Rollback RX + Sandboxie ... registry cleaning

Discussion in 'sandboxing & virtualization' started by Smuck, Jun 9, 2014.

Thread Status:
Not open for further replies.
  1. Smuck

    Smuck Registered Member

    Joined:
    Jul 17, 2012
    Posts:
    37
    Location:
    United Kingdom
    Got Rollback RX protecting the system and the boot partition, that`s why Sandboxie come in handy .. but not as protection!

    Because every time the system is wiped clean back to installation state, then program-data in registry and appdata folder etc are wiped too. But when Sandboxie rules over the created Apps folder on another partition with installed user applications then their save data to appdata folder and others are virtualized. And if the registry data are to be virtualized too, then the setup program for the app is pre-copied to the sandboxed Apps folder and run from there.

    The weird thing though is just registry cleaning, fx. using CCleaner, because it has to be run twice - once outside the sandbox and then also inside the sandbox - to work.
     
  2. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,768
    Location:
    Nicaragua
    Smuck, theres no need to run CCleaner sandboxed to get rid of changes made to the registry by programs installed or running in a sandbox. As you delete the sandbox, sandboxed registry changes get deleted.
    http://www.sandboxie.com/index.php?SandboxHierarchy#keys

    Bo
     
    Last edited: Jun 9, 2014
  3. Smuck

    Smuck Registered Member

    Joined:
    Jul 17, 2012
    Posts:
    37
    Location:
    United Kingdom
    Yes, there is a need: Because the sandbox is configured in settings never to be deleted, in other case it would delete save data from programs too! Fx. When the setup program runs in the sandbox folder it adds data to virtualized registry. And when there`s an upgrade for the program to install, it will find the installation in the virtualized registry. But then there`s something called "recover folder", because the upgrade files might not be visible or fx. the desktop shortcut to the program is not found or doesn`t work: it`s because Sandboxie has placed the new files in the sandbox folder, where they can be moved to the actual.

    It`s a little complicated to find out, also that you have to run setup files inside the sandbox, but it actually works - meaning that when Rollback RX restore the system partition the user programs still have their savedata thanks to Sandboxie.

    Sandboxie could probably be developed regarding registry cleaning for never erased sandboxes...
     
  4. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,768
    Location:
    Nicaragua
    It sounds to me like perhaps you are not sure how to run programs that you install in a sandbox. I know of at least 4 ways to run programs that are installed in a sandbox. You should not be having any kind of problem running programs sandboxed, even after you upgrade them (sandboxed). Probably the easiest way to run programs that are installed in a sandbox is to create a sandboxed shortcut for the program and place it in your desktop or taskbar. It can not be any easier than that.

    Go to Configure>Windows shell integration, Click "Add shortcut icons", Select the sandbox where you installed the program, find the sandboxed program in one of the menus and Click it. Thats all you have to do. After the click, you ll find the shortcut to run the program in your desktop (out of the sandbox).

    Bo
     
    Last edited: Jun 12, 2014
  5. Smuck

    Smuck Registered Member

    Joined:
    Jul 17, 2012
    Posts:
    37
    Location:
    United Kingdom
    In this system configuration Sandboxie is NOT used for security, it is only used for its virtuality service to separate data between the two partitions. And so programs installed, upgraded or removed in the virtual space benefits from CCleaner too. Fx. running CCleaner outside the sandbox may come up with nothing and then when run inside the Sandbox it finds several registry errors and other temporary data to delete.
     
  6. Windows_Security

    Windows_Security Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    3,061
    Location:
    Netherlands
    I think the idea is to roll back your OS-partition with Rollback RX. With most disk virtalisation the data partitions are useally excluded (to keep data changes/prevent loss of updates). When you move Sandboxie's sandbox folder to a data partition the changes in the registry are also kept in SBIE's sandbox folder. When the system is rolled back, all programs outside the SBIE sandbox are reset to latest saved image, while the programs inside the SBIE sandbox are still up to date (because SBIE sandbox is on data partition). Nice example of out of the box thinking.
     
  7. Smuck

    Smuck Registered Member

    Joined:
    Jul 17, 2012
    Posts:
    37
    Location:
    United Kingdom
    By the way Sandboxie has some lesser smart function/interface this way: 1. Fx. when a new program troubles windows firewall, windows causes a popup with option to allow this program access; when Sandboxie restricts a program it also causes a popup only with warnings, one have to open sandbox settings and there are several menus with Sandboxie restrictions to figure out, if one manage that one also have to insert the filename correctly. And the Sandboxie popop warnings are in technical themes(abbreviations) difficult; 2. Sandboxie only has one protection layer meaning that there are the original files and the overlayer with new ones, so when a program is updated with a patch, filenames already existing will be updated in the overlayer = the sandbox, and when the next patch is updating there will not be a new layer for filenames already existing in the sandbox. Would have preferred if Sandboxie just virtualized files copied to system partition and immediately recovered all files on the data partition.
     
    Last edited: Jun 18, 2014
  8. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,768
    Location:
    Nicaragua
    If you get a Sandboxie warning about a program trying to Run or Connect to the net, Sandboxie gives you message 1308 informing that a program attempted to run in a sandbox or 1307 if the program is trying to have access to the internet. Sandboxie also issues message 2222 or 2221, by double clicking this messages, you can change restrictions without having to open Sandbox settings.

    Look at the pictures of what I get when I try to run Notepad in a restricted Foxit sandbox. I think this messages are easy to follow, in this case, it clearly states that Notepad attempted to run in sandbox (Foxit). The option to allow Notepad to run by double clicking the message its also easy to follow, I think.

    Sin título - copia.jpg

    After double clicking on message 2222, this is what I get.

    Sin título2 - copia.jpg

    Bo
     
    Last edited: Jun 18, 2014
  9. Smuck

    Smuck Registered Member

    Joined:
    Jul 17, 2012
    Posts:
    37
    Location:
    United Kingdom
    Okay so there are more options than just the three buttons ... Still understanding what 1308 means is probably easy if one selv invented it - it's not so informative. And when there's fx. 5 popup warnings and the patch keep running, it really seems like a waste of time, since it`s too uncertain what has been installed/updated and what not. The best thing to do then is to run the installation outside the sandbox and at the end move it inside as final. F.eks. if Sandboxie says a file is too big to move.

    Still essentially it works.
     
  10. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,768
    Location:
    Nicaragua
    This is the explanation for SBIE message 1308.
    http://www.sandboxie.com/index.php?SBIE1308

    Keep this link about Sandboxie messages, its helpful.
    http://www.sandboxie.com/index.php?SBIE_Messages

    Also, go to Sandbox settings>Restrictions>Start/Run, if you look at the bottom of the window, you ll see a little box that can be ticked or unticked. If its ticked, you ll get a 1308 message whenever a programs that's not allowed to run attempts to run.

    In some sandboxes you might prefer not to get messages. In those sandboxes, you untick the little box. I do that in a few of my sandoxes to Hide particular messages. For example, in my Libre Office sandbox, I untick the option to get SBIE message 1307. That way I dont get the message when Libre Office attempts to have access to the net.

    Go back to the first picture in my previous post. If you click "Hide", that's another way for you to keep messages from showing up. In my personal case, I hardly ever get a SBIE message and I don't Hide many of them. That is because my sandboxes are perfectly tailored for the program or purpose that I created each of the sandboxes that I use.

    If you keep using SBIE, after a while, you ll get in the groove about the program, messages and the way the program is designed is gonna make a lot of sense. You just need to get used to the program. So keep using it and even invent your own personal ways of using SBIE. Like the CCleaner thing.

    Bo
     
  11. Smuck

    Smuck Registered Member

    Joined:
    Jul 17, 2012
    Posts:
    37
    Location:
    United Kingdom
    If one choose "recover to same folder" and fx. there are 20 files already existing, then one has to press copy and replace 20 times to do it, since there are no option to click "do them all"...
     
  12. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,768
    Location:
    Nicaragua
    Yes, there is an option to recover all files at once. Click "Select all", thats the small blue square box with the tick mark that you see on the right corner of the Recovery window.

    Bo
     
Loading...
Thread Status:
Not open for further replies.