Menu
homeFiles and folders

Tools for running applications in a virtual environment. Antivirus sandboxes. Introduction

Some massive applications (such as the Outpost Security Suite and Online Armor Premium Firewall firewalls, as well as executable exe and msi files of incomprehensible content downloaded from the Internet) can disrupt the integrity and stability of the system. Their installation in a working OS can lead to the appearance of BSOD screens when loading the OS, changes in browser settings, and even the spread of worms and Trojans, which is likely to result in the attacker stealing passwords to social network accounts, web services you use, email box, etc.

We have previously written about popular methods for testing new software in articles about and. In this article we will talk about another simple, fast and effective way to run any applications under Windows in a protected, isolated environment, and its name is the Sandboxie sandbox.

What is a sandbox?

In the field of computer security, a sandbox is a specially dedicated environment designed to safely run applications on a PC. Some complex software products include a safe environment (sandbox) mode. Such applications include the Comodo Internet Security firewall, Avast antivirus! (paid version), developments in the field of data protection from Kaspersky Lab. The subject of our article-instructions, the Sandboxie program, is a full-fledged tool for large-scale testing of any programs without making changes to the structure and parameters of the working operating system. How to work with it - read on.

Downloading the distribution and installing Sandboxie

Before you begin installation, as always, you need to download the installation package online. Let's take advantage official website project.

Although the developers offer paid versions of the product for home and office use, the free version is also quite suitable for us. It has no time restrictions. The only negative is the ability to work with only one sandbox and the inaccessibility of some not very critical parameters.

After downloading the distribution, let's begin the installation procedure. It takes place in 2 phases. First, system libraries and Sandboxie executable files are installed.

At the final stage, you will be asked to install the system driver, which is the core of the application. The driver will work in conjunction with service files, its installation time will take a couple of moments. We agree and move on.

First launch of the sandbox Sandboxie

When you launch the application for the first time, the screen will display a list of programs for which you can improve sandbox compatibility. Despite the fact that not all applications available in the OS are displayed in this list, the sandbox program automatically determined that by default these programs are not available for management in Sandboxie. We agree to improve compatibility by checking all items in the list and clicking OK.

Next, we have to go through a short introduction to working with the application, where we can get acquainted with the general principle of operation of the software product, the mechanism for launching a web browser in protected mode, as well as the function of deleting the contents of the active sandbox. The manual is very concise, all its contents are reduced to a few button presses to perform the most popular actions and a graphic illustration with the basic methodology of the service.

So, when the manual is exhausted, we can start working in an isolated environment. You can launch the application by selecting the corresponding item in the “Start” menu, or by clicking on the corresponding icon in the form of “Applications” (Win 8/8.1).

An alternative way is to double-click on the Sandboxie sandbox icon in the taskbar.

As a result of launching the program, a form with an active sandbox available to the user will appear on the screen (we remind you once again that in the free version you can create only one sandbox). Almost all operations are called from this form.

Running the browser in sandbox mode

Well, let's launch the browser in protected mode. To do this, you can use the shortcut on the desktop, or right-click on DefaultBox and select “Run in sandbox” -> “Launch web browser” from the context menu. It is worth noting that in this way you can work with the browser installed on the system as the active one by default.

The inclusion of a secure isolated environment is symbolized by a yellow edge bordering the browser form.

How to work with it? By running your browser in a sandbox, you can freely access any, even potentially dangerous, resources without the threat of infecting your PC with any malicious code. This mode will certainly come in handy if you are looking for keys for programs, cracks, or you have placed a child at the computer under your supervision and are afraid that he may harm the system by switching to unsafe resources through banners, or changing the browser settings by setting the next “ super unique" addition. Any files downloaded using this browser will also not have access to the working system.

When trying to download a file using a sandboxed browser, pay attention to the header of the form for specifying the save name. The name of this form is surrounded by two # symbols, which indicates that when saving the object will be placed in the Windows Sandboxie shell and will not be available on a regular disk device.

The same applies to launched programs.

By default, files downloaded from the network are offered to be placed in the Desktop or Downloads folder. These directories are suitable for sandboxing.

How to make sure that the downloaded file is saved in the sandbox?

In the top menu, select View and check the Files and folders option. You will see a tree of available disks and user directories that you can work with in protected mode. Open the folder you need and make sure the corresponding files are there.

Is it possible to extract a file from the sandbox by placing it in a similar folder on a regular service drive?

Of course, to do this, right-click on the file to be restored and select “Restore to the same folder” in the context menu. After this, the file will be extracted.

You can also add new paths to the folders available for saving by specifying them in the Sandbox Settings form, Recovery category -> Quick recovery section.

To open the Sandbox Settings form, go to the Sandbox option in the top menu, then select the DefaultBox sub-item and in the context menu that appears, click on the Sandbox Settings element.

How to install a new application in the sandbox?

Right-click on the appropriate distribution saved in an isolated environment or in a standard OS, and select “Run in sandbox” from the menu

Next will follow the standard installation procedure, which can be sorted out in literally no time. The only caveat: if you want to test a 64-bit program, before installing, add the path to the “C:\Program Files” folder in the Sandboxie sandbox settings, since by default there may only be a path to the system directory “C:\Program Files (x86)” . You can do this again in the Quick Recovery menu. To make the changes take effect, click the “Apply” button and restart the installation if the process is already running.

How to run a program in a sandbox?

The user has two ways to launch the application in a secure environment.

The first is a context menu called from the Sandbox item in the Sandboxie top menu. Here you can run anything: from an external mail client to a console daemon designed to compress files into an alternative audio format.

The second way is to use Sandboxie's integration with Windows Explorer. To do this, you need to right-click on the program you need on a regular working disk device and select the “Run in sandbox” option.

Results

In general, it must be said that the program does not feel very confident on the latest generation 64-bit operating systems. Periodic crashes occur, and windows appear with a notification about an attempt to immediately restore running processes. However, with a little fiddling with the settings, you can make the Sandboxie sandbox work stably, efficiently and without any reservations, and thanks to integration with Explorer, launching applications is smooth and smooth. Along with other virtualization methods, this mechanism is an excellent tool for debugging and testing applications, which is useful for a detailed study of the interaction of a software product with the working operating environment.

Sandbox avast! (Sandbox) is a special security feature that allows you to access websites or manually launch other applications in a completely secure environment, isolated from the rest of the system.

This feature is especially useful when visiting potentially infected websites or if you think that an application may be infected - you can run a program (including a web browser) in the sandbox and determine whether it is the program is safe. In this case, any actions that the program may try to perform will not harm your system.

To run an application or access the Internet using a sandbox, simply click the "Run virtualized process" button, then navigate to the desired program on your computer - for example, the Internet Explorer browser. After this, the browser or other application will open in a special window with a red border, which indicates that the program is running in a sandbox.

In "Advanced settings" you can also set applications that should always be launched in virtualization mode, and trusted applications that should not be virtualized.

avast! AutoSandbox ("automatic sandbox") is a special protective function that allows you to automatically launch suspicious applications in a completely isolated environment, thereby reliably protecting your computer and all files from possible risks.

If, when launching any application, avast! detects signs of suspicious behavior, the program will by default prompt you to run such an application in the sandbox. If you select "Open in sandbox", the application will run in a special safe area, isolated from the rest of the system - the "sandbox".

This feature allows you to monitor suspicious applications while providing complete protection against any malicious actions that an infected application might try to perform.

When using this feature, the browser or other application will open in a special window with a red border, which indicates that the program is running in a sandbox.

You can also select AutoSandbox settings to automatically run suspicious applications in the sandbox. You can also disable AutoSandbox completely or specify files that should not be run in the sandbox.

In avast antivirus! Pro and avast! Internet Security's basic Sandbox settings—for example, settings that determine whether downloaded files and other browser output are automatically deleted when the sandbox is closed—will also be used by the AutoSandbox feature.

However, in the avast antivirus! Free, these settings are not available - when you close the sandbox, all downloaded files will be automatically deleted.

avast! SafeZone is an additional security feature included in avast antivirus products! Pro and avast! Internet Security. This feature allows you to browse the web from a private, secure "cabinet" that is invisible from the rest of the system. For example, if you do online banking, shopping, or other transactions that involve the transmission of sensitive data, you can be sure that your personal data will not be stolen by spyware or keypad software. Unlike the sandbox avast! (Sandbox), which is designed to safely store content that can harm the system, avast! SafeZone is needed to prevent anything unnecessary from entering your confidential “office”.

To open the SafeZone secure desktop, go to the Advanced Protection tab, then open the SafeZone tab and click Go to SafeZone.

When you go to SafeZone, the SafeZone web browser will automatically launch. SafeZone Browser is a special browser that does not contain additional plug-ins, which are often used to distribute spyware.

When finished, go to the Start menu and select Disable to close the browser and return to the standard desktop. Your browser settings and all the files you downloaded will be automatically saved and you can open them the next time you log into SafeZone. If you don't want to save anything, click the "Reset SafeZone" button to delete all data. SafeZone content, including all browser settings, will return to its original state.

You can also click the Go Back button on the taskbar (next to the clock) - this will return you to the standard desktop without closing the web browser, and you can reopen it later.

Avast! Website Security Rating WebRep

avast! WebRep is an optional feature that can be installed with the avast! antivirus program. You can also install this feature later: to do this, open the avast! interface, go to the "Advanced Protection" tab, select "WebRep" and click "Install". This window also allows you to check whether your web browser supports it before installing the feature.

The WebRep function uses information collected from the global community of avast users! information related to the content and security of the websites visited and provides users with useful information. You too can contribute to this feature by rating the content and safety of the websites you visit - see below.

When you visit a website, you will see an indicator of three bars (red, yellow or green) showing how other users have rated the website. You will see the same indicator next to each of the search results obtained when using popular search engines.

The color of the indicator tells you whether other users have rated the site as good (green), average (yellow) or bad (red). The number of highlighted bars represents the reliability of the estimate. One, two, or three illuminated bars indicate, respectively, a small, medium, or large number of “votes” cast for that site.

Clicking on the color indicator will open a window where you can view more information about the site's rating system, as well as submit your own vote.

On the right you can give the site your rating. Here you will see a bar divided into five different colored segments, with which you can give a more detailed assessment of the domain. Below the bar are the same category icons. Click one or more icons to categorize your domain into the categories it fits into. To submit your rating to our database, click the "Vote" button.

Website blocking

On this page, you can specify the URLs of any websites that you want to block so that the pages of those sites will not appear in your web browser. You can use this feature to block access to sites that you do not want children or other users to access, such as sites containing adult content.

Found a typo? Press Ctrl + Enter

Sandboxie is a program that allows you to run applications in a protected virtual environment (sandbox) and exercise full control over their operation.

How Sandboxie works

The sandbox creates a special protected shell. Any program launched through Sandboxie will not have access to system files, the Windows registry, and will not be able to affect its performance in any way, because runs in an isolated environment.

Running applications in a sandbox allows you to protect the system from viruses and various malicious objects, completely isolating Windows from any unwanted influence.

In addition, Sandboxie makes web surfing safer. By running any browser (, etc.) in a sandbox, you don’t have to worry about viruses and other malware from the Internet entering your computer.

Sandboxie also protects against unwanted updates and can monitor email, identifying viruses, Trojans, spyware and other malicious objects.

Limitations of the free version

Please note: Sandboxie is a shareware program. You can work with it for free only under the condition of home, non-commercial use.

  1. Only one sandbox can be running at a time;
  2. After 30 days from the moment of installation, a proposal to upgrade to the paid version will be displayed (upgrading is not necessary, the program will remain fully functional at all times, with the exception of point 1.).

The paid version does not have the above restrictions.

Download Sandboxie

The latest version of the Sandboxie sandbox for Windows 32 and 64-bit in Russian is available for download on our website.

Download Sandboxie for free, without registration.

Sandboxie is a program that allows you to run applications in a protected virtual environment (sandbox).

Version: Sandboxie 5.28

Size: 5.93 MB

Operating system: Windows 10, 8.1, 8, 7, XP

Russian language

Program status: Shareware

Developer: Ronen Tzur

Official site:

What's new in version: List of changes

The so-called sandbox is a relatively new feature in the shareware Avast antivirus packages! Pro and Avast! Internet Security. This is a special security model thanks to which the user can visit websites and run a variety of applications while being in a secure environment. This function helps to avoid viruses if you accidentally switch to potentially . If it hits a malicious resource, the browser will be automatically placed in a sandbox, and therefore infection of the computer will be prevented.
In free versions of Avast! There is no sandbox.

The new function can also be launched independently when you enable third-party programs that seem suspicious or unreliable to you. Just run the program in the sandbox and you will find out whether it really poses a threat or whether your fears are unfounded. When checking the program, your system will be protected by Avast. The sandbox is often used when checking software downloaded from the Internet.

How to use the sandbox

In order to launch a dubious application or access the Internet through a sandbox, click on the request “run virtualized process”. After that, go to the program you need on your computer. The browser or application will launch in a new special window, framed by a red frame, indicating that the program was successfully launched from the sandbox.
In the “advanced settings” tab, you can assign applications that do not need to be virtualized, as well as those that should always be launched from the sandbox.

A characteristic feature of the sandbox is the ability to embed it in the context menu. To enable this option, in the “Options” window, check the box next to “embed in right-click context menu.” The option can be made available both to all users and to users with administrator rights. With its help, you can launch any application in the sandbox by just right-clicking on the shortcut and selecting the “run with” command.

Please note that if you right-click on a sandboxed application, the context menu that opens will give you the option to run it once outside the sandbox or to remove the application from the sandbox.

The Internet and computer technology have completely taken over the modern world. Now almost every person has an electronic device with which he can find the necessary information on the Internet or chat with friends at any time and anywhere. But we should not forget that sometimes there is a hidden threat behind this - viruses and malicious files created and launched into the global network to infect user data. In addition to standard antiviruses, sandbox programs have been created to help prevent their access to the computer.

Purpose and principle of the program

Sandbox programs are designed to ensure the security of your computer while surfing the Internet or executing various programs. In simpler terms, we can say that this program is a kind of limited virtual space in which all user actions are carried out. A program that is launched while the sandbox is running works only in this environment and, if it is a malicious virus, its access to system files is blocked.

Advantages of the sandbox

Perhaps the first advantage of this application can be taken from the paragraph above - it limits the access of malicious files to the system. Even if viruses, for example, Trojans or worms, were picked up while surfing the Internet, but at that time the user was working with the sandbox turned on, the viruses will not penetrate anywhere else, and when the sandbox is cleaned, they will be completely removed from the computer without a trace . In addition, such programs help speed up your computer. Since most sandbox activities are related to work in browsers, each time you launch it (Google Chrome, Opera, Mozilla Firefox), the user will see an absolutely clean and as if newly installed browser, which does not have the usual slow-down garbage - “cache” "

Disadvantages of the sandbox

There are those too, and the most important thing is deleting personal data, be it bookmarks, pages saved while browsing the Internet, or even history. The program is not configured to recognize what exactly is harmful to the device, so when cleaned, absolutely all data is permanently deleted from it. The user needs to take this into account and, if necessary, synchronize the necessary bookmarks or use special applications designed to save such data.

At the moment, there are many names of such programs, among the well-known ones are Sandboxie, Comodo Internet Security, etc. Everyone chooses the one that is more convenient and understandable for him. In any case, you should not forget about the disadvantages of these programs and use them carefully.

Avast is one of the antivirus programs. Installation and registration are as simple as possible. There are versions for PC and mobile devices. In this case, a license for the first year of use can be obtained absolutely free. Avast offers various additional security options. The ability to add exceptions is also implemented here.

You will need

  • Computer, mobile device, Internet.

Instructions

Inside the file system screen, click the “Settings” button, then select the “Exceptions” tab. By clicking on "Browse", you will see the contents of the hard drive. Select exceptions by double-clicking the desired folders or files and clicking OK. Confirm your choice in the next window by clicking OK again.

You can endlessly look at the fire, water and activity of programs isolated in the sandbox. Thanks to virtualization, with one click you can send the results of this activity - often unsafe - into oblivion.

However, virtualization is also used for research purposes: for example, you wanted to control the impact of a freshly compiled program on the system or run two different versions of an application at the same time. Or create a standalone application that will leave no traces on the system. There are many options for using a sandbox. It is not the program that dictates its terms in the system, but you who show it the way and distribute resources.

If you are not satisfied with the slowness of the process, using the ThinApp Converter tool you can put virtualization on stream. Installers will be created based on the config you specify.

In general, the developers advise making all of these preparations under sterile conditions, on fresh OS, so that all the installation nuances are taken into account. For these purposes, you can use a virtual machine, but, of course, this will leave its mark on the speed of work. VMware ThinApp already loads system resources quite heavily, and not only in scanning mode. However, as they say, slowly but surely.

BufferZone

  • Website: www.trustware.com
  • Developer: Trustware
  • License: freeware

BufferZone controls Internet and software activity of applications using a virtual zone, closely approaching firewalls. In other words, it uses rule-governed virtualization. BufferZone easily works in conjunction with browsers, instant messengers, email and P2P clients.

At the time of writing, the developers warned about possible problems when working with Windows 8. The program can kill the system, after which it will have to be removed through safe mode. This is due to BufferZone drivers, which come into serious conflict with the OS.

What falls under BufferZone's radar can be tracked in the main Summary section. You determine the number of limited applications yourself: the Programs to run inside BufferZone list is intended for this. It already includes potentially unsafe applications such as browsers and email clients. A red border appears around the captured app window, giving you confidence to surf safely. If you want to run outside the zone - no problem, the control can be bypassed through the context menu.

In addition to the virtual zone, there is such a thing as a private zone. You can add sites where strict confidentiality is required. It should be noted right away that the function only works in retro versions of Internet Explorer. More modern browsers have built-in anonymity features.

The Policy section configures policies in relation to installers and updates, as well as programs launched from devices and network sources. In Configurations also see additional security policy options (Advanced Policy). There are six levels of control, depending on which BufferZone’s attitude towards programs changes: without protection (1), automatic (2) and semi-automatic (3), notifications about the launch of all (4) and unsigned programs (5), maximum protection (6) .

As you can see, the value of BufferZone lies in total Internet control. If you need more flexible rules, then any firewall will help you. BufferZone also has it, but more for show: it allows you to block applications, network addresses and ports. From a practical point of view, it is not very convenient for actively accessing settings.

Evalaze

  • Website: www.evalaze.de/en/evalaze-oxide/
  • Developer: Dögel GmbH
  • License: freeware / commercial (2142 euros)

The main feature of Evalaze is the flexibility of virtualized applications: they can be launched from removable media or from a network environment. The program allows you to create completely autonomous distributions that operate in an emulated file system and registry environment.

The main feature of Evalaze is its convenient wizard, which is understandable without reading the manual. First, you make an OS image before installing the program, then you install it, do a test run, and configure it. Next, following the Evalaze wizard, you analyze the changes. Very similar to the principle of operation of uninstallers (for example, Soft Organizer).

Virtualized applications can operate in two modes: in the first case, write operations are redirected to the sandbox; in the second, the program can write and read files on the real system. Whether the program will delete traces of its activities or not is up to you; the Delete Old Sandbox Automatic option is at your service.

Many interesting features are available only in the commercial version of Evalaze. Among them are editing environmental elements (such as files and registry keys), importing projects, and setting reading mode. However, the license costs more than two thousand euros, which, I agree, slightly exceeds the psychological price barrier. The use of an online virtualization service is offered at a similarly prohibitive price. As a consolation, the developer's website has prepared virtual sample applications.

Cameyo

  • Website: www.cameyo.com
  • Developer: Cameyo
  • License: freeware

A quick look at Cameyo suggests that the functions are similar to Evalaze, and in three clicks you can create a distribution with a virtualized application. The packager takes a snapshot of the system, compares it with the changes after installing the software and creates an ecosystem for launch.

The most important difference from Evalaze is that the program is completely free and does not block any options. The settings are conveniently concentrated: switching the virtualization method with saving to disk or memory, selecting an isolation mode: saving documents to specified directories, prohibiting writing or full access. In addition to this, you can configure the virtual environment using the file and registry key editor. Each folder also has one of three isolation levels, which can be easily overridden.

You can specify the sandbox cleaning mode after exiting the standalone application: removing traces, without cleaning, and writing registry changes to a file. Integration with Explorer and the ability to link to specific file types in the system are also available, which is not available even in Cameyo’s paid counterparts.

However, the most interesting thing is not the local part of Cameyo, but the online packager and public virtual applications. It is enough to specify the URL or upload the MSI or EXE installer to the server, indicating the system bit depth, and you will receive a stand-alone package. From now on it is available under the roof of your cloud.

Summary

Sandboxie will be the best choice for sandbox experiments. The program is the most informative among the listed tools; it has a monitoring function. Wide range of settings and good capabilities for managing a group of applications.

It does not have any unique functions, but it is very simple and trouble-free. An interesting fact: the article was written inside this “sandbox”, and due to an unfortunate mistake, all the changes went into the “shadow” (read: astral plane). If it weren't for Dropbox, a completely different text would have been published on this page - most likely by a different author.

Evalaze offers not an integrated approach to virtualization, but an individual one: you control the launch of a specific application, creating artificial living conditions for this. There are advantages and disadvantages here. However, given the stripped-down nature of the free version of Evalaze, its advantages will fade in your eyes.

Cameyo has a certain “cloud” flavor: the application can be downloaded from the website, uploaded to a flash drive or Dropbox - this is convenient in many cases. True, it brings to mind associations with fast food: you can’t vouch for the quality and compliance of the content with the description.

But if you prefer to cook according to a recipe, VMware ThinApp- your option. This is a solution for experts who care about every detail. The set of unique features is complemented by the capabilities of the console. You can convert applications from the command line using configs, scripts - in individual and batch mode.

BufferZone is a sandbox with a firewall function. This hybrid is far from perfect and the settings are up-to-date, but BufferZone can be used to control Internet activity and applications, protect against viruses and other threats.