Why no programs running in sandboxie, but access denied to delete contents with GMER, PCHunter64, Sandboxie, and Windows

Please post your problem description here

Moderator: Barb@Invincea

Post Reply
TyeBox
Posts: 36
Joined: Mon Jan 29, 2018 4:20 am

Why no programs running in sandboxie, but access denied to delete contents with GMER, PCHunter64, Sandboxie, and Windows

Post by TyeBox » Tue Feb 12, 2019 11:49 pm

All apps were terminated, yet I am unable to delete the content of sandboxie. FireFox in particular, zero sandbox layer protection set in about:config of course, Never seen that happen before ever that PCHunter or Gmer could not go any lower to the root of what is binding sandboxie folders. What is going on here? Just upgraded to Windows 10.0.17763 Pro

Barb@Invincea
Sandboxie Support
Sandboxie Support
Posts: 3020
Joined: Mon Nov 07, 2016 3:10 pm

Re: Why no programs running in sandboxie, but access denied to delete contents with GMER, PCHunter64, Sandboxie, and Win

Post by Barb@Invincea » Wed Feb 13, 2019 10:05 am

Hi TyeBox ,

Please, follow the guidelines:
viewtopic.php?f=11&t=19746

Be sure to search the forums, as there are several related threads to unable to delete contents.

Regards,
Barb.-

TyeBox
Posts: 36
Joined: Mon Jan 29, 2018 4:20 am

Re: Why no programs running in sandboxie, but access denied to delete contents with GMER, PCHunter64, Sandboxie, and Win

Post by TyeBox » Fri Feb 15, 2019 5:48 am

Using the latest sandboxie 5.27.3 for windows 1809 compatibility. Defender on demand scan only, no realtime protection; exploit protection enabled (aslr+dep)

bo.elam
Sandboxie Guru
Sandboxie Guru
Posts: 2910
Joined: Wed Apr 22, 2009 9:17 pm

Re: Why no programs running in sandboxie, but access denied to delete contents with GMER, PCHunter64, Sandboxie, and Win

Post by bo.elam » Fri Feb 15, 2019 1:50 pm

Hi TyeBox, I dont completely understand your post, but if you are trying to scan the Sandbox folder with programs like PCHunter or Gmer, thats not always going to work. Some scanners cant scan properly within the sandbox folder. Perhaps thats the case here.

Bo

TyeBox
Posts: 36
Joined: Mon Jan 29, 2018 4:20 am

Re: Why no programs running in sandboxie, but access denied to delete contents with GMER, PCHunter64, Sandboxie, and Win

Post by TyeBox » Mon Feb 18, 2019 8:05 am

All programs were terminated, yet I was told "access denied" when trying to empty the sandbox with sandboxie..... or any third party program that typically allows a user to perform deletions of even the most sensitive system files including the kernel itself. PCHunter64 and Gmer does what windows won't let you. Only a reboot freed up whatever was hooking the folder. It was a dedicated firefox sandbox.

bo.elam
Sandboxie Guru
Sandboxie Guru
Posts: 2910
Joined: Wed Apr 22, 2009 9:17 pm

Re: Why no programs running in sandboxie, but access denied to delete contents with GMER, PCHunter64, Sandboxie, and Win

Post by bo.elam » Mon Feb 18, 2019 12:33 pm

TyeBox wrote:
Mon Feb 18, 2019 8:05 am
Only a reboot freed up whatever was hooking the folder.
Then, perhaps, another scanner, a real time scanner was doing its thing and had a lock on files.

Bo

TyeBox
Posts: 36
Joined: Mon Jan 29, 2018 4:20 am

Re: Why no programs running in sandboxie, but access denied to delete contents with GMER, PCHunter64, Sandboxie, and Win

Post by TyeBox » Thu Feb 21, 2019 1:03 am

I had detected malware with pchunter64 hiding in my shadowssdt, seemed memory resident so I eventually removed it from memory via hard booting and a few other techniques. Also, Zemana antimalware found a suspicious firefox browser extension which happened to be privacy possum (outside of the sandbox); https://www.freefixer.com/library/file/ ... pi-221661/ after removing and re-installing this browser extension a subsequent rescan showed nothing. Perhaps this had something to do with it. I rarely ever open firefox outside of the sandbox, and only to uppdate it or clear it after suspcious activity.

Perhaps this had something to do with this.
Last edited by TyeBox on Thu Feb 21, 2019 1:05 am, edited 1 time in total.

TyeBox
Posts: 36
Joined: Mon Jan 29, 2018 4:20 am

Re: Why no programs running in sandboxie, but access denied to delete contents with GMER, PCHunter64, Sandboxie, and Win

Post by TyeBox » Thu Feb 21, 2019 1:04 am

Only windows defender anti-exploit is running , i have disabled realtime anti-virus in windows defender.

Post Reply

Who is online

Users browsing this forum: test47 and 22 guests