You’re probably reading this because you found Start.exe running on your PC and you’d like to know whether it’s good or evil. Well, the good news is that the process does belong to a legitimate program called Sandboxie. The bad news is that if you haven’t installed that program then it’s probably a virus or equivalent spyware.
Sandboxie is a security software that creates a virtualized “sandbox” environment for your Windows applications to run in. The program is free and is somewhat effective for circumventing malware that might infect your computer particularly through a web browser. In Sandboxie, Start.exe is used to launch applications within the protected sandbox so that changes made within a program won’t effect the rest of your computer. Under normal conditions this instance of Start.exe only runs for a few seconds while a program is launched, and you shouldn’t see it in the Task Manager. More information about launching programs with Sandboxie’s Start.exe can be found here.
If you haven’t downloaded and installed Sandboxie on your computer, then it is likely that the Start.exe you are seeing in your Task Manager is spyware. A few years ago a trojan was circulating the internet known as Secret-Crush. Once it infected your PC it would run under the alias “start.exe” and report all your internet browsing data back to its creator. Obviously this is a huge security and privacy intrusion, however the trojan doesn’t produce any noticeable negative performance effects on the infected computer.
Another though less likely explanation of why Start.exe is running on your PC is because it is a part of the legacy Domain Logon Script. This was a tool used in older Microsoft Networks and was usually only on computers connected to a corporate domain. If you’re a home user, it’s near improbable that you would ever see this process running because it was from Microsoft.
Whether or not Start.exe is a safe process really depends on who made it. At least three different companies have produced a process with the name, but usually you won’t see it running if it was from one of the good guys. If you are on a domain networked computer, or you have installed Sandboxie – you’re likely in the clear. But it’s still worth checking it out to make sure, because it might be a trojan that is monitoring everything you type and do.