manual sandboxing flaws

When do manual sandboxing with everything virtualized - checked all - then why some keys are still can be putted into real reg. hives? This is really weird to find some unexisting services or whatever.
I need to know does manual sandboxing allows changing the real hives keys not only creating new ones?

Why the real one registry is full of leftovers when I need full virt session on exe even if pseudo-made/mode (in s/w) virtualization? Why real and virtual hives mixed after execution in sandbox?

Need complete description of how this so-called forced manual virtualization works on registry if there’s still leftovers! One side is garbage, but other - can real keys be changed by virtualized? substituted?

And else - how these 2 options
Automatically detect the installers / updaters and run them outside the Sandbox
Automatically trust the files from the trusted installers

affect Run a Program in the Sandbox or by RMB click.
I think they should not work for manual sandboxing or at least one of them. However this can explain flaw of registry leftovers after manually sandboxed apps - this is a bug in logic then.

With CIS you cannot install programs in the sandbox.

About what scenario are we talking here?

Move it to bugs

Your description does not comply with the requirement for a bug report in line with the bug forum guidelines and format here. You can copy and paste the format from this topic.

The most important thing that is missing is a scenario of reproduction. Could provide with us with steps of reproduction of your findings?

RMB->sandbox the desired exe that’s either signed or not and have all the bunch of installer’s features like driver manipulations registry modifications etc.
File virtualization works but registry doesn’t. As it is said in the very 1st post.
Anyway i made a post in bugs so testers can check it.

Your report has been moved to the non-format section, because as Eric mentioned, a report needs to comply with the bug reporting guidelines.

Developers may look at the non-format reports, but a bug is much more likely to be fixed if it contains all of the data they have requested. I’ll repost the text added to the MOVED: notice on your report, in case you missed it.

Thanks for your issue report. We have moved it to the non-format bugs board for the moment, because either it is not in the format or too much of the requested information is missing. Developers may look at it there, and may fix it. But it is much more likely to be fixed if you edit your first post to create an issue report which meets all criteria in the [url=] bug forum guidelines and format[/url]. (You can copy and paste the format from this topic). The general reasons why are summarized in that post, the reasons we ask for information you may think irrelevant are given in this [url=;msg456515#msg456515] detailed post[/url].

In the current process we will normally leave it up to you whether you want to make a report which is correctly formatted or not. We may remind you if we think a bug of particular importance.

You can get your report moved to the format verified issues board simply by ensuring that it is correctly formatted and all criteria are met, and PM’ing a mod who is active on the bug board.

I guess CIS manual sandbox too still is not full virtualization, right? This is going to be in version 6, right?


The manual sandbox is fully virtualized.