I just had my first Windows 7 Blue Screen of Death :(.  However, it was my own fault for trying to use an unsupported driver :P.  I had just listened to an episode of Security Now on a tool called Sandboxie.  Sandboxie is a tool which intercepts Windows API calls made by programs to read/write files and registry keys.  Once intercepted, Sandboxie redirects them to files and registry keys in a special “Sandbox”, so that changes made by programs are isolated from each other.  It’s a cool security solution, and very similar in spirit to Microsoft’s App-V platform (only cheaper, and aimed at consumers rather than enterprises :D).

In order to intercept the Windows API calls, however, Sandboxie has to install a kernel-mode driver and patch the kernel.  In 64-bit versions of Windows, a system called PatchGuard prevents this from happening, thus Sandboxie is not compatible with those operating systems.  However, my laptop is running a 32-bit version of Windows 7, so I decided to try it out.

At first, I got a compatibility message from the Sandboxie installer, telling me that my OS is not supported.  That should have been my first clue :).  I decided to take a gamble and try it out anyway, so I tweaked the compatibility settings for the installer so that it ran in “Windows Vista” compatibility mode.  The installer ran fine, and installed the software.  However, when I tried to run it, BAM, BSOD :(. 

Resigning myself to the fact that it just wasn’t ready for Windows 7, I booted up in Safe Mode.  However, I was unable to run the installer again to remove it.  I tried “Add/Remove Programs” and running the installer I downloaded again (in Vista compatibility mode).  Still nothing.  Fortunately, I was just about to restart for Windows Update when I installed Sandboxie, and Windows Update automatically creates a System Restore point before installing updates.  I fired up System Restore, picked the Windows Update restore point and let it do its thing.  The machine rebooted, and I was back in action, with Sandboxie (and my BSODs) gone.  I had lost the updates that WU installed, but that’s a minor inconvenience.

Anyway, all is well now, and I was able to boot up again (in order to write this post in fact :D).  So, two lessons here:

1. Use System Restore!  Just remember to make restore points before installing software that you are concerned about.  (Though that will NOT protect you from malicious software, just incompatible software)
2. Check out Sandboxie, just not on Windows 7 :(.  My theory is that the PatchGuard technology from the 64-bit OS may have been brought into the 32-bit OS.