How to open a sandbox. Sandbox for windows. Running suspicious files

It's no secret that as they get to know the operating system, many users begin to try more and more of its features - appetite, as you know, comes with eating. It is also not uncommon for those who want to try other operating systems or new versions of an already installed system. The question arises - how to do this without interfering with the key components of the system and the risk of losing important data? How to go back in case of unsuccessful actions? The answer is simple - virtualization is necessary.

A virtual machine is a kind of "computer in a computer" - an emulator of a full-fledged computer using software tools. With its help, you can experiment in every possible way, without fear of spoiling something - after all, the consequences will be minimal and will not affect the "parent" machine. This is a kind of "sandbox" (sandbox), where "playful children" - programs can work without the risk of damaging the software and especially the hardware of the computer. Even the nightmare of Windows users - a system crash will not affect user data. Fans of experimenting with unfamiliar software can run it in a virtual environment - by the way, preliminary launch of programs in a safe environment is one of the main means of checking for modern antiviruses.

However, like everything else in the world, the virtualization method has its drawbacks - after all, when starting a virtual OS, it takes up part of the resources of the main system. One of the main ones is the problem of allocating RAM for the "guest OS" - after all, during operation it uses the resources of the "host system", which does not have the best effect on the work of both. It is considered optimal to allocate no more than 50% of RAM for the operation of a virtual machine. The user chooses the lower limit himself, based on system requirements. Accordingly, it is necessary to share the resources of the GPU.

Due to the specificity of the virtualization method, it is also necessary to establish data exchange between systems - after all, you have to pay for isolation and the file system of the main system cannot be seen from the guest one. To do this, you need to select shared folders - directories in which the data intended for transfer is placed. From the guest system, they are connected as shared network drives - accordingly, their configuration is also necessary. Support for USB devices in a virtual machine is still a headache for the user.

There is a wide variety of software currently available in the virtualization industry, but three of them stand out: VMware Workstation, Windows Virtual PC, and Oracle WM VirtualBox. They provide the most comprehensive set of virtualization software solutions. Below is a comparison of them in terms of home use.

VMware Workstation

VMware Workstation is a great virtualization tool. The developers claim support for more than 200 types of operating systems, which can be allocated up to 32 GB of RAM. The program is positioned as a tool for software developers and testers and is paid. The interface is configured accordingly - in order to feel comfortable, you need to have basic knowledge about installing and configuring virtual machines. The benefits include improved support for 3D hardware acceleration and full compatibility with visual effects like Aero in Windows 7 and support for both 32- and 64-bit systems. However, not every user will agree to pay $133 for the program.

Windows Virtual PC

It is positioned as a free product from Microsoft, which determines its main characteristics. First of all, it is designed to virtualize the work of the Windows family of operating systems in order to ensure compatibility of programs with Windows 7. It is quite easy to install and use, there is support for USB devices. One of the features is support for displaying different operating systems on multiple monitors. It should be noted that Virtual PC often refuses to work with multiple cores on multi-core processors, which reduces its effectiveness. Users wishing to install Linux will have to find other solutions - there is no official support for running Linux as a guest OS. Otherwise, we can recommend Windows Virtual PC as software for home use.

The Internet is full of viruses. They may disguise themselves as useful programs, or they may even be built into a working desired program. (Quite often found in hacked programs, so hacked programs should be treated with distrust, especially if you download from suspicious sites). So you installed a program and something else was put into your computer as a bonus (at best, programs for hidden surfing or miners), and at worst, warriors, backdoors, stealers and other dirty tricks.

There are 2 options if you don't trust the file.
- Running a virus in a sandbox
- Using virtual machines

In this article, we will consider the 1st option - sandbox for windows.

The sandbox for windows is a great opportunity to work with suspicious files, we will look at how to start using the sandbox.
If you use antiviruses, sandboxes are often built into them already. But I don't like these things and I think it's best to download the sandbox from www.sandboxie.com.

The program allows you to run a file in a specially designated area, beyond which viruses cannot escape and harm your computer.

You can download the program for free. But, after 2 weeks of use, a sign about the offer to buy a subscription will appear when you turn it on, and the program can be launched in a few seconds. But the program still remains quite functional. Installation will not cause difficulties. And the interface itself is quite simple.

By default, the program will start automatically when you turn on your computer. If the program is running, a tray icon will appear. If not, you should run Start-All Programs-Sandboxie-Manage sandboxie.
The easiest way to run a program in the sandbox is to right-click on the launch file or on the shortcut of the desired program, and in the menu you will see the inscription "Run in the sandbox" click and run. Select the desired profile in which to run and click OK. Everything, the necessary program works in a safe environment and viruses will not break out of the sandbox.

Attention: some infected programs do not allow running in sandboxes and virtual machines, forcing them to run directly. If you encounter such a reaction, the best thing to do is to delete the file, otherwise run at your own peril and risk

If the launch in the sandbox does not appear in the context menu (by right-clicking), go to the program window, select Configure - Integration into Windows Explorer - and check the two boxes under "Actions - run in the sandbox.

You can create different sandboxes. To do this, click Sandbox - create a sandbox and write the name of the new one. You can also delete old ones in the sandbox section (recommended).

There is nothing more to consider in the program. In the end, I want to say - Take care of your data and your computer! See you again

related posts:

Deleting non-removable files on the computer Windows virtual machine. Program overview and setup Windows 10 disable tracking

Some massive applications (such as firewalls Outpost Security Suite and Online Armor Premium Firewall, as well as executable exe and msi files downloaded from the Internet of incomprehensible content) can violate the integrity and stability of the system. Installing them in a working OS can lead to BSOD screens when the OS boots up, changes in browser settings, and even to the spread of worms and trojans, which will most likely lead to an attacker stealing passwords for social network accounts, web services you use, email box, etc.

Earlier, we already wrote about popular methods for testing new software in articles about and . In this article, we will talk about another simple, fast and efficient way to run any application under Windows in a secure isolated environment, and its name is the Sandboxie sandbox.

What is a sandbox?

In the field of computer security, a sandbox is a specially dedicated environment designed to safely run applications on a PC. Some complex software products include a safe environment (sandbox) mode. These applications include the Comodo Internet Security firewall, Avast! (paid version), developments in the field of data protection from Kaspersky Lab. The subject of our article-instruction, the Sandboxie program, is a full-fledged tool for large-scale testing of any programs without making changes to the structure and parameters of the working operating system. How to work with it - read on.

Downloading the distribution and installing Sandboxie

Before proceeding with the installation, as always, you need to download the installation package from the network. Let's use official site project.

Although the developers offer paid versions of the product for home and office use, the free version is also quite suitable for us. It has no time limits. The only negative is the ability to work with only one sandbox and the inaccessibility of some not too critical parameters.

After downloading the distribution kit, let's start the installation procedure. It takes place in 2 phases. First, the system libraries and Sandboxie executables are installed.

At the final stage, you will be prompted to install the system driver, which is the core of the application. The driver will work in conjunction with service files, its installation time is a couple of moments. We agree and move on.

First launch of Sandboxie

When you open the app for the first time, you'll see a list of programs that you can improve sandbox compatibility on your screen for. Despite the fact that this list does not display all the applications available in the OS, the sandbox program automatically determined that by default these programs are not available for management in Sandboxie. We agree to improve compatibility by checking all the items in the list and clicking OK.

Next, we will go through a short introduction to working with the application, where you can get acquainted with the general principle of the software product, the mechanism for launching a web browser in protected mode, as well as the function of deleting the contents of an active sandbox. The manual is very concise, all its contents are reduced to a few button clicks to perform the most requested actions and a graphic illustration with the basic methodology of the service.

So, when the manual is exhausted, we can start working in an isolated environment. You can launch the application by selecting the appropriate item in the "Start" menu, or by clicking on the appropriate icon in the "Applications" view (Win 8/8.1).

An alternative way is to double click on the Sandboxie icon in the taskbar.

As a result of launching the program, a form with an active sandbox available to the user will appear on the screen (we remind you once again that only one sandbox can be created in the free version). Almost all operations are called from this form.

Running the browser in sandbox mode

Well, let's start the browser in protected mode. To do this, you can use the shortcut on the desktop, or by right-clicking on the DefaultBox and selecting "Run in Sandbox" -> "Launch Web Browser" from the context menu. It is worth noting that in this way you can work with a browser installed in the system as the active default.

The inclusion of a secure sandbox is symbolized by a yellow border that borders the browser form.

How to work with her? By running a browser in a sandbox, you can freely access any, even potentially dangerous, resources without the threat of infecting your PC with any malicious code. This mode will certainly come in handy if you are looking for keys for programs, cracks, or you, under your supervision, have seated a child at the computer, and are afraid that he may harm the system by going to unsafe resources through banners, or change browser settings by putting the next " super-unique" addition. All files downloaded using this browser will also not have access to the working system.

When trying to download a file using a sandboxed browser, pay attention to the form header for specifying a save name. The name of such a form is surrounded by two # characters, which means that when saving the object, it will be placed in the Sandboxie Windows shell and will not be available on a regular disk device.

The same applies to running programs.

By default, files downloaded from the network are offered to be placed in the Desktop or Downloads folder. These directories are suitable for sandboxing.

How to make sure that the downloaded file is saved in the sandbox?

Select View from the top menu and check the Files and Folders option. You will see a tree of available drives and user directories that you can work with in protected mode. Open the folder you need and make sure the appropriate files are there.

Is it possible to extract a file from the sandbox by placing it in a similar folder on a normal service drive?

Of course, to do this, right-click on the file to be restored, and select "Restore to the same folder" in the context menu. The file will then be extracted.

You can also add new paths to the folders available for saving by specifying them in the Sandbox Settings form, Recovery category -> Quick Recovery section.

To open the Sandbox settings form, go to the top menu in the Sandbox option, then select the DefaultBox sub-item and in the context menu that appears, click on the Sandbox settings item.

How to install a new application in the sandbox?

Right-click on the appropriate distribution saved in sandbox or stock OS and select "Run in Sandbox" from the menu

This will be followed by a regular installation procedure, which can be dealt with literally in a jiffy. The only caveat: if you want to test a 64-bit program, before installing, add the path to the “C:\Program Files” folder in the Sandboxie sandbox settings, since by default only the path to the system directory “C:\Program Files (x86)” can be present . You can do this again in the Quick Recovery menu. For the changes to take effect, click the "Apply" button and restart the installation if the process is already running.

How to run a program in the sandbox?

There are two ways for the user to run the application in a secure environment.

The first is the context menu called from the Sandbox item in the Sandboxie top menu. Here you can run anything from an external email client to a console daemon designed to compress files into an alternative audio format.

The second way is to use the Sandboxie integration with Windows Explorer. To do this, you need to right-click on the program you need on a regular working disk device and select the "Run in the sandbox" option.

Results

In general, it must be said that the program does not feel very confident on the 64-bit operating systems of the latest generation. Periodic crashes occur, windows appear with a notification about an attempt to immediately restore running processes. However, with a little tweaking of the settings, Sandboxie can be made to run smoothly, efficiently, and without reservations, and thanks to File Explorer integration, launching applications is smooth and seamless. Along with other virtualization methods, this mechanism is an excellent tool for debugging and testing applications, which is useful for a detailed study of the interaction of a software product with a working operating environment.

In the process of publishing the last part of the series of articles “Lies, Big Lies and Antiviruses”, it turned out that the Habra audience is disastrously ignorant in the field of antivirus sandboxes, what they are and how they work. The funny thing about this situation is that there are almost no reliable sources of information on this issue on the Web. Only a bunch of marketoid husks and texts from I don’t understand who in the style of “one grandmother said, listen here.” I'll have to fill in the gaps.

Definitions.

So, sandbox. The term itself did not come from the children's sandbox, as some might think, but from the one used by firefighters. This is a sand tank where you can safely work with flammable objects or throw something already burning into it without fear of setting something else on fire. Reflecting the analogy of this technical structure to the software component, a software sandbox can be defined as "an isolated execution environment with controlled rights." This is how the Java machine sandbox works, for example. And any other sandbox too, regardless of the destination.

Turning to anti-virus sandboxes, the essence of which is to protect the main working system from potentially dangerous content, there are three basic models for isolating the sandbox space from the rest of the system.

1. Isolation based on full virtualization. The use of any virtual machine as a protective layer over the guest operating system, where the browser and other potentially dangerous programs are installed, through which the user can become infected, provides a fairly high level of protection for the main working system.

The disadvantages of this approach, in addition to the monstrous size of the distribution and heavy consumption of resources, lie in the inconvenience of data exchange between the main system and the sandbox. Moreover, you need to constantly return the state of the file system and registry to its original state in order to remove the infection from the sandbox. If this is not done, then, for example, spambot agents will continue their work inside the sandbox as if nothing had happened. There is nothing to block them in the sandbox. In addition, it is not clear what to do with portable media (flash drives, for example) or games downloaded from the Internet, in which malicious bookmarks are possible.

An example of an approach is Invincea.

2. Isolation based on partial virtualization of the file system and registry. It is not at all necessary to carry a virtual machine engine with you, you can push duplicate file system and registry objects to processes in the sandbox, placing applications on the user's working machine in the sandbox. An attempt to modify these objects will only change their copies inside the sandbox, the real data will not be affected. Rights control makes it impossible to attack the main system from inside the sandbox through the interfaces of the operating system.

The disadvantages of this approach are also obvious - the exchange of data between the virtual and real environments is difficult, constant cleaning of virtualization containers is necessary to return the sandbox to its original, uninfected state. Also, breakdowns or bypassing this type of sandbox and the release of malicious program codes into the main, unprotected system are possible.

An example approach is SandboxIE, BufferZone, ZoneAlarm ForceField, Kaspersky Internet Security sandbox, Comodo Internet Security sandbox, Avast Internet Security sandbox.

3. Isolation based on rules. All attempts to change file system and registry objects are not virtualized, but are considered in terms of a set of internal rules of the protection tool. The more complete and accurate this set is, the more protection the program provides against infection of the main system. That is, this approach is a kind of compromise between the convenience of data exchange between processes inside the sandbox and the real system and the level of protection against malicious modifications. Rights control makes it impossible to attack the main system from inside the sandbox through the interfaces of the operating system.

The advantages of this approach also include the absence of the need to constantly roll back the file system and registry to its original state.

The disadvantages of this approach are the software complexity of implementing the most accurate and complete set of rules, the possibility of only partial rollback of changes within the sandbox. Just like any sandbox operating on the basis of a production system, it is possible to break through or bypass the protected environment and exit malicious codes into the main, unprotected execution environment.

An example approach is DefenseWall, Windows Software Restriction Policy, Limited User Account + ACL.

There are mixed approaches to isolating sandbox processes from the rest of the system, based on both rules and virtualization. They inherit both the advantages of both methods and the disadvantages. Moreover, the disadvantages prevail due to the peculiarities of the psychological perception of users.

Approach examples are GeSWall, Windows User Account Control (UAC).

Methods for deciding on placement under protection.

Let's move on to methods for deciding whether to place processes under sandbox protection. There are three basic ones:

1. Based on the rules. That is, the decision-making module looks at the internal rule base for launching certain applications or potentially dangerous files and, depending on this, launches processes in the sandbox or outside it, on the main system.

The advantages of this approach are the highest level of protection. Both malicious program files that came from potentially dangerous places through the sandbox and non-executable files containing malicious scripts are closed.

Disadvantages - there may be problems installing programs that came through the sandbox (although whitelisting makes this task much easier), the need to manually start processes in the main, trusted zone to update programs that update only within themselves (for example, Mozilla FireFox, Utorrent or Opera ).

Examples of programs with this approach are DefenseWall, SandboxIE, BufferZone, GeSWall.

2. Based on user rights. This is how Windows Limited User Account and SRP and ACL based protection work. When a new user is created, he is granted access rights to certain resources, as well as restrictions on access to others. If you need a program to work with resources prohibited for a given user, you must either re-login in the system under a user with a suitable set of rights and run the program, or run it alone under such a user, without re-login of the main working user (Fast User Switch).

The advantages of this approach are a relatively good level of overall system security.

Disadvantages - non-triviality of protection management, the possibility of infection through resources allowed for modification, since the decision-making module does not track such changes.

3. Based on heuristic approaches. In this case, the decision module "looks" at the executable and tries to guess from indirect data whether to run it on the host system or in the sandbox. Examples are Kaspersky Internet Security HIPS, Comodo Internet Security sandbox.

The advantage of this approach is that it is more transparent to the user than rule-based. Easier to maintain and implement for the manufacturing company.

Disadvantages - the inferiority of such protection. In addition to the fact that the decision module heuristics can “miss” on the executable module, such decisions demonstrate almost zero resistance to non-executable files containing malicious scripts. Well, plus a couple more problems (for example, with the installation of malicious extensions from within the browser itself, from the body of the exploit).

Separately, I would like to draw attention to the method of using the sandbox as a means of heuristics, i.e. launching a program in it for a certain period of time, followed by an analysis of actions and the adoption of a general decision about maliciousness - this approach cannot be called a full-fledged anti-virus sandbox. Well, what kind of anti-virus sandbox is this, which is installed only for a short period of time with the possibility of completely removing it?

Modes of using anti-virus sandboxes.

There are only two main ones.

1. Real-time protection mode. When starting a process that can be a threat to the main system, it is automatically sandboxed.

2. Manual protection mode. The user independently decides on the launch of an application inside the sandbox.

Sandboxes that have the main mode of operation as "real-time protection" can also have a manual start mode. As well as vice versa.

Rule-based sandboxing is characterized by the use of real-time protection mode, since the communication between the main system and the processes inside the sandbox is completely transparent.

Heuristic sandboxes are also characterized by the use of real-time protection mode, since the exchange of data between the main system and processes inside the sandbox is absolutely insignificant or comes down to it.

Non-heuristic sandboxes with isolation based on partial virtualization are characterized by a manual protection mode. This is due to the difficult exchange of data between the processes inside the sandbox and the main working system.

Examples:

1. DefenseWall (rules-based isolation sandbox) has the main mode of operation "permanent on the rules". However, manually launching applications inside the sandbox, as well as outside it, are present.

2. SandboxIE (sandboxed and isolated based on partial virtualization) has the main mode of operation "manual". But when buying a license, you can activate the "permanent on the rules" mode.

3. Comodo Internet Security sandbox (sandbox with isolation based on partial virtualization) has a basic mode of operation "permanent heuristic". However, running applications manually inside the sandbox, as well as outside it, are present.

These are basically the basic things any self-respecting professional should know about antivirus sandboxes. Each individual program has its own implementation features, which you yourself will have to find, understand and evaluate the pros and cons that it carries.

It is a mistake to believe that the built-in protection of the operating system, antivirus or firewall will completely protect against malware. However, the harm may not be as obvious as in the case of viruses: several applications can slow down Windows and lead to various kinds of anomalies. Over time, the consequences of uncontrolled processes on the part of "amateur" software make themselves felt, and uninstallation, deletion of registry keys and other cleaning methods no longer help.

In such situations, sandbox programs, which this review is dedicated to, can play an excellent service. The principle of operation of sandboxes is partly comparable to virtual machines (Oracle VM VirtualBox and others, VMware Virtualization). Thanks to virtualization, all processes initiated by the program are executed in a sandbox - an isolated environment with strict control of system resources.

This method of code isolation is quite actively used in anti-virus software (KIS 2013, avast!), in programs such as Google Chrome (Flash works in the sandbox). However, one should not conclude that sandbox programs are a complete guarantee of security. This is just one of the effective additional means to protect the OS (file system, registry) from external influences.

A review of the program for creating a virtual environment has already been published on the site -. Today, other applications will be considered, in a broader sense: these are not only desktop solutions, but also cloud services that improve not only security, but also anonymity, making it possible to run from removable media, from another computer.

Sandboxie

Developer Ronen Tzur compares the action of the Sandboxie program to an invisible layer applied on top of paper: you can put any inscriptions on it; when the protection is removed, the sheet will remain intact.

There are 4 main ways to use sandboxes in Sandboxie:

• Secure internet surfing
• Privacy Improvement
• Secure Email Correspondence
• Keeping the OS in its original state

The last point implies that you can install and run any client applications in the sandbox - browsers, IM messengers, games - without affecting the system. Sandboxie controls access to files, disk devices, registry keys, processes, drivers, ports, and other potentially insecure sources.

First of all, SandboxIE is useful in that it allows the user to flexibly configure sandboxes and privileges using the Sandboxie Control shell. Here, through the context and main menu, the main operations are available:

• Starting and stopping programs controlled by Sandboxie
• Viewing files inside a sandbox
• Restoring the files you need from the sandbox
• Deleting all work or selected files
• Creating, deleting, and configuring sandboxes

To run the program in the sandbox, just drag the executable file into the Sandboxie Control window, into the sandbox created by default. There are other ways - for example, the Windows Explorer menu or the notification area. The window of a program running in an emulated environment will have a yellow border and a hash mark (#) in the title.

If, when working with a sandboxed program, you need to save the results to disk, any desired source is specified - the files will be placed in the sandbox folder, while at the specified address, outside the sandbox, it will not be. To "real" transfer files from the sandbox, you should use the restore option. There are two types of them - quick or immediate, in both cases, before starting the program in the sandbox, you need to configure folders for recovery ("Sandbox Settings - Recovery").

More detailed access settings are located in the "Restrictions" and "Access to resources" sections. They may be required if the application cannot run without certain privileges (requires a certain system library, driver, etc.). In "Restrictions", in relation to programs or groups, access to the Internet, to hardware, IPC objects, as well as low-level access is configured. In "Access to resources" - the appropriate settings for files, directories, the registry and other system resources.

Also in the Sandboxie settings there is an important section "Applications", which contains groups of programs for which access to the specified resources is granted. Initially, all list items are disabled; to apply changes for a specific application, you need to mark it in the list and click the "Add" button.

Thus, it is possible to create sandboxes with different parameters. It is allowed to clone the configuration of an existing sandbox; for this, when creating a new one, select the environment from which you want to transfer the settings from the drop-down list.

Summary

With the Sandboxie application, you can create virtual environments of any configuration, without user restrictions. Sandboxie provides a large number of settings for both individual applications and sandboxes.

[+] Flexible configuration of each sandbox
[+] Creating rules for a group of applications
[-] You can't create distributions
[-] No setup wizard

Evalaze

It is symbolic that Evalaze originates from the Thinstall 2007 program, currently VMware.

Evalaze is not as well-known as Sandboxie among sandboxing programs, but it has a number of interesting features that distinguish it from a number of similar solutions. Thanks to virtualization, applications can be run in a standalone environment from any computer, regardless of the availability of drivers, libraries, or newer versions of the application being launched. It does not require any prior configuration or additional configuration files or libraries or registry keys.

Evalaze does not require installation, one caveat: you will need Microsoft .NET Framework version 2.0 or higher to work. In the free version, as well as in the professional edition, a virtualization setup wizard and an unlimited number of virtual applications are available. You can download a trial version from the developers' site only upon request (see the developers' email on the site).

The resulting configuration can be saved to a project. From start to finish, the virtual application setup process takes longer than, say, Sandboxie, but is more consistent and straightforward.

It should be noted two additional features of Evalaze, which are likely to be of interest to software developers and testers: this is work with a virtual file system and a virtual registry. These standalone Evalaze environments can be edited at your discretion by adding files, directories, keys necessary for the functioning of a particular virtual program.

Also in Evalaze, you can set up associations out of the box: the virtual application will immediately create the necessary associations with files in the OS upon startup.

Summary

A program with which you can create standalone applications that are convenient to use in all sorts of situations, which in general facilitates migration, compatibility, security. Alas, the free version is practically useless, it is only interesting for a very superficial study of the functions of Evalaze.

[-] Poorly functional trial version
[-] The high price of the Pro version
[+] There is a setup wizard
[+] Virtual file system and registry

Enigma Virtual Box

The Enigma Virtual Box program is designed to run applications in an isolated virtual environment. The list of supported formats includes dll, ocx (libraries), avi, mp3 (multimedia), txt, doc (documents), etc.

Enigma Virtual Box models the virtual environment around the application as follows. Before starting the application, the Virtual Box loader is triggered, which reads the information that is necessary for the program to work: libraries and other components - and provides them to the application instead of the system ones. As a result, the program works autonomously with respect to the OS.

It usually takes about 5 minutes to configure Sandboxie or Evalaze sandboxes. At first glance, Virtual Box also does not involve lengthy configuration. In the documentation, the use of the program is actually contained in one sentence.

Only 4 tabs - "Files", "Registry", "Containers" and, in fact, "Options". You need to select an executable file, specify the location of the final result and start processing. But later it turns out that the virtual environment needs to be created independently. For this, the three adjacent sections "Files", "Registry" and "Containers" are intended, where the necessary data is manually added. After that, you can click processing, run the output file and check the program's performance.

Summary

Thus, in Enigma Virtual Box there is no OS analysis before and after installing the application, as is the case with Evalaze. The emphasis is shifted towards development - therefore, rather, Virtual Box is useful for testing, checking compatibility, creating artificial conditions for running a program. Virtualization of unknown applications will cause difficulties, since the user will be forced to specify all the program's links on his own.

[-] Lack of convenient setting
[+] The resources used by the program can be determined independently

cameyo

Cameyo offers application virtualization in three areas: business, development, personal use. In the latter case, the sandbox can be used to keep the OS in a “clean” state, store and run applications on removable media and cloud services. In addition, several hundred already configured virtual applications are published on the cameyo.com portal, which also saves user time.

The steps for creating a virtual application are similar to Enigma Virtual Box: first, a snapshot of the system is created before installation, then after it. Changes between these states are taken into account when creating the sandbox. However, unlike Virtual Box, Cameyo syncs with a remote server and publishes the application to the cloud. Thanks to this, applications can be run on any computer with access to the account.

Through the library (Library) you can download popular system applications (Public Virtual Apps) for subsequent launch: archivers, browsers, players, and even antiviruses. At startup, you are prompted to select an executable file and indicate whether it works stably or not (which, apparently, is somehow taken into account by the moderators of the Cameyo gallery).

Another interesting feature is the creation of a virtual application through . The installer can be downloaded from a computer, or you can specify a file URL.

The conversion process, according to statements, takes from 10 to 20 minutes, but often the waiting time is several times less. Upon completion, a notification is sent to the email with a link to the published package.

Email notification about distribution creation

With all the cloud conveniences, there are two important points to note. First: each program is updated from time to time, and there are rather outdated copies in the library. The second aspect is that applications added by users may violate the license of a particular program. This must be understood and taken into account when creating custom distributions. And thirdly, no one can guarantee that the virtual application posted in the gallery has not been modified by an attacker.

However, speaking of security, Cameyo has 4 application modes:

• Data mode: the program can save files in the Documents folder and on the Desktop
• Isolated: no writability in the file system and registry
• Full access: free access to the file system and registry
• Customize this app: modifying the launch menu, choosing where to store the program, etc.

Summary

A convenient cloud service that can be connected to on any computer, allowing you to quickly create portable applications. Setting up sandboxes is minimized, not everything is transparent with virus scanning and security in general - however, in this situation, the advantages can compensate for the disadvantages.

[+] Network synchronization
[+] Access to custom applications
[+] Create virtual applications online
[-] Lack of sandbox settings

Spoon.net

Spoon Tools is a set of tools for creating virtual applications. In addition to being a professional environment, spoon.net deserves attention as a cloud service that integrates with the Desktop, allowing you to quickly create sandboxes.

To integrate with the Desktop, you need to register on the spoon.net server and install a special widget. After registration, the user gets the opportunity to download virtual applications from the server through a convenient shell.

Four features brought by the widget:

• Create sandboxes for files and applications
• Tidying up the desktop with shortcuts, quick launch menu
• Safe testing of new applications, running legacy versions on top of new ones
• Undo changes made by the sandbox

Quick access to the spoon.net widget is possible through the keyboard shortcut Alt + Win. The shell includes a search string, in combination - the console. It searches for applications on the computer and on the web service.

The organization of the desktop is very convenient: you can drag the necessary files to the virtual desktop, which will be synchronized with spool.net. New sandboxes can be created in just two clicks.

Of course, in terms of setting up sandboxes, Spoon cannot compete with Sandboxie or Evalaze for the reason that they simply do not exist in Spoon. You can not set restrictions, convert a "regular" application into a virtual one. The Spoon Studio complex is intended for these purposes.

Summary

Spoon is the "most cloudy" shell for working with virtual applications and, at the same time, the least customizable. This product will appeal to users who care not so much about the security of work through virtualization, but about the convenience of working with the necessary programs everywhere.

[+] Widget integration with Desktop
[+] Quick creation of sandboxes
[-] Lack of settings to limit virtual programs

pivot table