I recently reviewed an Internet browsing virtualization product called CheckPoint Zone Alarm ForceField. I've reviewed similar products over the past few years, including Greenborder, Sandboxie (I reviewed it personally, not in a published review), and a few others. The solutions in this product category try to protect the end-user and their computing environment by encapsulating or segregating the Internet browser (and possibly the underlying operating system and e-mail client) from malicious manipulation. Their goal is for all legitimate and user-wanted modifications to be kept permanently, while preventing or removing unwanted malicious modifications.
Although these products try to be helpful, they usually fail quickly under testing and are not highly accurate. Most of the time I can infect or exploit the underlying host system in less than a few minutes of malicious testing, and as such I can't personally recommend products in this category to readers.
Believe it or not, I don't blame the vendors for trying to give it a go in this class of product. Traditional anti-malware products (anti-virus, anti-spam, anti-phishing) are frequently being circumvented by morphing, ever more sophisticated, malware. The vendors are trying to come up with new product types that might be more successful.
The only problem is that these types of solutions are old news, and their inherent issues and challenges have been acknowledged and argued for decades. The overall security description is known as red/green computing. The classic idea is that participating users have a single physical computer with two separate computing environments. The known, clean, trusted computing environment is referred to as the green computer. The untrusted computing environment is known as the red computer. Users should use the green computing environment to do all their normal, trusted, computing (normal business work, e-mail, gaming, and so forth), and use the red computing environment to surf the Web, run new, untrusted programs, and the like. Most red/green scenarios have two separate computing environments within one physical computer, with a toggle button of some type to allow the user to switch between red and green environments. The red and green computing environments should never touch one another or only when the user wants to transfer legitimate data and/or programs from one side to the other.