to perform several operations, which can also be performed from the main Sandboxie window. Right-clicking the Sandboxie tray icon shows the different operations that can be performed.
Sandboxie tray icon right-click options

As can be seen from the image, you can run the default web browser, email client, or any other program you want, sandboxed. You can terminate programs, delete the contents of Sandboxie, or access the Quick Recovery (explained later) folders.
The main Sandboxie window can be easily accessed by either double-clicking the Sandboxie tray icon, or by right-clicking on it, and selecting Show Window.
By default the main Sandboxie window is in Programs mode, which means it will show the list of programs/processes running inside Sandboxie. To view the files and folders created inside Sandboxie, you can switch the mode by clicking View --> Files and Folders, from the menu.
Terminating programs
Individual programs running inside Sandboxie can be closed normally. But they can also be closed all at once, by just a few clicks:
  • Right-click on Sandboxie tray icon (see image above), and click on Terminate Programs.
  • It will show a warning that this action won't save the state, or data of those programs.
  • Click Yes, if you are sure, and all the programs inside Sandboxie will be terminated.
This is especially helpful if you encounter a malware while running programs inside Sandboxie. In such situations, also remember to delete the Sandboxie contents, after terminating the programs, which will get rid of any malware inside. Alternatively, just deleting the contents of Sandboxie (explained next) will also terminate the programs, and immediately empty Sandboxie.
Programs can also be terminated from the main Sandboxie window by clicking from the menu:
Sandbox --> DefaultBox --> Terminate Programs.
Deleting Sanboxie contents
To delete Sandboxie contents:
  • Right-click on the Sandboxie icon in the system tray (see image above), and hover cursor over DefaultBox.
  • Click on Delete Contents.
  • The Delete Contents window will pop up, and it will show the files to be recovered (explained later), if any, from Sandboxie, with a summary of numbers of files and folders inside Sandboxie, and the total size.
  • Click on the Delete Contents button to delete the Sandboxie contents. Any programs running inside Sandboxie will be terminated immediately, and the contents of Sandboxie will be deleted too.
The same can also be achieved from the main Sandboxie window, by clicking from the menu:
Sandbox --> DefaultBox --> Delete Contents.
Remember to delete the contents of Sandboxie on a regular basis, because the files and folders created inside Sandboxie can keep on accumulating, taking up hard disk space.
Sandboxie contents can also be set to delete automatically via settings (explained here).
Running programs in Sandboxie
Running programs in Sandboxie is very easy, and can be done in several ways:
  • The simplest method is to right-click on any program icon/shortcut that you want to run, and choose Run Sandboxed from the context menu - that's how simple it is.
  • Another method, discussed a bit earlier, is right-clicking the Sandboxie control icon in the system tray, clicking DefaultBox, and then choosing the appropriate option to run the desired program.
  • Yet another, albeit long method, is to open the main Sandboxie window, and from the menu, click on Sandbox --> DefaultBox --> Run Sandboxed, and then choose an appropriate option.
Creating shortcuts for sandboxed programs
Creating a shortcut for a sandboxed program is also pretty easy. Just follow these steps:
  • In the main Sandboxie window, from the menu, click Configure.
  • Click on Windows Shell Integration.
  • Windows Shell Integration window will pop up showing different Sandboxie settings, in different blocks (see image below).
  • Under the block titled Shortcut Icons, click the Add Shortcut Icons button
  • A window will show up briefly explaining what this action does, and how to create shortcut. Click OK.
  • Another window named Run Sandboxed will pop up showing DefaultBox, in the box underneath - simply click OK.
  • A menu list will be shown somewhat similar to the start menu list, from where you can choose the program for which you want to create the shortcut.
Windows Shell Integration

That's it, the shortcut for the sandboxed program will be created on the desktop. Whenever you double-click that shortcut, the corresponding program will automatically run in Sandboxie.
Setting Up Sandboxie
We will cover a few important settings for Sandboxie in this final section.
As mentioned earlier, Windows Shell Integration window shows some of the Sandboxie settings (see image above). By default, all the settings here are enabled, and it's better to let them remain as they are. Still, if you feel the need, you can change the settings. Like, under the "Shortcut Icons" block, the checkboxes can be unchecked, in case you do not want a desktop shortcut for the sandboxed default web browser, or its quick launch icon.
Let's move on to other settings of Sandboxie. These settings can be accessed from the menu of the main Sandboxie control window by clicking:
Sandbox --> DefaultBox --> Sandbox Settings.
There are many settings here, but we will cover only the necessary ones. The rest can be configured by reading the Sandboxie help on its website, or by going through them yourself. Most of them are for advanced use, and so we do not need to change all of them.
Sandboxie Settings
Settings
A small
tip: To avoid clicking Apply repeatedly, to apply the settings before moving to another page, the checkbox named, Apply changes when switching to another page can be checked. It is located at the bottom of the Settings window, on the left (as shown in the image above). This will automatically save the changed settings on the current page, when you move to the next page of settings.
The first section of settings that we will cover can be seen under Recovery. Let's first try and understand what exactly recovery is.
As mentioned earlier in the article, nothing can come out of Sandboxie, until you allow it. For instance, you downloaded a file from the Internet while surfing with a web browser inside Sandboxie, and you would like to save it on the computer. The downloaded file is presently inside the sandbox, and since the changes inside Sandboxie do not reflect on the system, to actually save it on the computer, you need to take that file out of Sandboxie. This process of taking the file out of Sandboxie is called recovery.
A little hint of caution here: Since nothing can come out of Sandboxie, unless you allow it to, you should be careful while performing a recovery, and make sure that the file being recovered is not malicious. Sandboxie offers protection from malware by providing an isolated space for programs to run in, but to take something out of Sandboxie is a decision that rests solely in the hands of the user - so please be careful.
Now on to the Recovery settings. There are two types of recovery, as explained below:
1. Quick Recovery
On selecting Quick Recovery, a list of pre-selected folders can be seen in the box (please refer to Settings image above). These folders are selected by Sandboxie as the most common folders where files are generally saved by users. If you save files to these folders ... great! If you save to any other folder on the system, then that folder can be added to the list by clicking on the Add Folder button, browsing to the desired folder, and selecting it. As can be seen, in the Settings image, I have added D:\Downloads folder to the list, since I normally download files there. Folders can be removed from the list by selecting a folder, and clicking the Remove button.
So, whenever you need to recover files from Quick Recovery folders, you have to invoke it, as described below:
  • Right-click the Sandboxie control icon in the system tray.
  • Click on DefaultBox --> Quick Recovery.
  • The Quick Recovery window will show the list of files to be recovered (see image below).
  • Select the files.
  • To save them in the same corresponding folder on the system, click on the Recover to Same Folder button.
  • If you want the files to be saved in any other folder - apart from the corresponding folder - click on the Recover to Any Folder button, and browse and select the desired folder.
Quick Recovery

Quick Recovery will also be invoked when you try to delete the contents of Sandboxie. It's a way of reminding you to recover your files before the Sandboxie contents are deleted, after which the files cannot be recovered.
2. Immediate Recovery
Immediate Recovery is an extension of Quick Recovery. While Quick Recovery has to be initiated explicitly, or will be invoked when you try to delete Sandboxie contents, Immediate Recovery is invoked as soon as a file gets downloaded, or is saved by any program inside Sandboxie, in the pre-selected folders of Quick Recovery.
So, as soon as a file is saved in those pre-selected folders, the Immediate Recovery window will pop up (please refer to image below), with the first box showing the list of files, and the second box providing options, to save to the corresponding folder on the system, or to recover to any other folder. The files and appropriate option can be selected, and pressing the Recover button will take the files out of Sandboxie and actually save it on the computer. Quite simple, isn't it?
Immediate Recovery

Sandboxie contents can be set to delete automatically. This can be done by enabling a setting found under the Delete section of settings, from:
Delete --> Delete Invocation
Here, the checkbox for Automatically delete contents of sandbox can be checked, to enable the setting. As explained on the settings page itself, enabling this setting will delete the contents of Sandboxie automatically when the last program that is running inside Sandboxie is closed. Please take note of the above statement, in case you want to enable this option. Do not use this setting, in case you want to monitor the files and folders inside Sandboxie, even after closing all programs. This setting however, will not delete the contents of Quick Recovery folders automatically, and Quick Recovery will be invoked, in case there are any files there for recovery, when Sandboxie is about to delete the contents.
Another checkbox can be seen under this section for Never remove this sandbox or delete its contents, which when enabled, will protect deletion of Sandboxie contents, but this setting will not be needed under normal cicumstances.
Next, we will change a few settings for the web browsers. As already explained, the changes made inside Sandboxie are not reflected in the system; therefore, we have to make some changes for the web browsers so that when we save bookmarks, or passwords, they are reflected back and actually saved, and not lost after we delete Sandboxie contents. So, we have to allow direct access to these from Sandboxie. Although this compromises security a bit, still, it's a low risk compromise for a bit of convenience.
You can always choose not to allow direct access, but you will then have to remember to make the desired changes out of Sandboxie. Always remember, changes made inside Sandboxie will be lost when Sandboxie contents are deleted. So, if you want to make changes to a program, perform those changes out of Sandboxie. For example, if you want to install add-ons for Firefox, or, change its settings, you should do it outside Sandboxie.
Sandboxie provides settings for various popular browsers like Firefox, Google Chrome, Internet Explorer, Opera, Maxthon, Seamonkey, Waterfox, and Pale Moon, although not all settings are available for all browsers. These settings can be accessed from the Applications section of the settings by clicking on Applications --> Web Browser, and then clicking on the appropriate browser name to change its settings (please refer to the Settings image).
The way to change the settings is the same for all browsers; therefore, we just need to understand them for one browser.
Let's take Firefox. There are several settings for Firefox: you will see a plus sign inside a pair of square brackets, [+], next to Allow direct access to Firefox/Waterfox/Pale Moon phishing database, which means that this setting has already been enabled by Sandboxie.
We want to allow direct access to bookmarks and to passwords, so select and double-click the appropriate setting. Alternatively, selecting the setting with a mouse click, and clicking the Add button will have the same effect of enabling the setting. So, to allow direct access to the Firefox passwords, select Allow direct access to Firefox passwords, and double-click it. This will put a plus sign against it, inside the square brackets, indicating that it has been enabled. The procedure is the same for any other setting, for any other browser, which you want to enable, or disable.
Conclusion
I hope this article helps you to get to know Sandboxie, and understand about it, and helps you in setting it up easily, and using it.
If there are any suggestions or feedback about this article, please feel free to share them.
If there are any questions, or you want to learn more about Sandboxie, please post in the freeware forum, where other Sandboxie users will help and guide you. There are many knowledgeable members on the site and forum, who use Sandboxie and are more than willing to help you.
Just a little note: Sandboxie is not a replacement for security software, like antivirus, or anti-malware programs. Therefore, it is advised to keep the system updated and patched, and also install a good antivirus, and keep it updated. While Sandboxie will keep you safe while browsing inside it, but it's still advisable to follow good and safe surfing practices, and make it a part of your habit.

Enjoy your safe and secure browsing experience with Sandboxie. Be safe. Happy Sandboxing!
Related Links
Detailed help for Sandboxie is available on its website, here:

Sandboxie - Sandbox software for application isolation and secure Web browsing


The site has a number of resources to learn all about Sandboxie in detail, listed on the above page.

Sandboxie has been chosen as the top pick for the Best Free Browser Protection Utility review, here:

Best Free Browser Protection Utility

There are other security based articles on the site that provide guidelines on how to keep your system safe and secure. You will often find Sandboxie mentioned in them.

Safe Computing in Under an Hour
Gizmo's Guide to Securing Your PC
How to Surf More Securely
Best Free Security Diet Plan

For more advanced reading, security related articles can be found here:

Computer Security Guides and Articles
 

Umbra

Level 25
Verified
Any cautious users should ditch Sandboxie at the next Windows Upgrade, Sophos making it Opensource doesn't guarantee its efficiency anymore, not saying maintaining such a complex software (that requires perpetual updates every time a software/OS' code drastically change) is out of reach of most coders and those who can, have better things to do than wasting time prolonging the life of a niche software used by a handful of aficionados that wont even pay for it.
 

Alexhousek

Level 1
Any cautious users should ditch Sandboxie at the next Windows Upgrade, Sophos making it Opensource doesn't guarantee its efficiency anymore, not saying maintaining such a complex software (that requires perpetual updates every time a software/OS' code drastically change) is out of reach of most coders and those who can, have better things to do than wasting time prolonging the life of a niche software used by a handful of aficionados that wont even pay for it.
Sandboxie is absolutely not a niche software and it is used by a ton of people. There you go again Umbra saying stuff that just isn't necessary. I think you thrive in controversy and just love to say things to get a rise out of people.
 

Umbra

Level 25
Verified
Sandboxie is absolutely not a niche software and it is used by a ton of people. There you go again Umbra saying stuff that just isn't necessary. I think you thrive in controversy and just love to say things to get a rise out of people.
If it was used by tons of people like you say, Sophos would keep developing it.
Sandboxie is just known by geeks/security aware people, Average Joe has no idea what it is and cant even set it up and use it properly, reason why AVs thrives. What doesn't reach the masses is considered as a niche market.
Most of the advanced tools discussed in forums barely reach the masses, it is a fact, my Community Manager experience tell it, not just assumptions like many does in forums.
Go out on the streets and ask to people "do you know Sandboxie?" i bet you wont have more than a handful that knows it...

We are in a security forum, unconsciously we tend to believe that the masses are aware of what we are aware...
People shouldn't get emotional when it comes to software/products. You like it? good, but defending it like it is your child is nonsense.

Anyway Sbie is abandonware, so niche it is and even if it wasnt, it will be.
 
Last edited:

Burrito

Level 22
Verified
We are in a security forum, unconsciously we tend to believe that the masses are aware of what we are aware...
people shouldnt get emotional when it comes to software/products. You like it? good, but arguing for it like it is Jesus Christ is nonsense.
Sophos put Sandboxie on a cross and crucified it.

I'm very emotional about this.
 

Burrito

Level 22
Verified
You shouldn't, it is just a piece of code, its disappearance wont affect your IRL life (i hope so LOL)

Nope.

Pretty sure my life is in the shitter from this point forward.

Sarcasm aside, Sandboxie did successfully create a very loyal following. Bo and his disciples are/were really into it and worked on figuring out every little element of it to maximize the security and usability. And the Sandboxonians often made statements like.... 'I never want to be online'without Sandboxie.'

So bravo to Sandboxie and its loyal adherents. It's cool to have a tool that you are that into.

I used Sandboxie about a decade ago... and I generally liked it.... but eventually decided (like other security software) that I didn't want to work that hard at security anymore.

I don't just consider Sandboxie a niche product, I'd call it a VERY niche product. Outside 'security boards' --- it's pretty well unheard-of.

But it's too bad that a nice tool that many spent a lot of time on was abandoned.
 

Azure

Level 25
Verified
Content Creator
Sandboxie is absolutely not a niche software and it is used by a ton of people. There you go again Umbra saying stuff that just isn't necessary. I think you thrive in controversy and just love to say things to get a rise out of people.
Do recall Sophos's own words

"Sandboxie has never been a significant component of Sophos’ business, and we have been exploring options for its future for a while.
Frankly, the easiest and least costly decision for Sophos would have been to simply end of life Sandboxie."
 

Umbra

Level 25
Verified
Users acts by emotion (aka "I like or not" ) about a product, businesses CEOs by results (aka "do we get benefits").

So when a product fail to get sufficient benefits, it is destined to die. Which will be against the user emotion "it is a good product, why terminate it?"