Search found 269 matches

by DR_LaRRY_PEpPeR
Fri Sep 14, 2012 7:20 am
Forum: Problem Reports
Topic: Flash Player Installer avoids having [#] when sandboxed
Replies: 8
Views: 3971

No, no Templates. But I guess you nailed it, thanks! I do have the print spool set to the same folder. :o So the print spool directory is a built-in exclusion? What, do programs that print need to write to that folder which is then used by the Print Spooler service? (Ahh yes, I guess that's how it w...
by DR_LaRRY_PEpPeR
Fri Sep 14, 2012 7:05 am
Forum: Beta Version 4.01
Topic: [.02] Run Sandboxed + SRP doesn't work?
Replies: 11
Views: 6712

What are you talking about? Why would I want to remove the "Run Outside Sandbox" option? If you don't fix the crash, which I'm telling you about, it's unusable anyway (for me). Plus isn't run_dialog's functionality basically like start_menu? Start.exe /box:__ask__ start_menu has no choice for "Run ...
by DR_LaRRY_PEpPeR
Fri Sep 14, 2012 6:22 am
Forum: Problem Reports
Topic: Flash Player Installer avoids having [#] when sandboxed
Replies: 8
Views: 3971

Untouched DefaultBox with default settings... Run Explorer in it and put something in the Temp folder. It's on the real system, not in the sandbox. I don't think I ever remember seeing the Temp folder in any sandbox when browsing contents, but not certain. I assumed the OP is getting the same behavi...
by DR_LaRRY_PEpPeR
Fri Sep 14, 2012 5:04 am
Forum: Quick Questions
Topic: Program restrictions
Replies: 6
Views: 2366

Assuming the malware, or whatever, is actually in the sandbox and not the real system (through OpenFilePath), that stuff isn't allowed anyway when Start/Run or Internet Access restrictions are in effect, no matter the name. Same goes for OpenFilePath/OpenKeyPath.
by DR_LaRRY_PEpPeR
Fri Sep 14, 2012 4:46 am
Forum: Problem Reports
Topic: SBIE2204 Cannot start sandboxed service RpcSs (-1)
Replies: 11
Views: 3090

What is cuig.exe there at the end? Looks malware-related from Google...
by DR_LaRRY_PEpPeR
Thu Sep 13, 2012 3:00 pm
Forum: Problem Reports
Topic: Flash Player Installer avoids having [#] when sandboxed
Replies: 8
Views: 3971

Don't "see" it, literally, in Direct Access you mean? I didn't mean that. :) I meant that it seems to be a default "hidden" OpenFilePath internally. (And since I started using it, which isn't long ago. :lol:) I don't really like it. Especially that files there don't count as "in the sandbox" when us...
by DR_LaRRY_PEpPeR
Thu Sep 13, 2012 12:12 pm
Forum: Problem Reports
Topic: Flash Player Installer avoids having [#] when sandboxed
Replies: 8
Views: 3971

Re: Flash Player Installer avoids having [#] when sandboxed

The Flash Player Installer won't have the [#] indicators. What Brummelchen said. Depending how it's creating its title bar, etc. (custom or non-standard). I notice that with QuickTime, for example. Also, the Flash Player Installer manages to move itself to the Temp folder. Yeah, anything can put an...
by DR_LaRRY_PEpPeR
Thu Sep 13, 2012 11:55 am
Forum: Problem Reports
Topic: Can I add Sandboxie Processes to EMET 3.5 and turn on ROP?
Replies: 1
Views: 868

Try it and see...? ;) If it works, I doubt there'd be negative effects on Sandboxie's protection.

I haven't really had any desire to use EMET on Sandboxie itself. I don't think there's much/any concern about exploitation there. And if there was, I'd be more worried about stuff beyond EMET!
by DR_LaRRY_PEpPeR
Thu Sep 13, 2012 11:24 am
Forum: Beta Version 4.01
Topic: [.02] Run Sandboxed + SRP doesn't work?
Replies: 11
Views: 6712

The crash? That was just an aside. I thought the obvious solution was to remove the "Run Outside Sandbox" option. It's not there for start_menu... After all, why run these things in the first place if not choosing a sandbox ? 3.74 still crashes the same. Dr. Watson log file references ntdll!wcslen. ...
by DR_LaRRY_PEpPeR
Sat Aug 04, 2012 8:34 am
Forum: Problem Reports
Topic: MoveFile API seems to work outside Sandbox
Replies: 2
Views: 943

The MoveFile function ("rename") doesn't physically move files on a volume... AFAIK, the Windows defrag API is pretty "high level," and Windows itself correctly and safely handles the actual "low level" work of moving files where desired (as instructed by the defrag tool), etc. So the defrag program...
by DR_LaRRY_PEpPeR
Sat Jul 21, 2012 11:04 am
Forum: Contributed Utilities & Templates
Topic: Block Process Access
Replies: 212
Views: 227379

Is this blocking only for "nice" programs...? e.g. could code bypass the hooks and call the REAL functions directly? GetProcAddress to get the address from the DLLs, anything like that?

I have some ideas, but not sure if they're worth implementing if it's trivial to get around the hooks. :x
by DR_LaRRY_PEpPeR
Sat Jul 21, 2012 10:48 am
Forum: Problem Reports
Topic: Different crash/error reporting when sandboxed
Replies: 1
Views: 804

Different crash/error reporting when sandboxed

An easy way to get a crash and hopefully see the difference I do is use IE 6 to go to Google. Start typing, refresh, type... repeat a few times and the AJAX suggestions stuff will crash IE 6. Without Sandboxie, I get the Microsoft Error Reporting, "Send Error Report"/"Don't Send" box (dwwin.exe). Wh...
by DR_LaRRY_PEpPeR
Sat Jul 21, 2012 9:54 am
Forum: Problem Reports
Topic: "Run Sandboxed" does not work
Replies: 9
Views: 2882

That "triangle" is a Command Prompt, prompt!? :P
by DR_LaRRY_PEpPeR
Fri Jul 06, 2012 6:43 am
Forum: Beta Version 4.01
Topic: [.02] Run Sandboxed + SRP doesn't work?
Replies: 11
Views: 6712

[.02] Run Sandboxed + SRP doesn't work?

Start.exe (Run Sandboxed) seems to prevent any SRP rules from working. :( Is this by design? Can it be fixed, or an option to allow it to work with SRP? Haven't registered Sandboxie yet, but I use SRP to run browsers, etc. "restricted" (Standard User) on my XP admin account. Of course I'm aware of D...