SuperSniffer

Issues With SBIE and Chrome

Recommended Posts

Hi, I recently downloaded and installed OA Premium on my W7 32-bit system and I've been having some issues which appear to be related to the combination of OA, SBIE and Google Chrome. I was previously running Comodo Internet Security with no issues. I uninstalled CIS, used CCleaner to remove leftover registry entries, cleared my sandbox, restarted, and then installed the OA premium trial. The install went fine, no errors or issues of any sort. I then restarted again to make sure everything was good to go. SBIE automatically detected OA and prompted to add it to the compatibility list.

However, when I tried launching Chrome sandboxed, Chrome started loading, displayed the top bar (location bar, some of the extensions), and then simply froze. The actual homepage wasn't even rendered - just a blank white page appeared. Chrome completely locked up, and I couldn't close it. I tried terminating the running processes with SBIE (right-click context menu), but nothing happened - Chrome stayed open. I couldn't open SBIE's GUI or OA after that, and eventually the entire system becomes unresponsive. It wouldn't shut down, programs wouldn't run, and I was forced to manually shut it down.

I was hoping it was a one-time thing, but it's continued to happen since I installed OA. Sometimes (maybe 50%) I can get Chrome to fully load and work properly, but later when I try shutting the system down, it hangs at the "Windows is shutting down..." screen and I need to again power down manually. The other 50% of the time I can't even get Chrome to run sandboxed, and my entire system just locks up.

I'll note that running Chrome normally (not sandboxed by SBIE) works perfectly. But I don't feel comfortable browsing without SBIE these days, when even trusted sites can be hacked, or rogue adverts can install malware. Removing SBIE is not an option.

I've added exclusions in all of my security programs for one another: OA, Avast and MBAM Pro. I thought it might be DEP related (running EMET), but there are absolutely no helpful errors in the Windows event log. I was running the latest 3.64 version of SBIE, but upgraded to the beta version to see if maybe there was a fix.

Any ideas? I really like Online Armor. The interface is great, it's speedy and fast, and the options available are really fantastic. I'd be willing to pay for the premium version, but I can't even get OA to play nice with my current setup! Any suggestions would be greatly appreciated!

Share this post


Link to post
Share on other sites

This is a known issue: http://support.emsisoft.com/topic/5208-known-online-armor-issues/page__p__31545#entry31545

They claim it is fixed and I'm sure that it is for many folks, but not all.

I had to do this work around: add c:\users\[yourusername]\Appdata\Local\Google\Chrome\Application to the OA exclusions. Everything will work just fine after this. Chrome is no longer protected by OA at that point but is still protected by Sandboxie.

I agree with you, removing Sandboxie is not an option.

Acadia

Share this post


Link to post
Share on other sites

Thank you both for your replies!

This is a known issue: http://support.emsis...1545#entry31545

They claim it is fixed and I'm sure that it is for many folks, but not all.

I had to do this work around: add c:\users\[yourusername]\Appdata\Local\Google\Chrome\Application to the OA exclusions. Everything will work just fine after this. Chrome is no longer protected by OA at that point but is still protected by Sandboxie.

I agree with you, removing Sandboxie is not an option.

Acadia

Isn't this dangerous? What if a malware manages to slip past Avast and MBAM and install in the sandbox? I'd have no way of knowing, correct?

Hello SuperSniffer,

Do you have OA compatibility checked in sbie?

Yes, I've double checked that OA is checked off in the compatibility list. When I start Chrome sandboxed, the green border appears around the window as if OA is running Chrome "safer", even though I've verified that neither Chrome or SBIE are set to "RunSafer" (no programs are, in fact - everything is set to run normally). Also, when I run Chrome without SBIE, no green border appears around it. SBIE is configured not to display a border around sandboxed apps.

Share this post


Link to post
Share on other sites

I'm not surprised that Sandboxie had OA checked; Sandboxie is smart enough to do that automatically. Dangerous? If Sandboxie is not configured correctly or used correctly. http://www.sandboxie.com/index.php?DetectingKeyLoggers

I follow the advice of the creator of Sandboxie and wipe out the sandbox and everything inside of it before going to any financial site, that way I am sure of going to a financial site without any keystroke loggers. Sounds like a bunch of work but I created a macro that does it all in seconds with just a single keystroke.

I have the same problem that you do, my system completely freezes and I have to do the same hard kill. I am somewhat puzzled because the other excellent program, Outpost, does not have this problem. But I find OA easier to use so I just do the work around and empty the sandbox before going to any financial site.

Good luck,

Acadia

Share this post


Link to post
Share on other sites

Yes, I've double checked that OA is checked off in the compatibility list. When I start Chrome sandboxed, the green border appears around the window as if OA is running Chrome "safer", even though I've verified that neither Chrome or SBIE are set to "RunSafer" (no programs are, in fact - everything is set to run normally). Also, when I run Chrome without SBIE, no green border appears around it. SBIE is configured not to display a border around sandboxed apps.

Do you have the "Drop rights" setting enabled in Sandboxie? If so, does the problem still occur if this setting is unticked?

Share this post


Link to post
Share on other sites

I'm not surprised that Sandboxie had OA checked; Sandboxie is smart enough to do that automatically. Dangerous? If Sandboxie is not configured correctly or used correctly. http://www.sandboxie...ctingKeyLoggers

I follow the advice of the creator of Sandboxie and wipe out the sandbox and everything inside of it before going to any financial site, that way I am sure of going to a financial site without any keystroke loggers. Sounds like a bunch of work but I created a macro that does it all in seconds with just a single keystroke.

I have the same problem that you do, my system completely freezes and I have to do the same hard kill. I am somewhat puzzled because the other excellent program, Outpost, does not have this problem. But I find OA easier to use so I just do the work around and empty the sandbox before going to any financial site.

Good luck,

Acadia

Ah, I just did that, and it works! I've launched Chrome successfully sandboxed in SBIE without any lockups! Thanks!

I don't feel great about excluding Chrome from OA's protection, though. Being the paranoid type, I prefer to have layered security - especially for a primary internet-facing app that is a large vector for attacks.

Do you have the "Drop rights" setting enabled in Sandboxie? If so, does the problem still occur if this setting is unticked?

I did, but after you suggested that it might be causing issues, I disabled it and tried loading up Chrome in SBIE to have the same result: a PC lockup.

After that I actually uninstalled OA and reinstalled it, keeping the default settings. Then I tried launching Chrome in SBIE, with the same result. I thought maybe some option I changed in OA ight be the cause, but that wasn't the case here.

@OA Team: Is this being looked into? If you need any information from me, let me know!

Share this post


Link to post
Share on other sites

Hello SuperSniffer,

Could you please send me your System Information file (.nfo) via PM ?

You can get it by running "Start -> All Programs -> Accessories -> System Tools -> System Information" and saving the information via the File->Save menu.

Thank you in advance,

Share this post


Link to post
Share on other sites

SuperSniffer, you're welcome. Hey, listen, if you send Andrey that info and they get it fixed, could you please PM me the fix? Thanks.

Acadia

Share this post


Link to post
Share on other sites

SuperSniffer, you're welcome. Hey, listen, if you send Andrey that info and they get it fixed, could you please PM me the fix? Thanks.

Acadia

Sure thing! I really do hope they get it fixed, because I really love OA so far!

Hello SuperSniffer,

Could you please send me your System Information file (.nfo) via PM ?

You can get it by running "Start -> All Programs -> Accessories -> System Tools -> System Information" and saving the information via the File->Save menu.

Thank you in advance,

Ok, I sent you my system info file. Thank you again for looking into this!

Share this post


Link to post
Share on other sites

Hello,

Could you please check if the issue would still be reproducible on your side with the latest OA updates installed?

(Please check for updates if you don't have OA 5.5.0.1616 installed as yet)

Thank you in advance,

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.