Page 1 of 1
Sticky Password (again!) & AVG IS and Firefox [SOLVED]
Posted: Sat Feb 24, 2018 7:48 am
by henryg
AVG (ouside SB) is stopping Sticking Password working sandboxed with Firefox. If I disable AVG and then start FF & SP sandboxed, all is well, even if I reenable AVG after. With AVG enabled first, SP thinks that its FF extension is not loaded.
This problem started in the last day or so, and was not resolved by a FF update today to from 59b11 to 59b12. SP seems to work ok sandboxed with IE sandboxed and AVG enabled, well the logo "lights up" but I would need to change some SP settings for it to work fully.
AVG & SP templates are enabled, and for SP following past problems I also have the following in sandboxie.ini:
OpenFilePath=spNMHost.exe,D:\Documents\OneDrive\Sync\default.spdb
OpenFilePath=stpass.exe,D:\Documents\OneDrive\Sync\default.spdb
I have tried SB 5.22, 5.23b5 & 5.23b6 with the same result.
Windows 10 v17109 b16299.248; AVG IS v18.1.3044, last updated 12/2 and it has been working ok since that time; SP 8.1.0.103
Re: Sticky Password (again!) & AVG IS and Firefox
Posted: Sat Feb 24, 2018 9:37 am
by henryg
Adding the Sticky Password program folder as an exception in AVG makes no difference.
Re: Sticky Password (again!) & AVG IS and Firefox
Posted: Mon Feb 26, 2018 7:40 am
by henryg
Chrome is the same!
This is a real PITA - help need asap please.
Re: Sticky Password (again!) & AVG IS and Firefox
Posted: Mon Feb 26, 2018 5:37 pm
by Barb@Invincea
Hello henryg,
I just finished setting up a VM with SP + FF stable 58 +AVG + Sbie 5.23.6 and I am not experiencing the same issues. I had to enable the AVG template or it would not work at all.
I launched SP and Firefox in the same Sandbox and I was able to open a gmail session via SP (it did not remember the password, but this behavior was the same outside Sandboxie).
Can you provide exact repro steps?
Can you please test in a new Sandbox with default settings and let me know the outcome?
Also, please post a copy of your Sandboxie configuration file, so that I can try to replicate with your settings.
Sbie Ctrl --> Sandbox --> Edit Configuration
Copy/paste it here, highlight it and click the "</>" button to format it in the forums.
Regards,
Barb.-
Re: Sticky Password (again!) & AVG IS and Firefox
Posted: Tue Feb 27, 2018 12:27 pm
by henryg
Hi Barb
Barb@Invincea wrote: ↑Mon Feb 26, 2018 5:37 pm
Hello henryg,
I just finished setting up a VM with SP + FF stable 58 +AVG + Sbie 5.23.6 and I am not experiencing the same issues. I had to enable the AVG template or it would not work at all.
I launched SP and Firefox in the same Sandbox and I was able to open a gmail session via SP (it did not remember the password, but this behavior was the same outside Sandboxie).
I do not open sites via SP, I use my favourites and SP only comes into play when login type field are detected. I assume the SP toolbar icon in Firefox in your VM was not inactive/greyed out?
Can you provide exact repro steps?
There are no steps to repro? I start Firefox and Sticky Password which are forced into my default sandbox [Internet_Drop], and both have been working happily for some time now. For the last few days, both load as normal but SP says its extension is not loaded when I use the SP "target" to check. DIsable AVG and load them and all is well; even after AVG is re-enabled, as I said originally.
Can you please test in a new Sandbox with default settings and let me know the outcome?
No difference.
BTW when I removed my sandboxie.ini file and caused SB to recreate one, it did not pick up AVG at all; others ok. I had to manually copy and paste the template line into the ini else nothing would run.
Also, please post a copy of your Sandboxie configuration file, so that I can try to replicate with your settings.
Sbie Ctrl --> Sandbox --> Edit Configuration
Copy/paste it here, highlight it and click the "</>" button to format it in the forums.
Code: Select all
[GlobalSettings]
FileRootPath=R:\Sandbox\%SANDBOX%
Template=StickyPassword
Template=WindowsRasMan
Template=AVG_Anti_Virus
Template=MBAE
Template=Microsoft_MSMQ
Template=OfficeLicensing
Template=OfficeC2R
TemplateReject=OfficeClickToRun
TemplateReject=Evernote
TemplateReject=WindowsLive
KnownConflicts=Sticky Password_is1,AVG
ClosedFilePath=\Device\Mup\
ClosedFilePath=%Personal%\Scanned Documents\
ClosedFilePath=%Personal%\Own affairs\
ClosedFilePath=%Personal%\OutlookExpress\
ClosedFilePath=%Personal%\Outlook\
ClosedFilePath=%Personal%\Home\
ClosedFilePath=%Personal%\Favorites\
ClosedFilePath=%Personal%\TBird\Inbox.sbd\
ClosedFilePath=%Personal%\TBird\Inbox
ClosedFilePath=*avg*snxhk*.dll
;ClosedFilePath=%Personal%\TBird\Sent
;ClosedFilePath=%Personal%\OneDrive\
ForceDisableSeconds=45
ForceProcess=iexplore.exe
ForceProcess=firefox.exe
ForceProcess=chrome.exe
ForceProcess=stpass.exe
;ForceProcess=spuiamanager.exe
RecoverFolder=%Desktop%
RecoverFolder=D:\Radio
RecoverFolder=E:\Downloads
RecoverFolder=E:\Masters
AutoRecover=y
CopyLimitKb=1136546
AutoRecoverIgnore=.ob!
ActivationPrompt=y
[Template_MBAE]
Tmpl.Title=Malwarebytes Anti-Exploit
Tmpl.Class=Security
Tmpl.Scan=s
Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Malwarebytes Anti-Exploit
Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Malwarebytes Anti-Exploit
OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*Process*API*
OpenIpcPath=*\BaseNamedObjects*\MBAE_IPC_PROTECTION*
OpenIpcPath=*\BaseNamedObjects*\Mutex*Process*API*
OpenIpcPath=*\RPC Control*\*MBAE_IPC_PROTECTION*
OpenIpcPath=*\BaseNamedObjects*\AutoUnhookMap*
OpenIpcPath=*\BaseNamedObjects*\mchMixCache*
OpenIpcPath=*\BaseNamedObjects*\Ipc2Cnt*
OpenIpcPath=*\BaseNamedObjects*\mchLLEW*
;OpenIpcPath=$:mbae-svc.exe
;InjectDll=C:\Program Files\Malwarebytes Anti-Exploit\mbae.dll
InjectDll=C:\Program Files (x86)\utils\Malwarebytes Anti-Exploit\mbae.dll
InjectDll64=C:\Program Files (x86)\utils\Malwarebytes Anti-Exploit\mbae64.dll
[Template_OfficeC2R]
Tmpl.Title=Microsoft Office Click-to-Run (custom)
Tmpl.Class=Desktop
Tmpl.Url=http://office.microsoft.com
Tmpl.Scan=s
Tmpl.ScanService=ClickToRunSvc
HostInjectDll=C:\Program Files\UTILS\Sandboxie\SboxHostDll.dll
HostInjectDll64=C:\Program Files\UTILS\Sandboxie\SboxHostDll.dll
HostInjectProcess=OfficeClicktoRun.exe|ClickToRunSvc
OpenIpcPath=\RPC Control\C2RClientAPI_Server_System*
OpenIpcPath=\RPC Control\ClickToRun_Pipeline*
OpenIpcPath=\RPC Control\AppV-ISV-*
[UserSettings_11AC028E]
SbieCtrl_UserName=henryg
SbieCtrl_NextUpdateCheck=1520355369
SbieCtrl_UpdateCheckNotify=n
SbieCtrl_ShowWelcome=n
SbieCtrl_RecoverTarget=C:\Users\henryg\Desktop
SbieCtrl_RecoverTarget=E:\Downloads
SbieCtrl_RecoverTarget=D:\Documents\OneDrive\Sync
SbieCtrl_SaveRecoverTargets=y
SbieCtrl_ExplorerWarn=n
SbieCtrl_HideWindowNotify=n
SbieCtrl_WindowCoords=631,94,798,615
SbieCtrl_ActiveView=40021
SbieCtrl_ProcessViewColumnWidths=250,70,300
SbieCtrl_TerminateWarn=n
SbieCtrl_EnableLogonStart=y
SbieCtrl_EnableAutoStart=y
SbieCtrl_AddDesktopIcon=n
SbieCtrl_AddQuickLaunchIcon=n
SbieCtrl_AddContextMenu=y
SbieCtrl_AddSendToMenu=n
SbieCtrl_AutoApplySettings=n
SbieCtrl_EditConfNotify=n
SbieCtrl_BoxExpandedView=Internet_Drop,Internet_No_Drop,No_Internet_E
[Internet_Drop]
ConfigLevel=7
AutoRecover=y
Template=Thunderbird
Template=WindowsFontCache
Template=BlockPorts
Template=LingerPrograms
Template=Chrome_Phishing_DirectAccess
Template=Firefox_Phishing_DirectAccess
Template=AutoRecoverIgnore
BoxNameTitle=-
BorderColor=#C08080
Enabled=y
NeverDelete=n
DeleteCommand="C:\Windows\System32\Eraserl.exe" -folder "%SANDBOX%" -subfolders -method DoD_E -resultsonerror -queue
DropAdminRights=y
OpenFilePath=spNMHost.exe,D:\Documents\OneDrive\Sync\default.spdb
OpenFilePath=stpass.exe,D:\Documents\OneDrive\Sync\default.spdb
[Internet_No_Drop]
ConfigLevel=7
AutoRecover=y
Template=Office_Outlook
Template=Thunderbird
Template=AutoRecoverIgnore
Template=Firefox_Phishing_DirectAccess
Template=Chrome_Phishing_DirectAccess
Template=LingerPrograms
Template=BlockPorts
Template=WindowsFontCache
BoxNameTitle=y
BorderColor=#8080FF
Enabled=y
NeverDelete=n
DeleteCommand="C:\Windows\System32\Eraserl.exe" -folder "%SANDBOX%" -subfolders -method DoD_E -resultsonerror -queue
AutoDelete=y
OpenFilePath=spNMHost.exe,D:\Documents\OneDrive\Sync\default.spdb
OpenFilePath=stpass.exe,D:\Documents\OneDrive\Sync\default.spdb
The behaviour is the same on my laptop, but then I use pretty much the same sandboxie ini settings, and some, but not all, of the same Firefox extensions. AVG is on both but set up individually, so there could be some differences.
Re: Sticky Password (again!) & AVG IS and Firefox
Posted: Tue Feb 27, 2018 1:56 pm
by Barb@Invincea
Hello henryg ,
I tested using your Internet_Drop settings and did not experience any problems. However, I had to manually add the AVG template and click about 4 times before SP reacted to my clicks.
Just in case, here are my steps:
Launched Firefox v58.0.2 in the Sandbox.
From Firefox, clicked on the SP icon (I had to click a few times.
Got the popup for SP, entered the password.
Icon is no longer grayed out.
Please try deleting the contents of your Sandbox, or re-creating it and re-test. Have you reboot your machine since the changes to AVG went thru? If not, give that a shot if you haven't already.
Also, any chance SP is running outside Sandboxie as well? Perhaps that's affecting the behavior?
I saw the Malware bytes template in your config file , are you running MWBs? If so, any chance it is affecting things?
If all fails, see if AVG has any quarantined files, or is blocking anything Sandboxie related.
Regards,
Barb.-
Re: Sticky Password (again!) & AVG IS and Firefox
Posted: Wed Feb 28, 2018 8:31 am
by henryg
Hi Barb
I've done all of that, and my sandboxes are in ram so clear every time I shut down. But I have also cleared them manually.
The 4 click SP thing seems to be a load time issue. If you click once and wait a bit, I think you will find it will load, but just in case I did the multiple-click start and it made no difference.
Malwarebytes is only used for ad-hoc scans and is not loaded unless run manually. I have tried running SP in and out the sandbox to no effect. I do not run SP in and out at the same time.
I found that if, with AVG enabled/loaded, I load Firefox and SP, the SP icon is geyed out in Firefox, but as soon as I disable AVG the SP icon "lights up" and all is well. There are no files quaratined in AVG, and my Sandboxie install location (non-standard) is set as an exception in AVG. Until now AVG has worked flawlessly with Sandboxie. I tried adding the SP location as an exception in AVG, but no difference. I think it pretty conclusive that it is an AVG/Sandboxie issue as all is well outside of SB. I assume you used the same AVG version as me, and fully updated.
Where next, if anywhere?
Re: Sticky Password (again!) & AVG IS and Firefox
Posted: Wed Feb 28, 2018 10:24 am
by Barb@Invincea
Hello henryg ,
I cannot reproduce the issue using the same setup (with the exception of Malware Bytes).
Try fully removing AVG, ensuring no traces are left and rebooting the machine (and if possible MWBS). Then, after confirming Sandboxie works as expected, re-install AVG to see if that makes a difference.
Also, check your temporary files for any AVG related stuff (or...if possible, just nuke them all. Up to you, however).
Regards,
Barb.-
Re: Sticky Password (again!) & AVG IS and Firefox
Posted: Thu Mar 01, 2018 4:29 am
by henryg
OK. It's the same on my laptop, which has independently installed AVG and no Malwarebytes. Will be a delay as I am going to be away.
Thanks for looking at this.
Re: Sticky Password (again!) & AVG IS and Firefox
Posted: Mon Mar 12, 2018 9:59 am
by henryg
A holiday seems to have done SP the world of good. All working again as of today on my PC
SP plugin & AVG updated, so one presumably the cause. Let's hope it holds up