Alternative to Sandboxie?

Ray Minich · Post by **Ray Minich** » 19 Aug 2011 8:59 am

I've been using Sandboxie on my WinXP machine to open files that may have malware in them. It's a "virtual machine" program that isolates the opened file from the rest of the operating system in order to prevent invasive maneuvers by the opened file.

Sandboxie does take up some system resources and has a couple of nuisances I tire of.

Now I'm in Windows 7 land.

Does anyone know of a suitable alternative virtual machine program that has better performance or tighter protection specs?

Thanks all.

Wiz Feinberg · Post by **Wiz Feinberg** » 19 Aug 2011 11:15 am

I use Acronis True Image. It contains a module that runs everything in a VM, until the next reboot. At that time you can decide whether to accept the changes made to the system, or restore the previous setup.

Rejecting the changes eliminates everything done by the program or malware you are testing.

Caveat: One needs to use caution to avoid running malware that overwrites the MBR, such as TDSS-4 or Mebroot, etc. You would have to discard the VM before rebooting to avoid this from occurring.

Safety net: Acronis can be used to image the C drive before testing the malware. Should an MBR infector take hold, restore the image, including the MBR.