I’m just curious what purpose it serves. For me, I either block a file and don’t let it run at all, or if I know it’s safe I add it to the trusted files…there is no in between for me. You either trust it and let it do it’s thing, or not run at all.
So do you use the sandbox and does it have any real world value for you besides testing malware?
Just like you, I use it with “Blocked” setting.
The problem is that there is malware defined as safe so even if CAV detects it, sandbox breach will happen. Maybe AV judgement should be set to higher priority than “trusted” list.
It usually takes a day or two for Comodo to correct this.
I use it as proactive measure for unknown files when installing something, like a game or a program, but for cracks/keygens, I use SandboxIE…
So if a file is added to the trusted files, and if it is determined to be a virus and added to the definitions later on, the AV will not detect it?
The problem is not knowing which level to sandbox the program in order to protect your PC. Now I am confused…if the sandbox is disabled, Image execution will still intercept the file and run it under what ever level you set it for.
So now the question is, is it better to turn image execution control off and just let all unknown files run sandboxed?
I disabled the Sandbox because it was freezing the PC for up to 2 minutes before asking about the file.
Avast’s sandbox doesn’t pop up very often but does so quickly. I don’t know how effective it is but at least it doesn’t annoy me.
Until recently I autosandboxed in CIS’ sandbox all internet applications. But I’ve found CIS’ sandbox increases start time of sandboxed applications. Now I use Sandboxie free though in one test it’s rather weak. But the applications start almost as quick as without the Sandboxie.
Really when something gets into CIS’s sandbox the PC got sticky. Fortunatelly on my PC it happens so seldomly that I keep the Sandbox on. I think it’s good protection.
??? :o
Second that!
Video or it did not happen!
:-TU
That’s weird, afaik sandboxie is very very safe, could you post the tests links??
sure - I didn’t study the Sandboxie in tests but by chance I found where it failed - in MRG test
http://malwareresearchgroup.com/wp-content/uploads/2009/02/MRG-Online-Banking-Browser-Security-Project2.pdf
I’ve corrected my previous post - not in some tests, but only in one test Sandboxie failed. Sorry for mistake.
First, this test is old (April 2010) and version is 5.44. Current version is 5.54. 
Second, there are no details about failure.
Third, how reliable are MRG tests?
Fourth, SBIE can’t protect from keyloggers on default settings but can be tweaked (check Wilders forum for details).
http://www.sandboxie.com/index.php?DetectingKeyLoggers
I see no reason to call SBIE “rather weak” based only on this test (basically, it’s only one layer of protection).
If you are worried, use it together with Comodo FW or SpyShelter Free.
This “Online Banking Browser Simulation” is not a virus or malware test, mainly a keylogger. Sandboxie is not used against keyloggers so these people have no idea what they are testing.
Sandboxie is NOT:
1: Antimalware
2: Antiphishing
3: Antihacker
4: Antikeylogger
Sandboxie did not fail this test because it is designed to let and run files in VIRTUAL environment while keeping it isolated from host files. I say it will run ANYTHING and allow internet access.
What it will NOT allow is interaction with host files.
Sandboxie performed as it was supposed to so this test is invalid because it is not 1-4 at all.
It is completely different product for completely different purpose.
Sure, I’m quite agree. It’s rather groundless to call Sandboxie weak. Sorry. It was really the only one ‘failure’ of Sandboxie I encountered. Really there are no details on the failure and it’s 14 months old. So we cannot consider it as a failure.
BTW when I installed the Sandboxie the speed of downloading - files from the Depositfiles and from Youtube - decreases drastically. Who knows how to fix it?
@Gakun: To, buraz, tooooo! ;D
kekekekekekeke 
It can be configured to only run 1 or 2 programs (or any number)…the same with internet access.
For example, you can tell it to let Firefox run with internet access, and then add Foxit to run without internet access.
If you encounter a drive-by download, it will not run.
It’s like the ultimate blacklist…you don’t have to worry about Comodos TVL or Geswalls decisions about what is safe or untrusted, or any other program…you have complete control over what is allowed to run.
Do you really think average user will spend whole afternoon googling to learn how the program works and how to configure it?
No. He will use default settings and use it to do his job or have some fun. Not brainstorming security decisions… That’s what sandboxie does. Providing security without having to use your brain…
What you said is true and Sandboxie is very detailed in configuration, but not everyone is knowledgeable about those things…
@GakunGak
Yeah, the post really wasn’t directed at you, it was directed at people who don’t
know how versatile Sandboxie can be.
You made it sound like it just let’s everything run.
My post was directed at people who may be thinking about adding Sandboxie to their set up.
A year ago, I was new here and trying to learn.
A year ago I would have been very interested to know how configurable Sandboxie is.
ON default, it is… Which is the best thing because if you pick up something, it will run but in empty space. And you just clear out sandboxie and start again.
Personally, IMO, is that sandboxie needs no tweaking except to automatically clear sandbox after browser closes. What is important is to keep up with latest versions to maintain security! :-TU
I use it for a long time and defaults are good enough for home usage… :-TU
The default setting for x64 Sandboxie uses Dropped Rights which strips administrative rights from programs running in this Sandbox…
Drop Rights
Sandboxie Control > Sandbox Settings > Restrictions > Drop Rights
The setting in this page causes Sandboxie to strip administrative rights from programs running in this sandbox.
~Maxx~