Sandboxie Plus (Sbie fork)

Discussion in 'Sandboxie (SBIE Open Source) Plus & Classic' started by DavidXanatos, Apr 9, 2020.

Thread Status:
Not open for further replies.
  1. algol1

    algol1 Registered Member

    Joined:
    Aug 10, 2020
    Posts:
    200
    Location:
    Vienna, Austria
    Ok, meanwhile I have been able to analyze the current state-of-Play between the new Sandboxie / Sandboxie-Plus variants. And I have to say, I'm somewhat torn apart between Scylla and Charybdis here.;)
    Back to "classical" Sandboxie-installer "SandboxieInstall64-v5.44.0.exe" I've found out that the recently introduced nuisance/failure in Opera (started with vers.-71-somewhat) still persists. Each time when starting the browser sandboxed the following error-message will pop-up:

    https://www.dropbox.com/s/jlp4w59nn8vlo9c/Sbie-error-6.jpg?dl=0 , reading

    SBIE2303 Could not hook CM_Add_Driver_PackageW (33, 1655)
    SBIE2318 DLL initialization failed for 'cfgmgr32.dll'

    Needless to say, this error message does not occur for Opera if run outside of the sandbox.

    Interestingly enough that same error-message WILL also NOT OCCUR with the full SB-Plus "Sandboxie-Plus-x64-v0_4_4.exe "-package, the first actual difference in runtime-conduct encountered by me so far.

    However, "upgrading" to the full Plus-variant comes with significant disadvantages, too. The new tray-icon can no longer perform direct operations like immediately terminating all processes within the sandbox, for instance in case of a virus/malware-emergency, via a right mouse-click. And much worse - while the new UI shows some enhancements - it is also crippled in essential parts.

    Most annoying of all: The "Quick-recovery-" and even worse the "Immediate-recovery-" functionality is gone - or hopefully just not yet implemented.

    A key-feature of Sandboxie has always been that after one or more downloads to some specified folders or of specified file-types (-extensions) a pop-up would immediately open and ask the user if to extract those downloaded files from the Sandbox right away. Because if that offer is not submitted right in place you will sooner or later forget about those downloads, close the browser together with the sandbox shutting down automatically - and suddenly all these downloaded files will be gone!:gack:

    Btw, does anybody have a suspicion what that "cfgmgr32.dll"-error-message might mean for the browser-functionality or what new Opera-"feature" might be the root of the problem?
    Any educated guess would be highly appreciated.
     
  2. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,104
    Location:
    .
    FWIW ~ from my UserSettings
    SbieCtrl_HideMessage=2303,CM_Add_Driver_PackageW (33, 1655)
    SbieCtrl_HideMessage=2318,cfgmgr32.dll
     
  3. algol1

    algol1 Registered Member

    Joined:
    Aug 10, 2020
    Posts:
    200
    Location:
    Vienna, Austria
    Interesting. Any clue how to avoid this in Sandboxie? Perhaps any exclusion or direct access in sandboxie.ini?
    And why does it only occur with SbieCtrl.exe and the "classic" installer but not with the full Plus-package?

    Edit: I have googled this and
    yes, It's chrome-engine related and
    yes, it may also be Roboform-related
    because since this error shows up Roboform, an absolutely essential tool within the browser, has started behaving very sluggishly, long periods of busy-cursor when trying to use it for logging into websites.
    Therefore just hiding the error-messages doesn't seem to be a bright idea.
     
    Last edited: Nov 11, 2020
  4. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    1,270
    Location:
    Viena
    Work in progress.... but still not there and of-cause things may still go wrong.

    I don't like making hopes without guarantees of success, but here you go:

    I got a real local company of a friend to get an EV certificate on their name from globalsign, that worked out so far... they have received the token and it seams working.
    And we have created the required MSFT Partner account its currently marked as pending employee verification, so apparently there are more hurdles with Microsoft to take.
    Not sure what will be next and how many more hoops they will want us to jump through before they activate the driver signage for that account.
    But IMHO they must sooner or later. Its a proper company, small but real, not just some offshore shell.


    In the past, Pre win 10, it was much easier you just needed a ordinary non EV certificate and you were ready to go, you could sign your drivers yourself. But now everything has to go through Microsoft, IMHO the EU should outlaw such practices as to monopolistic, or mandate a mechanism for users to set up an own custom root of trust, MSFT actually did that for the China Governmental edition of Win 10. On that edition you can set up an own driver signage root in the UEFI: https://www.geoffchappell.com/notes/windows/license/customkernelsigners.htm that should be the default world wide, its your PC and it should be your choice which drivers to trust and which not.
     
  5. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,062
    Location:
    Mexico
    Brought your comment to this thread to not pollute the other.

    What's the deal with Tor browser 64bit and that sbiedll.dll issue?

    Only 32bit seems to run fine.
     
  6. robert147

    robert147 Registered Member

    Joined:
    Jun 29, 2020
    Posts:
    22
    Location:
    Netherlands
    Thanks David, good to hear that you are almost there.
    And I agree, Microsoft made it way too difficult and expensive indeed.
     
  7. Stukalide

    Stukalide Registered Member

    Joined:
    Jul 12, 2013
    Posts:
    63
    David, are there any silent-install switches available for Sandboxie Plus? I've searched through the hex for strings but can't find any. If not, would it be possible to add some? This is useful for automating system reinstalls/reformats, allowing an easy process for installing W10Privacy to the system without needing user input to step through an install process.

    Also, will the current Experimental release (Experimental Release v0.4.4 / 5.44.0) break or clash with Buster's Sandbox Analyzer tool?
     
  8. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,241
    @DavidXanatos

    Will the security flaws mentioned in previous post get fixed in
    Sandboxie version 5.40? (post #27)
     
  9. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,104
    Location:
    .
    I do not run Roboform.
    As I recall. I've had HideMessage #777 since, before I touched Plus. I've not spent much time with Plus.
     
    Last edited: Nov 12, 2020
  10. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    1,270
    Location:
    Viena
    2 Major security flaws are already fixed since some time, I did not address that in the change logs specifically as to not
    make it easy for attackers to re discover them from the fix itself and use against older unfixed Sophos builds.

    Cheers
    David X.
     
  11. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    18,056
    Location:
    UK
    Anyone any ideas why this may be happening?

    Happens using either Sbie 5.336 and 5.43.7 on different machines.
    On Vivaldi I can go here unsandboxed
    On Edge I can go there unsandboxed.

    https://direct.asda.com/george/home/cooking-appliances/slow-cookers/D26M10G10C03S1,default,sc.html

    Asda is quite a well known site and it happens when I look for different items.

    If I go Sandboxed in Vivaldi the browser crashes straight away.
    If I go Sandboxed in Edge it says Ublock has crashed and either becomes unresponsive or Edge closes immediately (Tried with uBlock uninstalled too)

    Chrome version on both Edge machines, and both versions of Sbie is 86.0.622.68
    Vivaldi is build 3.5.2088.7 with Chrome build for that version on one machine, and 3.4.266.106 (stable) with Chrome build for that version on the other machine.
    Win 10 20H2 19042 630
     
  12. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,437
    Location:
    Under a bushel ...
    +1 :thumb:, as others above have already said.
     
  13. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,104
    Location:
    .

    https://direct.asda.com/george/home/cooking-appliances/slow-cookers/D26M10G10C03S1,default,sc.html
    lands on
    https://global.direct.asda.com/on/demandware.store/Sites-ASDA-INT-Site/default/Search-Show?cgid=D26M10G10C03S1
    -
    Edge profile sans extensions + Sbie 5.44.0 = Edge session crash | Win10 20H2 (19042 630)

    SBIE1308 Program cannot start due to restrictions - wermgr.exe [Edge]
    SBIE2222 To add the program to Start/Run Access Restrictions, please double-click on this message line

    FWIW ~
    Edit: Resource Access Monitor called before calling suspect URL and Edge session crash -
    (Drive) \Device\CdRom0; PID: 4028
    (Drive) \Device\CdRom0; PID: 8088
    (Drive) \Device\CdRom0; PID: 9844
    (Drive) \Device\HarddiskVolume2; PID: 4028
    (Drive) \Device\HarddiskVolume2; PID: 8088
    (Drive) \Device\HarddiskVolume2; PID: 9844
    (Drive) \Device\HarddiskVolume5; PID: 4028
    (Drive) \Device\HarddiskVolume5; PID: 8088
    (Drive) \Device\HarddiskVolume5; PID: 9844
    Clsid -------------------------------
    Clsid {228826AF-02E1-4226-A9E0-99A855E455A6} ImmersiveShellBroker; PID: 5368
    Clsid {C2F03A33-21F5-47FA-B4BB-156362A2F239} Immersive Shell; PID: 5368
    Clsid O {3480A401-BDE9-4407-BC02-798A866AC051} ShellServiceHostBrokerProvider; PID: 5368
    File/Key -------------------------------
    Image -------------------------------
    Ipc -------------------------------
    Ipc \BaseNamedObjects\[CoreUI]-PID(4336)-TID(6232) a8be2607-af4a-4549-9bae-6b942526d67b; PID: 5368
    Ipc \BaseNamedObjects\[CoreUI]-PID(536:cool:-TID(9664) e3d5d758-341e-499c-a831-f8f44bbd65c8; PID: 3764
    Ipc \BaseNamedObjects\__ComCatalogCache__; PID: 3764
    Ipc \BaseNamedObjects\__ComCatalogCache__; PID: 9844
    Ipc \BaseNamedObjects\FontCachePort; PID: 5368
    Ipc \RPC Control\epmapper; PID: 3764
    Ipc \RPC Control\epmapper; PID: 4028
    Ipc \RPC Control\epmapper; PID: 8088
    Ipc \RPC Control\epmapper; PID: 9844
    Ipc \RPC Control\OLE4A2D7D02FF0E9B57C260A84840A0; PID: 3764
    Ipc \SBIE_DummyJob_msedge.exe_12; PID: 5368
    Ipc \SBIE_DummyJob_msedge.exe_13; PID: 5368
    Ipc \Sessions\1\BaseNamedObjects\__ComCatalogCache__; PID: 3764
    Ipc \Sessions\1\BaseNamedObjects\__ComCatalogCache__; PID: 9844
    Ipc \Sessions\1\BaseNamedObjects\14f8HWNDInterface:a0452; PID: 5368
    Ipc \Sessions\1\BaseNamedObjects\14f8HWNDInterface:a0460; PID: 3764
    Ipc \Sessions\1\BaseNamedObjects\14f8HWNDInterface:b039a; PID: 5368
    Ipc \Sessions\1\BaseNamedObjects\14f8HWNDInterface:b040a; PID: 3764
    Ipc \Sessions\1\BaseNamedObjects\14f8HWNDInterface:c039a; PID: 3764
    Ipc \Sessions\1\BaseNamedObjects\14f8HWNDInterface:c039a; PID: 5368
    Ipc \Sessions\1\BaseNamedObjects\c:!program files (x86)!microsoft!edge!application!msedge.exe; PID: 3764
    Ipc \Sessions\1\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000002.db; PID: 3764
    Ipc \Sessions\1\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000001.db; PID: 3764
    Ipc \Sessions\1\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2.ro; PID: 3764
    Ipc \Sessions\1\BaseNamedObjects\ddf134b0-9f0c-4825-9b91-7f74b9a4b23f; PID: 3764
    Ipc \Sessions\1\BaseNamedObjects\ddf134b0-9f0c-4825-9b91-7f74b9a4b23f; PID: 9844
    Ipc \Sessions\1\BaseNamedObjects\SBIE_BOXED_DummyEvent_4028; PID: 4028
    Ipc \Sessions\1\BaseNamedObjects\SBIE_BOXED_DummyEvent_8088; PID: 8088
    Ipc \Sessions\1\BaseNamedObjects\SBIE_BOXED_DummyEvent_9844; PID: 9844
    Ipc \Sessions\1\BaseNamedObjects\SBIE_BOXED_ServiceInitComplete_cryptsvc; PID: 2788
    Ipc \Sessions\1\BaseNamedObjects\SBIE_BOXED_ServiceInitComplete_DcomLaunch; PID: 9844
    Ipc \Sessions\1\BaseNamedObjects\SBIE_BOXED_ServiceInitComplete_RpcSs; PID: 9844
    Ipc \Sessions\1\BaseNamedObjects\SboxSession; PID: 4028
    Ipc \Sessions\1\BaseNamedObjects\SboxSession; PID: 8088
    Ipc \Sessions\1\BaseNamedObjects\SboxSession; PID: 9844
    Ipc \Sessions\1\BaseNamedObjects\SM0:3764:304:WilStaging_02; PID: 3764
    Ipc \Sessions\1\BaseNamedObjects\SM0:3764:304:WilStaging_02_p0; PID: 3764
    Ipc \Sessions\1\BaseNamedObjects\SM0:3764:304:WilStaging_02_p0h; PID: 3764
    Ipc \Sessions\1\BaseNamedObjects\SM0:5368:120:WilError_03; PID: 3764
    Ipc \Sessions\1\BaseNamedObjects\SM0:5368:120:WilError_03_p0; PID: 3764
    Ipc \Sessions\1\BaseNamedObjects\SM0:5368:120:WilError_03_p0h; PID: 3764
    Ipc \Sessions\1\BaseNamedObjects\SM0:5368:304:WilStaging_02; PID: 3764
    Ipc \Sessions\1\BaseNamedObjects\SM0:5368:304:WilStaging_02_p0; PID: 3764
    Ipc \Sessions\1\BaseNamedObjects\SM0:5368:304:WilStaging_02_p0h; PID: 3764
    Ipc \Sessions\1\BaseNamedObjects\SM0:9844:120:WilError_03; PID: 9844
    Ipc \Sessions\1\BaseNamedObjects\SM0:9844:120:WilError_03_p0; PID: 9844
    Ipc \Sessions\1\BaseNamedObjects\SM0:9844:120:WilError_03_p0h; PID: 9844
    Ipc \Sessions\1\BaseNamedObjects\SM0:9844:304:WilStaging_02; PID: 9844
    Ipc \Sessions\1\BaseNamedObjects\SM0:9844:304:WilStaging_02_p0; PID: 9844
    Ipc \Sessions\1\BaseNamedObjects\SM0:9844:304:WilStaging_02_p0h; PID: 9844
    Ipc \Sessions\1\BaseNamedObjects\windows_shell_global_counters; PID: 3764
    Ipc \Sessions\1\BaseNamedObjects\windows_shell_global_counters; PID: 9844
    Ipc \Sessions\1\BaseNamedObjects\WindowTabManager:b040a{A7353FD4-AF16-4EDB-BA0C-DABCCAA70A8B}; PID: 5368
    Ipc \Sessions\1\BaseNamedObjects\WindowTabManager:b040a{E16429C7-955C-4E2A-807F-9F8381163974}; PID: 3764
    Ipc \Sessions\1\BaseNamedObjects\WindowTabManager:b040a{E16429C7-955C-4E2A-807F-9F8381163974}; PID: 5368
    Ipc \WindowsErrorReportingServicePort; PID: 9844
    Ipc O \BaseNamedObjects\CoreMessagingRegistrar; PID: 3764
    Ipc O \BaseNamedObjects\msctf.serverDefault1; PID: 3764
    Ipc O \KernelObjects\MaximumCommitCondition; PID: 3764
    Ipc O \KernelObjects\MaximumCommitCondition; PID: 9844
    Ipc O \KernelObjects\MemoryErrors; PID: 9844
    Ipc O \KernelObjects\SystemErrorPortReady; PID: 9844
    Ipc O \KnownDlls\advapi32.dll; PID: 4028
    Ipc O \KnownDlls\advapi32.dll; PID: 8088
    Ipc O \KnownDlls\advapi32.dll; PID: 9844
    Ipc O \KnownDlls\bcrypt.dll; PID: 3764
    Ipc O \KnownDlls\bcrypt.dll; PID: 4028
    Ipc O \KnownDlls\bcrypt.dll; PID: 8088
    Ipc O \KnownDlls\bcryptPrimitives.dll; PID: 4028
    Ipc O \KnownDlls\bcryptPrimitives.dll; PID: 8088
    Ipc O \KnownDlls\bcryptPrimitives.dll; PID: 9844
    Ipc O \KnownDlls\clbcatq.dll; PID: 3764
    Ipc O \KnownDlls\clbcatq.dll; PID: 9844
    Ipc O \KnownDlls\combase.dll; PID: 4028
    Ipc O \KnownDlls\combase.dll; PID: 8088
    Ipc O \KnownDlls\combase.dll; PID: 9844
    Ipc O \KnownDlls\CRYPT32.dll; PID: 4028
    Ipc O \KnownDlls\CRYPT32.dll; PID: 8088
    Ipc O \KnownDlls\CRYPT32.dll; PID: 9844
    Ipc O \KnownDlls\gdi32.dll; PID: 4028
    Ipc O \KnownDlls\gdi32.dll; PID: 8088
    Ipc O \KnownDlls\gdi32.dll; PID: 9844
    Ipc O \KnownDlls\gdi32full.dll; PID: 4028
    Ipc O \KnownDlls\gdi32full.dll; PID: 8088
    Ipc O \KnownDlls\gdi32full.dll; PID: 9844
    Ipc O \KnownDlls\IMM32.dll; PID: 4028
    Ipc O \KnownDlls\IMM32.dll; PID: 8088
    Ipc O \KnownDlls\IMM32.dll; PID: 9844
    Ipc O \KnownDlls\kernel32.dll; PID: 4028
    Ipc O \KnownDlls\kernel32.dll; PID: 8088
    Ipc O \KnownDlls\kernel32.dll; PID: 9844
    Ipc O \KnownDlls\kernelbase.dll; PID: 4028
    Ipc O \KnownDlls\kernelbase.dll; PID: 8088
    Ipc O \KnownDlls\kernelbase.dll; PID: 9844
    Ipc O \KnownDlls\MSCTF.dll; PID: 9844
    Ipc O \KnownDlls\msvcp_win.dll; PID: 4028
    Ipc O \KnownDlls\msvcp_win.dll; PID: 8088
    Ipc O \KnownDlls\msvcp_win.dll; PID: 9844
    Ipc O \KnownDlls\MSVCRT.dll; PID: 4028
    Ipc O \KnownDlls\MSVCRT.dll; PID: 8088
    Ipc O \KnownDlls\MSVCRT.dll; PID: 9844
    Ipc O \KnownDlls\ole32.dll; PID: 9844
    Ipc O \KnownDlls\OLEAUT32.dll; PID: 4028
    Ipc O \KnownDlls\OLEAUT32.dll; PID: 8088
    Ipc O \KnownDlls\OLEAUT32.dll; PID: 9844
    Ipc O \KnownDlls\PSAPI.DLL; PID: 4028
    Ipc O \KnownDlls\PSAPI.DLL; PID: 8088
    Ipc O \KnownDlls\PSAPI.DLL; PID: 9844
    Ipc O \KnownDlls\rpcrt4.dll; PID: 4028
    Ipc O \KnownDlls\rpcrt4.dll; PID: 8088
    Ipc O \KnownDlls\rpcrt4.dll; PID: 9844
    Ipc O \KnownDlls\sechost.dll; PID: 4028
    Ipc O \KnownDlls\sechost.dll; PID: 8088
    Ipc O \KnownDlls\sechost.dll; PID: 9844
    Ipc O \KnownDlls\SHCORE.dll; PID: 4028
    Ipc O \KnownDlls\SHCORE.dll; PID: 8088
    Ipc O \KnownDlls\SHCORE.dll; PID: 9844
    Ipc O \KnownDlls\SHELL32.dll; PID: 8088
    Ipc O \KnownDlls\SHELL32.dll; PID: 9844
    Ipc O \KnownDlls\SHLWAPI.dll; PID: 9844
    Ipc O \KnownDlls\ucrtbase.dll; PID: 4028
    Ipc O \KnownDlls\ucrtbase.dll; PID: 8088
    Ipc O \KnownDlls\ucrtbase.dll; PID: 9844
    Ipc O \KnownDlls\user32.dll; PID: 4028
    Ipc O \KnownDlls\user32.dll; PID: 8088
    Ipc O \KnownDlls\user32.dll; PID: 9844
    Ipc O \KnownDlls\win32u.dll; PID: 4028
    Ipc O \KnownDlls\win32u.dll; PID: 8088
    Ipc O \KnownDlls\win32u.dll; PID: 9844
    Ipc O \KnownDlls\WINTRUST.dll; PID: 4028
    Ipc O \KnownDlls\WINTRUST.dll; PID: 8088
    Ipc O \KnownDlls\WS2_32.dll; PID: 4028
    Ipc O \KnownDlls\WS2_32.dll; PID: 8088
    Ipc O \RPC Control\Audiosrv; PID: 3764
    Ipc O \RPC Control\dhcpcsvc; PID: 3764
    Ipc O \RPC Control\dhcpcsvc6; PID: 3764
    Ipc O \RPC Control\DNSResolver; PID: 3764
    Ipc O \RPC Control\LRPC-c21451270f9304f5bb; PID: 3764
    Ipc O \RPC Control\LSARPC_ENDPOINT; PID: 3764
    Ipc O \RPC Control\lsasspirpc; PID: 3764
    Ipc O \RPC Control\SbieSvcPort; PID: 2788
    Ipc O \RPC Control\SbieSvcPort; PID: 3764
    Ipc O \RPC Control\SbieSvcPort; PID: 4028
    Ipc O \RPC Control\SbieSvcPort; PID: 5368
    Ipc O \RPC Control\SbieSvcPort; PID: 8088
    Ipc O \RPC Control\SbieSvcPort; PID: 9844
    Ipc O \RPC Control\webcache_{031b98cf-4a69-4c31-ab42-fd9b3c199407}_S-1-5-21-2913871332-3197503757-3728901954-1001; PID: 3764
    Ipc O \Sessions\1\BaseNamedObjects\windows_webcache_counters_{9B6AB5B3-91BC-4097-835C-EA2DEC95E9CC}_S-1-5-21-2913871332-3197503757-3728901954-1001; PID: 3764
    Ipc O \Sessions\1\Windows\ApiPort; PID: 3764
    Ipc O \Sessions\1\Windows\ApiPort; PID: 4028
    Ipc O \Sessions\1\Windows\ApiPort; PID: 8088
    Ipc O \Sessions\1\Windows\ApiPort; PID: 9844
    Ipc O \Sessions\1\Windows\DwmApiPort; PID: 3764
    Ipc O \Sessions\1\Windows\SharedSection; PID: 4028
    Ipc O \Sessions\1\Windows\SharedSection; PID: 8088
    Ipc O \Sessions\1\Windows\SharedSection; PID: 9844
    Ipc O \Sessions\1\Windows\Theme2147948836; PID: 3764
    Ipc O \Sessions\1\Windows\Theme2147948836; PID: 9844
    Ipc O \Sessions\1\Windows\ThemeSection; PID: 9844
    Ipc O \ThemeApiPort; PID: 3764
    Ipc O \ThemeApiPort; PID: 8088
    Ipc O \ThemeApiPort; PID: 9844
    Ipc O \Windows\Theme577798837; PID: 3764
    Ipc O \Windows\Theme577798837; PID: 9844
    Other StartService: fontcache; PID: 5368
    Pipe -------------------------------
    Pipe \Device\CNG; PID: 4028
    Pipe \Device\CNG; PID: 8088
    Pipe \Device\CNG; PID: 9844
    Pipe \Device\HarddiskVolume5; PID: 5368
    Pipe \Device\KsecDD; PID: 3764
    Pipe \Device\KsecDD; PID: 4028
    Pipe \Device\KsecDD; PID: 8088
    Pipe \Device\MountPointManager; PID: 3764
    Pipe \Device\MountPointManager; PID: 5368
    Pipe \device\namedpipe\_sandbox_***_edge_session_1\local\crashpad_5368_wgildjdkhpzzfrfv; PID: 3764
    Pipe \Device\NamedPipe\LOCAL\crashpad_5368_WGILDJDKHPZZFRFV; PID: 3764
    Pipe \device\namedpipe\local\crashpad_5368_wgildjdkhpzzfrfv; PID: 4028
    Pipe \Device\NamedPipe\LOCAL\crashpad_5368_WGILDJDKHPZZFRFV; PID: 4028
    Pipe \device\namedpipe\local\crashpad_5368_wgildjdkhpzzfrfv; PID: 4028
    Pipe \Device\NamedPipe\LOCAL\crashpad_5368_WGILDJDKHPZZFRFV; PID: 8088
    Pipe \device\namedpipe\local\crashpad_5368_wgildjdkhpzzfrfv; PID: 8088
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.1488.111710407167801137; PID: 3764
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.1488.11769906409222526026; PID: 3764
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.1488.12868090977471239991; PID: 3764
    Pipe \device\namedpipe\local\mojo.5368.1488.12868090977471239991; PID: 5368
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.1488.12868090977471239991; PID: 5368
    Pipe \device\namedpipe\local\mojo.5368.1488.12868090977471239991; PID: 5368
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.1488.13020113109456857158; PID: 3764
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.1488.1481142430904964689; PID: 3764
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.1488.16277736005922948088; PID: 3764
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.1488.16798625066228874132; PID: 3764
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.1488.1968984877874796122; PID: 3764
    Pipe \device\namedpipe\local\mojo.5368.1488.3004507642242155944; PID: 5368
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.1488.3004507642242155944; PID: 5368
    Pipe \device\namedpipe\local\mojo.5368.1488.3004507642242155944; PID: 5368
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.1488.5737589693032445059; PID: 3764
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.1488.5737589693032445059; PID: 5368
    Pipe \device\namedpipe\local\mojo.5368.1488.5737589693032445059; PID: 5368
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.1488.5737589693032445059; PID: 5368
    Pipe \device\namedpipe\local\mojo.5368.1488.5737589693032445059; PID: 5368
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.1488.6494210297060030181; PID: 3764
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.1488.7143405376780590732; PID: 3764
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.1488.7336119080591668055; PID: 3764
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.1488.7336119080591668055; PID: 5368
    Pipe \device\namedpipe\local\mojo.5368.1488.7336119080591668055; PID: 5368
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.1488.7336119080591668055; PID: 5368
    Pipe \device\namedpipe\local\mojo.5368.1488.7336119080591668055; PID: 5368
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.1488.8549275896908834010; PID: 3764
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.1488.936795391682274563; PID: 5368
    Pipe \device\namedpipe\local\mojo.5368.1488.936795391682274563; PID: 5368
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.1488.9453720416195443189; PID: 3764
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.9664.10823374524849701661; PID: 3764
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.9664.11159137294069899277; PID: 3764
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.9664.11356111043352853160; PID: 3764
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.9664.11502822904152266446; PID: 3764
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.9664.14340310885510614902; PID: 3764
    Pipe \device\namedpipe\local\mojo.5368.9664.14340310885510614902; PID: 5368
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.9664.14340310885510614902; PID: 5368
    Pipe \device\namedpipe\local\mojo.5368.9664.14340310885510614902; PID: 5368
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.9664.17817972356860531923; PID: 3764
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.9664.3726619024704511560; PID: 3764
    Pipe \Device\NamedPipe\LOCAL\mojo.5368.9664.3867143733367990369; PID: 3764
    Pipe \Device\NamedPipe\LOCAL\mojo.external_task_manager_5368; PID: 3764
    Pipe O \Device\Afd; PID: 2788
    Pipe O \Device\Afd; PID: 3764
    Pipe O \Device\NetBT_Tcpip_{3AF5CB19-BF3C-4E2D-82BB-C844309AE601}; PID: 5368
    Pipe O \Device\NetBT_Tcpip_{51FE80B5-5323-4702-A23A-390B1B67BE6A}; PID: 5368
    Pipe O \Device\NetBT_Tcpip_{D41ED2D9-7BD3-440E-AA32-A014423A540A}; PID: 5368
    Pipe O \Device\NetBT_Tcpip_{DDE8D874-0496-4A54-8224-879029690662}; PID: 5368
    Pipe O \Device\NetBT_Tcpip_{F29FD7C7-E0FA-416A-976B-AA6685299FE7}; PID: 5368
    WinCls -------------------------------
    WinCls O Shell_TrayWnd; PID: 9844
    WinCls X ApplicationManager_DesktopShellWindow; PID: 5368
     
    Last edited: Nov 16, 2020
  14. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    18,056
    Location:
    UK
    @bjm_
    Thanks for checking, much appreciated. :thumb:
    I don't even get a sbie error, the browser just stops working and Vivaldi crashes as soon as I land on the page.

    Yet all is well with the browsers if they are not sandboxed on that page.

    Perhaps @DavidXanatos may be able to work things out.
     
  15. Ze Lin

    Ze Lin Registered Member

    Joined:
    Nov 15, 2020
    Posts:
    2
    Location:
    Tawian
    After I updated windows 2004, it was unable to use Sandboxie to open "Line", which is a communication software, may I know how to manage this problem? Thanks a lot!
     
  16. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    18,056
    Location:
    UK
    Members may be able to help if you give some more info.

    What build of Sandboxie are you using?
    Which browser?
     
  17. Ze Lin

    Ze Lin Registered Member

    Joined:
    Nov 15, 2020
    Posts:
    2
    Location:
    Tawian
    [QUOTE =“ stapp,post:2965719,member:42977”]如果您提供更多信息,成員可能會提供幫助

    What build of Sandboxie are you using?
    Which browser?[/QUOTE]

    I'm now using Windows10 2004, Sandboxie 5.43.7(64-bit), chrome, but I can't open the windows version of Line.

    The software shows unable to respond.



    https://img.onl/4YOrhs
     
  18. Survivor

    Survivor Registered Member

    Joined:
    Jul 11, 2020
    Posts:
    133
    Location:
    Land of Oz
    SanboxieP.png Sure we can, here would be the latest version I had, left for idle, right for using SB. Keep in mind to feed the poor guy regulary with the SBpizza :)

    This is 16x16.
    Another idea could be to turn the SBIctrl icon upside down or sideways. SBIECTRL.png

    BTW I tried the experimental version and so far nothing fails, which didn't fail with the previous versions. So still no improvement for the likes of NoManSky and Noita, still crash, while Noita, despite the crash can be run.
    Unity kill the Rpssc and it works or wait 4min. The rest is flawless.


    To your point of running games but for sure not for security, it depends on how you define security. You install the games with installers not messing up your installation, you can isolate the rest of the PC from sneaky ones which scan your whole PC by blocking the access, stop internet or open easily, you "docker" the games and make them transferable. For example since I run them like this, I never had to reinstall them, as all they need is in their little box. I confess I might be unique here too, I like to have games installed and play them whenever I feel, I am not stuck with one game all the time. Say GTA, once finished, why not jump in here or there or replay. Now why should I reinstall all the time. New PC, well, it still works. New installation of Windows, same. I might have to try VirtualBox in Linux once and see if that works, not sure if SBIE will work. So in the end, security is a part of this too.
    However the pure virtualization idea sounds like a nice option for some cases too.
     
  19. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,104
    Location:
    .
    LINE Still not works on Windows 10 20H2 #195
    https://github.com/sandboxie-plus/Sandboxie/issues/195
     
    Last edited: Nov 15, 2020
  20. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    1,270
    Location:
    Viena
    This build fixes many bugs and introduces a lot of new debugging facilities.

    Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v0.4.5

    ChangeLog

    Added
    • added "Terminate all processes" and "disable forced programs" commands to tray menu in SandMan ui
    • program start restrictions settings now can be switsched between a white list and a black list
      -- programs can be terminated and blacklisted from the context menu
    • added additional process context menu options, lingering and leader process can be now set from menu
    • added option to view template presets for any given box
    • added text filter to template view
    • added new compatybility templates:
      -- Windows 10 core UI component: OpenIpcPath=\BaseNamedObjects[CoreUI]-* solving issues with Chinese Input and Emojis
      -- FireFox Quantum, access to windows FontCachePort for compatybility with windows 7
    • added experimental debug option "OriginalToken=y" which lets sandboxed processes retain their original unrestricted token
      -- This option is comparable with "OpenToken=y" and is intended only for testing and debugging, it BREAKS most SECURITY guarantees (!)
    • added debug option "NoSandboxieDesktop=y" it disables the desktop proxy mechanism
      -- Note: without an unrestricted token with this option applications wont be able to start
    • added debug option "NoSysCallHooks=y" it disables the sys call processing by the driver
      -- Note: without an unrestricted token with this option applications wont be able to start
    • added ability to record verbost access tracess to the resource monitor
      -- use ini options "FileTrace=", "PipeTrace=", "KeyTrace=", "IpcTrace=", "GuiTrace=" to record all events
      -- replace "
      " to log only: "A" - allowed, "D" - denided, or "I" - ignore events
    • added ability to record debug output strings to the resource monitor,
      -- use ini option DebugTrace=y to enable
    Changed
    • AppUserModelID sting no longer contains sandboxie version string
    • now by default sbie's application manifest hack is disabled, as it causes problems with version checking on windows 10
      -- to enable old behavioure add "PreferExternalManifest=y" to the global or the box specific ini section
    • the resource log mechanism can now handle multiple strings to reduce on string copy operations
    Fixed
    • fixed issue with disabling some restriction settings failed
    • fixed disabling of internet block from the presets menu sometimes failed
    • the software compatybility list in the sandman UI now shows the proper template names
    • fixed use of freed memory in the driver
    • replaced swprintf with snwprintf to prevent potential buffer overflow in SbieDll.dll
    • fixed bad list performance with resource log and api log in SandMan UI
     
  21. Survivor

    Survivor Registered Member

    Joined:
    Jul 11, 2020
    Posts:
    133
    Location:
    Land of Oz
    Installed, tested the usual, all still OK as with the experimental 0.4.4.
    However Noita crash is now forever, so it crashes and I can't keep the crash notification open and still play. Anything coming to mind which could trigger the change between 0.4.4 to 0.4.5? Will try with some options still.
     
  22. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,104
    Location:
    .
  23. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    2,316
    Location:
    Italy
    I have a curiosity.:)
    Does S.Plus allow the injection of the MalwareBytes Anti-Exploit dll for example in the browser used?

    I remember that with SBIE it was a big problem.;)
    I thank in advance who will answer me.
    :thumb:
     
  24. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    1,270
    Location:
    Viena
    please try this test build: https://www110.zippyshare.com/v/ZKiphdSr/file.html
    it rolls back all the changes to the sbiedll.dll
    if that works you will get an other test build with some of the sbie dll changes, and so on...

    And an other test build: https://www2.zippyshare.com/v/RAmDBVTK/file.html with some changed in the sbiedll.dll

    please let me know which build works for you properly, than we will contrinue identifying the bug
     
    Last edited: Nov 17, 2020
  25. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    18,056
    Location:
    UK
    Just installed build 5.44.1 installed over the top of 5.43.7.
    Defender as usual flagged it as a trojan... I told it to allow it.
    All seems to be ok at this early stage.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.