Page 1 of 1
Applocker +Sandboxie fails to start after Windows patch installs [SOLVED]
Posted: Wed Oct 04, 2017 5:42 am
by toddbtx
We are receiving the error below after the patch Tuesday install of patches when trying to run Chrome or Internet Explorer in Sandboxie.
The systems are running Windows 10 x64.
We tried it in an older version of Sandboxie 5.14, current 5.20, and the latest beta 5.21.4.
After giving the error, the sandboxed browser closes and each attempt to start it sandboxes fails with no new errors.
How can we get this working again?
SBIE2313 Could not execute SandboxieDcomLaunch.exe (1260)
SBIE2204 Cannot start sandboxed service DcomLaunch (1260)
SBIE2313 Could not execute SandboxieDcomLaunch.exe (1260)
SBIE2204 Cannot start sandboxed service DcomLaunch (1260)
SBIE2313 Could not execute SandboxieDcomLaunch.exe (1260)
SBIE2204 Cannot start sandboxed service DcomLaunch (1260)
SBIE2313 Could not execute SandboxieDcomLaunch.exe (1260)
SBIE2204 Cannot start sandboxed service DcomLaunch (1260)
Re: Sandboxie fails to start after Windows patch installs
Posted: Wed Oct 04, 2017 10:13 am
by Barb@Invincea
Hello toddbtx,
Are you using AppLocker, or Group Policies perhaps? : (see the end portion of Syrinx's response)
viewtopic.php?p=124147#p124147
Here's more information regarding SBIE2313:
https://www.sandboxie.com/SBIE2313
Are you using any security programs? (Antivirus, Firewall, etc..)
Does the issue happen in a new Sandbox with default settings? How are you triggering the message?
Regards,
Barb.-
Re: Sandboxie fails to start after Windows patch installs
Posted: Sun Oct 08, 2017 1:09 pm
by toddbtx
Hi Barb,
I am using GPO/Applocker/AV and a firewall.
No changes to those configs in a couple months.
The one change was the install of the latest Microsoft patches.
This does happen with a new install and default settings. Both with older versions of Sandboxie and the latest beta.
The errors are triggered as soon as I start any app inside Sandboxie (right click on Chrome and start in Sandboxie).
What can I try next?
Re: Sandboxie fails to start after Windows patch installs
Posted: Mon Oct 09, 2017 1:38 pm
by Barb@Invincea
Hello toddbtx ,
What are the security programs that you are using? Something installed on your system (or a setting) is blocking Sandboxie from working. We need more information in order to test/review the scenario.
Also, you may need to look at the thread I provided above and test if adding rules for Anonymous Logon does the trick. I think the topic covers all the details but let us know if you encounter any problems following it.
Regards,
Barb.-
Re: Sandboxie fails to start after Windows patch installs
Posted: Sat Oct 21, 2017 11:58 am
by toddbtx
Hi Barb,
It doesn't look like its related to our security software. I created a new VM of Windows 10 Enterprise 1703 64 bit - build 15063.608 - installed all the security products and all was working fine for the last week.
Yesterday I allowed SCCM to start pushing patches to this system.
Looks like all of the patches installed yesterday were Office 2016.
Rebooted VM this morning, and now same problem as before - any attempt to launch a Sandboxied browser (Chrome, IE, etc) doesn't start. Most of the time, no errors either.
Any ideas how to fix this?
I will attempt to uninstall the Office 2016 patches on at a time and see if that is related.
Edition Windows 10 Enterprise
Version 1703
OS Build 15063.608
Re: Sandboxie fails to start after Windows patch installs
Posted: Mon Oct 23, 2017 11:45 am
by Barb@Invincea
Hello toddbtx,
Without the information I asked for, I cannot recreate the scenario to test the behavior.
Regards,
Barb.-
Re: Sandboxie fails to start after Windows patch installs
Posted: Mon Oct 23, 2017 11:54 pm
by ActiveDirect
After a Recent Windows Update on my Main Desktop Sandboxie fails to start the Dcom, and RPcSS. It was working fine before update. I rolled back and it worked fine updated again, not working. It's the KB4041676 update "Cumulative update version 1703. 2017-10 and the KB4049179 for Adobe Flash . It's one of those updates. Was working fine before.
Re: Sandboxie fails to start after Windows patch installs
Posted: Tue Oct 24, 2017 9:48 am
by Barb@Invincea
Hello ActiveDirect,
Please provide the required information so that we can test the scenario.
viewtopic.php?p=104180#p104180
Be sure to test using the latest beta, and a new Sandbox with default settings:
viewtopic.php?f=62&t=24741
Regards,
Barb.-
Re: Sandboxie fails to start after Windows patch installs
Posted: Tue Oct 31, 2017 2:07 pm
by toddbtx
Hi Barb,
I have uninstalled the Windows patches that were recently installed, uninstalled both Symantec Endpoint and Cisco AMP, installed 5.21.7, rebooted, and I am still unable to get a Sandboxied application to start. Same errors as before on the first attempt and then no errors, no log entries in Windows Event log.
What else do you need to get this working again?
Re: Sandboxie fails to start after Windows patch installs
Posted: Tue Oct 31, 2017 4:10 pm
by Barb@Invincea
Hello toddbtx,
Can you see if disabling your group policies (not sure if you had a chance to set them to anonymous logon?) works for you?
From what I can find online, error 1260 is related to policies:
https://msdn.microsoft.com/en-us/librar ... s.85).aspx
Regarding the rest:
Please see the current issues with Norton:
viewtopic.php?f=11&t=24879
Also, I recommend that you try the latest version of Sandboxie:
https://www.sandboxie.com/DownloadSandboxie
Regards,
Barb.-
Re: Sandboxie fails to start after Windows patch installs
Posted: Fri Nov 24, 2017 8:45 pm
by toddbtx
Hi Barb,
It was Applocker.
To verify I disabled the AppIdSvc and Chrome in Sandboxie was able to start for a regular user with no issue.
The fix: Add a rule to Applocker executable rules that allowed 'NT AUTHORITY\ANONYMOUS LOGON' the right to run exes.
Now a regular user can run Sandboxie'd apps.
Thanks,
Todd.