Best Free Browser Protection Utility


In a Hurry?
  Go straight to the Quick Selection Guide

There's a scumware plague at the moment. All it takes is a visit to one malware site or a "loaded" shareware install, and next minute your Internet Browser homepage has been changed, your default search setting altered, unwanted ads pop up on your screen, rogue software are nagging you to pay, your passwords have been stolen, and worse.

Traditional antivirus software and antispyware software are being overwhelmed by the rapidly increasing amount of virus, spyware and other malware. That's why a different approach to combating these threats is necessary. Instead of technologies that are reacting to malware, we need proactive technology to protect our computers. These browser protection utilities can greatly increase your defenses against drive-by downloads and vulnerabilities.

I took a look at several applications that are vital in the fight against unwelcome and harmful intruders.


Sandboxie main screenMy first recommendation for safe browsing is a free program called Sandboxie, for Windows 2000 and later. It creates a special contained "sandbox" environment on your PC, as this animation shows. While browsing within the virtual sandbox provided by Sandboxie, you are totally isolated from the vital portions of your PC, namely your operating system environment on your hard drive and memory locations for your current OS session. So any files you download are isolated to the sandbox. Similarly, any programs that are executed only do so within the sandbox, and have no access to your normal files, the Windows operating system or any other part of your PC.

Usage is remarkably simple. To start a sandboxed browsing session, you just click the "Sandboxed Web Browser" icon on your desktop (or the Sandboxie icon from the Quick Launch tray) and this will launch your default browser in the sandbox. You can then use it in the normal way to browse to sites or download files. By default, files that are saved in the Desktop, My Documents or Favorites will have a prompt to ask you whether you want to save the file permanently. I suggest you add your default downloads folder to the Quick Recovery settings so files saved there will be automatically saved to your real hard disk, saving you the trouble of manually recovering files.
After you have finished browsing, you can right click the Sandboxie icon and delete all sandboxed files and processes, and your PC will be returned to the same state it was in before the browsing session. You can change configuration settings to automatically delete all the sandboxed contents when you close a sandbox. You can also configure a third-party program, such as Eraser or SDelete, to erase the sandboxed contents for greater privacy.

The advantage is clear: any virus, trojan, worm, spyware or adware threats that "infected" your PC while browsing will be eliminated.

Sandboxie allows for in-depth configuration which increases security. For example, you can set it to block access to your personal files, or only allow certain programs to run or connect to the internet in a sandbox. A recent feature of Sandboxie also allows you to run sandboxed programs in a Limited User Account, similar to DropMyRights, for even greater security. This should also prevent most keyloggers from running.

However, there are some downsides to this approach. Firstly, if you want to update your browser addons/widgets, you'll need to open an un-sandboxed browser and do it from there. This also applies to bookmarks but you can configure Sandboxie to automatically retain those. Secondly, Sandboxie is not designed to detect or disable keyloggers. You can get around this (mostly) by always empty your sandbox before you log in to important sites (such as sites involving financial transactions). Thirdly, some people find the nag screen inconvenient, which appears for five seconds before a sandboxed application opens.

Sandboxie works fine with all browsers and most software applications, including e-mail clients (though this requires special configuration), instant messaging clients, Bittorrent clients and games. However, it won't work with system software (software which installs a system driver).

Returnil Virtual System main screenIf you would like to take your system protection even further, look no further than Returnil System Safe Free. With Returnil you get a cloned version of your system partition to boot from and work in.  If anything does happen to go wrong during your session, it's as easy as rebooting your system, and your whole operating system environment is back to where it was before you turned Returnil protection on. Returnil also includes some useful features, including file protection and an anti-executable function.

Returnil provides a different type of protection compared to Sandboxie or GesWall. It is an excellent solution for those who have limited uses of their computer, for example for users who just browse the web. Also, if you have a separate partition for your data then Returnil is particularly useful because you don't have to worry about losing data which you just saved. Returnil can also be used in conjunction with Sandboxie or GesWall.

Like all security software, you should have a backup of your hard drive and all your files before you install one of these applications.

Please help us by rating this review

Related Products and Links
Related Browser Protection and Browser Security Articles

Related Security Articles

Have Your Say

Please visit our freeware forum to share and discuss your views and get advice on free security software, including antivirus software. There's also a poll where you can vote and discuss your browser protection utility. To post in the forum you need to register first but that's quick and immediate.

Quick Selection Guide


Gizmo's Freeware award as the best product in its class!

Runs as a stand-alone program on a user's computer
Excellent security
Virtual environment is inconvenient, keyloggers could potentially steal data before browser is closed, nag screen
2.5 MB
32 bit but 64 bit compatible
Free for private use only
To learn more visit its forum and its online help.
Windows 2000 - Vista

Returnil System Safe Free

Runs as a stand-alone program on a user's computer
System-wide security
Virtual environment is highly inconvenient, keyloggers could potentially steal data before computer is rebooted
37.4 MB
Free for private use only
To learn more visit its forum.
Windows XP - Vista

This software review is copy-edited by Glyn Burgess. Please help edit and improve this article by clicking here.


sandbox, browser security, browser protection

Back to the top of the article

Please rate this article: 

Your rating: None
Average: 4.2 (107 votes)


Sandboxie has been sold to Invincia and Sandboxie's long-term developer, Ronen Tzur, will be exiting in approximately 6 weeks (per his announcement on Sandboxie's web site). Inasmuch as I have enjoyed using Sandboxie for many years as effective protection, I think caution is advised until it can be determined which direction Invincia takes this product.

Lets wait and see what comes out of this. I am very sad to see Tzuk go but regarding SBIE, to this day, we cant tell whats gonna happen in the future. He is asking Sandboxie users to be patient, I think that's what we should do for the time being.


Hmm, sounds interesting, although some of these comments make me hesitant. I suppose any protective software can be gotten around, but I also assume that a program like this would be helpful, even if not completely bullet proof. I have a computer at home waiting to be fixed because of a virus from a stream site. This doesn't happen too often, but enough. Usually I worry more about being tracked. I have a couple programs like ghostery attached to my torch browser, but it has no effect on malware. I've gotten to the point as seeing my computers as so temporary that I almost expect them to get bogged down by these viruses and adware. Which is quite a shame!

Hi James, Sandboxie works. You sound like a user that get infected regularly. If that's the case, if you start using SBIE every time that you browse the internet, you ll notice that you dont get infected anymore despite visiting the sites where you got infected in the past.

Test Sandboxie for 6 month, after the trial is over, you ll be convinced. If you test Sandboxie, you don't need to worry about whats contained within the sandbox since it will be gone when you delete the sandbox but do concern yourself with any files or downloads that you take out of the sandbox and execute out of the sandbox. That is the key.


A small warning for those who believe that sandboxes are "impenetrable":

Bromium Labs has released an interesting study called ”Application Sandboxes: A Pen Tester’s Perspective.” The study analyzes several publicly available application sandboxes such as Google Chrome, Adobe Reader, SANDBOXIE, Dell Protect Workspace and BufferZone.

The experts used several attack techniques, including sandbox bypass, sandbox leakage, and sandbox vulnerabilities.

The report shows that while off-the-shelf exploits are blocked by most of the sandboxes, OS kernel exploits and OS user mode exploits are easily achievable - on SANDBOXIE, BufferZone and Protected Workspace.

The full article is available here:

Nevertheless, browsing the Internet with a "sandboxed browser" provides a much safer experience, than without it.-

Wolfram, I have been using Sandboxie for almost 5 years, during this time, I have not been infected. For me, using Sandboxie for a long time and not getting infected is really the only test that matters.

By the way, did you know that the "experts" who made those lab tests, have their own security programs that they like to promote and sell?



LUKE: I'm not afraid.
YODA: Ohhh... but you will be, you will be.

("The Empire Strikes Back", 1980)

I really wish you, and to all the users of Sandboxie (including myself!), to NEVER have any infection.

But, in my opinion, there is no "absolutely safe" sandbox. There might be, somewhere, on the Internet, unknown threats - able "to bypass" any sandbox.

Some extra caution never hurts.-

Any program can be bypassed, including SBIE, but is funny (to me) how almost always bypassing Sandboxie only occurs in laboratory tests, like the one you posted. Hardly ever we seen anything in real world situations being able to break Sandboxies sandbox, that is an undeniable fact. Since June 2004, there's only been a handful of times that something really, really has escaped the sandbox.

If you know or read about anyone getting infected while using Sandboxie and SBIE is bypassed as described in this PDF, would you please post about it here. If there is at least one user somewhere in the internet that fits the case, then the "test" would really mean something. Otherwise, honestly, to me, that PDF means nothing, specially since this people are selling somethings. They are promoting their product by bad mouthing other products. If their product was that good, it should be able to sell itself without having to do what they are doing.

Would you please explain why the quote from the 1980 movie. I was never into that type of film and I just don't get it. I don't understand how it relates to Sandboxie/sandboxes/getting infected or what we are talking about.



Mr bo.elam, I will try to answer, briefly, to your questions.

I will start with my quote from "StarWars". Here is the required explanation:

You stated that you have used Sandboxie for almost five years. Without ever been infected. (I suppose you are using SB as a "browser protection utility".) But tomorrow, or maybe next year, you might get infected. And, suddenly, you will be scared. So, do not be so over-confident in Sandboxie's capabilities.

Today you are not worried? Tomorrow you might be!

There are countless users who are running many other programs under SB; and not only Internet Explorer. Quite often, they use Sandboxie as a "testing enclosure". When a "legitimate" program runs under SB, you do not have to worry. But when you test a so-called "crack", or a "keygen", or "a hacking tool", or a "Trojan prototype", or who knows what else, then, well, you should be worried - at least, a bit. Even if Sandboxie is properly configured, even if the access, to the Internet, of the tested programs, is limited, SB is not invulnerable. (Unless you have a "Registry changes monitoring tool"; and/or a reliable "Recovery Solution", of course.)

In what concerns your statement about Bromium Labs - trying "to sell something" -, please be so kind and show us where is located their "offer" - on the PDF titled "Application Sandboxes: A Pen-Tester's Perspective". I have not seen it. So, where is it?!

And even if it would be somewhere, no one is forcing us to buy something from them.

Do you have any tangible proof that Bromium Lab tests were made only to influence people to buy one of their advertised products?

You are asking me to mention "notorious cases of infected SB users".
But I am not a detective. The purpose of my post is a strictly informative one.

You must accept the fact that those who are studying applications' vulnerabilities - including those existing in Sandboxie -, are not willing to make public the results of their extensive researches. Instead, they prefer to sell them, for a lot of money, to certain, "obscure entities".

Why should a team of Russian IT experts, for example, who work for FSB (the former KGB), tell the people that they discovered, in their beyond imagination endowed lab, how can a Sanbox[i]ed web-browser be "bypassed", using a very special exploit they invented?! The people must remain "convinced" that their beloved app - Sandboxie -, is "invulnerable". Especially when someone "never infected" is "dangling" them, in his lap: "Rock-a-bye, baby, thy cradle is green (...)"

We never know what the future might bring (bad). Relying only on Sandboxie, for our protection, might not be enough. Preventing Malware requires a multifaceted approach. If, by accident, a little malefic program (partially) escapes from Sandboxie's sandbox, and stretches its tentacles to the heart of the Operating Systems, AND the Antivirus is not detecting its attempt, then, indeed, we might have a problem.

Sandboxie is a very good tool for reducing "the Surface Attack" of a Windows-based system. But trusting 100% in Sandboxie is unacceptable.-

(Forged Java Runtime Application "Trusted" SSL Certificates, and their "compromised" on-line validation, is what worries me most.)

Wolfram, you are worrying to much about the future. To enjoy life, worrying about what might never happen doesn't help. Take that as a friendly advise.

You call Sandboxie a "browser protection utility", you see thats the problem, you are seeing Sandboxie as a browser in a sandbox but Sandboxie is a lot more than that. I don't want this post to be as long as yours so I ll make it short. Personally, I sandbox all programs and files that run in my computers. I don't care what it is or how long its been in the computer. If a file its gonna run in my PC, it will run sandboxed until the day it gets deleted from the computer. Thats how I take care of my security and it works.

I don't run keygens or cracks and I recommend you stop doing that. If you keep doing it, you will get infected. For your information, Sandboxie treats all files and programs the same. Sandboxie will not inform you if malware is running in a sandbox but it will keep all its activity within the sandbox. Based on my almost 5 years of experience using Sandboxie, nothing gets out of the sandbox unless you allow it. That also includes malware.

About the products that Bromium sells, I am not allowed by the rules of this forum to post a link but if you want to know, use Google search, in less than a minute you ll be reading about their products.



I know that you are well intended. I like your pragmatic thinking.
I also know that you are working very hard, as a volunteer, in order to make Gizmo's Freeware a very useful website - which is worth visiting. I really appreciate your work. Therefore, I do not intend to argue with you about Sandboxie's virtues.

In fact, the truth about this program's strengths and weaknesses is best known only by its developer, Ronen Tzur. And, maybe, about those who broke the program's protection; and accessed its source code.

My intention is not to create panic; or to destroy Sandboxie's "credibility".
I just want that all the users of Sandboxie to remain vigilant.

I also want to put the readers' minds to contribution. To invite them to think on their own. For example, to ask themselves: if Sandboxie is so brilliant, so useful, so easy to configure, so safe, why it has not been adopted, yet, by the major enterprises and businesses - at least at the individual workstation level? Why it is not widespread?

There is something inaccurate in your last comment: I NEVER stated, in my previous post, that I - and I underline the word "I" -, that I am testing "Cracks", "Keygens", "Trojans", and other malefic programs. Simply because on my Wintel machine I use ONLY Freeware. :)

Also, if you would have read more carefully what I wrote, you would have discovered that I assumed that YOU are using Sandboxie (mainly) as a browser protection utility. Not me.

And yes, you are right: maybe I am a little too much worried about the future. But, in our days, who isn't?

"Yesterday is history, tomorrow is a mystery. And today is a gift. That is why it is called present." - Grand Master Oogway

You ask, is there anyone in today's world that's not worried? I am not, I follow my advice and enjoy life as it is and believe me, not everything around me is easy and nice.


Guys, thanks for the good discussion. Would be appreciated if anymore of this is discussed in the forum, because this is getting long, and not suitable for comments section anymore. Also, please keep discussion on topic. I have edited out the political content from the comments, which is unnecessary, and unsuitable.

Maybe SurfCanister and BufferZone Pro (also free) could be tested.

Two programs suggest to 'JonathanT' to include/analyze in this 'Browser Protection Utility':

1. "SecuBrowser" []- An application that sandbox Browsers when browsing with 'Internet Explorer' and 'Firefox'. It is freeware, not so rich in sandbox features like 'Sandboxie', but useful for general users when browsing. Tips: a-] In their shorcut change the path "...load.exe" to "", to avoid the "Security Info" when starts. b-] Create a RAMDisk to move the "sbox" folder in root disk to the RAMDisk, and then doing a junction in C:\ root; save the RAMDisk with the changes; thus all files will be reset and deleted from sandbox container when rebooting.

2. "Toolwiz Time Freeze" - Freeware, easy-to-use, an excellent alternative to 'Returnil'.

Toolwiz TimeFreeze is interesting and I like it, but it seems to cause some bizarre problems when I tried it out. Has anyone else been having problems with it?

First, it kept closing itself. Then it prevented some browser extensions I had from operating correctly.

Hi Mada, TTF is a pretty nice program. I am using something similar now but when I used it, I did not experience any kind of issue. Its possible that your antivirus or something else is causing a conflict or perhaps the installation got corrupted.

I recommend you uninstall TimeFreeze using the Start menu uninstaller provided by Toolwiz. After a reboot, reinstall it. You should know that it is not recommended to use the uninstaller provided by Windows in Add/Remove programs or Control panel to remove this program as it may cause problems during rebooting. But don't be afraid, just use the uninstaller in the Start menu and you ll be fine. I used it a few times and never had a problem.


Is there a reason why Geswall was removed?

My guess is that it is because GesWall has not been updated in a few years. If you are still in XP or W7, I ll say you can still use it.