the Internet Windows Android
Expand
the main

Adjust Sandboxie to analyze suspicious files. Using the Sandboxie program how to start the file in the Windows 7 sandbox

We decided to briefly affect this topic.

In fact, the sandbox is an isolated software environment with rigidly limited resources for performing the program code within this environment (speaking simply, - launch of programs). In some way, the "sandbox" is such a trimmed, intended for isolation of questionable processes for security purposes.

Some of the good antiviruses and firewalls (though, as a rule, in a paid version) use this method without your knowledge, some allow you to manage this functionality (because it still creates excessive resource consumption), but there are also programs that allow programs that allow Implement such functionality.

We will talk about one of those today.

Unfortunately, it is conditionally free, but the same free period will help you get acquainted with this type of tools closer, which may later push you to a more detailed study, which, for the most part, exists in a free form and provides more opportunities .

You can download Sandboxie with or, let's say. Installation is virtually elementary, not counting the moment when the driver is set (see the screenshot below).

At this stage, it is better to turn off any elements of protection (that is, the same antiviruses and firewalls), otherwise, if this step fails, and the computer will reboot, it will restart or go to, it may be necessary to boot in safe mode and remove the program without the possibility of further use .

After installation, in fact, the program must be launched. It is possible that you will come across the notification that is shown above. There is nothing terrible in it, just click "OK".

Next, you will be offered to go through a short course on working with a program, more precisely will tell you how it works. Complete all six stages, it is desirable, carefully reading the instructions provided for you.

To speak briefly, in fact, you can run any program within an isolated medium. In the instructions, if you read it, it is quite well a metaphor on the point that in fact, the sandbox is a piece of transparent paper placed between the program and computer and the removal of the contents of the sandbox is something similar to the discard of the used sheet of paper and its contents, With what is logical, the subsequent replacement to the new one.

How to set up and use a sandbox program

Now let's try to understand how to work with it. To begin with, you can try to run, say, browser, in "Sandbox". To do this, in fact, or use the label that appears on your desktop, or use the menu items in the main window, menu items: " DefaultBox - Start in the sandbox - run a web browser"Or, if you want to start a browser that is not installed in the system as a default browser, then use item" Launch any program"And specify the path to the browser (or program).

After that, in fact, the browser will be launched in "Sandbox" and you will see its processes in the Sandboxie window. From this point on, all the occurrence occurs in how repeatedly said, an isolated medium and, permiss, the virus using a browser cache as an element for penetration into the system actually cannot really do anything, because at the end of working with an isolated medium. You can clean it, throwing out, as it was said in the metaphor, the scanned sheet and turning to the new one (in this case, not the touch integrity of the computer as such).

To clean the contents of the sandbox (if you do not need it), in the main window of the program or tray (this is where the clock and other icons) use the item " DefaultBox - Delete Content".

Attention ! Only the part will be removed that it was written and worked in an isolated environment, i.e, let's say, the browser itself will not be removed from the computer, but transferred to it .. Mmm .. Signally speaking, a copy of the process created by cache, saved data ( It seems to be downloaded / created files) and TP, will be deleted if you do not save them.

To deeper understand the principle of work, try the browser and other software in the sandbox several times, downloading various files and deleting / keeping the contents at the end of work with this sandbox, and then, let's say, running the same browser or program already on the computer. Believe me, you will understand the essence in practice better than it can be explained by words.

By the way, by clicking on the right mouse button on the process in the Sandboxie window process list, you can control access to various kinds of computer resources in bypassing the sandbox by selecting " Access to resources".

Roughly speaking, if you want to risk and give, for example, the same Google Chrome, direct access to any folder on your computer, then you can do it on the appropriate tab ( File access - direct / full access) Using the "Add" button.

It is logical that the sandbox is designed not only and not so much to work with the browser and walking in various kinds of dubious sites, but also to start applications that seem suspicious to you (especially, for example, at work (where it is often), you launch dubious files from mail or Flashpels) and / or should not have access to the main resources of the computer and / or leave extra tracks there.

By the way, the latter can be a good element for protection, i.e, to launch any application whose data should be clean and deleted upon completion of work.

Of course, the data from the sandbox is not necessary to delete upon completion and work with some programs only in an isolated environment (progress is remembered and there is a possibility of rapid recovery), but to do it or not, - your business.

When you try to start some programs, you may encounter the above problem. It is not necessary to scare it, enough, for a start, just click in "OK", but, in the future, open the sandbox settings by the method " DefaultBox - Sandbox Settings"And on the" File Transfer "tab to set a slightly large size for the file transfer option.

We will not talk about other settings now, but if they are interested in you, you can easily deal with them yourself, the benefit of everything in Russian is extremely clear and accessible .. Well, if you have any questions, you can ask them in comments to this entry.

On the sim, perhaps, you can move to the post.

Afterword

Oh yeah, I almost forgotten, by itself, that the sandbox consumes an increased amount of machine resources, because heats off (virtualizes) part of the capacity, which, naturally, creates a load other than the start directly. But it is logical that security and / or confidentiality may be worth it.

By the way, the use of sandboxes, chroot or virtualization, partially refers to the methodology of non-astutive security, which we are.

On sim, perhaps, everything. As always, if there are any questions, thoughts, additions and all that, then welcome to the comments to this entry.

Some users sometimes have to deal with the software of dubious origin - for example, for test purposes. The best option in such cases will be a separate computer or a virtual machine for this, but this is not always possible. But there is a solution - you just need to use the "sandbox" program, to the number of which also applies to SandBoxie.

The application allows you to run in the "sandbox" executable files (including programs installers), work with a web browser and files, configure their behavior in certain cases.

Running web browser

The main reason for which users are interested in similar sandbox software - safe work on the Internet. The program under consideration allows you to achieve this goal.

Running programs

The following scenario uses the "sandbox" environment is the launch of software.

Working with files

In the "sandbox" of the medium under consideration, you can also open a variety of files, such as archives of dubious origin. The algorithm of action is exactly the same as with the programs (technically opens the software to view the target document), so the previous instruction will come to open files in the sandbox.

Management environment

The developers provided users as well as the management tools in which the programs are run and files are opening. They have an obvious name "Management Sandboxie".


Setting Sandboxie Parameters

Sandbox can be configured "for themselves" for more comfortable use.


Solving some problems

Alas, but sometimes when using "sandboxes" problems arise. Consider the most frequent, and tell us the options for eliminating.

Error "SBIE2204 CANNOT START SANDBOXED SERVICE RPCSS"
A similar problem is characteristic of versions of Sandboxie 5.0 and older, which are installed on Windows 10. The reason is the incompatibility of the environment with the capabilities of this operating system, so the only solution is to install current updates of the program.

Error "SBIE2310 name buffer reached overflow"
This problem also concerns incompatibility, but this time with some particular program. Most often, the culprits are antiviruses with the possibilities of "sandbox" or similar software. Method of eliminating the error is also obvious - disable or uninstall the application that conflicts with Sandboxie.

Error "SDIE2211 SANDBOXED SERVICE FAILED TO START: * application name or file *»
Such a failure often arises from Windows 7 users. The problem is the User Account Control system, which interferes with or installing a file that requires administrative authority to run. The solution is simple - in the "Sandbox" selection window when you open this software or document, check the option "Run as UAC Administrator".

Conclusion

At this, our guide to the use of Sandboxie is coming to an end. Finally, we remind you - the environment "sandbox" is not a panacea for computer security, so if you have to deal with suspicious software, it is better to use a virtual machine.

Sandboxie allows you to perform operational control over the operation of applications installed on the computer, and is also a tool for proactive protection. To completely remove SANDBOXIE from any device, you need to use any of the available uninstall methods.

About the program

The developer is Ronen Tzur, the application refers to a conditional category. As of January 2019 there are two software solutions:

  • 26 stable;
  • 27.3 Beta.

Sandboxy has a simple and intuitive interface in both English and Russian. Installation is possible on computers with Windows operating system, starting with 7 version and higher. Suitable for 32-bit, and for 64-bit OS. The utility has the so-called "sandbox" - a tool that allows you to significantly increase the level of PC protection before external threats: "hijackers" browsers, trojans, phishing software and other programs from the category "Badware".

Work in Sandboxy

To install, you will need to perform simple steps:


Now you can start working in the utility, for example, download any software from the Internet and check the downloadable packet installation for the presence of viruses and third-party software. To scan any "EXE", you will need to perform the following actions:


In addition to checking for viruses, you can run any applications on your computer, as well as browsers, such as Google Chrome, Opera, Mozilla Firefox, Internet Explorer and Yandex.Browser. To do this, it is enough to perform simple actions:


Thus, using this software, you can run any programs on the computer in an isolated virtual environment and monitor the started processes. At the same time, the "sandbox" will not be able to record data into the registry, accessing system data, affect the performance of PCs, etc.

Uninstallation

Before proceeding with the uninstalling "sandboxes", you will need to clean the residual files that appear during the operation of the software and clog the PC. Subsequently, when uninstalling on the user does not have to delete them manually. To clean the "garbage", you need:


Standard uninstallation

Remove Sandboxie from a computer fully using the SandboxieInstall.exe installer:

  1. Check that the program is closed: Go to "Device Manager" by clicking on the Ctrl + Alt + Delete combination, or taping on a combination of Win + R and entering the Taskmgr command in the "Run" window.
  2. In Task Manager, find the executable EXE file in the "Processes" tab with the name of the utility being removed, click on it with the left mouse button, at the bottom of the screen, call the option "Remove the task".
  3. Go to the Startup window and check that the uninstalled software may be "disabled", and, accordingly, was absent in the AUTOSTART list. To do this, tap over the right mouse button and click on "Disable". If the option of the context menu "Enable" appears, then everything is fine, you can begin to the next step.
  4. Click the combination of Win + R and drive the "msconfig" code, then click on "OK".
  5. In the "System Configuration", go to the "Load" menu and set the checkbox in the field opposite the "Safe Mode" option. Be sure to click "apply" to ensure that the changes entered into force, "OK".
  6. Windows WINDOVS 7 users will also need to go to the "Auto load" tab and exclude the Autostart list: click by the file name in the list of auto-passable applications with the right mouse button and select the "Disable" function.
  7. Reload Computer: The input will be performed in protected mode.
  8. Run the installation file "sandboxieinstall.exe" - "Next". In the list of options, select "Delete Appendix" (the function name may differ depending on the installer version).
  9. The automatic process of deleting the components of the program from the PC will start, after which it is recommended to additionally clean the computer from residual files.
  10. First of all, you need to go to "C: \\ PROGRAMFILES \\", to find the "SanBoxie" directory - on the folder of the left mouse button found and clamp the SHIFT + DELETE to uninstall the object without moving to the "basket".
  11. Now you need to hold the combination of Win + E and from the "Explorer" window to "this computer" - "Local disk with", select the "Users" directory, go to the folder of the current user, which installed the utility to my computer, select the hidden folder " APPDATA. "
  12. If the specified directory is not displayed, you need to click on the "View" tool, located at the top of the "Explorer", and select "Parameters".
  13. The "Folder Parameters" window will open, go to the second bookmark named "View", intersect the bottom of the screen to the "Hidden Files and Folders" section and mark the "Show hidden files ..." checkbox. Click on "Apply" and close "folder parameters".
  14. Go to AppData: Folders are in the specified directory with the name "Local", "Locallow" and "Roaming" - to check the files in these folders there are no files with the name "Sandboxie". When such objects are detected, allocate them and delete them using the SHIFT + DELETE command.
  15. Return to the local disk "C" and check the hidden folester "ProgramData" - there should be no files related to a remote program in it.
  16. Now you need to go to the "Registry Editor" window. You can make it possible using the "PowerShell" menu - right-click on the "Start" button and go to the appropriate console.
  17. Save the current registry status using the "Export ..." option, which is in the File menu. Specify the name of the stored reg file and the folester. Export range to specify - "The whole registry". In the future, you can restore the registry from the specified file (in case of problems after manual registry cleaner).
  18. In the console window, drive the code phrase "regedit" without quotes, "ENTER".
  19. The registry editor tool will open - clamp a Ctrl + F combination, in the search bar, enter the name of the remote "sandbox", then click on "Find Next".
  20. After a couple of seconds, the first registry key will be displayed on the monitor, which remained after the remote application. Click on the left mouse button twice and check the "value" cell - there must be a reference to the sandbox.
  21. To clean the registry from the found file or folder, you need to click on the right mouse object and initiate uninstall using the "Delete" option. Confirm your action by clicking on "Yes." Go to the next post by clicking on "F3".
  22. Repeat the search operation and delete keys until "Search in the Registry is complete" appears on the screen.
  23. To restart a computer.

Also, to remove Sandboxie from a computer, you can use one of the available utility uninstallastors. Specifically, the CCleaner, RevounInstaller is best suited for this application, as well as the instrument for the complex cleaning of Registry Register Organizer.

Consider the mechanism of uninstalling in each of the specified programs.

CCleaner

For uninstalling using this free software, you must perform the following steps:


Revo Uninstaller

To remove the "sandbox" in Revo Uninstaller, you will need to perform the following manipulations:


Reg Organizer.

After removing programs, you will need to optimize the registry. The Reg Organizer Utility is best coped with a similar task, which can be downloaded from the official site. In order to optimize Registry, it will be necessary:


If you are familiar with the functionality and features installed on your computer, then you probably know for which such a wonderful tool as Sandbox is needed. As a rule, this module is part of the most famous antivirusers, for example, such as Avast.

Sandbox or as still say the sandbox is a software module that allows you to run any application in a strictly insulated medium.

The main task of Sandbox is to ensure maximum computer security when you start potentially dangerous applications or when visiting infected websites.

I must say, this method is not deprived of drawbacks - for example, when the sandbox module is running the same Avast, some applications running in safe mode may not work correctly, and in some cases even lead to the freezing of the antivirus program.

In addition, it is not too convenient, especially when you need to quickly switch from one mode to another. Those whom this provision does not suit, you can recommend a simpler and rapid solution - utility Sandboxie. - Program Sandbox.

This is a small, convenient program with a Russian-speaking interface allows you to create virtual areas in which you can run almost any application.

At the same time, the results of all programs running in Sandboxie will be saved in separate, specially intended folders, without without affecting the operation of the operating system as a whole, such images protect it from possible damage to viruses or configuration changes.

Also, Sandboxie can also be used as a means of anonymous surfing on the Internet in the sense that after closing the browser on the user's computer there will be no trace of visits to sites.


Work in Sandboxie is simple enough. When installing the utility, it can offer you to customize the compatibility of working with some programs.

All other settings, besides the ability to integrate the Sandboxie in the context menu of the conductor can be left unchanged.

By the way, in addition to global settings, it is also possible to change the parameters of the sandbox itself. As well as common, these settings are recommended to be left by default.

The Sandboxie sandbox program supports the creation of several separate sandboxes, and several applications can be launched in each of them.

Working in one sandbox of the program can freely exchange data, but applications from different virtual areas will be isolated from each other, as well as from the operating system as a whole. By default, the utility uses one sandbox called " DefaultBox.".

Let's open some application for example in Sandboxie, let's say an ordinary notebook. Perhaps a text editor and not the best example for a demonstration, but at the moment it does not matter.

Go to the menu " Sandbox» → « DefaultBox.» → « Start in sandbox» → « ... any program" After that, a small rectangular window will open in which you can enter the name of the program, in our case it is notepad.exe or perform an overview by specifying the path to the open application from the desktop. You can also start running through the Start menu.

What is interesting, Sandboxie allows you to run with different profiles even such applications that under normal conditions do not allow you to create copies in memory.

Please note that the program running in the sandbox has several modified headers of working windows, as well as when you hover the mouse pointer to the top of the window, the entire area of \u200b\u200bthe boundaries will be highlighted with yellow. There is nothing terrible, do not be scared, it should be.

So, let's copy and insert some segment of the text in a notebook and try to save the file. Initially, Sandboxie will invite you to save the document into the directory of the program itself, but let's ignore this offer and save it to the hard disk D.

However, if you then want to view this file and go to the D disc, it will not be there. More precisely, it will be hidden, and to restore it should be opened in the menu " View»Section" Files and folders", Find the desired file in the drop-down list and select the necessary action in the context menu.

Here in principle, and all the work of this wonderful utility. Everything is very simple. The list of all applications running in Sandboxie can be viewed in the utility working window.

Additional Sandboxie features include user account settings, automatic program termination, definition of any Windows operating mode, as well as some other options.

The Sandboxie utility has a little weight, consumes the minimum of system resources and does not prevent the work of other applications at all, turning into a systemic tray.

Run Sandboxie is best through the Start menu, since the icon created when installing the desktop will open the program itself, but the Internet Explorer browser.
In addition, small videos How to download and install Sandboxie:

Did not find an answer to your question? Look at here
State Services Personal AccountState Services Personal Account
State Supervisory Cabinet- Entrance on SNILS and TelephoneState Supervisory Cabinet- Entrance on SNILS and Telephone
Single telephone rescue service in the Russian FederationSingle telephone rescue service in the Russian Federation