The virtual machine is a sandbox for experiments. How and from what to make a sandbox How to make a sandbox car by hand
Sandboxie is a program that allows you to run applications in a protected virtual environment (sandbox) and exercise full control over their operation.
How does Sandboxie work?
The sandbox creates a special protected shell. Any program launched through Sandboxie will not have access to system files, the Windows registry, and will not be able to affect its performance in any way, because runs in an isolated environment.
Running applications in a sandbox allows you to protect the system from viruses and various malicious objects, completely isolating Windows from any unwanted influence.
In addition, Sandboxie makes web surfing safer. By running any browser (, etc.) in a sandbox, you don’t have to worry about viruses and other malware from the Internet entering your computer.
Sandboxie also protects against unwanted updates and can monitor by email, identifying viruses, Trojans, spyware and other malicious objects.
Download Sandboxie
Available for download on our website latest version Sandboxie sandboxes for Windows 32 and 64-bit in Russian.
Download Sandboxie for free, without registration.
Sandboxie is a program that allows you to run applications in a protected virtual environment (sandbox).
Version: Sandboxie 5.31.4
Size: 2.58 / 3.19 MB
Operating system: Windows 10, 8.1, 8, 7
Russian language
Program status: Free
Developer: Ronen Tzur
Official site:
It is a mistake to believe that the built-in protection of the operating system, antivirus or firewall will completely protect against malware. However, the harm may not be as obvious as in the case of viruses: several applications can slow down Windows and lead to various kinds of anomalies. Over time, the consequences of uncontrolled processes from “amateur” software make themselves felt, and uninstallation, deleting registry keys and other cleaning methods no longer help.
In such situations, sandbox programs, which are the subject of this review, can play an excellent role. The operating principle of sandboxes is partly comparable to virtual machines (Oracle VM VirtualBox, etc., VMware Virtualization). Thanks to virtualization, all processes initiated by the program are executed in a sandbox - an isolated environment with strict control of system resources.
This method of code isolation is quite actively used in antivirus software (KIS 2013, avast!), in programs such as Google Chrome(Flash runs in the sandbox). However, one should not conclude that sandbox programs are full guarantee security. This is just one of the effective additional means to protect the OS (file system, registry) from external influences.
A review of the program for creating a virtual environment has already been published on the site. Today we will consider other applications, in a broader sense: these are not only desktop solutions, but also cloud services that improve not only security, but also anonymity, making it possible to run from removable media, from another computer.
Sandboxie
Developer Ronen Tzur compares the action of the Sandboxie program to an invisible layer applied on top of paper: any inscription can be applied to it; When the protection is removed, the sheet will remain untouched.
There are 4 main ways to use sandboxes in Sandboxie:
- Protected Internet surfing
- Improved privacy
- Secure email correspondence
- Keeping the OS in its original state
The last point implies that in the sandbox you can install and run any client applications - browsers, IM messengers, games - without affecting the system. Sandboxie controls access to files, disk devices, registry keys, processes, drivers, ports, and other potentially unprotected sources.
First of all, SandboxIE is useful because it allows the user to flexibly configure sandboxes and privileges using the Sandboxie Control shell. Here, through the context and main menus, basic operations are available:
- Starting and stopping programs under Sandboxie control
- Viewing files inside the sandbox
- Restoring necessary files from the sandbox
- Deleting all work or selected files
- Creating, deleting and configuring sandboxes
To run a program in a sandbox, simply drag the executable file into the Sandboxie Control window, into the sandbox created by default. There are other ways - for example, the Windows Explorer menu or the notification area. The program window running in the emulated environment will have a yellow frame and a hash mark (#) in the title bar.
If, when working with an isolated program, you need to save the results to disk, any desired source is specified - the files will be placed in the sandbox folder, while it will not be at the specified address, outside the sandbox. To “real” transfer files from the sandbox, you should use the recovery option. There are two types of them - fast or immediate, in both cases, before starting the program in the sandbox, you need to configure the folders for recovery (“Sandbox Settings - Recovery”).
More detailed access settings are located in the “Restrictions” and “Access to Resources” sections. They may be required if the application cannot run without certain privileges (requires a certain system library, driver, etc.). In “Restrictions,” in relation to programs or groups, access to the Internet, hardware, IPC objects, and low-level access is configured. In “Access to resources” - the corresponding settings for files, directories, the registry and other system resources.
Also in the Sandboxie settings there is an important “Applications” section, where groups of programs are collected that have access to the specified resources. Initially, all elements of the list are deactivated; to apply changes for a specific application, you need to mark it in the list and click the “Add” button.
This way you can create sandboxes with various parameters. You are allowed to clone the configuration of an existing sandbox; to do this, when creating a new one, you need to select from the drop-down list the environment from which you want to transfer the settings.
Summary
Using the Sandboxie application, you can create virtual environments of any configuration, without restrictions for the user. Sandboxie provides a large number of settings for both individual applications and sandboxes.
[+] Flexible configuration of each sandbox
[+] Creating rules for a group of programs
[−] Distributions cannot be created
[−] Lack of setup wizard
Evalaze
It is symbolic that Evalaze originates from the Thinstall 2007 program, currently from VMware.
Evalaze is not as well known as Sandboxie among sandbox programs, but it has a number of interesting features, which sets it apart from a number of similar solutions. Thanks to virtualization, applications can be launched in a standalone environment from any computer, regardless of the availability of drivers, libraries, or newer versions of the application being launched. This does not require any preliminary configuration or additional configuration files or libraries or registry keys.
Evalaze does not require installation, one caveat: to work you will need Microsoft .NET Framework version 2.0 or higher. In the free version, as well as in the professional edition, a virtualization setup wizard and an unlimited number of virtual applications are available. You can download the trial version from the developers’ website only upon request (see developers’ email on the website).
The resulting configuration can be saved to a project. From start to finish, the process of setting up a virtual application takes longer than, say, Sandboxie, but it is more consistent and understandable.
It is worth noting two additional features of Evalaze that will likely be of interest to software developers and testers: it works with a virtual file system and a virtual registry. These autonomous Evalaze environments can be edited at your discretion by adding files, directories, keys necessary for the functioning of a particular virtual program.
You can also configure associations out of the box in Evalaze: when launched, the virtual application will immediately create the necessary associations with files in the OS.
Summary
A program with which you can create standalone applications that are convenient to use in all sorts of situations, which generally facilitates migration, compatibility, and security. Alas, the free version is practically useless, it is only interesting for a very superficial study of Evalaze's functions.
[−] Low-functional trial version
[−] High price of the Pro version
[+] There is a setup wizard
[+] Virtual file system and registry
Enigma Virtual Box
Enigma Virtual Box is designed to run applications in an isolated virtual environment. The list of supported formats includes dll, ocx (libraries), avi, mp3 (multimedia), txt, doc (documents), etc.
Enigma Virtual Box models the virtual environment around an application as follows. Before the application starts, the Virtual Box loader is triggered, which reads the information that is necessary for the program to work: libraries and other components - and provides them to the application instead of system ones. As a result, the program works autonomously in relation to the OS.
Configuring sandboxes Sandboxie or Evalaze, as a rule, takes about 5 minutes. At first glance, Virtual Box also does not require lengthy setup. In the documentation, the use of the program is actually contained in one sentence.
There are only 4 tabs - “Files”, “Registry”, “Containers” and, in fact, “Options”. You need to select the executable file, specify the location of the final result and start processing. But later it turns out that you need to create a virtual environment yourself. For this purpose, the three adjacent sections “Files”, “Registry” and “Containers” are intended, where the necessary data is manually added. Then you can click processing, run the output file and check the functionality of the program.
Summary
Thus, Enigma Virtual Box does not analyze the OS before and after installing the application, as is the case with Evalaze. The emphasis is shifted towards development - therefore, rather, Virtual Box is useful for testing, checking compatibility, and creating artificial conditions for running a program. Virtualization of unknown applications will cause difficulties, since the user will be forced to specify all the program connections independently.
[−] Lack of convenient settings
[+] The resources used by the program can be determined independently
Cameyo
Cameyo offers application virtualization in three areas: business, development and personal use. In the latter case, the sandbox can be used to save the OS in a “clean” state, store and run applications on removable media and in cloud services. In addition, several hundred already configured virtual applications are published on the cameyo.com portal, which also saves the user’s time.
The steps for creating a virtual application are similar to Enigma Virtual Box: first, a snapshot of the system is created before installation, then after it. Changes between these states are taken into account when creating the sandbox. However, unlike Virtual Box, Cameyo syncs with a remote server and publishes the application to cloud storage. Thanks to this, applications can be run on any computer with granted access to the account.
Through the Library, you can download popular system applications (Public Virtual Apps) for subsequent launch: archivers, browsers, players and even antiviruses. When starting, you are asked to select an executable file and indicate whether it is stable or not (which, apparently, is somehow taken into account by the Cameyo gallery moderators).
Another interesting possibility is creating a virtual application via . The installer can be downloaded from your computer or you can specify the file URL.
The conversion process is said to take from 10 to 20 minutes, but often the waiting time is several times less. Upon completion, a notification is sent by email with a link to the published package.
Email notification about distribution creation
With all the cloud conveniences, two things need to be noted: important points. First: each program is updated over time, and the library contains quite outdated copies. The second aspect: applications added by users may run counter to the license of a particular program. This must be understood and taken into account when creating custom distributions. And third, no one can guarantee that the virtual application posted in the gallery has not been modified by an attacker.
However, speaking of security, Cameyo has 4 modes of application operation:
- Data mode: the program can save files in the Documents folder and on the Desktop
- Isolated: The file system and registry are not writable
- Full access: Free access to the file system and registry
- Customize this app: modifying the launch menu, choosing where to store the program, etc.
Summary
Comfortable cloud service, which can be connected to any computer, allowing you to quickly create portable applications. Setting up sandboxes is kept to a minimum, not everything is transparent with virus checking and security in general - however, in this situation, the advantages can compensate for the disadvantages.
[+] Network synchronization
[+] Access to custom applications
[+] Creating virtual applications online
[−] Lack of sandbox settings
Spoon.net
Spoon Tools is a set of tools for creating virtual applications. In addition to the professional environment, spoon.net deserves attention as a cloud service that integrates with the Desktop, allowing you to quickly create sandboxes.
To integrate with the Desktop, you need to register on the spoon.net server and install a special widget. After registration, the user has the opportunity to download virtual applications from the server through a convenient shell.
Four features brought by the widget:
- Create sandboxes for files and applications
- Cleaning up your desktop using shortcuts and quick launch menus
- Safe testing of new applications, launch outdated versions on top of new ones
- Undoing changes made by the sandbox
Quick access to the spoon.net widget is possible using the Alt + Win key combination. The shell includes a search bar and also a console. It searches for applications on the computer and on the web service.
Organization of the desktop is very convenient: you can drag and drop the necessary files onto the virtual desktop, which will be synchronized with spool.net. New sandboxes can be created in just two clicks.
Of course, in terms of setting up sandboxes, Spoon cannot compete with Sandboxie or Evalaze for the reason that they are simply not present in Spoon. You cannot set restrictions or convert a “regular” application into a virtual one. The Spoon Studio complex is designed for these purposes.
Summary
Spoon is the “cloudest” shell for working with virtual applications and, at the same time, the least customizable. This product will appeal to users who care not so much about security through virtualization, but rather about ease of use. necessary programs everywhere.
[+] Integration of the widget with the Desktop
[+] Quick creation sandboxes
[−] Lack of settings to limit virtual programs
Pivot table
| Program/service | Sandboxie | Evalaze | Enigma Virtual Box | Cameyo | Spoon.net |
| Developer | Sandboxie Holdings LLC | Dogel GmbH | The Enigma Protector Developers Team | Cameyo | Spoon.net |
| License | Shareware (€13+) | Freeware/Shareware (€69.95) | Freeware | Freeware | Free (Basic account) |
| Adding applications to the sandbox | + | − | − | − | − |
| Personalization (creating shortcuts, integration into menus) | + | + | − | + | + |
| Setup Wizard | − | + | + | + | − |
| Creating new virtual applications | − | + | + | + | − |
| Online synchronization | − | − | − | + | + |
| Setting Sandbox Privileges | + | + | + | + | − |
| Analysis of changes when creating a sandbox | + | + | − | + | − |
The Internet is simply teeming with viruses. They may be under the guise useful programs, or can even be built into the desired working program. (Quite often found in hacked programs, so you should treat hacked programs with distrust, especially if you download from suspicious sites). So you installed the program and something else was installed on your computer as a bonus (at best, programs for hidden surfing or miners), and at worst, warriors, backdoors, stealers and other dirty tricks.
There are 2 options if you don't trust the file.
— Launching a virus in the sandbox
— Using virtual machines
In this article we will look at the 1st option - sandbox for windows.
Sandbox for Windows is a great opportunity to work with suspicious files, we will look at how to start using the sandbox.
If you use antiviruses, sandboxes are often built into them. But I don’t like these things and I think it’s best to download the sandbox on the website www.sandboxie.com.
The program allows you to run a file in a specially designated area, beyond which viruses cannot escape and harm the computer.
You can download the program for free. But, after 2 weeks of use, a sign indicating an offer to buy a subscription will appear when turned on, and the program can be launched in a few seconds. But the program still remains fully functional. Installation will not be difficult. And the interface itself is quite simple.
By default, the program will start itself when you turn on the computer. If the program is running, a tray icon will appear. If not, go to Start-All Programs-Sandboxie-Manage sandboxie.
The easiest way to run a program in the sandbox is to right-click on the launch file or on the shortcut of the desired program, and in the menu you will see the words “Run in sandbox”, click and run. Choose desired profile in which to launch and click OK. That's it, the required program runs in a safe environment and viruses will not escape the sandbox.
Attention: some infected programs do not allow launching in sandboxes and virtual machines, forcing you to launch them directly. If you encounter such a reaction, the best thing to do is delete the file, otherwise you run at your own peril and risk
If launch in the sandbox does not appear in the context menu (when you right-click), go to the program window, select Configure - Integration into Windows Explorer - and check the two boxes under the words "Actions - run in the sandbox."
You can create different sandboxes. To do this, click Sandbox - create a sandbox and write the name of the new one. You can also delete old ones in the sandbox section (recommended).
There is nothing more to consider in the program. Lastly, I want to say - Take care of your data and your computer! Until next time
Related posts:
Removing undeletable files on your computer
Virtual machine for windows. Program overview and setup
Windows 10 disable tracking
You can endlessly look at the fire, water and activity of programs isolated in the sandbox. Thanks to virtualization, with one click you can send the results of this activity - often unsafe - into oblivion.
However, virtualization is also used for research purposes: for example, you wanted to control the impact of a freshly compiled program on the system or run two different versions applications simultaneously. Or create a standalone application that will leave no traces on the system. There are many options for using a sandbox. It is not the program that dictates its terms in the system, but you who show it the way and distribute resources.
If you are not satisfied with the slowness of the process, using the ThinApp Converter tool you can put virtualization on stream. Installers will be created based on the config you specify.
In general, the developers advise making all of these preparations under sterile conditions, on fresh OS, so that all the installation nuances are taken into account. For these purposes, you can use a virtual machine, but, of course, this will leave its mark on the speed of work. VMware ThinApp already loads system resources quite heavily, and not only in scanning mode. However, as they say, slowly but surely.
BufferZone
- Website: www.trustware.com
- Developer: Trustware
- License: freeware
BufferZone controls Internet and software activity of applications using a virtual zone, closely approaching firewalls. In other words, it uses rule-governed virtualization. BufferZone easily works in conjunction with browsers, instant messengers, email and P2P clients.
At the time of writing, the developers warned about possible problems when working with Windows 8. The program can kill the system, after which it will have to be removed through safe mode. This is due to BufferZone drivers, which come into serious conflict with the OS.
What falls under BufferZone's radar can be tracked in the main Summary section. You determine the number of limited applications yourself: the Programs to run inside BufferZone list is intended for this. It already includes potentially unsafe applications such as browsers and mail clients. A red border appears around the captured app window, giving you confidence to surf safely. If you want to run outside the zone - no problem, the control can be bypassed through the context menu.
In addition to the virtual zone, there is such a thing as a private zone. You can add sites where strict confidentiality is required. It should be noted right away that the function only works in Internet Explorer retro versions. More modern browsers have built-in anonymity features.
The Policy section configures policies in relation to installers and updates, as well as programs launched from devices and network sources. In Configurations also see additional security policy options (Advanced Policy). There are six levels of control, depending on which BufferZone’s attitude towards programs changes: without protection (1), automatic (2) and semi-automatic (3), notifications about the launch of all (4) and unsigned programs (5), maximum protection (6) .
As you can see, the value of BufferZone lies in total Internet control. If you need more flexible rules, then any firewall will help you. BufferZone also has it, but more for show: it allows you to block applications, network addresses and ports. From a practical point of view, it is not very convenient for actively accessing settings.
Evalaze
- Website: www.evalaze.de/en/evalaze-oxide/
- Developer: Dögel GmbH
- License: freeware / commercial (2142 euros)
The main feature of Evalaze is the flexibility of virtualized applications: they can be launched from removable media or from a network environment. The program allows you to create completely autonomous distributions that operate in an emulated file system and registry environment.
The main feature of Evalaze is its convenient wizard, which is understandable without reading the manual. First, you make an OS image before installing the program, then you install it, do a test run, and configure it. Next, following the Evalaze wizard, you analyze the changes. Very similar to the principle of operation of uninstallers (for example, Soft Organizer).
Virtualized applications can operate in two modes: in the first case, write operations are redirected to the sandbox; in the second, the program can write and read files on the real system. Whether the program will delete traces of its activities or not is up to you; the Delete Old Sandbox Automatic option is at your service.
Many interesting features are available only in the commercial version of Evalaze. Among them are editing environmental elements (such as files and registry keys), importing projects, and setting reading mode. However, the license costs more than two thousand euros, which, I agree, slightly exceeds the psychological price barrier. The use of an online virtualization service is offered at a similarly prohibitive price. As a consolation, the developer's website has prepared virtual sample applications.
Cameyo
- Website: www.cameyo.com
- Developer: Cameyo
- License: freeware
A quick look at Cameyo suggests that the functions are similar to Evalaze, and in three clicks you can create a distribution with a virtualized application. The packager takes a snapshot of the system, compares it with the changes after installing the software and creates an ecosystem for launch.
The most important difference from Evalaze is that the program is completely free and does not block any options. The settings are conveniently concentrated: switching the virtualization method with saving to disk or memory, selecting an isolation mode: saving documents to specified directories, prohibiting writing or full access. In addition to this, you can configure the virtual environment using the file and registry key editor. Each folder also has one of three isolation levels, which can be easily overridden.
You can specify the sandbox cleaning mode after exiting the standalone application: removing traces, without cleaning, and writing registry changes to a file. Integration with Explorer and the ability to link to specific file types in the system are also available, which is not available even in Cameyo’s paid counterparts.
However, the most interesting thing is not the local part of Cameyo, but the online packager and public virtual applications. It is enough to specify the URL or upload the MSI or EXE installer to the server, indicating the system bit depth, and you will receive a stand-alone package. From now on it is available under the roof of your cloud.
Summary
Sandboxie will optimal choice for sandbox experiments. The program is the most informative among the listed tools; it has a monitoring function. Wide choose settings and good capabilities for managing a group of applications.
It does not have any unique functions, but it is very simple and trouble-free. An interesting fact: the article was written inside this “sandbox”, and due to an unfortunate mistake, all the changes went into the “shadow” (read: astral plane). If it weren't for Dropbox, a completely different text would have been published on this page - most likely by a different author.
Evalaze offers not a comprehensive approach to virtualization, but an individual one: you control the launch of a specific application by creating artificial conditions a habitat. There are advantages and disadvantages here. However, given the stripped-down nature of the free version of Evalaze, its advantages will fade in your eyes.
Cameyo has a certain “cloud” flavor: the application can be downloaded from the website, uploaded to a flash drive or Dropbox - this is convenient in many cases. True, it brings to mind associations with fast food: you can’t vouch for the quality and compliance of the content with the description.
But if you prefer to cook according to a recipe, VMware ThinApp- your option. This is a solution for experts who care about every detail. The set of unique features is complemented by the capabilities of the console. You can convert applications from the command line using configs, scripts - in individual and batch mode.
BufferZone is a sandbox with a firewall function. This hybrid is far from perfect and the settings are up-to-date, but BufferZone can be used to control Internet activity and applications, protect against viruses and other threats.
