New Delete Command for Eraser v6.2.0.2962 and Sandboxie

If it doesn't fit elsewhere, it goes here
Post Reply
Guest10
Posts: 5136
Joined: Sun Apr 27, 2008 5:24 pm
Location: Ohio, USA

New Delete Command for Eraser v6.2.0.2962 and Sandboxie

Post by Guest10 » Sun Mar 01, 2015 6:17 pm

New Delete Command for Eraser v6.2.0.2962 and Sandboxie
Tested with Sandboxie v4.16 and v4.17 on 64-bit Win 8.1
Edit Also works with Eraser v6.2.0.2963 and 6.2.0.2967, but does NOT work for me with 6.2.0.2969. On 6.2.0.2969 it leaves behind the renamed sandbox folder "__Delete_xxxxx_xxxxxxxx" /Edit

Copy all of the text from this post to your Clipboard, and then Paste it into a Notepad document, so that you will have it available when you are off-line.

Edit: I should mention that the command lines assume that the "Eraser.exe" program file is located at "C:\Program Files\Eraser\Eraser.exe". If that's not correct for your computer, then the path inside of the following command lines must be corrected. /Edit

Choose from these two eraser methods...

Command line for 3 Pass deletion - DOD /E method (This is the usual method used by Sandboxie):

Code: Select all

"C:\Program Files\Eraser\Eraser.exe" erase /quiet /method=ecbf4998-0b4f-445c-9a06-23627659e419 dir="%SANDBOX%"
Command line for 1 Pass deletion with PseudoRandom Data (A quicker method that I use, and all that's really needed):

Code: Select all

"C:\Program Files\Eraser\Eraser.exe" erase /quiet /method=bf8ba267-231a-4085-9bf9-204de65a6641 dir="%SANDBOX%"
Decide which of the above erase methods you will use (1 Pass or 3 Pass), and have the Notepad document open so you can Copy to the Clipboard.

For each sandbox where you use Eraser v6.2 for secure deletion:
(Right-click the sandbox name) > Sandbox Settings > Delete > Delete Command

In the "Delete Command" box, use the arrow keys or your mouse to select everything in the box, and then delete it by pressing the <Delete> key on your keyboard.
Text in that box extends beyond what you can see, so make sure that it has all been deleted.
Paste the new command line of your choice from above into the Delete Command box, and Click OK to close the Sandbox Settings window.

Repeat for the next sandbox.


NOTES:
If you have multiple sandboxes that use Eraser v6.2, you could use:
Sandboxie Control window > Configure > Edit Configuration
Scroll down to each "DeleteCommand=..." line and replace the line with the new DeleteCommand=..." line of your choice:

Either the 3 Pass method that's usually used by Sandboxie:

DeleteCommand="C:\Program Files\Eraser\Eraser.exe" erase /quiet /method=ecbf4998-0b4f-445c-9a06-23627659e419 dir="%SANDBOX%"

Or the 1 Pass method:

DeleteCommand="C:\Program Files\Eraser\Eraser.exe" erase /quiet /method=bf8ba267-231a-4085-9bf9-204de65a6641 dir="%SANDBOX%"

Edit Here's an example using methodName:

DeleteCommand="C:\Program Files\Eraser\Eraser.exe" erase /quiet /methodName=Pseudorandom data dir="%SANDBOX%"

/Edit
------
Justification for only using 1 Pass deletion -
At the bottom of Peter Gutmann's paper on Secure Deletion Methods:
https://www.cs.auckland.ac.nz/~pgut001/ ... l#Epilogue
Why Eraser still sets 35-Pass Gutmann method as the default setting when installing Eraser is a mystery to me.
------
Eraser Help usage screen follows:

Code: Select all

Eraser 6.2.0.2962
(c) 2008-2015 The Eraser Project
Eraser is Open-Source Software: see http://eraser.heidi.ie/ for details.

usage: Eraser <action> <arguments>
where action is
  help                Show this help message.
  erase               Erases items specified on the command line. This is equivalent to addtask, with the schedule set to "now".
  addtask             Adds a task to the current task list.
  importtasklist      Imports an Eraser Task list to the current user's Task List.

global parameters:
  /quiet              Do not create a Console window to display progress.

parameters for help:
  eraser help         No parameters to set.

parameters for erase and addtask:
  eraser erase [/method=(<methodGUID>|<methodName>)] <target> [target [...]]
  eraser addtask [/method=(<methodGUID>|<methodName>)] [/schedule=(now|manually|restart)] <target> [target [...]]

  /method             The Erasure method to use.
    methodGUID and methodName can be any GUID/Name from the following list:
       Erasure Method                      GUID
    ---------------------------------------------------------------------------
    U  Gutmann                             1407fc4e-feff-4375-b4fb-d7efbb7e9922
    U  US DoD 5220.22-M (8-306./E, C & E)  d1583631-702e-4dbf-a0e9-c35dba481702
    U  RCMP TSSIT OPS-II                   f335cc40-5de5-4733-90b1-6957b4a45688
    U  Schneier 7 pass                     b1bfab4a-31d3-43a5-914c-e9892c78afd8
    U  German VSITR                        607632b2-651b-4935-883a-bdaa74febb54
    U  US DoD 5220.22-M (8-306./E)         ecbf4998-0b4f-445c-9a06-23627659e419
    U  British HMG IS5 (Enhanced)          45671da4-9401-46e4-9c0d-89b94e89c8b5
    U  US Air Force 5020                   7bf5b185-8ea5-4e12-83f1-f6c2efb3d2c2
    U  US Army AR380-19                    0fe620ea-8055-4861-b5bb-bd8bdc3fd4ac
    U  Russian GOST P50739-95              92681583-f484-415f-a66c-cc210222edc5
    U  British HMG IS5 (Baseline)          9acdbd78-0406-4116-87e5-263e5e3b2e0d
    U  Pseudorandom Data                   bf8ba267-231a-4085-9bf9-204de65a6641
       First/last 16KB Erasure             0c2e07bf-0207-49a3-ade8-46f9e1499c01

    Only erasure methods labelled "U" can be used to erase unused disk space.

  /schedule           The schedule the task will follow. The value must be one of:
    now               The task will be queued for immediate execution.
    manually          The task will be created but not queued for execution.
    restart           The task will be queued for execution when the computer is next restarted.
                      This parameter is only valid for use with "addtask".

  target is one or more of:
    file                Erases the specified file
      argument: file=<path>
    dir                 Erases files and folders in the directory
      arguments: dir=<directory>[,-excludeMask][,+includeMask][,deleteIfEmpty[=true|false]]
        excludeMask     A wildcard expression for files and folders to exclude.
        includeMask     A wildcard expression for files and folders to include.
                        The include mask is applied before the exclude mask.
        deleteIfEmpty   Deletes the folder at the end of the erasure if it is
                        empty. If this parameter is not specified, it defaults to true.
    recyclebin          Erases files and folders in the recycle bin
    unused              Erases unused space in the volume.
      arguments: unused=<drive>[,clusterTips[=(true|false)]]
      clusterTips     If specified, the drive's files will have their cluster tips erased.
                      This parameter accepts a Boolean value (true/false) as an argument;
                      if none is specified true is assumed.
    move                Securely moves a file/directory to a new location
      arguments: move=<source>|<destination>
    drive               Erases partitions, volumes or drives
      arguments:
        drive=\Device\Harddisk<index>
        drive=\\.\PhysicalDrive<index>
        drive=\\?\Volume<guid>

parameters for importtasklist:
  eraser importtasklist <file>[...]

    file               A list of one or more files to import.

All arguments are case sensitive.

Response files can be used for very long command lines (generally, anything
involving more than 32,000 characters.) Response files are used by prepending
"@" to the path to the file, and passing it into the command line. The
contents of the response files' will be substituted at the same position into
the command line.
End of post
Last edited by Guest10 on Sun Apr 19, 2015 3:57 pm, edited 5 times in total.
Paul
Win 10 Home 64-bit (w/admin rights) - Zone Alarm Pro Firewall, MalwareBytes Premium A/V, Firefox, Thunderbird
Sandboxie user since March 2007

Mr.X
Posts: 618
Joined: Sat Jul 13, 2013 9:34 am
Location: Mexico

Re: New Delete Command for Eraser v6.2.0.2962 and Sandboxie

Post by Mr.X » Sun Mar 01, 2015 6:23 pm

Magnificent information thanks! Although I use a RAMDisk and have no need of Eraser.
Windows 8.1 x64 EN | Sandboxie latest beta or stable | All software latest versions unless stated otherwise

secret365
Posts: 29
Joined: Mon Nov 23, 2009 8:54 am

Re: New Delete Command for Eraser v6.2.0.2962 and Sandboxie

Post by secret365 » Thu Apr 16, 2015 9:31 am

Okay, I can confirm this solution is working under windows 7 64 bit (using the latest Eraser v6.2.0.2969).

Thank you!

Guest10
Posts: 5136
Joined: Sun Apr 27, 2008 5:24 pm
Location: Ohio, USA

Re: New Delete Command for Eraser v6.2.0.2962 and Sandboxie

Post by Guest10 » Sat Apr 18, 2015 7:29 pm

secret365 wrote:Okay, I can confirm this solution is working under windows 7 64 bit (using the latest Eraser v6.2.0.2969).
It doesn't seem to work with that version, for me. It leaves behind the __Delete_xxxxxxxx folder.
I have that version on my notebook now, so I'm going to see if I can figure out what has changed with the command line.
Paul
Win 10 Home 64-bit (w/admin rights) - Zone Alarm Pro Firewall, MalwareBytes Premium A/V, Firefox, Thunderbird
Sandboxie user since March 2007

Guest10
Posts: 5136
Joined: Sun Apr 27, 2008 5:24 pm
Location: Ohio, USA

Re: New Delete Command for Eraser v6.2.0.2962 and Sandboxie

Post by Guest10 » Sun Apr 19, 2015 4:11 pm

I was not able to get Eraser 6.2.0.2969 to work correctly from within Sandboxie.
However, 6.2.0.2967 does seem to work OK.

Using 6.2.0.2969:
DeleteCommand="C:\Program Files\Eraser\Eraser.exe" erase /quiet /method=bf8ba267-231a-4085-9bf9-204de65a6641 dir="%SANDBOX%"

Capturing the commands using Process Monitor...
The resultant command to run Eraser was:
"C:\Program Files\Eraser\Eraser.exe" erase /quiet /method=bf8ba267-231a-4085-9bf9-204de65a6641 dir="C:\Sandbox\Paul\__Delete_Firefox_01D07ACDF5BAD900"

It looks perfect to me, but it did not work when Sandboxie tried to Delete Contents with 6.2.0.2969.
Since that command does work in previous Eraser versions, it would seem that Eraser might be at fault.

However, the above command line did work when it I ran it in a command window.
That reminds me of another thread in the forum where it was reported that the DeleteCommand did not work from Sandboxie, but it did work from a command window.
Paul
Win 10 Home 64-bit (w/admin rights) - Zone Alarm Pro Firewall, MalwareBytes Premium A/V, Firefox, Thunderbird
Sandboxie user since March 2007

secret365
Posts: 29
Joined: Mon Nov 23, 2009 8:54 am

Re: New Delete Command for Eraser v6.2.0.2962 and Sandboxie

Post by secret365 » Mon Sep 28, 2015 11:08 pm

The delete command seems to be working with Eraser v6.2.0.2970, sandboxie 5.04 & windows 10 64 bit.

wayne Kerr
Posts: 1
Joined: Wed Dec 23, 2015 4:41 pm

Re: New Delete Command for Eraser v6.2.0.2962 and Sandboxie

Post by wayne Kerr » Wed Dec 23, 2015 4:57 pm

Thank you very, very much.

I have been struggling with this for over a year following an update. I have spent ages searching and trying different things then gave up in despair. I tried again today and found your post that has worked.

Sandboxie was not clearing the folder and I had to use CCleaner to fully clean up.

You are a star!!!

Merry Christmas and a very happy New Year.

Thanks again.

Craig@Invincea
Sandboxie Support
Sandboxie Support
Posts: 3523
Joined: Thu Jun 18, 2015 3:00 pm
Location: DC Metro Area

Re: New Delete Command for Eraser v6.2.0.2962 and Sandboxie

Post by Craig@Invincea » Wed Dec 23, 2015 5:37 pm

A lot of folks use CCleaner in the SB. Glad it worked for you.

Post Reply

Who is online

Users browsing this forum: No registered users and 4 guests