I read this article, but still wondering for expert if you can add more something of which one is really better and effective but are not that annoying. http://www.techsupportalert.com/best-free-browser-protection-utility.htm#GesWall GesWall or Sandboxie?
Which is better is always a difficult question. I have Sandboxie, and I think it is excellent. I don't know anything about GesWall so no comment. I also think that Returnil can't be compared to Sandboxie and GesWall.
Sandboxie, DefenseWall and Geswall are all 'best' at whatever each does - 3 different beasts and kings of their own jungles. a) If you want a full sandbox (file/code doesn't run on the real system), then Sandboxie is the best tool imo. b) If you want a policy-based HIPS which gives untrusted control while running a file on the real system, DefenseWall is the best tool imo. c) If you want a policy-based HIPS that extends the use of the OS internal mechanisms, Geswall is the best tool imo. Sandboxie has an advantage in that it's sandbox protection has proven reliable more so than other products imo. It has a 64-bit counterpart (despite it's shortcoming) whereas its competitors (inc. Bufferzone) have not currently. Sandboxie provides a free (but with nag) version that allows the use of only 1 sandbox at a time. Defensewall advantage lies in it's ease of use (for a HIPS) and it's "trusted vs untrusted" control over a file. Support and updates are fast according to reports by users here. There's no free version though (except for Gizmo freebie v2.56 ). Ilya doesn't seem like having any plans on supporting 64-bit yet but that itself can be argued upon as good since he doesn't give his users false hope. Geswall advantage lies in it's that it has a free version for use (which allows 'covering' more than 1 app at a time) and that it provides its users extensive control over its settings (which suits more advanced/knowledgeable users imo). Geswall also seems to have plans on making a 64-bit version it seems. However, its product development is kinda slow I think and that doesn't help when one encounters problems with the software for example. All that said, my personal choice leans more to: 1. Sandboxie 2. Defensewall I am in favor of Sandboxie since it works/integrates more nicely with a LUA and SRP/Applocker combo when one runs a downloaded setup file - it invokes UAC to ask for elevation. I wish the other 'isolators' provides a similar feature... P.S. All statements above are just opinion-based. I don't have much experience with Geswall since I faced issues with it on my setup.
SandBoxie provides a better overall protection than the other, because it's a real sandbox. Defensewall is more like rule based on trust/untrust. I mean, SandBoxie really isolates all the actions of the things you choose and Defensewall is more like a rules based, it doesn't really isolates the software action it just limits what the software can/cannot do.
DefenseWall is best overall due to ease of use. Sandboxie is just as secure, but not as user-friendly as DW.
I've been using GeSWall but it's a little bit confusing at first. It even makes my adobe reader x freezes when it opens and when I try to disable GeSWall Pro trial it just runs ok. So I know its the GeSWall that affects adobe. I suspect that it also makes my pc a little sluggish...or makes my anti-virus cpu cycle to spike up. Not sure bout this. I was also confused when GeSWall pro trial expires the enable/disable wording when I right click the control in the tray disappears. Sandboxie looks more complicated to use than GeSWall but haven't tried this yet. Are Sandboxie more lighter on the system than GeSWall? and are not that "dominating" to other application/program functions? and by the way haven't read and understand yet all of Sandboxie details/manual...I am using scrapbook in Firefox. Can I still capture and save webpages with scrapbook plus with sandboxie?
I'v heared many are using Drop My Rights, (but am now more careful than before installing programs like this that tends to have more grip in controlling the system)... I still believe limited acct is one of the most important built-in security feature of Windows system, even if it's not 100% perfect. I use limited acct surfing the net so there's no need for me to use this. Besides when I want to install something it's just easy as pie switching to admin acct ...and disables hips program to make sure it wont interfere or conflict something. I still hesitates even if you allow it or trust it when pop ups ask you that it really can completely go on installing clean software flawlessly.
Mostly choose Sandboxie, have played with it many times and never let me down. Comodo's sandbox is also great
I voted for "Other" as your use of the word "Isolator" is too vague. It could apply to full simulation environments like VMWare. VPC, etc as well as for Boot-to-restore solutions that isolate the real hard drive from unwanted/malicious changes. As a Returnil rep and enthusiastic adopter, my "other" is RSS/RVS which may or may not be an expected target of your poll where it appears sandboxing and/or HIPS supported sandboxing may have been your intended focus. It is difficult to say exactly so some clarification from the OP would be useful in keeping the thread on topic, but given the above is valid, RSS/RVS 2011 could be considered a HIPS supported whole system partition "Isolator"... Mike
This poll really needs to be more specific, but if we are talking about only isolating applications then I would say Sandboxie. If we are talking about isolating in general then I have to vote for Shadow Defender. I don't think anything is more secure or affective than SD!
Keyloggers can ONLY steal data in Sandboxie when its a vanilla install. If you tighten it up then they can't run/connect to the web.