Home > Software Reviews > Sandboxie Software Review
REVIEWS

Sandboxie Software Review

sandboxie.comEvery user has experienced the negative outcome of opening a malicious or unwanted program on their computer – even power users. This is why a cool company, called Sandboxie Holdings has developed the Sandboxie app – because users need to be at the very least protected while doing so. Since we at Sensorstechforum like the idea, we have decided to try and test Sandboxie by opening some pretty dangerous executables.

App Profile

Name Sandboxie
Type Sandbox software/Program security
Developer 2004-2015 by Sandboxie Holdings, LLC.
Official Website sandboxie.com
Operating System From Windows XP to Windows 10
License Price Free and also a Licenced option. The Licensed version has more features and costs $47.95 for 1 year (2-49 computers).
User Experience Discuss Sandboxie In Our Forum

Sandboxie – Main Features

After installing the 8.1 MB application, it was established that its total size in the %Program Files% folder was 5.48 MB in total. The program starts with tutorial on how the sandboxing technology for Windows works:

sandboxie-working-process

Furthermore, Sandboxie is compatible with all versions of 64 and 32 bit Windows from XP above. In addition to that, the application supports other programs such as the web browsers Google Chrome, Mozilla Firefox, Cyberfox, Opera Browser and Internet Explorer from version 6 to 11.

When the app is opened, the user is presented with a simple interface showing his sandboxed applications:

Sandboxie-interface-sensorstechforum

After a program, called Active Presenter which is relatively resource demanding was tested in and out of Sandbox, the results were satisfying:

sandboxie-vs-default-sensorstechforum

We have decided to test the sandbox app with live malware using an executable from a notorious malware, called Locky Ransomware, provided by theZoo – a project which is essentially an updated “repository of live malware”. Locky is malware which encrypts the files on the user’s PC asking ransom money to decrypt them. The result was that Locky started mimicking rundll32.exe process after it was executed, but nothing happened and the antivirus software did not react:

locky-run-as-administrator
sandboxie-locky

After this situation happened and Locky briefly ran and shut down, we decided to do a boot scan with Avast Free Antivirus twice to see whether or not the ransomware has created any files on the user PC. Avast currently detects Locky ransomware as “Win32:Locky-{variant name}”. During the boot scan Avast discovered a corrupt archive of a driver which was downloaded from a suspicious site, but nothing related to Locky and no new malicious files or registries and what so ever were discovered on the user PC:

IMG_20160225_141417

To additionally make sure that users are protected, we have tried to use an infected setup of a patch that contains a Trojan named MSIL: Tyupkin. Sandboxie immediately reacted that an app is requesting administrator privileges on the computer:

sandboxie-sensorstechforum-install-tyupkin

So as far as security is concerned this program is really good, especially if you set it to run everything while in its sandboxes. If you know what you are doing and installing on your computer, it will definitely keep you safe.

What We Like

There are many features of the program which we enjoyed while reviewing it:

  • Detailed options
  • Very light on the computer (takes up CPU power next to none and around 2.5 MB from the RAM).
  • Very secure – shuts down executables which are malicious and tries to force modify or create files.
  • Simple to use and very incognito – only a thin yellow line around the borders of the sandboxed app.
  • Shows the processes of the applications.
  • No difference in app performance – relatively the same as if the program does not exist.
  • Compatibility with older Windows versions.

What Is Missing

We would like to see several improvements to be made in Sandboxie:

  • User-friendly accessible settings – instead of modifying a setting with a click, you have to edit a document in Notepad. Not everyone is tech savvy.

Conclusion

This is a perfect example of using the sandboxing technology to browse on a daily basis while remaining secure. It is perfect for Windows users and we would definitely categorize it as one of the must-have programs while doing your daily PC activities. The application is amazing if you are a brave network warrior who tests suspicious files and also for inexperienced users, like children, for example.

Note: This test was performed on:

  • Lenovo B50-70 with 64-bit Windows 10
  • Dell Inspiron 3000 series with a 64-bit Windows 7.
  • Sandboxie logo image source: https://www.sandboxie.com

    Ventsislav Krastev

    Ventsislav is a cybersecurity expert at SensorsTechForum since 2015. He has been researching, covering, helping victims with the latest malware infections plus testing and reviewing software and the newest tech developments. Having graduated Marketing as well, Ventsislav also has passion for learning new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management, Network Administration and Computer Administration of System Applications, he found his true calling within the cybersecrurity industry and is a strong believer in the education of every user towards online safety and security.

    More Posts - Website

    Follow Me:
    Twitter

    Leave a Comment

    Your email address will not be published. Required fields are marked *

    This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
    I Agree