Sandboxie

[Guest]

[Vettetech]

I would also recommend using Sandboxie. Whatever happens stays in the Sandbox and never gets written to the hard drive. Have Comodo would have prevented it cause you would have gotten a D+ alert and you could have click block.

[Ragwing]

I would also recommend using Sandboxie. Whatever happens stays in the Sandbox and never gets written to the hard drive.

Well, that's not really true, as it's written to the hard drive. But yes, everything you do in sandboxed mode will get written to \Documents and Settings\%username%\Application Data\Sandbox, and stays there until you remove it.

Cheers,
Ragwing

[Vettetech]

Not so true. It may be in that folder but its not really there unless you remove it. Try installing something under a Sandbox. Then empty the sandbox and you will not see the program installed. Like it never happened.

http://www.sandboxie.com/

[Pedro*]

But until you empty the sandbox. The content is in the HD.
What you really mean is that nothing gets written in the real folders.

[larrymcg]

I find the idea of Sandboxie very interesting.  However, unless you know which apps you need to put in the sandbox, you'd have to put them all in.  Not practical.  Since the subject of this thread is drive-by installs, maybe putting just the browsers you use (Firefox and IE) in the sandbox is enough?
But what about the things you want to keep from the browsing session?  Bookmarks.  Downloads.  And probably other stuff too.  Can you decide to keep those things before throwing away the sandbox?

Is a sandbox somehow superior to running in a virtual machine like VMWare?  I've tried a VMWare browsing appliance.  Seems to run pretty well (I was running Firefox on Linux under VMWare).  However, in a short time it seemed to fall apart (lots of errors and finally, no useful functionality).  So I got rid of it.

--Larry

[Frosty Port]

if you need to save a D/L and you was in the sand~box there is a option to retrieve the D/L

[Vettetech]

I find the idea of Sandboxie very interesting.  However, unless you know which apps you need to put in the sandbox, you'd have to put them all in.  Not practical.  Since the subject of this thread is drive-by installs, maybe putting just the browsers you use (Firefox and IE) in the sandbox is enough?
But what about the things you want to keep from the browsing session?  Bookmarks.  Downloads.  And probably other stuff too.  Can you decide to keep those things before throwing away the sandbox?

Is a sandbox somehow superior to running in a virtual machine like VMWare?  I've tried a VMWare browsing appliance.  Seems to run pretty well (I was running Firefox on Linux under VMWare).  However, in a short time it seemed to fall apart (lots of errors and finally, no useful functionality).  So I got rid of it.

--Larry

There is good help for this is the Sandboxie forums. I run IE and FF Sandboxed when I need to. If I am installing or trying something new I simply run it under a sandbox.

[Xman]

Hi dudes, Sandboxie rules so far as to ease of use & functionality IMHO for browsing, never had issues using it.
 
Xman

[Vettetech]

I made a custom cleaner folder for CCleaner. Now when I want to empty my Sandbox I simply click CCleaner.

[Eric Cryptid]

I'm feeling confused with this whole sandbox thing. I understand most of it just not the bit about whether or not you empty the sandbox.

I.E. You download a file which is fine and virus free and want to keep that and then you download another one which isn't virus free, how do you perminently download the non-virus one and get rid of the virus one? Do you have to empty the sandbox and re-download the good one?

Maybe I should read their website lol

E

[Dennis2]

I'm feeling confused with this whole sandbox thing. I understand most of it just not the bit about whether or not you empty the sandbox.

I.E. You download a file which is fine and virus free and want to keep that and then you download another one which isn't virus free, how do you perminently download the non-virus one and get rid of the virus one? Do you have to empty the sandbox and re-download the good one?

Maybe I should read their website lol

E

EDIT You can use Quick Recovery for only the file which is virus free any time and leave the virus one in the sandbox screenshots below.
Dennis

[Josh123]

I heard when you browse, After you close your browser Sandboxie cleans EVERYTHING OUT (When Running Your browser in Sandbox off course).

Josh

[Vettetech]

I heard when you browse, After you close your browser Sandboxie cleans EVERYTHING OUT (When Running Your browser in Sandbox off course).

Josh

Only if you select that option. I like using CCleaner instead.

[Pedro*]

I'm feeling confused with this whole sandbox thing. I understand most of it just not the bit about whether or not you empty the sandbox.

I.E. You download a file which is fine and virus free and want to keep that and then you download another one which isn't virus free, how do you perminently download the non-virus one and get rid of the virus one? Do you have to empty the sandbox and re-download the good one?

It depends on how you use it. The are a few options.

You can, for instance, create an open file path so sandboxie lets that folder be written.
http://www.sandboxie.com/index.php?OpenFilePath
Like setting your "safe downloads" folder. Firefox bookmarks, etc.

Or you can set the Quick Recovery .

The Quick Recovery feature makes it easier to extract files (and even whole folders) that are created and saved by sandboxed programs. It scans a few sandboxed folders, which have to be selected in advance, and lists the files (and folders) it finds within them. These files (and folders) can be recovered into the corresponding location outside the sandbox, or to any location.

http://www.sandboxie.com/index.php?QuickRecovery
Like, set it to delete automatically when closing the browser, but open quick recovery (this watches your chosen folders), so you can review if you want to keep anything.

It's been a while since i really used it. But one thing you can be certain, by reading the website you will understand it all.
If you're really interested - http://www.sandboxie.com/index.php?GettingStarted

[Luketan]

Not so true. It may be in that folder but its not really there unless you remove it. Try installing something under a Sandbox. Then empty the sandbox and you will not see the program installed. Like it never happened.

http://www.sandboxie.com/

Got to agree with ragwing and disagree with you.

"Not really there" means what exactly? The file is indeed written on the HD as Ragwing says just not where windows think it is. Sandboxie actually redirects the file changes to another file directory. But trust me the files are indeed there...  When you empty the sandbox, sandboxie simply deletes those files in the redirected folder..

So if you download a keylogger into say c:\whatever, it is actually written on c:\sandbox\whatever (not a real example).

Better sandboxes like sandboxie, actually interact with windows explorer, so the files look like where they are supposed to be.

[Tags:]