Does Sandboxie contents get securely deleted?

Discussion in 'other anti-malware software' started by monstermash, Jan 18, 2006.

Thread Status:
Not open for further replies.
  1. monstermash

    monstermash Guest

    Does anyone know if when you delete your Sandboxie history, is it securely deleted? Can this data be recovered later with any of the plentiful file recovery programs available? If it isn't securely deleted how can we securely delete this data? Could a program like Eraser be used? How? Thanks for help.
     
  2. Brinn

    Brinn Registered Member

    Joined:
    Aug 5, 2004
    Posts:
    181
    Location:
    Canada
  3. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,103
    Hi Brinn,

    I looked at the home page for CleanCache v3.0 and it states it removes index.dat files along with:
    # Temporary Internet Files and index.dat
    # Internet Explorer History and index.dat

    Do you happen to know if it also wipes out the index.dat file located in the path: C:\WINDOWS\pchealth\helpctr\OfflineCache (for WinXP, maybe others)

    Removing that index.dat file prevents System Information from running.

    -- Tom
     
  4. Brinn

    Brinn Registered Member

    Joined:
    Aug 5, 2004
    Posts:
    181
    Location:
    Canada
    As far as I can tell, it only removes index.dat from Temp Internet Files, History and Cookies. Also, anything it cleans is listed and can be checked/unchecked according to what the user wants cleaned.

    Eraser can be used to clean out the SandboxIE default box but I'm not completely sure about the sandboxed registry edits. There's a file in the sandbox called registry.dat but I'm not about to play with it.
     
  5. securityx

    securityx Registered Member

    Joined:
    Dec 1, 2005
    Posts:
    149
    I often wonder this about Sandboxie, ShadowSurfer/User and Deep Freeze. When the programs "dump" their snapshots (or whatever you choose to call them) how easy is it to get inside those dumped "snapshots" and read the information forensically?
     
Loading...
Thread Status:
Not open for further replies.