How to Enable the Windows Defender Sandbox Mode



RECOMMENDED: Click here to fix Windows errors and optimize system performance

You can enable sandbox protection for Windows Defender. Once you have enabled the sandbox protection function, Windows Defender starts in sandbox mode to improve the security of your computer.

According to Microsoft, when you enable sandbox protection, Windows Defender works in a sandbox, so if your computer is compromised in the future, malicious actions are limited to the isolated environment and protect the rest of the system from damage.

The Sandbox mode works like an application container. Once the sandbox system is activated, a MsMpEngCP.exe content process appears next to the Windows Defenders MsMpEng.exe antimalware service in the Task Manager (press Ctrl+Shift+Esc).

Enable Sandbox mode of Windows Defender

Locate the command prompt on the Start menu and click Run as administrator. You can also right-click on the result of the command prompt and select Run as administrator.

In the Command Prompt window, execute the following command. You will get the answer “SUCCESS: the specified value has been saved”.

setx /M MP_FORCE_USE_SANDBOX 1



Fix Update September 2019:

We recommend you try using this new tool. It fixes a wide range of computer errors, as well as protecting against things like file loss, malware, hardware failures and optimizes your PC for maximum performance. It fixed our PC quicker than doing it manually:

  • Step 1 : Download PC Repair & Optimizer Tool (Windows 10, 8, 7, XP, Vista – Microsoft Gold Certified).
  • Step 2 : Click “Start Scan” to find Windows registry issues that could be causing PC problems.
  • Step 3 : Click “Repair All” to fix all issues.

download
(optional offer for Advanced System Repair Pro -> Website | EULA | Privacy Policy | Uninstall)



Restart the Windows system for the changes to take effect.

If you want to cancel this change, execute the same command and replace the “1” with a “0” and restart your PC. If, for any reason, you have problems booting your PC, try booting in safe mode, then run the command.

After enabling the sandboxing, you will see a special content process called MsMpEngCP.exe with fewer privileges that runs in parallel with the default anti-malware process, MsMpEng.exe.

To disable the antivirus sandbox functions

If the activation of the Windows Defender sandbox is limited to a single command executed at a high prompt, you cannot do the same thing when you disable it.

In this case, you must manually delete the new rule by calling the classic control panel. You probably noticed that there is no shortcut in the Start menu of the Control Panel, so just type the name and click Enter.

In the Control Panel, follow the following path:
Control Panel > System and Security > System > System > Advanced System Settings (left sidebar)

At this point, you should see the System Properties screen with the Advanced tab enabled. Then, in the Start and Restore section, click on the environment variables. In the System variables field, search for an entry named :

MP_FORCE_USE_SANDBOX

Select this entry and click on the Delete button. Click OK, close all windows, restart your computer and you are ready to go.

CONCLUSION

Sometimes, the antivirus software itself can be misled by attackers, which is why an antivirus is one of the few applications that have full access to the PC. You can read or write files, even in areas reserved for other applications or even users.

Therefore, Windows Defender Sandboxing seems to me to be an appropriate step. However, it will be interesting to see which applications are affected by this new step.

If you are concerned about the impact on performance, Microsoft indicates that the sandbox environment has been designed with system resources in mind, so you should not see any significant degradation in system performance when the feature is enabled.

https://www.microsoft.com/security/blog/2018/10/26/windows-defender-antivirus-can-now-run-in-a-sandbox/



RECOMMENDED: Click here to troubleshoot Windows errors and optimize system performance