Getting Started

Part One: Introduction

Sandboxie runs your applications in an isolated abstraction area called a sandbox. Under the
supervision of Sandboxie, an application operates normally and at full speed, but can't effect
permanent changes to your computer. Instead, the changes are effected only in the sandbox.
This Getting Started tutorial will show you:
*
*
*
*

How
How
How
How

to to use Sandboxie to run your applications

the changes are trapped in the sandbox
to recover important files and documents out of the sandbox
to delete the sandbox

Or skip ahead to Getting Started Part Six which discusses a few final points.
You can also review the External Tutorials page for more links to tutorials about Sandboxie, some
in languages other than English, others are in video form rather than text.

Sandboxie Control
Sandboxie is operated primarily through the Sandboxie Control program. This program adds the
yellow Sandboxie icon to the system notification ("tray") area of your taskbar:
If Sandboxie Control is not already active, you can find it and launch it from the Sandboxie
program group in your Windows Start menu:

Windows XP

Windows Vista

When active, you can use the Sandboxie tray icon to hide and show the main window of
Sandboxie Control, by double-clicking the icon. Or, you can right-click the icon and select the first
command, which alternates between Hide Window and Show Window.
For this tutorial, make sure the main window of Sandboxie Control is visible.
You should view this tutorial in a sandboxed Web browser. To do that, use the Getting Started
Tutorial (Web) command in the Help Menu of Sandboxie Control, and make sure you tell
Sandboxie Control to run your browser sandboxed:

Part Two: Run Web Browser

To launch your Web browser, find the desktop shortcut icon for Sandboxed Web Browser and click
2

it:

Alternatively, right-click the Sandboxie Control tray icon, and navigate the popup Tray Icon Menu
to select the Run Web Browser action.

A third option is via the Sandbox Menu in the main window of Sandboxie Control:

Your Web browser should come up sandboxed. You can tell that a program is sandboxed because its
window title bar contains additional Sandboxie [#] indicators:

(Note: In some computer systems, Sandboxie starts the wrong program when you select Run Web
Browser. If this is the case for you, use the Default Browser utility to fix this.)
The sandboxed program should appear in the main window of Sandboxie Control:

The window displays the list of programs that are currently running sandboxed under the
supervision of Sandboxie. Initially there is just one sandbox, DefaultBox, however, more sandboxes
can be created; see the Create New Sandbox command in the Sandbox Menu.
The picture above shows Sandboxie is running three programs. The first, iexplore.exe, stands for
Internet Explorer, as this tutorial assumes Internet Explorer is the Web browser in use. If the default
Web browser in your system is Firefox, or Opera, then you would see firefox.exe or opera.exe,
respectively, as the first program running in the sandbox.
The screenshot shows two more programs are running, SandboxieRpcss.exe and
SandboxieDcomLaunch.exe. These support programs are part of Sandboxie. If they are needed,
they will be automatically started, without any explicit action on your part. See Service Programs.
When Sandboxie is actively running programs in any of the sandboxes, the Sandboxie tray icon (at
the corner of the screen) displays red dots:

Part Three: The Sandbox

You should now have your Web browser running sandboxed. It can be Internet Explorer or any
other browser.
The browser program may make changes to your computer. These changes will all be trapped in the
sandbox.
Try it now: Right-click on the following link, and save the file to your desktop. If you're using
Internet Explorer, this is the Save Target As command in the right-click menu. If you're using
Firefox, this is the Save Link As command in the right-click menu.
http://www.sandboxie.com/favicon.ico
In the default and recommended configuration, Sandboxie will identify that a file was saved to an
interesting location -- your desktop, in this case -- and will offer Immediate Recovery for the file:
4

Because the point of this exercise is to show that files remain in the sandbox unless recovered, click
the Close button on the window above, to tell Sandboxie to keep the file in the sandbox.
The file you saved, favicon.ico would appear on your desktop as this icon:
If you minimize all windows and examine your desktop, you should not be able to see the new icon,
because the file was in fact saved in the sandbox, and not yet recovered.
Sandboxie Control initially operates in Programs View where it lists the programs running in the
sandbox, but you can use the View Menu to switch the view mode to Files And Folders View which
shows the contents of the sandbox. Click Files and Folders in the View menu.

Expand the branches (by clicking the + signs) to reveal the contents of the sandbox, arranged into
folders. As you can see in the picture directly above, the file favicon.ico that you saved earlier has
been placed in the sandboxed desktop folder.
5

In the same way, any file created by any sandboxed program will be placed in a sandbox folder
corresponding to the real folder where it should have been placed.
Let's try this again, this time with a sandboxed Notepad. To do this, use the Run Any Program
command:

Sandboxie displays its Run... dialog box. Type notepad:

Notepad should start sandboxed:

Type a few letters into the new Notepad document, and save it as file test1.txt at the root folder of
drive C. Then, look for this file in the root folder of drive C. You should not be able to find it. That's
because the file was saved in the sandbox:

Summary:
Files created or modified by sandboxed programs are initially placed in the sandbox.
Files in the sandbox are not visible to programs outside the sandbox.

Part Four: Quick Recovery

You may have noticed that when you saved the file favicon.ico to your desktop folder, earlier,
Sandboxie offered Immediate Recovery for that file. However, no such offer was made when you
saved test1.txt to the root folder of drive C.
This is because the desktop folder is (by default) configured as a recoverable folder location, from
which you will typically want to recover files. The root folder of drive C is not considered a
recoverable location.
The Quick Recovery command scans the recoverable folders and displays a summary of all
recoverable files:

You can invoke the Quick Recovery command:

From the Sandbox Menu in the main window of Sandboxie Control.
By right-clicking the Tray Icon Menu at the corner of the screen.
The picture above shows favicon.ico as the only recoverable file, because it was the only file saved
to a recoverable location -- the desktop folder in this case.
Other folder locations that are set as recoverable folders by default are your My Documents folder,
the Windows Favorites folder. Where applicable, your Downloads folder is also considered a
recoverable folder. Since these folders don't contain any files eligible for recovery, they are not
listed at all in the picture above.
You can use the Add Folder button to add more folders to Quick Recovery.
You can switch Sandboxie Control to the Files And Folders View to view and recover any
file that resides anywhere in the sandbox.
When recovering a file (or a folder), you can choose to recover the file to the corresponding
location outside the sandbox -- for example, from the sandboxed desktop folder, to the real desktop.
The Recover to Same Folder command (shown as a button in the picture above) does that.
Alternatively, you can use the Recover to Any Folder command, which can move the sandboxed file
to any folder location in your computer system.

Immediate Recovery
The Immediate Recovery feature, which was mentioned briefly in the previous part of this guide, is
8

an extension of Quick Recovery. Immediate Recovery keeps scanning the same set of recoverable
folders, and will enable you to recover files as soon as they are created:

As with Quick Recovery, you can Recover to Same Folder or Recover to Any Folder.
Summary:
Files must be created in recoverable folders if they are to be noticed by Quick Recovery and
Immediate Recovery.
You can customize the set of recoverable folders.
You can use Files And Folders View to recover files that do not reside in any recoverable
folder.

Part Five: Delete Sandbox

When you are finished using the application under Sandboxie, and you have recovered the
downloaded files, documents and other desired work items, it is a good idea to delete the contents
of the sandbox. Click the Delete Contents command in the Tray Icon Menu:

You can also invoke the Delete Contents command from the Sandbox Menu in the main window of
Sandboxie Control.
The Delete Sandbox window appears, giving you one last chance to recover any files still remaining
in the sandbox:

The upper part of the window in the picture above was introduced in the last part as the Quick
10

Recovery command. The lower part counts the accumulated size of the contents of the sandbox.
Finally, when you are sure you have recovered everything you need, click Delete Sandbox to delete
the sandbox.
Note that regardless of the size of the sandbox, the delete process always takes only a few seconds.
This should be considered normal and expected. During this time, the Sandboxie tray icon changes
to a red X icon to indicate that sandbox delete is in progress.
In the default configuration, the sandbox is not deleted automatically, so you will have to manually
invoke the Delete Contents command whenever you want to delete the contents of the sandbox.
This behavior can be changed by altering a setting. In the main window of Sandboxie Control, use
the Sandbox Menu to open the Sandbox Settings window:

The Sandbox Settings window appears. Click on Delete to expand the delete settings group, then on
Invocation to show the Delete > Invocation settings page:

11

Place a checkmark in the box Automatically delete contents of sandbox to have Sandboxie
automatically invoke the Delete Sandbox command, as described in the settings page.

Part Six: Conclusion

This tutorial has walked you through the basic principles of using and understanding Sandboxie:
*
*
*
*

How
How
How
How

to to use Sandboxie to run your applications

the changes are trapped in the sandbox
to recover important files and documents out of the sandbox
to delete the sandbox

You can read more tips about using Sandboxie in the Usage Tips page, and in pages about specific
web browsers: Internet Explorer Tips and Firefox Tips.
An important point to keep in mind when using Sandboxie is that it is designed to isolate programs
from each other. Therefore you should expect to lose a small measure of inter-operability between
programs. For example:
Email: Clicking email (mailto) links typically causes your web browser to start your email
software. This will not work correctly unless Sandboxie is configured to run your email
software in that sandbox. See FAQ Email.
You can avoid this problem by right-clicking the email link instead of left (normal)
clicking it. The right-click menu will let you copy the email address. Then switch to
your email software and paste the email address. If the pasted email address begins
with a mailto: prefix, then make sure to delete that prefix, including the colon (:).
Download manager: Clicking download links is intercepted and handled by software which
is operating outside your web browser. When the web browser is running in a sandbox, this
might cause it to start the download manager in the sandbox as well, which would probably
not be desired result.
You can avoid this problem by right-clicking the download link instead of left
(normal) clicking it. The right-click menu will let you copy the link. Then switch to
your download manager program, and paste the link to start the download process.
On the other hand, you should not expect to lose every measure of inter-operability between
programs. For example, you may use a dictionary software which should react to keystrokes or
mouse-clicks to display information in a pop up window. Sandboxie may or may not interfere with
this, depending on how the dictionary software is designed. When things do not work as expected,
please report it on the Sandboxie forum and ask for a solution.
Please also take some time now to review the many settings in the Sandbox Settings window. The
settings are explained clearly, and you will find many settings that enable you to strike your
preferred balance between security and convenience.
For example, one person may prefer greater security and control over web bookmarks and favorites,
by letting them first save into the sandbox, and then recovering selected items through
Quick Recovery or Immediate Recovery. (This is the default configuration in Sandboxie.)
But another person may prefer to configure Sandboxie such that a sandboxed web browser can
directly access the bookmarks or favorites, without an intermediate recovery step, thus sacrificing
12

some security for greater convenience.

Sandboxie enables you to strike your personal balance of security and convenience.
Enjoy!

13