Sandboxie

[loading]

Hey guys, does anyone installed and tested this? I was going to install it but.. ehh.. lets ask before doing anything that can crash my computer.

What do you think?

 

[Dykerosoft]

If you're downloading it off of the official site it is a great program.

 

[QuackzMcDuck]

I use it and I love it. Of course some of the really advanced viruses have anti-Sandboxie, but they still don't infect your computer when you try to run them. I use Sandboxie to go to all questionable websites and to run questionable programs. I have had no problems with it or any viruses on my computer. Just remember, if it won't run in the sandbox it is usually a virus, at least from my experience.

 

[loading]

If you're downloading it off of the official site it is a great program.

Yeah, downloading from the official website.

I use it and I love it. Of course some of the really advanced viruses have anti-Sandboxie, but they still don't infect your computer when you try to run them. I use Sandboxie to go to all questionable websites and to run questionable programs. I have had no problems with it or any viruses on my computer. Just remember, if it won't run in the sandbox it is usually a virus, at least from my experience.

Mhmm.. Whats is the settings for it? Is it too much complicated?

 

[QuackzMcDuck]

There aren't many settings for it at all. Read this though it should tell you all you need to know. Credits to Wind from HackFoums for this, I did not write it. The guide is a bit old but it should give you a good idea of how to use it.

Spoiler: Credits to Wind from HackForums for this I did not write it.

HOW TO USE SANDBOXIE​

by Wind​

Introduction :

What is Sandboxie?

Sandboxie is very useful to check whether or not a program is infected, you can also use it to test out your botnet. Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer. Observe the animation below.

Spoiler: [b

Animation[/b]]

Why is Sandboxie better than Anti-Virus programs?

Anti-Virus programs, although useful, are not always accurate. As you may have noticed on these forums, there are programs called crypters which scramble the virus' code in order to hide itself from being detected by Anti-Virus programs. There are also False Positives which are files that are seen as being infected by Anti-Virus programs, when in reality they are clean. With Sandboxie you can check the activities of the file and make the decision whether or not it's infected yourself. Although Anti-Virus programs are very very useful, and I recommend you have at least one turned on at all times, for the sake of deciding whether or not a single file is infected, Sandboxie is better.

Tutorial :

1. Download

http://www.sandboxie.com/index.php?DownloadSandboxie

(Proceed through the installation)

2. Using Sandboxie

• Open Sandboxie : Start > All Programs > Sandboxie > Sandboxie Control
  
  Spoiler: [b

  Picture[/b]]

  
   
• Run File : Right-Click Suspected File > Run Sandboxed
  
  Spoiler: [b

  Picture[/b]]

  
   
• Change Display : View > Files and Folders
  
  Spoiler: [b

  Picture[/b]]

  
   
• Observe Folders : Sandbox DefaultBox > All files and Folders
  
  Spoiler: [b

  Picture[/b]]

  

3. Analysing Output

Now that you've ran your program you're probably wondering What does this all this mean? Now is when you analyze Sandboxie to check if the program has dropped any files. In the All files and Folder sub-menu you can observe the exact location of dropped files.

How do I know if my program's infected?

To decide whether or not a program is infected you have to think. Should this program drop files? For example : I've downloaded a crypter and decided to check it out in Sandboxie. Now immediately after I run it, I get a file dropped :

Spoiler: [b

Picture[/b]]

Ignore the Desktop.ini and such files below. Focus on the rest. My crypter has just dropped a file. I know now that it is infected.

Spoiler: [b

Settings :[/b]]

• To prevent against stealers acquiring your firefox passwords while using Sandboxie go to :
  • 
    
    Sandbox>Default Box>Sandbox settings> Resource Access>File Access>Blocked Access>Edit/Add
    and copy paste the following lines : (one by one)
    
    

    %Local AppData%\Mozilla\
    %AppData%\Mozilla\
    \Device\Mup\

  • You can also disable the program from accessing the internet, this option is also found in Sandbox settings.
  • NEW! To bypass the Anti-Sandboxie that some malware uses, you need to disable the Sandboxie indicator that is in the titles of windows running in Sandboxie "#". To do this go to Sandboxie>Rick-click on your sandbox>Sandbox Settings>Appearance>check "Don't show Sandboxie indicator...". (This method of detecting sandboxie isn't used by all malware however.)

• 
  
  
  Spoiler: [b

  Extra Info.[/b]]

  • Keep in mind that if you receive an error, and your program is unable to run in Sandboxie, it is most likely that it's a virus and has implemented Anti-Sandboxie. DO NOT RUN IT OUTSIDE SANDBOXIE! (see 'Settings' spoiler to know how to bypass anti-sandboxie)
      
  • Once you are done with Sandboxie, Right-Click on the Sandbox and chose Terminate Programs. Also, remember to empty your SandBox after every use by Right-clicking>Delete Contents.
     
  • When you see [#] [#] around the title on the window, you know it's Sandboxed. Unless you have these indicators disabled (see 'Settings').
  
  
  Please leave feedback!​
  You need my permission before you copy from this tutorial!​

• 
  
  Source: http://www.hackforums.net/showthread.php?tid=435649

 

[eXero]

Sandboxie, if downloaded off of the official site is not harmful. I use it when wanting to run suspicious files because sandboxie has a wall around the file making any harmful changes to your computer. If the file tries to corrupt your computer in any way, sandboxie stops it before it can. Sandboxie wont harm your computer.