On Windows 10 and 11, Microsoft offers you a sandbox system built into Windows 10 and 11.
However, if you are still running Windows 7, 8, 8.1 or another older version of Windows, here's how to create sandboxes using third-party software : Sandboxie Plus.
Sandboxie software exists in 2 versions : Sandboxie and Sandboxie Plus.
Both versions are free, but the "Plus" version offers more features than the other version.
Download "Sandboxie Plus" and launch the downloaded file.
The installation wizard will offer you :
Then, you can also choose to :
Once Sandboxie Plus is installed (or extracted), you will find a "DefaultBox" sandbox created by default.
To run a program in this sandbox, right-click on this "DefaultBox" sandbox and click on : Run -> Run Program.
In the "[#] Run Sandboxed - DefaultBox [#]" window that appears, click on : Browse.
Select the program you want to launch in this sandbox.
It will therefore be executed on your computer, but its execution will be isolated from the system.
For this tutorial, we are going to install the famous "Notepad++" text editor in the sandbox.
Check the "Run As UAC Administrator" box if the program to be run needs administrator rights, then click OK to launch the program in the sandbox.
A User Account Control (UAC) window appears for the "Start.exe" program (which is part of the "Sandboxie Plus" software).
Click on Yes.
When you hover your mouse over a window of a program running in a sandbox, a yellow frame will appear around the edges of the window.
In addition, you will see the "[#]" characters appear at the beginning and at the end of the name of the window concerned.
The Notepad++ installation wizard appears.
Note that you can observe the behavior of the program launched in the sandbox from the Sandboxie Plus window.
As you can see, Notepad++ is installed and by default opens its "change.log" file located in the folder : C:\Program Files (x86)\Notepad++.
As you can see, the "notepad++.exe" process is running and it's installed in the folder "C:\Program Files (x86)\Notepad++ (if you look on the previous image).
However, if you look in the "C:\Program Files (x86)" folder of your computer, you will not find the "Notepad++" folder.
To see the content of your sandbox, right click "Explore Content" on your sandbox.
As you can see, your sandbox contains 2 folders and 2 files :
If you go to the "drive\C\Program Files (x86)" folder, you will find the "Notepad++" folder created by the Notepad++ installation wizard that we launched in the sandbox.
This shows that the execution is isolated from the system since the program cannot create files directly in the standard folders (Program Files, Windows, ...). However, your anti-virus can still detect malicious files that the program launched in the sandbox would have created.
If you really want to completely isolate a program's execution, use virtualization software like VirtualBox, but this will require more system resources (CPU and RAM).
If necessary, follow our "Learn to virtualize machines with VirtualBox" course.
If you right click on the "notepad++.exe" file, you will see that it's located in the "C:\Sandbox\win10\DefaultBox\drive\C\Program Files (x86)\Notepad++" folder.
® InformatiWeb.net 2008-2022 - © Lionel Eppe - All rights reserved.
Total or partial reproduction of this site is prohibited and constitutes an infringement punishable by articles L.335-2 and following of the intellectual property Code.
You must be logged in to post a comment