[BUG]: I broke my Windows Sandbox and I'd like it back #115
Comments
|
I ended up reinstalling because of some other issues I was having as well. So, my sandbox works again. I was hoping to clean install Win 11 with a flash drive I made with rufus, and maybe avoid issues from upgrading in the future, but it wouldn't let me. When I booted the flash drive it wouldn't let me select it as the recovery image. It just rebooted back to WinRE if I clicked on it. All I could do is restore Win 10 from the partition and upgrade after installation. Which is bad, because the whole point of the endeavor was to avoid using that OEM partition. Pretty stupid. I dunno what I'm supposed to do if my drive is corrupted. I read something about those rufus images not supporting secure boot. Turning it off didn't help though. Maybe I needed to use the Microsoft tool, I don't know. I'm weary of all this. Removing Windows Defender breaks Microsoft Store and Sandbox on my Win 11 Pro. As does disabling DoSvc apparently. Gotta have the store for MSI drivers and SafeinCloud. I'm not set up for VM right now but maybe someone with Pro can try it. Reverting Windows Defender fixed the store but not the sandbox. vEthernet adapters never came back, and the only change in the app was an error dialog with the hanging splash screen instead of just a hanging splash screen. I didn't even have Defender or Firewall enabled in the first place since they were turned off because ESET was installed. But that's Windows for you, disabled never really means disabled if you're leaving it intact and trusting the word of the OS. Win 11 ignores my GPO policies sometimes too. I'd just like to know what was breaking Sandbox so I don't do it again. Not sure how to go about that though. |
|
Reversion does not help. When it breaks, it breaks for good. Going to have to reset again. I'll stick with the Group Policy Editor. |
|
Still broke after a reset. A clean install it is. What a joke |
|
I'm sorry for the frustration(s) it has caused. Thank you for reporting your experience. I know that it's hard to be helpful for community when you want to punch the screen 😊 Reverting Defender scripts is well-tested and should be successful. Its breaking behavior of Windows store ( I tested I don't see why the re-installation failed. Or vEthernets disappeared. Those are probably side effects but we need the names of scripts to reproduce. I hear your idea. I think saving logs in a file to avoid this in future is great idea. I'm not sure how to implemented though but we could take the discussion in new issue created for it. |
- Disable DoSvc using registry to support newer Windows versions. - Add more documentation for DoSvc.
|
Sorry, I missed this in my notifs somehow. My apologies if I came across with a bad attitude. I was frustrated with Windows 11 in general. So many reddit basement IT experts have told me that it's just a UI makeover of 10, no big deal, practically the same thing. All of my experiences do not jive with that take. My PC ran smooth as butter on 10 and now new issues are coming at me from all sides. Upgrading was just a waste of time; things aren't quite as bad after a clean USB install. MSI hasn't released a BIOS update or chipset drivers since last October, i.e. before Win11 was in the release channel I think, that probably doesn't help. Anyway, Windows Sandbox is kinda new and I'm not totally familiar with its inner workings yet, but it's quite helpful. I don't know if it relies on WDF specifically, it would be weird if it did, but in any case that reverts rather easily. Where my problems seem to come from was removing the Defender kernel drivers. I am pretty confident they did not revert correctly. I had a lot of errors in the terminal on the reversion. Of course this is my fault for not saving the output. I'm usually better about that, I guess I was getting impatient. I only did a selective backup of the last OS so the chances of me being able to drag a PowerShell log out of the backup is slim. I need to set up one of those automated centralized logging systems. Nxlog I think it's called, good software. Would be a godsend for my memory. Yes I noticed If I mess with it again I'll be sure to log everything and have a backup of my registry, COM+, etc. ready or maybe even the whole drive. The crazy thing to me is that it stayed broken after a reset. Only the clean install with the Win11 image (as opposed to using the Win10 recovery image and upgrading) fixed it. This is all on common PC hardware with nothing particularly out of the ordinary. Amazing. I wonder if I'm better off going back, but I like to stay current for security reasons. Not that it's looking like any Windows 11 updates so far provide any particular advantage in that respect. |
|
@CaptainFrosty maybe its an Hyper-v service(s) disabled? |
|
@bardiarajabi Sandbox actually isn't supposed to require Hyper-V components to be installed to run, but it may use a couple of the services that they ship with standard Windows anyway. Which is good because Hyper-V is dog doodoo, at least on my hardware. WSL 2 seems to working ok for me just for managing a ubuntu server. |
|
@CaptainFrosty I'm just getting started with these scripts and broke win sandbox, so this post was helpful. I have a few low-level wsl/sandbox/hyper-v articles you might like. |
|
@undergroundwires To add to what I said back in January it seems Windows 11 hides "hidden" adapters in the adapter settings which is very irritating. I don't know any method of forcing it. So my case of the missing virtual adapters may have just been a UI change. I probably didn't check in |
|
It's never shown everything, but there were considerably more types displayed in 10. |
|
I have 12 adapters total, and these are the 4 for which I get the privilege of GUI configuration now |
Thanks a bunch, I can always use links to good documentation. What is the problem? I know more now so I should clarify my previous information. You don't need Hyper-V to run Sandbox because the needed virtualization components are included in the Windows Sandbox feature package. |
|
There are reports that adding or removing the Hyper-V feature package can fix Sandbox errors though, but I wouldn't enable it unless troubleshooting or if it's needed for something else. Sandbox also needs some .conf/.ini-style config a la *nix it doesn't work well out-of-the-box, but it's not particularly complicated. |
Reorganize and document scripts for disabling network features, enhancing their discoverability and manageability. This commit categorizes scripts related to disabling insecure network connections, improves documentation, and makes these scripts more accessible. - Group scripts under `Disable insecure connections` category. - Move SMBv1 and NetBios disablement scripts to this new category. - Improve documentation, highlighting the security improvements and potential compatibility issues with older systems. Addresses issues #57, #115, #183, #175, and #185 by simplifying the process of troubleshooting and reversing changes if necessary.
This commit updates documentation to clarify the impacts of disabling firewall services, specifically how they affect Windows Sandbox, Docker and WSL. This update responds to user feedback from issues #115, #152, #364. The documentation now guides users more clearly on the consequences of their actions, potentially preventing unintended service disruptions. Changes include: - Expand the caution notes to explicitly mention the impact on virtualization and isolation features like Windows Sandbox, Docker and WSL. - Expand script titles to briefly mention affects on these features. - Expand documentation to suggest system restart. - Add an informative message to restart the computer in terminal outputs after service changes to ensure the settings are applied.
This commit updates documentation to clarify the impacts of disabling firewall services, specifically how they affect Windows Sandbox, Docker and WSL. This update responds to user feedback from issues #115, #152, #364. The documentation now guides users more clearly on the consequences of their actions, potentially preventing unintended service disruptions. Changes include: - Expand the caution notes to explicitly mention the impact on virtualization and isolation features like Windows Sandbox, Docker and WSL. - Expand script titles to briefly mention affects on these features. - Expand documentation to suggest system restart. - Add an informative message to restart the computer in terminal outputs after service changes to ensure the settings are applied.
|
0.13.4 is just released 🎉. It improves the documentation:
Please create new issues for further ideas/problems. |
Hi. I like to use Windows Sandbox. Unfortunately I killed it. Also unfortunately I didn't use a preset or save the script. A built-in history might be a good idea. That's a genuine suggestion; I'm not saying it to be bitter or anything.
After I rebooted I saw my virtual adapters were gone. Uh-oh. Then naturally I loaded Sandbox and it hangs at the splash screen. One of the things I did was disable Windows Firewall and that was my first thought. I use the ESET suite which is more than enough, and Windows Firewall annoys me. I guess I should have thought of the sandbox. Silly me. The BFE is still running, though. Which is good because I need that for a few things. Not sure why Sandbox would depend on Windows Firewall. Also removed some Defender stuff as well. Luckily my core isolation is still on. I was a little bit concerned about that.
I can recreate the scripts from memory the best I can if that helps. I only did a few networking related ones though, I believe. I disabled NETBIOS, Remote Assistance, and the insecure SMB. I disabled PowerShell 2.0. That's about it.
I just thought I'd see if you had any insights before I start reverting things. I'm not sure where to find information on Sandbox's required dependencies.
Thanks.
The text was updated successfully, but these errors were encountered: