There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Search Library
 

Sandboxie and System Restore

From TSG Library of Knowledge

Jump to: navigation, search

There is one weakness where malware can get through sandboxie though it's because of windows that weakness is there,

When certain file types are deleted in windows they get backed up in system restore, So if there's malware in the sandbox when you delete the sandbox then they'll get backed up to system restore,

And if you happen to restore to an earlier time with System Restore that contains a virus then you will get infected,

Here's instructions on how to protect against that, There's actually three ways to stop it from happening,


Secure Delete

This way overwrites the contents of sandboxie one or more times when you empty the sandbox, By doing so the contents don't get backed up to System Restore

First you'll need a program that can securely delete files/folders, Two good ones that also conveniently have options in sandboxie to be setup easier are SDelete and Eraser Once you download and install a program that can securely delete files/folder then proceed with the following,

  1. Open Sandboxie Control
  2. Right-click the sandbox you would like to change the settings on and select Sandbox Settings
  3. Go to Delete > Command
  4. Type in the command for the program you're using, If you're using SDelete or Eraser then just click the button pertaining to one of the two and browse to the file for SDelete or Eraser
  5. Click OK

NOTE: If you choose to use SDelete a problem I ran into was the contents weren't being deleted, that's because to use SDelete after you download it you need to Double-click SDelete to accept a license agreement or else the command won't work since SDelete won't be functioning yet.


Temp Folder

This way requires the container folder for the sandbox to be changed,

You should delete the contents of all sandboxes before changing the container folder,

To change the container folder

  1. Open Sandboxie Control
  2. Go to Sandbox > Set Container Folder
  3. Change folder from default C:\Sandbox\%USER%\%SANDBOX% To one of the following,
    • C:\Temp\Sandbox\%USER%\%SANDBOX%
    • C:\Tmp\Sandbox\%USER%\%SANDBOX%
  4. Click OK


By default System Restore doesn't backup files located in a folder named Temp or Tmp


Turn off System Restore

This is not the recommended way since it's usually better to leave System Restore on in case you need it,

Unless you are using some other way of backing up your computer and prefer to have system restore off.

Retrieved from "http://library.techguy.org/wiki/Sandboxie_and_System_Restore"

Copyright © TechGuy, Inc. All rights reserved.
TechGuy Inc, PO Box 268, Waynesboro, PA 17268

Need help solving a computer problem?