How to remove sandbox with roots. We adapt Sandboxie to analyze suspicious files
Sandboxie is, without any doubt, the most famous sandbox software.
This program uses the classic method of protecting a user-specified application by placing it in a special isolated environment, as a result of which the application cannot affect the operation of the system itself. The most interesting thing is that Sandboxie was specially designed for use with Internet browser Explorer, which is the only one of all the main targets of cyber criminals. However, today Sandboxie works with almost any application in the Windows environment.
A feature of Sandboxie that greatly distinguishes it from many well-known programs of this kind is the ability to create an unlimited number of sandboxes. Despite the fact that the user can easily make a list of his applications that will only work in them. By default, the program itself will create a sandbox called DefaultBox, so you can safely work with Sandboxie immediately after installation. To view a document or program in the protected SandBoxie environment, you need to select the "Run in sandbox" item, which is located in the contextual Windows menu.
If you need to create additional sandboxes in the future, you need to tell the program to open files and applications in another protected environment you created. You just need to select “Sandboxie Start Menu” from the Start menu and replace the “sandbox”, which will be used by the default program in the future.
You can launch the sandbox not only from the context menu, but also from the Sandboxie sandbox window itself. To do this, just click right click mouse on the selected sandbox and select the right command(this menu is also available when you click on the Sandboxie icon in the system tray).
Also, to speed up the selection of an application, you can use the command "Launch Web browser", "Run mail client", which can run applications designated by default in the system. Using context menu"sandboxes", you can also execute various other commands, for example, by clicking the mouse to close all applications that are located in an isolated environment at once, you can additionally view the content and completely delete it.
In order to quickly identify a program that is running in the sandbox, it is provided additional command“Window in the sandbox?”, when used, a crosshair appears on your screen, pointing it at desired window, you can quickly get information about the running program.
If the sandbox is launched with default parameters, then this tool will not be needed, since the [#] icon immediately appears in the title next to the application name. If an icon appears in the header, then you need to disable the application and make changes in the settings of the sandbox itself. It is possible to add the name of your “sandbox” to the window title, and set a color frame around the window in the color you like, which will help you quickly determine whether it belongs to it.
By looking at other sandbox settings, you can quickly and flexibly configure access and permissions to various resources. So, you can quickly set access parameters to certain files and folders to which access will be denied. Which programs can access them read-only, and the availability of settings for working with the system registry.
If necessary, in the settings you can select the applications that will run in it. Those. when you launch the file you specify, Sandboxie will intercept the activated application on the fly and not allow it to work in its usual mode. The program allows you to specify not only individually used files, but also folders from which, when you launch other applications, they will be launched in the installed safe environment. The latter can be used to launch suspicious programs, which you downloaded from the Internet.
You can endlessly look at the fire, water and activity of programs isolated in the sandbox. Thanks to virtualization, with one click you can send the results of this activity - often unsafe - into oblivion.
However, virtualization is also used for research purposes: for example, you wanted to control the impact of a freshly compiled program on the system or run two different versions applications simultaneously. Or create a standalone application that will leave no traces on the system. There are many options for using a sandbox. It is not the program that dictates its terms in the system, but you who show it the way and distribute resources.
If you are not satisfied with the slowness of the process, using the ThinApp Converter tool you can put virtualization on stream. Installers will be created based on the config you specify.
In general, the developers advise making all of these preparations under sterile conditions, on fresh OS, so that all the installation nuances are taken into account. For these purposes you can use virtual machine, but, of course, this will leave its mark on the speed of work. VMware ThinApp is already quite heavy system resources, and not only in scanning mode. However, as they say, slowly but surely.
BufferZone
- Website: www.trustware.com
- Developer: Trustware
- License: freeware
BufferZone controls Internet and software activity of applications using a virtual zone, closely approaching firewalls. In other words, it uses rule-governed virtualization. BufferZone easily works in conjunction with browsers, instant messengers, email and P2P clients.
At the time of writing, the developers warned about possible problems when working with Windows 8. The program can kill the system, after which it will have to be removed through safe mode. This is due to the BufferZone drivers, which come into serious conflict with the OS.
What falls under BufferZone's radar can be tracked in the main Summary section. You determine the number of limited applications yourself: the Programs to run inside BufferZone list is intended for this. It already includes potentially unsafe applications like browsers and email clients. A red border appears around the captured application window, giving you confidence when safe surfing. If you want to run outside the zone - no problem, the control can be bypassed through the context menu.
In addition to the virtual zone, there is such a thing as a private zone. You can add sites where strict confidentiality is required. It should be noted right away that the function only works in Internet Explorer retro versions. In more modern browsers There are built-in tools to ensure anonymity.
The Policy section configures policies in relation to installers and updates, as well as programs launched from devices and network sources. Also see in Configurations additional options security policy (Advanced Policy). There are six levels of control, depending on which BufferZone’s attitude towards programs changes: without protection (1), automatic (2) and semi-automatic (3), notifications about the launch of all (4) and unsigned programs (5), maximum protection (6) .
As you can see, the value of BufferZone lies in total Internet control. If you need more flexible rules, then any firewall will help you. BufferZone also has it, but more for show: it allows you to block applications network addresses and ports. From a practical point of view, it is not very convenient for actively accessing settings.
Evalaze
- Website: www.evalaze.de/en/evalaze-oxide/
- Developer: Dögel GmbH
- License: freeware / commercial (2142 euros)
The main feature of Evalaze is the flexibility of virtualized applications: they can be launched from removable media or from network environment. The program allows you to create completely autonomous distributions that operate in an emulated file system and registry environment.
The main feature of Evalaze is its convenient wizard, which is understandable without reading the manual. First, you make an OS image before installing the program, then you install it, do a test run, and configure it. Next, following the Evalaze wizard, you analyze the changes. Very similar to the principle of operation of uninstallers (for example, Soft Organizer).
Virtualized applications can operate in two modes: in the first case, write operations are redirected to the sandbox; in the second, the program can write and read files in real system. Whether the program will delete traces of its activities or not is up to you; the Delete Old Sandbox Automatic option is at your service.
Many interesting features are available only in the commercial version of Evalaze. Among them are editing environmental elements (such as files and registry keys), importing projects, and setting reading mode. However, the license costs more than two thousand euros, which, I agree, slightly exceeds the psychological price barrier. The use of an online virtualization service is offered at a similarly prohibitive price. As a consolation, the developer's website has prepared virtual sample applications.
Cameyo
- Website: www.cameyo.com
- Developer: Cameyo
- License: freeware
A quick look at Cameyo suggests that the functions are similar to Evalaze, and in three clicks you can create a distribution with a virtualized application. The packager takes a snapshot of the system, compares it with the changes after installing the software and creates an ecosystem for launch.
The most important difference from Evalaze is that the program is completely free and does not block any options. The settings are conveniently concentrated: switching the virtualization method with saving to disk or memory, selecting an isolation mode: saving documents to specified directories, prohibiting writing or full access. In addition to this, you can configure the virtual environment using the file and registry key editor. Each folder also has one of three isolation levels, which can be easily overridden.
You can specify the sandbox cleaning mode after exiting the standalone application: removing traces, without cleaning, and writing registry changes to a file. Integration with Explorer and the ability to link to specific file types in the system are also available, which is not even available in paid analogues Cameyo.
However, the most interesting thing is not the local part of Cameyo, but the online packager and public virtual applications. It is enough to specify the URL or upload the MSI or EXE installer to the server, indicating the system bit depth, and you will receive a stand-alone package. From now on it is available under the roof of your cloud.
Summary
Sandboxie will optimal choice for sandbox experiments. The program is the most informative among the listed tools; it has a monitoring function. Wide choose settings and good capabilities for managing a group of applications.
It does not have any unique functions, but it is very simple and trouble-free. An interesting fact: the article was written inside this “sandbox”, and due to an unfortunate mistake, all the changes went into the “shadow” (read: astral plane). If it weren't for Dropbox, a completely different text would have been published on this page - most likely by a different author.
Evalaze offers not a comprehensive approach to virtualization, but an individual one: you control the launch specific application, creating artificial living conditions for this. There are advantages and disadvantages here. However, taking into account the reduced paid version Evalaze, and your virtues will fade in your eyes.
Cameyo has a certain “cloud” flavor: the application can be downloaded from the website, uploaded to a flash drive or Dropbox - this is convenient in many cases. True, it brings to mind associations with fast food: you can’t vouch for the quality and compliance of the content with the description.
But if you prefer to cook according to a recipe, VMware ThinApp- your option. This is a solution for experts who care about every detail. A set of unique features is complemented by the capabilities of the console. You can convert applications from command line, using configs, scripts - in individual and batch mode.
BufferZone is a sandbox with a firewall function. This hybrid is far from perfect and the settings are up-to-date, but BufferZone can be used to control Internet activity and applications, protect against viruses and other threats.
The so-called sandbox is a relatively new feature in the shareware Avast antivirus packages! Pro and Avast! Internet Security. This is a special security model thanks to which the user can visit websites and run a variety of applications while being in a secure environment. This function helps to avoid viruses if you accidentally switch to potentially . If it hits a malicious resource, the browser will be automatically placed in a sandbox, and therefore infection of the computer will be prevented.In free versions of Avast! There is no sandbox.
New feature You can also start it yourself when you turn it on third party programs that seem suspicious or unreliable to you. Just run the program in the sandbox and you will find out whether it really poses a threat or whether your fears are unfounded. When checking the program, your system will be protected by Avast. The sandbox is often used when checking software downloaded from the Internet.
How to use the sandbox
In order to launch a dubious application or access the Internet through a sandbox, click on the request “run a virtualized process.” After that, go to the program you need on your computer. The browser or application will launch in a new special window, framed by a red frame, indicating that the program was successfully launched from the sandbox.In the “advanced settings” tab, you can assign applications that do not need to be virtualized, as well as those that should always be launched from the sandbox.
Feature“sandboxes” – the ability to be embedded in the context menu. To enable this option, in the “Options” window, check the box next to “embed in right-click context menu.” The option can be made available both to all users and to users with administrator rights. With its help, you can launch any application in the sandbox by just right-clicking on the shortcut and selecting the “run with” command.
Please note that if you right-click on a sandboxed application, the context menu that opens will give you the option to run it once outside the sandbox or to remove the application from the sandbox.
The Internet and computer technology have completely taken over modern world. Now almost every person has an electronic device with which he can find information at any time and in any place. necessary information on the Internet or chat with friends. But we should not forget that sometimes behind this lies hidden threat– viruses and malicious files created and launched in global network to infect user data. In addition to standard antiviruses, sandbox programs have been created to help prevent their access to the computer.
Purpose and principle of the program
Sandbox programs are designed to keep your computer safe while surfing the Internet or performing various programs. Speaking more in simple language, we can say that this program is a kind of limited virtual space, in which all user actions are carried out. A program that is launched while the sandbox is running works only in this environment and, if it is a malicious virus, its access to system files is blocked.
Advantages of the sandbox
Perhaps the first advantage of this application can be taken from the paragraph above - it limits access malicious files into the system. Even if viruses, for example, Trojans or worms, were picked up while surfing the Internet, but at that time the user was working with the sandbox turned on, the viruses will not penetrate anywhere else, and when the sandbox is cleaned, they will be completely removed from the computer without a trace . In addition, such programs help speed up your computer. Since most sandbox activities involve working in browsers, launching it each time (Google Chrome, Opera, Mozilla Firefox), the user will see an absolutely clean and seemingly new installed browser, which does not usually have slowing garbage - “cache”.
Disadvantages of the sandbox
There are those too, and the most important thing is deleting personal data, be it bookmarks, pages saved while browsing the Internet, or even history. The program is not configured to recognize what exactly is harmful to the device, so when cleaned, absolutely all data is permanently deleted from it. The user needs to take this into account and, if necessary, synchronize the necessary bookmarks or use special applications, designed to save such data.
On currently There are many names of similar programs, among the well-known ones are Sandboxie, Comodo Internet Security, etc. Everyone chooses the one that is more convenient and understandable for him. In any case, you should not forget about the disadvantages of these programs and use them carefully.
Avast is one of the antivirus programs. Installation and registration are as simple as possible. There are versions for PC and mobile devices. In this case, a license for the first year of use can be obtained absolutely free. Avast offers various additional protection options. The ability to add exceptions is also implemented here.
You will need
- Computer, mobile device, Internet.
Instructions
Inside the file system screen, click the “Settings” button, then select the “Exceptions” tab. By clicking on "Browse", you will see the contents of the hard drive. Select exceptions by checking required folders or files double click and clicking on OK. Confirm your choice in the next window by clicking OK again.
Recently, cyber criminals have become so inventive that reports of virus epidemics are not surprising and have become, in general, commonplace. However, seeing news about the distribution of a new Trojan on 3DNews is one thing, but finding this very Trojan on your computer is quite another. On the Internet you can find a lot of advice on how to avoid becoming a victim of scammers: from using modern versions of software that have closed all known vulnerabilities, to having a reliable modern solution for security.
However, in some cases, even the most reliable firewall and the smartest antivirus cannot save the user from infection. This happens when the program that protects the computer is not sure harmful action application being launched or a script running on a web page, as a result of which it leaves the decision to allow the action to the user. You may well decide that the antivirus is overly suspicious or simply, after thinking, click on the “OK” button, thereby allowing the execution of malicious code.
What to do? Is it really because of the possibility of picking up a Trojan that it is better not to launch new applications, and to give up web surfing altogether? There is a great solution that for many can be great addition to all means to protect your computer from pests. It's about about working with applications in the sandbox.
"Sandbox" is an isolated environment for which a small amount of hard disk space is allocated and which does not depend in any way on the real world. operating system. When running a program in a sandbox, it works the same as normal application, however, cannot affect any system components that are outside the isolated environment. This means that it is not possible to make changes to the sandbox. system registry, replace system files or perform any other actions that may affect the stability of the system. Thanks to this, the sandbox can be used to surf the Internet safely and to run unknown applications. Such an isolated environment can also be used for other applications - for example, programmers and testers can run unstable versions of programs in it.
⇡ "Sandbox" in Kaspersky Internet Security 2010
The fact that working with applications in the “sandbox” can be useful to a wide range of users is evidenced by the fact that the corresponding opportunity appeared in the program last year Kaspersky Internet Security. Users of this security suite can run suspicious applications in a sandboxed environment if they open them using the Windows context menu option "Run in a secure environment." For clarity, the window of a program running in an isolated environment will be surrounded by a green frame.
Kaspersky Internet Security also allows you to create a list of programs that can be potentially dangerous to work with (you can include, for example, a browser). To do this, you need to open the “Application Control” section in the application settings and use the “Add” button to add the program to the list. If you then open the program from the Kaspersky Internet Security window, it will work in an isolated environment. This function is convenient to use, say, if during a browser session you plan to visit sites that may contain suspicious code. In addition, such a function can be a good replacement for the privacy mode that appeared in latest versions popular browsers.
It is worth noting, however, that Kaspersky Internet Security provides only the most basic capabilities running programs in the sandbox. Specialized applications have much more capabilities. Let's look at some popular programs designed to work in an isolated environment.
⇡ Sandboxie 3.44
- Developer: Ronen Tzur
- Distribution size: 1.6 MB
- Distribution: shareware
- Russian interface: yes
Sandboxie is without a doubt the most known solution to organize a sandbox. The program uses the classic method of protection; the application specified by the user is placed in an isolated environment, as a result of which it cannot influence the operation of the system. Interestingly, Sandboxie was designed for use with the Internet Explorer browser, which is one of the most popular targets of cyber criminals. However, Sandboxie can now work with almost any Windows application.
One of the features of Sandboxie that distinguishes it from many other similar programs is the ability to create an unlimited number of sandboxes. In this case, the user can create a list of applications that will be launched in each of them. By default, the program itself creates a sandbox called DefaultBox, so you can start working with Sandboxie immediately after installation. To open a program or document in a sandboxed environment, select the "Run in sandbox" command that appears in the Windows context menu.
If you create additional sandboxes in the future, you can ask the program to open files and applications in a sandbox other than DefaultBox. To do this, select "Sandboxie Start Menu" from the Start menu and change the default sandbox.
You can run applications in an isolated environment not only from the context menu, but also directly from the Sandboxie window. To do this, right-click on the sandbox name and select the appropriate command ( this menu also available by clicking the Sandboxie icon in the system tray).
By the way, to speed up the selection, you can use the “Launch Web browser” and “Launch email client” commands, which open applications installed on the system by default. Using the sandbox context menu, you can perform other commands, such as closing all sandboxed applications with a single click, viewing the contents of sandboxes, or deleting them completely.
In order to quickly identify a program that is running in an isolated environment, Sandboxie provides special team“Window in a sandbox?”, when selected, a special crosshair appears on the screen; by dragging it onto the desired window, you can obtain information about the status of the program.
However, if the sandbox works with default parameters, then this tool is not needed, since a [#] icon appears next to the application name in the header. If for some reason you need to disable the display of the icon in the header, this can be done in the sandbox settings. In addition, you can add the name of the “sandbox” to the window title, and also draw a thin frame of any color around the window, which will help you more clearly determine whether it belongs to it.
By accessing other sandbox settings, you can flexibly configure access permissions to different resources. Thus, you can determine which files and folders access will be blocked, which programs will be able to access read-only, and also configure interaction with system registry keys.
If necessary, in the sandbox settings you can specify applications that will be forced to launch in it. In other words, when starting specified file Sandboxie will intercept the application and prevent it from working normally. The program allows you to specify not only individual executable files, but also folders, when you launch any applications from which they will open in a safe environment. Last chance can, for example, be used to launch new programs that have been downloaded from the Internet to the Downloads folder.
⇡ BufferZone Pro 3.31
- Developer: Trustware
- Distribution size: 9.2 MB
- Distribution: shareware
- Russian interface: no
BufferZone Pro is another good solution for running applications in an isolated environment. Although the program can run a variety of applications in the sandbox, it is designed primarily to work with browsers, IM clients, peer-to-peer file sharing programs, and other Internet software. This is evidenced by the fact that BufferZone initially has a fairly extensive list of applications that run in safe mode by default. Among them are Mozilla Firefox, Google Chrome, ICQ, BitComet, Skype, GoogleTalk and others. The user can edit this list at his own discretion by adding additional programs and removing unnecessary ones.
Similar to the utility discussed above, BufferZone can monitor all applications that run on the computer and redirect them to the sandbox. BufferZone can also block the launch of any unknown programs.
Unlike Sandboxie, this program does not provide the ability to create multiple sandboxes. The windows of all programs running in the sandbox are surrounded by a red frame. See what programs are in this moment work in an isolated environment, or in the main BufferZone window. Immediately displayed brief statistics about running programs in an isolated environment. BufferZone not only counts how many actions were performed by such applications, but also keeps a record of potentially dangerous operations on the system, as well as security threats that were prevented.
In the event that a program running in the sandbox has executed malicious code or other destructive action, you can quickly delete all data related to applications running in a sandboxed environment. In addition, it is possible automatic cleaning such data according to a user-defined schedule.
BufferZone also has some additional features that are not directly related to the organization of the sandbox, but help to increase the overall level of computer security. So, using the program you can prevent the opening of files with external hard discs, DVDs and USB drives, or allow such data to be handled only in an isolated environment.
In conclusion, we note that in addition to the paid version of BufferZone Pro, there is also a free edition of the program. It implements a number of limitations, for example, it is not possible to create a snapshot of the virtual environment and restore data stored in it. In addition, the free version has fewer applications for which protection is enabled by default.
⇡ Conclusion
Choosing specialized program To run applications in a sandbox, you need to keep in mind that there are two main approaches to organizing an isolated environment. In the first case, a “sandbox” is created for applications specified by the user, and during one session of working at the computer, he uses both programs that run in an isolated environment and those that run in normal mode. Programs that use this approach to organizing system protection were discussed in this article.
However, such a solution is not always acceptable. There is a second approach to organizing software operation in an isolated environment, which involves creating a “sandbox” the size of the entire operating system. In this case, an image of a working system is created, after which the user begins to work with it, and not with the real environment. All actions performed by it are saved only until a reboot, and after it is completed, the system returns to its original state. This solution is convenient to use on public PCs, for example, in Internet cafes, computer classes, etc. We will talk about programs that can be used to organize such protection in the second part of the article.
It is a mistake to believe that the built-in protection of the operating system, antivirus or firewall will completely protect against malware. However, the harm may not be as obvious as in the case of viruses: several applications can slow down Windows operation, lead to various kinds of anomalies. Over time, the consequences of uncontrolled processes on the part of the “amateur” software make themselves felt, and uninstallation, deleting registry keys and other cleaning methods no longer help.
In such situations, sandbox programs, which are the subject of this review, can play an excellent role. The operating principle of sandboxes is partly comparable to virtual machines(Oracle VM VirtualBox, etc., VMware Virtualization). Thanks to virtualization, all processes initiated by the program are executed in a sandbox - an isolated environment with strict control of system resources.
This method of code isolation is quite actively used in antivirus software (KIS 2013, avast!), in programs such as Google Chrome (Flash runs in the sandbox). However, one should not conclude that sandbox programs are full guarantee security. This is just one of the effective additional funds to protect the OS (file system, registry) from external influences.
A review of the program for creating a virtual environment has already been published on the site. Today we will consider other applications, in a broader sense: these are not only desktop solutions, but also cloud services that improve not only security, but also anonymity, making it possible to run from removable media, from another computer.
Sandboxie
Developer Ronen Tzur compares the action of the Sandboxie program to an invisible layer applied on top of paper: you can put any inscriptions on it; When the protection is removed, the sheet will remain untouched.
There are 4 main ways to use sandboxes in Sandboxie:
- Protected Internet surfing
- Improved privacy
- Secure email correspondence
- Keeping the OS in its original state
The last point implies that in the sandbox you can install and run any client applications- browsers, IM messengers, games - without affecting the system. Sandboxie controls access to files, disk devices, registry keys, processes, drivers, ports and other potentially unprotected sources.
First of all, SandboxIE is useful because it allows the user to flexibly configure sandboxes and privileges using the Sandboxie Control shell. Here, through the context and main menu, basic operations are available:
- Starting and stopping programs under Sandboxie control
- Viewing files inside the sandbox
- Restoring necessary files from the sandbox
- Deleting all work or selected files
- Creating, deleting and configuring sandboxes
To run a program in a sandbox, simply drag the executable file into the Sandboxie Control window, into the sandbox created by default. There are other ways - for example, menu Windows Explorer or notification area. The program window running in the emulated environment will have a yellow frame and a hash mark (#) in the title bar.
If, when working with a sandboxed program, you need to save the results to disk, any desired source is specified - the files will be placed in the sandbox folder, while specified address, outside the sandbox, it will not exist. To “real” transfer files from the sandbox, you should use the recovery option. There are two types of them - fast or immediate, in both cases, before starting the program in the sandbox, you need to configure the folders for recovery (“Sandbox Settings - Recovery”).
More detailed settings access are located in the “Restrictions” and “Access to Resources” sections. They may be required if the application cannot run without certain privileges (requires a certain system library, driver, etc.). In “Restrictions”, in relation to programs or groups, access to the Internet, to hardware, IPC objects, as well as access to low level. In “Access to resources” - the corresponding settings for files, directories, the registry and other system resources.
Also in the Sandboxie settings there is an important “Applications” section, where groups of programs are collected that have access to the specified resources. Initially, all elements of the list are deactivated; to apply changes for a specific application, you need to mark it in the list and click the “Add” button.
Thus, you can create sandboxes with different parameters. You are allowed to clone the configuration of an existing sandbox; to do this, when creating a new one, you need to select from the drop-down list the environment from which you want to transfer the settings.
Summary
Using the Sandboxie application, you can create virtual environments of any configuration, without restrictions for the user. Sandboxie provides a large number of settings as for individual applications, and for sandboxes.
[+] Flexible configuration of each sandbox
[+] Creating rules for a group of programs
[−] Distributions cannot be created
[−] Lack of setup wizard
Evalaze
It is symbolic that Evalaze originates from the Thinstall 2007 program, currently from VMware.
Evalaze is not as well known as Sandboxie among sandbox programs, but it has a number of interesting features, distinguishing it from the series similar decisions. Thanks to virtualization, applications can be launched in a standalone environment from any computer, regardless of the availability of drivers, libraries, or newer versions of the application being launched. In this case, neither preliminary configuration nor additional configuration files or libraries or registry keys.
Evalaze does not require installation, one caveat: you will need Microsoft .NET to work Framework versions 2.0 or higher. In the free version, as well as in the professional edition, a virtualization setup wizard and an unlimited number of virtual applications are available. You can download the trial version from the developers’ website only upon request (see developers’ email on the website).
The resulting configuration can be saved to a project. From start to finish, the process of setting up a virtual application takes longer than, say, Sandboxie, but it is more consistent and understandable.
It is worth noting two additional features of Evalaze that will likely be of interest to software developers and testers: it works with a virtual file system and a virtual registry. These autonomous Evalaze environments can be edited at your discretion by adding files, directories, keys necessary for the functioning of a particular virtual program.
You can also configure associations out of the box in Evalaze: when launched, the virtual application will immediately create the necessary associations with files in the OS.
Summary
A program with which you can create stand-alone applications that are convenient to use in all sorts of situations, which generally facilitates migration, compatibility, and security. Alas, free version practically useless, it is only interesting for a very superficial study of the functions of Evalaze.
[−] Low-functional trial version
[−] High price of the Pro version
[+] There is a setup wizard
[+] Virtual file system and registry
Enigma Virtual Box
Enigma Virtual Box is designed to run applications in an isolated virtual environment. The list of supported formats includes dll, ocx (libraries), avi, mp3 (multimedia), txt, doc (documents), etc.
Enigma Virtual Box models the virtual environment around an application as follows. Before the application starts, the Virtual Box loader is triggered, which reads the information that is necessary for the program to work: libraries and other components - and provides them to the application instead of system ones. As a result, the program works autonomously in relation to the OS.
Per configuration Sandboxie or Evalaze, as a rule, takes about 5 minutes. At first glance, Virtual Box also does not require lengthy setup. In the documentation, the use of the program is actually contained in one sentence.
There are only 4 tabs - “Files”, “Registry”, “Containers” and, in fact, “Options”. You need to select the executable file, specify the location of the final result and start processing. But later it turns out that virtual environment you need to create it yourself. For this purpose, the three adjacent sections “Files”, “Registry” and “Containers” are intended, where the necessary data is manually added. Then you can click processing, run the output file and check the functionality of the program.
Summary
Thus, Enigma Virtual Box does not analyze the OS before and after installing the application, as is the case with Evalaze. The emphasis is shifted towards development - therefore, rather, Virtual Box is useful for testing, checking compatibility, and creating artificial conditions for running a program. Virtualization of unknown applications will cause difficulties, since the user will be forced to specify all the program connections independently.
[−] Lack of convenient settings
[+] The resources used by the program can be determined independently
Cameyo
Cameyo offers application virtualization in three areas: business, development personal use. In the latter case, the sandbox can be used to save the OS in a “clean” state, store and run applications on removable media and in cloud services. In addition, several hundred already configured virtual applications are published on the cameyo.com portal, which also saves the user’s time.
The steps for creating a virtual application are similar to Enigma Virtual Box: first, a snapshot of the system is created before installation, then after it. Changes between these states are taken into account when creating the sandbox. However, unlike Virtual Box, Cameyo syncs with remote server and publishes the application to cloud storage. Thanks to this, applications can be run on any computer with granted access to the account.
Through the Library, you can download popular system applications (Public Virtual Apps) for subsequent launch: archivers, browsers, players and even antiviruses. When starting, you are asked to select an executable file and indicate whether it is stable or not (which, apparently, is somehow taken into account by the Cameyo gallery moderators).
Another interesting possibility is creating a virtual application via . The installer can be downloaded from your computer or you can specify the file URL.
The conversion process is said to take from 10 to 20 minutes, but often the waiting time is several times less. Upon completion, a notification is sent by email with a link to the published package.
Email notification about distribution creation
With all the cloud conveniences, two things need to be noted: important points. First: each program is updated over time, and the library contains quite outdated copies. The second aspect: applications added by users may run counter to the license of a particular program. This must be understood and taken into account when creating custom distributions. And third, no one can guarantee that the virtual application posted in the gallery has not been modified by an attacker.
However, speaking of security, Cameyo has 4 modes of application operation:
- Data mode: the program can save files in the Documents folder and on the Desktop
- Isolated: ability to record in file system and the registry is missing
- Full access: free access to the file system and registry
- Customize this app: modifying the launch menu, choosing where to store the program, etc.
Summary
A convenient cloud service that you can connect to on any computer, allowing you to quickly create portable applications. Setting up sandboxes is kept to a minimum, not everything is transparent with virus checking and security in general - however, in this situation, the advantages can compensate for the disadvantages.
[+] Network synchronization
[+] Access to user applications
[+] Creating virtual applications online
[−] Lack of sandbox settings
Spoon.net
Spoon Tools is a set of tools for creating virtual applications. In addition to the professional environment, spoon.net deserves attention as a cloud service that integrates with the Desktop, allowing you to quickly create sandboxes.
To integrate with the Desktop, you need to register on the spoon.net server and install a special widget. After registration, the user has the opportunity to download virtual applications from the server through a convenient shell.
Four features brought by the widget:
- Create sandboxes for files and applications
- Cleaning up your desktop using shortcuts and quick launch menus
- Safe testing of new applications, launch outdated versions on top of new ones
- Undoing changes made by the sandbox
Quick access to the spoon.net widget is possible through the combination Alt keys+Win. The shell includes a search bar and also a console. It searches for applications on the computer and on the web service.
Organization of the desktop is very convenient: you can drag and drop it onto the virtual desktop necessary files, which will sync with spool.net. New sandboxes can be created in just two clicks.
Of course, in terms of setting up sandboxes, Spoon cannot compete with Sandboxie or Evalaze for the reason that they are simply not present in Spoon. You cannot set restrictions or convert a “regular” application into a virtual one. The Spoon Studio complex is designed for these purposes.
Summary
Spoon is the “cloudest” shell for working with virtual applications and, at the same time, the least customizable. This product will appeal to users who care not so much about security through virtualization, but rather about ease of use necessary programs everywhere.
[+] Integration of the widget with the Desktop
[+] Quick creation of sandboxes
[−] Lack of settings to limit virtual programs
Pivot table
| Program/service | Sandboxie | Evalaze | Enigma Virtual Box | Cameyo | Spoon.net |
| Developer | Sandboxie Holdings LLC | Dogel GmbH | The Enigma Protector Developers Team | Cameyo | Spoon.net |
| License | Shareware (€13+) | Freeware/Shareware (€69.95) | Freeware | Freeware | Free (Basic account) |
| Adding applications to the sandbox | + | − | − | − | − |
| Personalization (creating shortcuts, integration into menus) | + | + | − | + | + |
| Setup Wizard | − | + | + | + | − |
| Creating new virtual applications | − | + | + | + | − |
| Online synchronization | − | − | − | + | + |
| Setting Sandbox Privileges | + | + | + | + | − |
| Analysis of changes when creating a sandbox | + | + | − | + | − |