Quarantining Origin with Sandboxie

Since a couple people asked about it in my last post, here's a quick guide to limiting Origin's ability to scan your computer, using the third-party Sandboxie program, which is thus far the only way I know of to do so.

What is Sandboxie?
Sandboxie is a small utility that you can use as a sort of shell around any normal program you run, preventing that program from reading from or writing to any part of your computer that you don't want it to mess with. It's free, effective, and has a very small CPU footprint, so you should never even notice it's running.

Why bother?
A fair question. Origin, thus far, appears to restrict its scanning of your hard drive mostly to your ProgramData folder, and while we don't know what exactly it reports back to EA, it doesn't appear to be much.

But "much" is still more than I'm willing to allow. It's not EA's business whether or not I have Photoshop installed or what my nVidia settings are. Nor is it the business of the advertisers they might sell to, nor anyone who might hack them. Nor am I willing to take the chance that Origin will remain concerned only with the ProgramData folder. Many don't feel the same, which is fine, I'm not here to convince anybody. For those that do, there's Sandboxie.

So how do I do this then?
Well, first, of course, you need to download and install Sandboxie. Spend a bit of time reading the readmes and playing around with it if you like, but you can just ignore all that and move on to the next step if you're only ever going to use it for Origin.

The next thing to do is to open Sandboxie control. Sandboxie ought to start running as soon as you've installed, so you should be able to just double-click on the icon in your system tray at the bottom right. If it's not running just open it. It'll launch on startup from here on out so you won't have to worry about it again (though you can tell it not to).

Now open the menu option that says "Sandbox" and select "Create New Sandbox." I'd just call it Origin to make things simple. Select the option to copy settings from the existing DefaultBox sandbox.

Now highlight your new sandbox, and click on the "Configure" menu option. Select "edit configuration."

Leave that open for a minute.

Now you want to open a command line. If you're in XP, open your start menu, click "run" and type "CMD." In Win7, just open your start menu and type "CMD" in the search box.

At the prompt, type "cd c:\ProgramData" and hit enter. Then type "dir /d /b >list.txt" and hit enter again.

Type exit, or close the cmd window.

Open Explorer and paste "C:\ProgramData" in the navigation bar. You should see a text file here called "list.txt." You just made this file! It's a list of all the files and folders in your ProgramData folder. It's going to save you some time. Because you're going to highlight the following:


And copy that, and then paste it in front of each new line in that list. Delete the entry for the list.txt file itself, and any entries that end in .bin or .ini or, actually, any extension at all. You should eventually end up with a file that looks something like this:

ClosedFilePath=C:\ProgramData\EA Logs
ClosedFilePath=C:\ProgramData\Electronic Arts
ClosedFilePath=C:\ProgramData\Media Center Programs

Delete the origin line, too. Leave the rest.

Now, copy this whole thing. Go back to your other open notepad file, the Sandboxie.ini, and just paste it all at the bottom.

If you have more than one drive, you may want to close off any it won't be using as well, just to be safe. IE:


Don't lock it out of whatever drive your "My Documents" folder is in, though.

You also want to add this line:
ClosedFilePath=C:\Program Files (x86)\Origin\IGO32.dll

... to prevent crashing.

Now add these six lines:

OpenPipePath=C:\Program Files (x86)\Origin\
OpenPipePath=C:\Program Files (x86)\Origin Games\

Replace "%user" with your username, the one you log into Windows with. Also, if you're running Windows 64 bit, you'll want to use (x64) instead of (x86).

Save this file and close it. Almost done!

Back in Sandboxie Control again, open the "Configuration" menu, and select "Windows Shell Integration." Click the big button in the middle, "Add Shortcut Icons." Select the new sandbox you just created, and then navigate through the start menu that pops up, until you find the Origin program. This will create a shortcut on your desktop that opens Origin in Sandboxie. Always use this shortcut to run Origin, and never worry about EA spyware again.
