[gjf]

1. Start BSA.
2. Run something in corresponding to BSA Sandbox.
3. After some time close everything in sandox either manually or forced using sandbox feature (if processes don't want to close manually).
4. Click "Find Differences" in BSA.
5. Open Viewer - and any option. The text editor will be opened in the sandbox which corresponds to BSA.

And BTW - maybe you have idea why I receive "Incorrect parameter name: DefaultBox" every time I delete the sandbox content? Nevertheless the deleteing completes successfully.

[gjf]

Some more: there is not the folowing strings in Registry Exclusion List:

Code: Select all

machine\software\Classes\clsid\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}
machine\software\microsoft\COM3
machine\software\microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
user\current\software\Microsoft\Windows\CurrentVersion\Explorer\BitBucket
user\current\software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect
current_classes\*\shell\sandbox
current_classes\AppID

And I cannot understand: if the lines are included in Exclusion list why I see them in RegHive Explorer?

I must state the RegHive Explorer is very inconvenient: I have to resize the windows to see the parameters every time, it has not copy/paste ability etc.

[Buster_BSA]

1. Start BSA.
2. Run something in corresponding to BSA Sandbox.
3. After some time close everything in sandox either manually or forced using sandbox feature (if processes don't want to close manually).
4. Click "Find Differences" in BSA.
5. Open Viewer - and any option. The text editor will be opened in the sandbox which corresponds to BSA.

You have something wrongly configured in Sandboxie.

What happens if from Windows Explorer you double click a .TXT file? Does it open sandboxed or not?

And BTW - maybe you have idea why I receive "Incorrect parameter name: DefaultBox" every time I delete the sandbox content? Nevertheless the deleteing completes successfully.

Again that´s a configuration problem in Sandboxie.

Are you using a default configuration for Sandboxie or you created a new sandbox to work with BSA?

[Buster_BSA]

Some more: there is not the folowing strings in Registry Exclusion List:

Code: Select all

machine\software\Classes\clsid\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}
machine\software\microsoft\COM3
machine\software\microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
user\current\software\Microsoft\Windows\CurrentVersion\Explorer\BitBucket
user\current\software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect
current_classes\*\shell\sandbox
current_classes\AppID

And I cannot understand: if the lines are included in Exclusion list why I see them in RegHive Explorer?

Because the exclusion list is only for reports. (REPORTS.TXT/ANALYSIS.TXT)

I must state the RegHive Explorer is very inconvenient: I have to resize the windows to see the parameters every time, it has not copy/paste ability etc.

Do you have enabled "Options -> Save settings on exit"? If not, enable the option.

What do you want to copy/paste?

[gjf]

You have something wrongly configured in Sandboxie.
What happens if from Windows Explorer you double click a .TXT file? Does it open sandboxed or not?

No, text viewer is not forced to be opened in sandbox.

Again that´s a configuration problem in Sandboxie.
Are you using a default configuration for Sandboxie or you created a new sandbox to work with BSA?

I have to sandboxes. The first is for normal work with internet browser and the second is for BSA investigations. Can it cause the problem?

Because the exclusion list is only for reports. (REPORTS.TXT/ANALYSIS.TXT)

Too bad - it would be great to disable this crap in RegHive Viewer.

Do you have enabled "Options -> Save settings on exit"? If not, enable the option.

Will try this. Thanks.

What do you want to copy/paste?

Paths, parameters, names.

[Buster_BSA]

You have something wrongly configured in Sandboxie.
What happens if from Windows Explorer you double click a .TXT file? Does it open sandboxed or not?

No, text viewer is not forced to be opened in sandbox.

Then the only explanation I can image is that you are running BSA.EXE sandboxed. Is it true?

Again that´s a configuration problem in Sandboxie.
Are you using a default configuration for Sandboxie or you created a new sandbox to work with BSA?

I have to sandboxes. The first is for normal work with internet browser and the second is for BSA investigations. Can it cause the problem?

Having two sandboxes configured can not be the cause of the problem. The problem must be in a wrong configuration or use of Sandboxie.

These problems you are reporting have never been reported before.

[gjf]

Then the only explanation I can image is that you are running BSA.EXE sandboxed. Is it true?

Sure no! For what I have to do this?

Having two sandboxes configured can not be the cause of the problem. The problem must be in a wrong configuration or use of Sandboxie.

These problems you are reporting have never been reported before.

No idea as well. OK, will try to clarify it by myself.

What about all other issues?

[Buster_BSA]

Then the only explanation I can image is that you are running BSA.EXE sandboxed. Is it true?

Sure no! For what I have to do this?

No idea but I have seen enough weird things in my life to almost believe anything. :D

Having two sandboxes configured can not be the cause of the problem. The problem must be in a wrong configuration or use of Sandboxie.

These problems you are reporting have never been reported before.
No idea as well. OK, will try to clarify it by myself.
What about all other issues?

To what other issues are you refering?

[gjf]

I mean Reg Viewer. But possibly the best solution would be using external viewers. OK, will survive with it :)

[Buster_BSA]

I mean Reg Viewer. But possibly the best solution would be using external viewers. OK, will survive with it :)

Ok.

Let me know if you solve the problem with Notepad being sandboxed and what was the solution, please.