Sandboxie Plus (Sbie fork)

Discussion in 'Sandboxie (SBIE Open Source) Plus & Classic' started by DavidXanatos, Apr 9, 2020.

Thread Status:
Not open for further replies.
  1. henryg1

    henryg1 Registered Member

    Joined:
    Jun 14, 2020
    Posts:
    402
    Location:
    uk
    I had a weird issue where 5.42.1 had been working fine but after a reboot it stopped working with the big "!" in the taskbar icon. In the end I re-installed and all was well. Could have been the latest Win10 updates although I can't be sure of the timing. I'm still on 1909 having reverted as 2004 broke things I needed.
     
  2. henryg1

    henryg1 Registered Member

    Joined:
    Jun 14, 2020
    Posts:
    402
    Location:
    uk
    BTW is there an easy way/place of checking for the latest Sbie version?
     
  3. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
  4. Survivor

    Survivor Registered Member

    Joined:
    Jul 11, 2020
    Posts:
    144
    Location:
    Land of Oz
    @Bliv what means clean house? I bet not a new Win install.
    How long are you on Win 10, I only switched now due to new PC built, Win 7 doesn't support i10700K. However on a surface I see, that the updates for 10 are not better than 7. System builds up more and more stuff. Also your own installs, another thing why I like SBIE, it keeps the installation more clean. Anything could have flipped one DLL, SYS, reg entry doing this. Though I wonder with the CMD that is so basic, that should work.

    @DavidXanatos I never investigated in detail, but i suppose you know. Are there any specific REGs (which could be broken), or files in win sys folders, from the SBIE installer? If I see this right, the only switch is the registration of sbiedrv.sys (Virtualisation driver), while keeping the file in the sandboxie folder? Which is also the one, (@henryg1) which brings up the ! exclamation mark if it didn't get installed correct. Like you deinstalled the old, after SBIE was active, which then doesn't remove it properly from the system, then try to reinstall new, which will also fail. Even a restart will not resolve it, as the driver is locked as active and couldn't be replaced. New uninstall with fresh restart, then install will solve this.
    Correct me if I miss something.
     
  5. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
    @Survivor you need two things:
    SbieDrv driver
    and
    SbieSvc service
    eider of these missing wil result in the exclamation mark.

    @Bliv
    the
    SBIE2204 Cannot start sandboxed service RpcSs (1)
    SBIE2204 Cannot start sandboxed service DcomLaunch (-4)
    can only appear later on

    Resource Access|IPC Access|Direct Access added the following:

    *\BaseNamedObjects\ISWWH_BEACON*

    and test if that solves the issue
     
  6. ahahahaah

    ahahahaah Registered Member

    Joined:
    Feb 4, 2020
    Posts:
    22
    Location:
    ok
    for this version, should we uninstall the official sandboxie 1st or can we install sandboxie plus over it?
     
  7. Alexhousek

    Alexhousek Registered Member

    Joined:
    Jul 25, 2009
    Posts:
    662
    Location:
    USA--Oregon
    This is a long shot, but have you ever used ESET? I know that you are not running anything but WD now, but have you used ESET in the past? The only reason I'm asking is that the only time I've seen the type of behavior your describing is when I used ESET and tried to run Sandboxie. They didn't like each other at all.
     
  8. Bliv

    Bliv Registered Member

    Joined:
    May 3, 2015
    Posts:
    21
    David
    Thank you. I tried this, but got the following errors:

    SBIE2101 Object name not found: , error AlpcConnectPort (C0000022) access=001F0001 initialized=1
    SBIE2204 Cannot start sandboxed service RpcSs (1)
    SBIE2204 Cannot start sandboxed service DcomLaunch (-4)
    SBIE2101 Object name not found: , error AlpcConnectPort (C0000022) access=001F0001 initialized=1
    SBIE2204 Cannot start sandboxed service RpcSs (1)
    SBIE2204 Cannot start sandboxed service DcomLaunch (-4)

    Survivor
    Thank you. By "clean house" I just meant that I totally uninstalled SB. I didn't make any changes to my Widows 10 OS. I have been running Windows 10 for about a year. The only reason I switched from Windows 7 was because my motherboard failed and I decided I would give it a try. I hate Windows 10. Windows 7 was much better.

    I mostly use SB to keep from installing as much as possible into the OS. I also use portable programs where possible. I've found that this keeps the registry and folders clean and greatly prolongs the time it takes for a Windows OS to self destruct with garbage and bloat. Been doing it for years and it works great. But now I can't do it and I can already feel the garbage pile starting to build on my machine. I think it's especially important for browsers because they accumulate so much junk. I like to delete my sandboxes and start fresh regularly with my browser. But now I can't. I hate it!

    Alexhousek
    Thank you, but no, I have never used any other malware software other than Windows Defender on this machine.
     
  9. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
    @Bliv

    This is very strange, such errors usually occur if one screws up something really badly in the SbieDll, i.e. that shouldn't happen unless you build your SbieDll yourself.
    There must be something on your system deeply interfering with Sbie.
     
  10. Survivor

    Survivor Registered Member

    Joined:
    Jul 11, 2020
    Posts:
    144
    Location:
    Land of Oz
    @DavidXanatos yes, thanks the driver and the service, of course.
    I just checked and both are in the registry under services, registered. HKLM-SYSTEM\ControlSet001\Services\SbieDrv and SbieSvc. If the service was active when reinstalling, it seems Windows is unable to stop, in order to replace. If then you try even a restart will not fix it. A clean un/ install with reboot will fix it.

    @Bliv When you encountered the problem with SBIE, did anything change on the PC, new Win update, new driver, new software installed, or even AVS update? I know those are standard questions, but sometime it needs a rethink. Even a blue screen could have ended up in some issues, probs with windows startup lateley, delayed occasional missbehaviour.
    On the other hand for browsing, browser pile up, but they are easy to cleanup, well mozilla ones at least. worst case, delete the profiles and start fresh, save you bookmarks, keys, if used, mail folder if using mail too. And there you go, or use two profiles one for save keeping, one for crazy surfing, kill the second regular. Noscript and ublock origin or the nut one umatrix and you can tailor what goes in and out, quite well, or worst case don't use a site. Of course one you need to trust the addon makers, so you have to choose. If you trust no one, read every open source code line, understand it and compile yourself. Sadly I have only one life time. :)
    Not a fan or IE, Edge or Chrome, despite knowing that the underlying chromium spreads everywhere.
     
  11. Bliv

    Bliv Registered Member

    Joined:
    May 3, 2015
    Posts:
    21
    David & Survivor thank you both!

    I uninstalled SB and installed v5.30.

    I cannot find my license, and don't even know if the licensing system still works, so I am running it in free mode (unfortunately).

    But.... drum roll please...

    IT WORKS! :)

    I am now running Chrome in a sandbox.

    So there is something about versions >5.30 that is causing the problems.

    Also, there were a few other bugs I had before running Chrome in SB that are now fixed.

    When I launch Chrome now with v5.30, I still get the following errors:

    SBIE2303 Could not hook CoGetObject (33, 1655)
    SBIE2303 Could not hook RegisterDragDrop (33, 1655)
    SBIE2318 DLL initialization failed for 'ole32.dll'


    But I can just ignore them and everything seems to work.

    When I have time, I still plan to do some experiments to see things like... can I use a later version, which version started the problem, could it possibly be one of the Chrome extensions that causes it not to work, can I now install programs in a sandbox, and so on. But for now, it is working.

    I don't like the idea of using an old and less secure version, or the fact that I can't update to any new features. But if I have to choose between a version that works, and a version that is better, I have to take the one that works.

    I used Firefox for many years and I like it better than Chrome. But when FF updated to Quantum, it broke all my critical add-ons/extensions and many of them had no suitable replacements (I waited a year or more but some critical ones were not replaced). So I switched to Chrome and found extensions that were good replacements. I still think about going back to FF sometimes, and have found at least some replacements for the add-ons I need, but still have not found replacements for some of the ones I need. To me the extensions are at least as important as the browser. I have some I rely on heavily to get work done. So although I like FF better and would love to use it, I can't if it doesn't do what I need.
     
  12. Survivor

    Survivor Registered Member

    Joined:
    Jul 11, 2020
    Posts:
    144
    Location:
    Land of Oz
    Bliv, Which FF ones are you missing? Yes it was a pitty, I used prefbar for many years but as the new way is one addon, one slot only, this didn't work and the dev gave up. He also had a list of replacements. Still love Seamonkey, the real successor of Netscape gold 32 and Mozilla Suite. But the internet plays up again lately, like in the best of browser war times. Best used with XXXXX
     
  13. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,871
    just answered here
    https://www.wilderssecurity.com/threads/chrome-not-working-with-sandboxie.431053/

    i dont have issues with 5.33.6 and chrome.exe
    see also
    https://community.sophos.com/produc...al-ole-init-hook-failed-errors-from-sandboxie
    https://community.sophos.com/products/sandboxie/f/forum/116661/sbie2101-and-sbie2314

    its your audio driver. for firefox you could set sandbox level (in about : config), for chrome i dont know, maybe with command line switch
    https://peter.sh/experiments/chromium-command-line-switches/

    for win10 i get an error "winnsi" but chrome.exe (chromium) is running and usable. realtek audio. sandboxie 5.42.1.
     
  14. Bliv

    Bliv Registered Member

    Joined:
    May 3, 2015
    Posts:
    21
    Thank you Brummelchen.

    The current error messages may well be driver related, although with respect to audio drivers I don't have the same symptoms as the people in those threads did. My audio works in Chrome. Might still be that there is some kind of conflict there though. I do also have Realtek audio. Right now I am using a TV as a monitor and using those speakers. But audio never stopped working.

    Thanks for the links. Lots of good info in there.

    Is someone preserving the Sophos forums and hopefully releasing them in a format everyone can access?

    As to my current error messages, I am not too worried about them because I don't think they are affecting anything that is likely to cause me any significant problems.

    BUT... now I have other issues.

    I cannot download anything from Chrome when running in the sandbox. It says I don't have the right permissions. UGGGG. Never had that problem before.

    Maybe I have to run SB and/or Chrome as administrator? I don't know what the heck the problem is now.

    To tell you the truth it feels hopeless. I'm stuck on an old version of SB, and there are still old bugs that no one ever fixed and no one seems able to fix now... or maybe is even interested in fixing. Doesn't feel like I will ever be up to speed using SB at least on this PC. I can't spend that much time trying to get basic functions to work.

    Not sure what I will do. Maybe this is a good time to think about returning to Firefox, although I don't really look forward to setting that all up. As to which add-ons I didn't find any good replacements for I can't remember since I've been on Chrome a couple of years and can't remember which FF add-ons I couldn't find a good option for last time I looked.

    And there is no guarantee that even if I go back to FF that it will work. And then even if it does, maybe SB will have problems with that next. After all, when I started with Chrome, it ran on SB for a long time with no problems.

    Frankly I think that Windows 10 is the main problem. I never had problems I couldn't solve on Windows 7. Since I switched to 10, I have a new problem every day. It never ends. I recently completely disabled updates. I've had it with those. I don't have time to fix the problems the updates cause. Need my machine running to do my work and my work doesn't revolve around fixing the problems that Windows creates.

    End of rant... :)

    Right now I need to fix the no downloads problem. Then I'll just ignore the new error messages and I think I'll be fine for a good long while with this old (but at least mostly working SB version). It seems I will never have newer versions running right at least on this box so I'll have to settle for an old one.

    Oh one other weird issue...
    I have my Windows taskbar set to auto-hide.

    But when I run Chrome in SB, and I move the cursor down to the bottom of the screen, my taskbar doesn't appear. Somehow the cursor is not seeing through the bottom of the Chrome window and popping up the Windows taskbar (works fine when Chrome is not running in the sandbox). I have to press the Windows key on the keyboard in order to pop up the taskbar. It's annoying, but not critical. The only critical problem ATM is the no downloads issue. Fortunately I can still print things to pdfs and that is working. But I need to get downloads working next.

    http://imagizer.imageshack.com/img922/17/EYQhge.png

    Thanks to everyone for the great help.
     
    Last edited: Jul 27, 2020
  15. Survivor

    Survivor Registered Member

    Joined:
    Jul 11, 2020
    Posts:
    144
    Location:
    Land of Oz
    Bliv, I completly feel you with Win 10. All worked fine in Win 7, but due to the new hardware I had to change and now I am stuck with this piece of art.
    Never ran into issue with Unity or any other software. I also suspect some stupid mechanisms in glorious Win 10. Though it could be the old lovely Sandboxie people releasing it open source, never really fixed all issues with Win 10 and now people like David might. Did you check the permissions of SBIE to your drives? Did you block some. Anything changed with permissions in NTFS, check out properties and security for example. Just some ideas...



    Anybody having a clue what that one means?
    SBIE2203 Failed to communicate with Sandboxie Service: *GUIPROXY_00000001 - Program name [C0000022]
    In that case it is Black & White 2 white.exe and also addon Battle of the gods battleofthegods.exe
    Something I could add in the Settings like the direct access, or Window class, ...

    @DavidXanatos if you ever come around this, can you try to make errors more meaningful, if that is even possible?
    Not sure if it is the same here, but I love devs who know exactly the problem, but give the user a message like: Error could not be displayed due to an error :)
     
  16. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
    I'm looking int the Sbie hooking code and noticed a few workarounds for some old security software https://en.wikipedia.org/wiki/Trusteer
    as it seams its not longer on the market and I'm not even sure if it ever worked in 64 bit windows (as the workaround only touches on the 32 bit side of the code)

    So what to do with such compatibility workarounds for obsolete software?

    I would opt for removing them if they are really specific (like this particular one), there is no benefit in keeping it an it may cause issues down the line.

    What do you think?
     
  17. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
    mmh... good question...
    Does the issue go away when you reboot?

    A sandboxed process is very restricted those for some operations including some GUI related once it needs to ask the SbieService to do it on its behalf.
    This error message indicates that said communication failed.

    OpenWinClass=*

    should solve the issue at the cost of weakening the isolation, although said issue should not happen in the first place, strange....
     
  18. Survivor

    Survivor Registered Member

    Joined:
    Jul 11, 2020
    Posts:
    144
    Location:
    Land of Oz
    I would go for remove, it is like keeping the Gate A20 workaround. Whatever makes it more clean and stable. Hope this doesn't kill gaming :) But I will check, if you deactivated it.


    No restart doesn't change it. Windows Class access * is getting rid of the error at least but still gets stuck. Same unsandboxed works.
    Original install from DVD in Sandbox also fails, with some obscure errors.
    On an older PC with Win 7 in SBIE runs just by copying the folder.
    Is it possible this is connected also to the issue MS has currently with their own SB crashing. Seems they messed things up. But then again, SBIE shouldn't be based on the same, except if MS "borrowed the functionality and implementation" for their own.

    Well Win 10 grows day by day in my respect. MS made it happen to kill the reputation they built with Win7, first with Vista, then 8 and now 10, WTG. :)
    Sorry, small correction, the crappy Vista came after the crappy ME, as a follow of the good Win98SE, not after 7 of course. my bad.
     
    Last edited: Jul 29, 2020
  19. zmechys

    zmechys Registered Member

    Joined:
    Dec 29, 2012
    Posts:
    1,155
    Location:
    usa
    David,

    How difficult would be to add Brave and Cliqz to "Applications" - Other Browsers?

    Or just Brave, because Cliqz has gone bankrupt?
     
    Last edited: Jul 29, 2020
  20. Bliv

    Bliv Registered Member

    Joined:
    May 3, 2015
    Posts:
    21
    Hi Folks,
    Just wanted to give you an update.

    I updated from SB 5.30 to 5.33.1.

    It runs Chrome.

    The:

    SBIE2303 Could not hook CoGetObject (33, 1655)
    SBIE2303 Could not hook RegisterDragDrop (33, 1655)
    SBIE2318 DLL initialization failed for 'ole32.dll'

    Errors still exist on launch, but I ignore them and can't so far see any problems they cause.

    And, unlike with v5.30, now I am able to download files without the "insufficient permissions" errors. (Don't ask me to explain why!)

    So far I have not noticed any other NEW problems.

    So I think I am (sort of) in my happy place or maybe better put I think this is the best I can get on this box.

    At least Chrome seems to be working but maybe that's the only thing that is.

    When I have time I may try updating a version at a time just out of curiosity to see which one makes it totally fail.

    Keep up the good work and thanks again for the help!

    PS: Chrome runs in the sandbox, but it appears I am still getting the same 2101 error I have been getting for months no matter what I try to install in the sandbox.

    SBIE2101 Object name not found: \Sessions\8\BaseNamedObjects\ISWWH_BEACON@1670@EFR-controller, error CreateEvent (C0000022) access=001F0003 initialized=1
    SBIE2314 Canceling process xyz.exe [5744 / 7]

    Tried running notepad.exe in the sandbox...

    same error

    URRRRRR! It's hopeless!

    Just for fun another dead end someone posted a few months ago:
    https://community.sophos.com/products/sandboxie/f/forum/119586/sbie2101-object-name-not-found

    And this one... I was one of the participants in this thread...
    https://community.sophos.com/produc...onstant-sbie2101-object-name-not-found-errors

    So this is definitely a known bug. But there doesn't seem to be any avenue to address it at this point.
     
    Last edited: Jul 30, 2020
  21. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,871
    Is there any special reason why running [insert any browser name] in the box instead using the forced files/folder option? almost any current browser is using sandbox feature from windows - so this would mean integrity level (IL) on low or untrusted (chrome do) (sandboxie drops it also to untrusted).

    the latest project zero breakout in chrome took a lot of effort with several attacks on chrome, so this is a veeery rare case. and when you use a decent ad blocker with well settzings there is close to nothing possible. thats why i use the method i wrote above and to catch it like a honeypot.
     
  22. wahok

    wahok Registered Member

    Joined:
    Jul 30, 2020
    Posts:
    8
    Location:
    earth
    Hi

    I have a problem using the new version of sandboxie (the one created not by sandboxie, 5.42).
    installing went without a problem (tried both ways, updating existing version & also uninstalling & then installing the new version), installation goes without a problem but when i am trying to launch sandboxie
    i get an error .
    I used sandboxie 5.33.3 untill now (& continue using) without a problem.

    Windows 7 pro 64
    Zonealarm free antivirus+firewall

    The error messages:

    Chrome:
    SBIE2101 Object name not found: \Sessions\1\BaseNamedObjects\ISWWH_BEACON@13b4@EFR-controller, error CreateEvent (C0000022) access=001F0003 initialized=1

    Firefox:
    SBIE2101 Object name not found: \Sessions\1\BaseNamedObjects\ISWWH_BEACON@dcc@EFR-controller, error CreateEvent (C0000022) access=001F0003 initialized=1


    Internet explorer:
    SBIE2101 Object name not found: \Sessions\1\BaseNamedObjects\ISWWH_BEACON@f80@EFR-controller, error CreateEvent (C0000022) access=001F0003 initialized=1


    Any advice ?


    Thanks
     
  23. Survivor

    Survivor Registered Member

    Joined:
    Jul 11, 2020
    Posts:
    144
    Location:
    Land of Oz
  24. whistlebird

    whistlebird Registered Member

    Joined:
    Jun 20, 2006
    Posts:
    18
    Location:
    USA
    I am a little confused. Some of you are using 5.33.6 or a derivative of that number. David states that his version 5.42.1 fixes some vulnerabilities in that last version, so I opted to install this one to address those issues. Shouldn't his version be the better one or is it compatibility problems?

    I also noticed when I downloaded the version for x64 systems, WD balked at two files during installalation as threats. I had to allow them.

    Finally, I do not see the new GUI anywhere. Was it removed? I just see what looks like old Sandboxie GUI and functions.
     
  25. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
    The new GUI is available in the portable ZIP Downloads
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.