 |
 | a-squared is not able to see firefox in SB |  |
|
mattblau
|
|
Hallo,
I'm testing a-squared anti malware v4 beta at the moment. It has a feature to block bad hosts or tracking cookies. If I run Firefox sandboxed, a-squared is not able to block like it should. If I run Firefox outside SB, it works fine. How do I have to setup SB to solve this problem? Thank in advance |
|||||||||||
|
_________________ mattblau
|
|||||||||||||
 |
| |
|
Ruhe
|
|
Did you try the Resource Access Monitor?
|
|||||||||||
|
|||||||||||||
|
| |
|
mattblau
|
|
This is a debugview log with things happening, when Fir0jox is running outside SB and a-aquared is checking and blocking hosts. That should work for Firefox in SB too.
Any idea? 00000373 7.06512785 [1684] a2guard: -> Entering to the CheckFileSHA1 function. 00000374 7.06515598 [1684] a2guard: Val: FileName = C:\PROGRAMME\MOZILLA FIREFOX\FIREFOX.EXE 00000375 7.06518173 [1684] a2guard: <- Exiting from the CheckFileSHA1 function. 00000376 7.06522655 [1684] -> Entering to the THosts.Allowed function. 00000377 7.06525373 [1684] Val: Host = www.freeserials.ws 00000378 7.07204008 [1684] Result = 0 00000379 7.07206774 [1684] <- Exiting from the THosts.Allowed function. 00000380 7.07249594 [1684] Mes: Entering to the critical section 00000381 7.09700489 [1684] -> Entering to the ForceForegroundWindow function. 00000382 7.11218786 [1684] Result = -1 00000383 7.11227417 [1684] <- Exiting from the ForceForegroundWindow function. 00000384 7.12439728 [1684] -> Entering to the Misc GetSpecialPath function. 00000385 7.12442541 [1684] Val: nFolder = 38 00000386 7.12450075 [1684] Result = C:\Programme\ 00000387 7.12452650 [1684] <- Exiting from the Misc GetSpecialPath function. 00000388 7.12456417 [1684] -> Entering to the GetOperatingSystem function. 00000389 7.12459230 [1684] Val: Result = 6 00000390 7.12461996 [1684] <- Exiting from the GetOperatingSystem function. 00000391 7.13227749 [2148] -> Entering to the GetOperatingSystem function. 00000392 7.13230610 [2148] Val: Result = 6 00000393 7.13233042 [2148] <- Exiting from the GetOperatingSystem function. 00000394 7.13993502 [1684] -> Entering to the GetOperatingSystem function. 00000395 7.13996363 [1684] Val: Result = 6 00000396 7.13999462 [1684] <- Exiting from the GetOperatingSystem function. 00000397 7.14022350 [1684] -> Entering to the GetOperatingSystem function. 00000398 7.14025259 [1684] Val: Result = 6 00000399 7.14027834 [1684] <- Exiting from the GetOperatingSystem function. 00000400 7.14072371 [1684] -> Entering to the GetOperatingSystem function. 00000401 7.14075232 [1684] Val: Result = 6 00000402 7.14077711 [1684] <- Exiting from the GetOperatingSystem function. 00000403 7.14123106 [1684] -> Entering to the GetOperatingSystem function. 00000404 7.14125967 [1684] Val: Result = 6 00000405 7.14128494 [1684] <- Exiting from the GetOperatingSystem function. 00000406 7.14149570 [1684] -> Entering to the GetOperatingSystem function. 00000407 7.14152336 [1684] Val: Result = 6 00000408 7.14154911 [1684] <- Exiting from the GetOperatingSystem function. 00000409 7.14175844 [1684] -> Entering to the GetOperatingSystem function. 00000410 7.14178705 [1684] Val: Result = 6 00000411 7.14181232 [1684] <- Exiting from the GetOperatingSystem function. 00000412 7.14202690 [1684] -> Entering to the GetOperatingSystem function. 00000413 7.14205551 [1684] Val: Result = 6 00000414 7.14208126 [1684] <- Exiting from the GetOperatingSystem function. 00000415 7.14251566 [1684] -> Entering to the GetOperatingSystem function. 00000416 7.14254475 [1684] Val: Result = 6 00000417 7.14257002 [1684] <- Exiting from the GetOperatingSystem function. 00000418 7.14277935 [1684] -> Entering to the GetOperatingSystem function. 00000419 7.14280844 [1684] Val: Result = 6 00000420 7.14283371 [1684] <- Exiting from the GetOperatingSystem function. 00000421 7.14305019 [1684] -> Entering to the GetOperatingSystem function. 00000422 7.14307880 [1684] Val: Result = 6 00000423 7.14310503 [1684] <- Exiting from the GetOperatingSystem function. 00000424 7.14354181 [1684] -> Entering to the GetOperatingSystem function. 00000425 7.14357042 [1684] Val: Result = 6 00000426 7.14359617 [1684] <- Exiting from the GetOperatingSystem function. 00000427 7.14404440 [1684] -> Entering to the GetOperatingSystem function. 00000428 7.14407301 [1684] Val: Result = 6 00000429 7.14409828 [1684] <- Exiting from the GetOperatingSystem function. 00000430 7.14453316 [1684] -> Entering to the GetOperatingSystem function. 00000431 7.14456177 [1684] Val: Result = 6 00000432 7.14458752 [1684] <- Exiting from the GetOperatingSystem function. 00000433 7.14512920 [1684] -> Entering to the GetOperatingSystem function. 00000434 7.14516592 [1684] Val: Result = 6 00000435 7.14526463 [1684] <- Exiting from the GetOperatingSystem function. 00000436 7.14568043 [1684] -> Entering to the GetOperatingSystem function. 00000437 7.14571667 [1684] Val: Result = 6 00000438 7.14607620 [1684] <- Exiting from the GetOperatingSystem function. 00000439 7.14624262 [1684] -> Entering to the GetOperatingSystem function. 00000440 7.14627886 [1684] Val: Result = 6 00000441 7.14649391 [1684] <- Exiting from the GetOperatingSystem function. 00000442 7.14681339 [1684] -> Entering to the GetOperatingSystem function. 00000443 7.14694452 [1684] Val: Result = 6 00000444 7.14703417 [1684] <- Exiting from the GetOperatingSystem function. 00000445 7.14761496 [1684] -> Entering to the GetOperatingSystem function. 00000446 7.14765501 [1684] Val: Result = 6 00000447 7.14793444 [1684] <- Exiting from the GetOperatingSystem function. 00000448 7.14819765 [1684] -> Entering to the GetOperatingSystem function. 00000449 7.14823437 [1684] Val: Result = 6 00000450 7.14845037 [1684] <- Exiting from the GetOperatingSystem function. 00000451 7.14850998 [1684] -> Entering to the GetOperatingSystem function. 00000452 7.14854574 [1684] Val: Result = 6 00000453 7.14878559 [1684] <- Exiting from the GetOperatingSystem function. 00000454 7.14883232 [1684] -> Entering to the GetOperatingSystem function. 00000455 7.14886904 [1684] Val: Result = 6 00000456 7.14894199 [1684] <- Exiting from the GetOperatingSystem function. 00000457 7.14915085 [1684] -> Entering to the GetOperatingSystem function. 00000458 7.14918661 [1684] Val: Result = 6 00000459 7.14939547 [1684] <- Exiting from the GetOperatingSystem function. 00000460 7.14945316 [1684] -> Entering to the GetOperatingSystem function. 00000461 7.14948940 [1684] Val: Result = 6 00000462 7.14972591 [1684] <- Exiting from the GetOperatingSystem function. 00000463 7.14975548 [1684] -> Entering to the GetOperatingSystem function. 00000464 7.15151501 [1684] Val: Result = 6 00000465 7.15154314 [1684] <- Exiting from the GetOperatingSystem function. 00000466 7.15183163 [1684] -> Entering to the GetOperatingSystem function. 00000467 7.15185165 [1684] Val: Result = 6 00000468 7.15187836 [1684] <- Exiting from the GetOperatingSystem function. 00000469 7.15232563 [1684] -> Entering to the GetOperatingSystem function. 00000470 7.15235424 [1684] Val: Result = 6 00000471 7.15238047 [1684] <- Exiting from the GetOperatingSystem function. 00000472 7.15282106 [1684] -> Entering to the GetOperatingSystem function. 00000473 7.15285063 [1684] Val: Result = 6 00000474 7.15287590 [1684] <- Exiting from the GetOperatingSystem function. 00000475 7.15331221 [1684] -> Entering to the GetOperatingSystem function. 00000476 7.15334177 [1684] Val: Result = 6 00000477 7.15336704 [1684] <- Exiting from the GetOperatingSystem function. 00000478 7.15380621 [1684] -> Entering to the GetOperatingSystem function. 00000479 7.15383482 [1684] Val: Result = 6 00000480 7.15386105 [1684] <- Exiting from the GetOperatingSystem function. 00000481 7.15429640 [1684] -> Entering to the GetOperatingSystem function. 00000482 7.15432549 [1684] Val: Result = 6 00000483 7.15435076 [1684] <- Exiting from the GetOperatingSystem function. 00000484 7.15480757 [1684] -> Entering to the GetOperatingSystem function. 00000485 7.15483618 [1684] Val: Result = 6 00000486 7.15486193 [1684] <- Exiting from the GetOperatingSystem function. 00000487 7.15530396 [1684] -> Entering to the GetOperatingSystem function. 00000488 7.15533352 [1684] Val: Result = 6 00000489 7.15535927 [1684] <- Exiting from the GetOperatingSystem function. 00000490 7.15581465 [1684] -> Entering to the GetOperatingSystem function. 00000491 7.15584373 [1684] Val: Result = 6 00000492 7.15586901 [1684] <- Exiting from the GetOperatingSystem function. 00000493 7.15630722 [1684] -> Entering to the GetOperatingSystem function. 00000494 7.15633583 [1684] Val: Result = 6 00000495 7.15636158 [1684] <- Exiting from the GetOperatingSystem function. 00000496 7.15680122 [1684] -> Entering to the GetOperatingSystem function. 00000497 7.15683031 [1684] Val: Result = 6 00000498 7.15685558 [1684] <- Exiting from the GetOperatingSystem function. 00000499 7.15729380 [1684] -> Entering to the GetOperatingSystem function. 00000500 7.15732288 [1684] Val: Result = 6 00000501 7.15734863 [1684] <- Exiting from the GetOperatingSystem function. 00000502 7.15755939 [1684] -> Entering to the GetOperatingSystem function. 00000503 7.15759468 [1684] Val: Result = 6 00000504 7.15761995 [1684] <- Exiting from the GetOperatingSystem function. 00000505 7.15805817 [1684] -> Entering to the GetOperatingSystem function. 00000506 7.15808678 [1684] Val: Result = 6 00000507 7.15811253 [1684] <- Exiting from the GetOperatingSystem function. 00000508 7.15922689 [1684] -> Entering to the GetOperatingSystem function. 00000509 7.15925646 [1684] Val: Result = 6 00000510 7.15928268 [1684] <- Exiting from the GetOperatingSystem function. 00000511 7.15949631 [1684] -> Entering to the GetOperatingSystem function. 00000512 7.15953827 [1684] Val: Result = 6 00000513 7.15956450 [1684] <- Exiting from the GetOperatingSystem function. 00000514 7.16000223 [1684] -> Entering to the GetOperatingSystem function. 00000515 7.16003132 [1684] Val: Result = 6 00000516 7.16005659 [1684] <- Exiting from the GetOperatingSystem function. 00000517 7.16050100 [1684] -> Entering to the GetOperatingSystem function. 00000518 7.16052961 [1684] Val: Result = 6 00000519 7.16055536 [1684] <- Exiting from the GetOperatingSystem function. 00000520 7.16127014 [1684] -> Entering to the GetOperatingSystem function. 00000521 7.16129875 [1684] Val: Result = 6 00000522 7.16132450 [1684] <- Exiting from the GetOperatingSystem function. 00000523 7.16177034 [1684] -> Entering to the GetOperatingSystem function. 00000524 7.16179943 [1684] Val: Result = 6 00000525 7.16182470 [1684] <- Exiting from the GetOperatingSystem function. 00000526 7.16254234 [1684] -> Entering to the GetOperatingSystem function. 00000527 7.16257143 [1684] Val: Result = 6 00000528 7.16259670 [1684] <- Exiting from the GetOperatingSystem function. 00000529 7.16281080 [1684] -> Entering to the GetOperatingSystem function. 00000530 7.16283941 [1684] Val: Result = 6 00000531 7.16286516 [1684] <- Exiting from the GetOperatingSystem function. 00000532 7.16330051 [1684] -> Entering to the GetOperatingSystem function. 00000533 7.16333008 [1684] Val: Result = 6 00000534 7.16335535 [1684] <- Exiting from the GetOperatingSystem function. 00000535 7.16379881 [1684] -> Entering to the GetOperatingSystem function. 00000536 7.16382742 [1684] Val: Result = 6 00000537 7.16385269 [1684] <- Exiting from the GetOperatingSystem function. 00000538 7.16428804 [1684] -> Entering to the GetOperatingSystem function. 00000539 7.16431713 [1684] Val: Result = 6 00000540 7.16434240 [1684] <- Exiting from the GetOperatingSystem function. 00000541 7.16478682 [1684] -> Entering to the GetOperatingSystem function. 00000542 7.16481543 [1684] Val: Result = 6 00000543 7.16484118 [1684] <- Exiting from the GetOperatingSystem function. 00000544 7.16493225 [1684] -> Entering to the GetOperatingSystem function. 00000545 7.16496038 [1684] Val: Result = 6 00000546 7.16498566 [1684] <- Exiting from the GetOperatingSystem function. 00000547 7.16547298 [1684] -> Entering to the GetOperatingSystem function. 00000548 7.16548443 [1684] Val: Result = 6 00000549 7.16551256 [1684] <- Exiting from the GetOperatingSystem function. 00000550 7.16595507 [1684] -> Entering to the GetOperatingSystem function. 00000551 7.16598320 [1684] Val: Result = 6 00000552 7.16600895 [1684] <- Exiting from the GetOperatingSystem function. 00000553 7.16647053 [1684] -> Entering to the GetOperatingSystem function. 00000554 7.16649914 [1684] Val: Result = 6 00000555 7.16652489 [1684] <- Exiting from the GetOperatingSystem function. 00000556 7.16696358 [1684] -> Entering to the GetOperatingSystem function. 00000557 7.16699219 [1684] Val: Result = 6 00000558 7.16701794 [1684] <- Exiting from the GetOperatingSystem function. 00000559 7.16711426 [1684] -> Entering to the GetOperatingSystem function. 00000560 7.16714239 [1684] Val: Result = 6 00000561 7.16716719 [1684] <- Exiting from the GetOperatingSystem function. 00000562 7.16738129 [1684] -> Entering to the GetOperatingSystem function. 00000563 7.16740990 [1684] Val: Result = 6 00000564 7.16743517 [1684] <- Exiting from the GetOperatingSystem function. 00000565 7.16787386 [1684] -> Entering to the GetOperatingSystem function. 00000566 7.16790247 [1684] Val: Result = 6 00000567 7.16792822 [1684] <- Exiting from the GetOperatingSystem function. 00000568 7.16836929 [1684] -> Entering to the GetOperatingSystem function. 00000569 7.16839790 [1684] Val: Result = 6 00000570 7.16842318 [1684] <- Exiting from the GetOperatingSystem function. 00000571 7.16886330 [1684] -> Entering to the GetOperatingSystem function. 00000572 7.16889238 [1684] Val: Result = 6 00000573 7.16891861 [1684] <- Exiting from the GetOperatingSystem function. 00000574 7.16912842 [1684] -> Entering to the GetOperatingSystem function. 00000575 7.16915703 [1684] Val: Result = 6 00000576 7.16918278 [1684] <- Exiting from the GetOperatingSystem function. 00000577 7.16964436 [1684] -> Entering to the GetOperatingSystem function. 00000578 7.16967201 [1684] Val: Result = 6 00000579 7.16969728 [1684] <- Exiting from the GetOperatingSystem function. 00000580 7.17013454 [1684] -> Entering to the GetOperatingSystem function. 00000581 7.17016411 [1684] Val: Result = 6 00000582 7.17018986 [1684] <- Exiting from the GetOperatingSystem function. 00000583 7.17063570 [1684] -> Entering to the GetOperatingSystem function. 00000584 7.17066431 [1684] Val: Result = 6 00000585 7.17068958 [1684] <- Exiting from the GetOperatingSystem function. 00000586 7.17112684 [1684] -> Entering to the GetOperatingSystem function. 00000587 7.17115593 [1684] Val: Result = 6 00000588 7.17118120 [1684] <- Exiting from the GetOperatingSystem function. 00000589 7.17142725 [1684] -> Entering to the GetOperatingSystem function. 00000590 7.17145586 [1684] Val: Result = 6 00000591 7.17148161 [1684] <- Exiting from the GetOperatingSystem function. 00000592 7.17169857 [1684] -> Entering to the GetOperatingSystem function. 00000593 7.17172766 [1684] Val: Result = 6 00000594 7.17175388 [1684] <- Exiting from the GetOperatingSystem function. 00000595 7.17197990 [1684] -> Entering to the GetOperatingSystem function. 00000596 7.17200851 [1684] Val: Result = 6 00000597 7.17203426 [1684] <- Exiting from the GetOperatingSystem function. 00000598 7.17224741 [1684] -> Entering to the GetOperatingSystem function. 00000599 7.17227650 [1684] Val: Result = 6 00000600 7.17230225 [1684] <- Exiting from the GetOperatingSystem function. 00000601 7.17253256 [1684] -> Entering to the GetOperatingSystem function. 00000602 7.17256117 [1684] Val: Result = 6 00000603 7.17258692 [1684] <- Exiting from the GetOperatingSystem function. 00000604 7.17325878 [1684] -> Entering to the GetOperatingSystem function. 00000605 7.17328739 [1684] Val: Result = 6 00000606 7.17331314 [1684] <- Exiting from the GetOperatingSystem function. 00000607 7.17375708 [1684] -> Entering to the GetOperatingSystem function. 00000608 7.17378569 [1684] Val: Result = 6 00000609 7.17381144 [1684] <- Exiting from the GetOperatingSystem function. 00000610 7.17425013 [1684] -> Entering to the GetOperatingSystem function. 00000611 7.17427874 [1684] Val: Result = 6 00000612 7.17430449 [1684] <- Exiting from the GetOperatingSystem function. 00000613 7.17474222 [1684] -> Entering to the GetOperatingSystem function. 00000614 7.17477083 [1684] Val: Result = 6 00000615 7.17479658 [1684] <- Exiting from the GetOperatingSystem function. 00000616 7.17524767 [1684] -> Entering to the GetOperatingSystem function. 00000617 7.17527628 [1684] Val: Result = 6 00000618 7.17530155 [1684] <- Exiting from the GetOperatingSystem function. 00000619 7.17584753 [1684] -> Entering to the GetOperatingSystem function. 00000620 7.17587662 [1684] Val: Result = 6 00000621 7.17590237 [1684] <- Exiting from the GetOperatingSystem function. 00000622 7.17634153 [1684] -> Entering to the GetOperatingSystem function. 00000623 7.17637062 [1684] Val: Result = 6 00000624 7.17639589 [1684] <- Exiting from the GetOperatingSystem function. 00000625 7.17684746 [1684] -> Entering to the GetOperatingSystem function. 00000626 7.17687607 [1684] Val: Result = 6 00000627 7.17690229 [1684] <- Exiting from the GetOperatingSystem function. 00000628 7.17734718 [1684] -> Entering to the GetOperatingSystem function. 00000629 7.17737579 [1684] Val: Result = 6 00000630 7.17740154 [1684] <- Exiting from the GetOperatingSystem function. 00000631 7.17784595 [1684] -> Entering to the GetOperatingSystem function. 00000632 7.17787457 [1684] Val: Result = 6 00000633 7.17789936 [1684] <- Exiting from the GetOperatingSystem function. 00000634 7.17834568 [1684] -> Entering to the GetOperatingSystem function. 00000635 7.17837429 [1684] Val: Result = 6 00000636 7.17840052 [1684] <- Exiting from the GetOperatingSystem function. 00000637 10.55588913 [1684] a2guard: Result = 0 00000638 10.55591202 [1684] a2guard: <- Exiting from the IDS Callback function. 00000639 10.55614853 [2148] a2service: Val: Result = 0 00000640 10.55617714 [2148] a2service: <- Exiting from the OnIDSCallback function. 00000641 10.64417744 [2148] a2service: -> Entering to the OnIDSCallback function. 00000642 10.64424324 [2148] a2service: Val: ID = 247 00000643 10.64425659 [2148] a2service: Val: PID = 2276 00000644 10.64430618 [2148] a2service: -> Entering to the GetMonitor function. 00000645 10.64433670 [2148] a2service: Val: PID = 2276 00000646 10.64440441 [2148] a2service: Val: IDS = -1 00000647 10.64442635 [2148] a2service: -> Entering to the GetSessionMonitor function. 00000648 10.64447498 [2148] a2service: Val: PID = 2276 00000649 10.64449883 [2148] a2service: Val: IDS = -1 00000650 10.64451790 [2148] -> Entering to the GetOperatingSystem function. 00000651 10.64457226 [2148] Val: Result = 6 00000652 10.64458561 [2148] <- Exiting from the GetOperatingSystem function. 00000653 10.64475346 [2148] -> Entering to the GetOperatingSystem function. 00000654 10.64478779 [2148] Val: Result = 6 00000655 10.64483547 [2148] <- Exiting from the GetOperatingSystem function. 00000656 10.64488029 [2148] a2service: -> Entering to the GetConnectedMonitor function. 00000657 10.64491653 [2148] a2service: Val: IDS = -1 00000658 10.64495182 [2148] a2service: Val: SessionID = 0 00000659 10.64498615 [2148] a2service: <- Exiting from the GetConnectedMonitor function. 00000660 10.64502621 [2148] a2service: -> Entering to the GetConnectedMonitor function. 00000661 10.64506054 [2148] a2service: Val: IDS = -1 00000662 10.64509583 [2148] a2service: Val: SessionID = 0 00000663 10.64512920 [2148] a2service: <- Exiting from the GetConnectedMonitor function. 00000664 10.64516544 [2148] a2service: -> Entering to the GetConnectedMonitor function. 00000665 10.64520073 [2148] a2service: Val: IDS = -1 00000666 10.64523411 [2148] a2service: Val: SessionID = 0 00000667 10.64526844 [2148] a2service: <- Exiting from the GetConnectedMonitor function. 00000668 10.64530373 [2148] -> Entering to the GetOperatingSystem function. 00000669 10.64533710 [2148] Val: Result = 6 00000670 10.64537239 [2148] <- Exiting from the GetOperatingSystem function. 00000671 10.64540577 [2148] a2service: Val: Result = -1 00000672 10.64544010 [2148] a2service: <- Exiting from the GetSessionMonitor function. 00000673 10.64556599 [2148] a2service: <- Exiting from the GetMonitor function. 00000674 10.64560223 [2148] -> Entering to the GetProcessFilename function. 00000675 10.64563560 [2148] Val: PID = 2276 00000676 10.64567852 [2148] -> Entering to the GetOperatingSystem function. 00000677 10.64571190 [2148] Val: Result = 6 00000678 10.64577293 [2148] <- Exiting from the GetOperatingSystem function. 00000679 10.64580727 [2148] Val: Result = C:\Programme\Mozilla Firefox\firefox.exe 00000680 10.64618874 [2148] <- Exiting from the GetProcessFilename function. 00000681 10.64622784 [2148] a2service: -> Entering to the GetMonitor function. 00000682 10.64626503 [2148] a2service: Val: PID = 2276 00000683 10.64629841 [2148] a2service: Val: IDS = -1 00000684 10.64633465 [2148] a2service: -> Entering to the GetSessionMonitor function. 00000685 10.64636993 [2148] a2service: Val: PID = 2276 00000686 10.64640808 [2148] a2service: Val: IDS = -1 00000687 10.64644432 [2148] -> Entering to the GetOperatingSystem function. 00000688 10.64647770 [2148] Val: Result = 6 00000689 10.64653206 [2148] <- Exiting from the GetOperatingSystem function. 00000690 10.64661121 [2148] -> Entering to the GetOperatingSystem function. 00000691 10.64666080 [2148] Val: Result = 6 00000692 10.64670563 [2148] <- Exiting from the GetOperatingSystem function. 00000693 10.64674091 [2148] a2service: -> Entering to the GetConnectedMonitor function. 00000694 10.64677620 [2148] a2service: Val: IDS = -1 00000695 10.64681053 [2148] a2service: Val: SessionID = 0 00000696 10.64684391 [2148] a2service: <- Exiting from the GetConnectedMonitor function. 00000697 10.64687920 [2148] a2service: -> Entering to the GetConnectedMonitor function. 00000698 10.64691448 [2148] a2service: Val: IDS = -1 00000699 10.64694786 [2148] a2service: Val: SessionID = 0 00000700 10.64699078 [2148] a2service: <- Exiting from the GetConnectedMonitor function. 00000701 10.64702702 [2148] a2service: -> Entering to the GetConnectedMonitor function. 00000702 10.64706326 [2148] a2service: Val: IDS = -1 00000703 10.64709759 [2148] a2service: Val: SessionID = 0 00000704 10.64713192 [2148] a2service: <- Exiting from the GetConnectedMonitor function. 00000705 10.64716911 [2148] -> Entering to the GetOperatingSystem function. 00000706 10.64720345 [2148] Val: Result = 6 00000707 10.64723873 [2148] <- Exiting from the GetOperatingSystem function. 00000708 10.64727211 [2148] a2service: Val: Result = -1 00000709 10.64730644 [2148] a2service: <- Exiting from the GetSessionMonitor function. 00000710 10.64739895 [2148] a2service: <- Exiting from the GetMonitor function. 00000711 10.64743900 [1684] a2guard: -> Entering to the IDS Callback function. 00000712 10.64769840 [1684] a2guard: Val: ID = 247, PID = 2276 00000713 10.64773464 [2148] -> Entering to the GetProcessFilename function. 00000714 10.64776039 [2148] Val: PID = 2276 00000715 10.64777088 [2148] -> Entering to the GetOperatingSystem function. 00000716 10.64782047 [2148] Val: Result = 6 00000717 10.64787769 [2148] <- Exiting from the GetOperatingSystem function. 00000718 10.64791203 [2148] Val: Result = C:\Programme\Mozilla Firefox\firefox.exe 00000719 10.65000916 [2148] <- Exiting from the GetProcessFilename function. 00000720 10.65804482 [1684] -> Entering to the TWhiteList.Allowed function. 00000721 10.65818882 [1684] Val: SHA1 = 19E365305CEABAD649ED67278587D2F80B94C78E 00000722 10.65822697 [1684] Result = -1 00000723 10.65871429 [1684] <- Exiting from the TWhiteList.Allowed function. 00000724 10.65875053 [1684] a2guard: -> Entering to the CheckFileSHA1 function. 00000725 10.65876865 [1684] a2guard: Val: FileName = C:\PROGRAMME\MOZILLA FIREFOX\FIREFOX.EXE 00000726 10.65879536 [1684] a2guard: <- Exiting from the CheckFileSHA1 function. 00000727 10.65884113 [1684] -> Entering to the THosts.Allowed function. 00000728 10.65886784 [1684] Val: Host = www.freeserials.ws 00000729 10.66590786 [1684] Result = 0 00000730 10.66593266 [1684] <- Exiting from the THosts.Allowed function. 00000731 10.66672516 [2148] a2service: Val: Result = 0 00000732 10.66675186 [2148] a2service: <- Exiting from the OnIDSCallback function. |
|||||||||||
|
|||||||||||||
|
| |
|
Ruhe
|
|
Sorry, thats not the requested output.
|
|||||||||||
|
|||||||||||||
|
| |
|
mattblau
|
|
I know - but the problem is: a2 is not running in the sandbox - it is not seen by the Ressource acces monitor, right? Only firefox is logged.
But I tried to run a2 in the sandbox too and made what you told me: (Drive) \Device\CdRom0 (Drive) \Device\CdRom1 (Drive) \Device\HarddiskVolume1 (Drive) \Device\HarddiskVolume10 (Drive) \Device\HarddiskVolume11 (Drive) \Device\HarddiskVolume2 (Drive) \Device\HarddiskVolume3 (Drive) \Device\HarddiskVolume4 (Drive) \Device\HarddiskVolume5 (Drive) \Device\HarddiskVolume6 (Drive) \Device\HarddiskVolume7 (Drive) \Device\HarddiskVolume8 (Drive) \Device\HarddiskVolume9 (Unk) 00000022 \Device\KeyScrambler (Unk) 00000022 \Device\SandboxieDriverApi (Unk) 00000022 \Device\WMIDataDevice (Unk) 00000035 \Dfs (Unk) 00000039 \Device\KsecDD (Unk) 000000F1 \Device\RasAcd Clsid ------------------------------- Clsid X {F9D7362A-4F6F-4168-BD4A-62B5489BEC5B} ? Ipc ------------------------------- Ipc \BaseNamedObjects\_GD_Mozilla_Email_Operation Ipc \BaseNamedObjects\_GD_Network_Event3 Ipc \BaseNamedObjects\_GD_Network_Event4 Ipc \BaseNamedObjects\_GD_Singleton_Creation_Lock1712 Ipc \BaseNamedObjects\_GD_Singleton_Creation_Lock17120227EE3A Ipc \BaseNamedObjects\_GD_Singleton_Creation_Lock396 Ipc \BaseNamedObjects\_GD_Singleton_Creation_Lock3960226EE3A Ipc \BaseNamedObjects\_GD_Status_Single Ipc \BaseNamedObjects\{A3BD3259-3E4F-428a-84C8-F0463A9D3EB5} Ipc \BaseNamedObjects\{A64C7F33-DA35-459b-96CA-63B51FB0CDB9} Ipc \BaseNamedObjects\a2_86E168CFAnswerBuf21Event1 Ipc \BaseNamedObjects\a2_86E168CFAnswerBuf21Event2 Ipc \BaseNamedObjects\a2_86E168CFAnswerBuf21Map Ipc \BaseNamedObjects\a2_86E168CFAnswerBuf22Event1 Ipc \BaseNamedObjects\a2_86E168CFAnswerBuf22Event2 Ipc \BaseNamedObjects\a2_86E168CFAnswerBuf22Map Ipc \BaseNamedObjects\a2_86E168CFIpc2Map Ipc \BaseNamedObjects\a2_86E168CFIpc2Mutex Ipc \BaseNamedObjects\a2AntiMalware_service_activated Ipc \BaseNamedObjects\asquared_a2guard_2052_update Ipc \BaseNamedObjects\asquared_center Ipc \BaseNamedObjects\asquared_files_monitor_abort_event Ipc \BaseNamedObjects\asquared_files_monitor_reload_event Ipc \BaseNamedObjects\asquared_guard Ipc \BaseNamedObjects\asquared_guard_local Ipc \BaseNamedObjects\asquared_ids Ipc \BaseNamedObjects\AutoUnhookMap$0000030c$67800000 Ipc \BaseNamedObjects\ComPlusCOMRegTable Ipc \BaseNamedObjects\crypt32LogoffEvent Ipc \BaseNamedObjects\FirefoxStartupMutex Ipc \BaseNamedObjects\GoogleDesktop.exeqc Ipc \BaseNamedObjects\HookTThread$804 Ipc \BaseNamedObjects\KeyScrambler Yield Icon Event Ipc \BaseNamedObjects\kPidExitProcDataNameId Ipc \BaseNamedObjects\KSEncryptionEvent0 Ipc \BaseNamedObjects\KSEncryptionEvent1 Ipc \BaseNamedObjects\KSProcEvent18C Ipc \BaseNamedObjects\madExceptSettingsBuf$30c Ipc \BaseNamedObjects\madExceptSettingsBuf$804 Ipc \BaseNamedObjects\madExceptSettingsBuf$928 Ipc \BaseNamedObjects\madExceptSettingsBuf$a14 Ipc \BaseNamedObjects\madExceptSettingsMtx$30c Ipc \BaseNamedObjects\madExceptSettingsMtx$804 Ipc \BaseNamedObjects\madExceptSettingsMtx$928 Ipc \BaseNamedObjects\madExceptSettingsMtx$a14 Ipc \BaseNamedObjects\madExceptThreadNameBuf$30c Ipc \BaseNamedObjects\madExceptThreadNameBuf$804 Ipc \BaseNamedObjects\madExceptThreadNameBuf$928 Ipc \BaseNamedObjects\madExceptThreadNameBuf$a14 Ipc \BaseNamedObjects\madToolsMsgHandlerMutex$9f4$413b0c Ipc \BaseNamedObjects\madToolsMsgHandlerMutex$ad0$413b0c Ipc \BaseNamedObjects\madToolsMsgHandlerMutex$b34$413b0c Ipc \BaseNamedObjects\madToolsMsgHandlerMutex$e6c$413b34 Ipc \BaseNamedObjects\mc2IInjT$248 Ipc \BaseNamedObjects\mc2IInjT$2e8 Ipc \BaseNamedObjects\mc2IInjT$2f4 Ipc \BaseNamedObjects\mc2IInjT$30c Ipc \BaseNamedObjects\mc2IInjT$314 Ipc \BaseNamedObjects\mc2IInjT$358 Ipc \BaseNamedObjects\mc2IInjT$394 Ipc \BaseNamedObjects\mc2IInjT$3a8 Ipc \BaseNamedObjects\mc2IInjT$3b4 Ipc \BaseNamedObjects\mc2IInjT$3bc Ipc \BaseNamedObjects\mc2IInjT$3f4 Ipc \BaseNamedObjects\mc2IInjT$43c Ipc \BaseNamedObjects\mc2IInjT$470 Ipc \BaseNamedObjects\mc2IInjT$488 Ipc \BaseNamedObjects\mc2IInjT$48c Ipc \BaseNamedObjects\mc2IInjT$580 Ipc \BaseNamedObjects\mc2IInjT$6ac Ipc \BaseNamedObjects\mc2IInjT$718 Ipc \BaseNamedObjects\mc2IInjT$9bc Ipc \BaseNamedObjects\mc2IInjT$bd8 Ipc \BaseNamedObjects\mc2IInjT$c08 Ipc \BaseNamedObjects\mc2IInjT$c48 Ipc \BaseNamedObjects\mc2IInjT$c8c Ipc \BaseNamedObjects\mc2IInjT$cbc Ipc \BaseNamedObjects\mc2IInjT$d04 Ipc \BaseNamedObjects\mc2IInjT$d4c Ipc \BaseNamedObjects\mc2IInjT$dfc Ipc \BaseNamedObjects\mc2IInjT$ea0 Ipc \BaseNamedObjects\mc2IInjT$eac Ipc \BaseNamedObjects\mc2IInjT$ee8 Ipc \BaseNamedObjects\mc2IInjT$f14 Ipc \BaseNamedObjects\mc2SWDIJ1 Ipc \BaseNamedObjects\mc2SWDIJMutex Ipc \BaseNamedObjects\mchInjDrvMap Ipc \BaseNamedObjects\mchLLEW2$30c Ipc \BaseNamedObjects\mchMixCache$30c Ipc \BaseNamedObjects\Mutex, mAH, Process $0000030c, API $08420000 Ipc \BaseNamedObjects\Mutex, mAH, Process $0000030c, API $71a135ef Ipc \BaseNamedObjects\Mutex, mAH, Process $0000030c, API $71a14a07 Ipc \BaseNamedObjects\Mutex, mAH, Process $0000030c, API $71a18cd3 Ipc \BaseNamedObjects\Mutex, mAH, Process $0000030c, API $77e071e9 Ipc \BaseNamedObjects\Mutex, mAH, Process $0000030c, API $77e07381 Ipc \BaseNamedObjects\Mutex, mAH, Process $0000030c, API $7c802213 Ipc \BaseNamedObjects\Mutex, mAH, Process $0000030c, API $7c91d250 Ipc \BaseNamedObjects\Mutex, mAH, Process $0000030c, API $7c91d5e0 Ipc \BaseNamedObjects\Mutex, mAH, Process $0000030c, API $7c91dc40 Ipc \BaseNamedObjects\Mutex, mAH, Process $0000030c, API $7c91ddb0 Ipc \BaseNamedObjects\Mutex, mAH, Process $0000030c, API $7c91df60 Ipc \BaseNamedObjects\Mutex, mAH, Process $0000030c, API $7e368ccb Ipc \BaseNamedObjects\Mutex, mAH, Process $0000030c, API $7e37929a Ipc \BaseNamedObjects\Mutex, mAH, Process $0000030c, API $7e37aafd Ipc \BaseNamedObjects\Mutex, mAH, Process $0000030c, API $7e37f140 Ipc \BaseNamedObjects\Mutex, mAH, Process $0000030c, API $7e37f3c2 Ipc \BaseNamedObjects\Mutex, mAH, Process $0000030c, API $7e3b673f Ipc \BaseNamedObjects\Mutex, mAH, Process $0000030c, API $7e3b6783 Ipc \BaseNamedObjects\Mutex, mAH, Process $0000030c, API $7e6da52f Ipc \BaseNamedObjects\MUTEXkPidExitProcDataNameId Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $0000030c, API $08420000 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $0000030c, API $71a135ef Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $0000030c, API $71a14a07 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $0000030c, API $71a18cd3 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $0000030c, API $77e071e9 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $0000030c, API $77e07381 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $0000030c, API $7c802213 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $0000030c, API $7c91d250 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $0000030c, API $7c91d5e0 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $0000030c, API $7c91dc40 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $0000030c, API $7c91ddb0 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $0000030c, API $7c91df60 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $0000030c, API $7e368ccb Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $0000030c, API $7e37929a Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $0000030c, API $7e37aafd Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $0000030c, API $7e37f140 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $0000030c, API $7e37f3c2 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $0000030c, API $7e3b673f Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $0000030c, API $7e3b6783 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $0000030c, API $7e6da52f Ipc \BaseNamedObjects\NamedBuffer, mix, Process $0000030c, API $5f1d0000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $0000030c, API $5f210000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $0000030c, API $5f250000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $0000030c, API $5f290000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $0000030c, API $5f300000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $0000030c, API $5f340000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $0000030c, API $5f380000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $0000030c, API $5f3c0000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $0000030c, API $5f400000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $0000030c, API $5f440000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $0000030c, API $5f480000 Ipc \BaseNamedObjects\RotHintTable Ipc \BaseNamedObjects\SbieDllDummyEvent_1532 Ipc \BaseNamedObjects\SbieDllDummyEvent_1712 Ipc \BaseNamedObjects\SbieDllDummyEvent_1824 Ipc \BaseNamedObjects\SbieDllDummyEvent_2052 Ipc \BaseNamedObjects\SbieDllDummyEvent_2344 Ipc \BaseNamedObjects\SbieDllDummyEvent_2580 Ipc \BaseNamedObjects\SbieDllDummyEvent_2632 Ipc \BaseNamedObjects\SbieDllDummyEvent_3580 Ipc \BaseNamedObjects\SbieDllDummyEvent_3756 Ipc \BaseNamedObjects\SbieDllDummyEvent_396 Ipc \BaseNamedObjects\SbieDllDummyEvent_4064 Ipc \BaseNamedObjects\SbieDllDummyEvent_780 Ipc \BaseNamedObjects\SbieServiceInitComplete_DcomLaunch Ipc \BaseNamedObjects\SbieServiceInitComplete_RpcSs Ipc \BaseNamedObjects\ScmCreatedEvent Ipc \BaseNamedObjects\shell.{210A4BA0-3AEA-1069-A2D9-08002B30309D} Ipc \BaseNamedObjects\shell.{7CB834F0-527B-11D2-9D1F-0000F805CA57} Ipc \BaseNamedObjects\shell.{A48F1A32-A340-11D1-BC6B-00A0C90312E1} Ipc \BaseNamedObjects\UrlZonesSM_Admin Ipc \BaseNamedObjects\userenv: User Profile setup event Ipc \BaseNamedObjects\ZoneAttributeCacheCounterMutex Ipc \BaseNamedObjects\ZonesCacheCounterMutex Ipc \BaseNamedObjects\ZonesCounterMutex Ipc \BaseNamedObjects\ZonesLockedCacheCounterMutex Ipc \RPC Control\actkernel Ipc \RPC Control\epmapper Ipc \RPC Control\OLE6B3F87FBA19D41B1BA91F21C3106 Ipc O \BaseNamedObjects\AVSDA_KERNELOBJECT_2007_0410_095423 Ipc O \BaseNamedObjects\AVSDA_KERNELOBJECT_2007_0410_095508 Ipc O \BaseNamedObjects\DBWinMutex Ipc O \BaseNamedObjects\KeyScrambler Driver Mutex Ipc O \BaseNamedObjects\KeyScrambler Tray Icon Mutex Ipc O \BaseNamedObjects\mc2SWDIJ1 Ipc O \BaseNamedObjects\RTSSSharedMemoryV2 Ipc O \BaseNamedObjects\Sandboxie_DeviceIdList Ipc O \BaseNamedObjects\Sandboxie_DeviceSetupClasses Ipc O \BaseNamedObjects\ShimCacheMutex Ipc O \BaseNamedObjects\ShimSharedMemory Ipc O \BaseNamedObjects\WEBGUARD_KERNEL_OBJECT_200705111149 Ipc O \BaseNamedObjects\WEBGUARD_KERNEL_OBJECT_200705111153 Ipc O \BaseNamedObjects\WEBGUARD_KERNEL_OBJECT_200705111154 Ipc O \BaseNamedObjects\WEBGUARD_KERNEL_OBJECT_200705111157 Ipc O \KnownDlls\advapi32.dll Ipc O \KnownDlls\appHelp.dll Ipc O \KnownDlls\COMCTL32.dll Ipc O \KnownDlls\comdlg32.dll Ipc O \KnownDlls\CRYPT32.dll Ipc O \KnownDlls\CRYPTUI.dll Ipc O \KnownDlls\gdi32.dll Ipc O \KnownDlls\iertutil.dll Ipc O \KnownDlls\imagehlp.dll Ipc O \KnownDlls\kernel32.dll Ipc O \KnownDlls\MSASN1.dll Ipc O \KnownDlls\msvcrt.dll Ipc O \KnownDlls\NETAPI32.dll Ipc O \KnownDlls\Normaliz.dll Ipc O \KnownDlls\ole32.dll Ipc O \KnownDlls\oleaut32.dll Ipc O \KnownDlls\rpcrt4.dll Ipc O \KnownDlls\Secur32.dll Ipc O \KnownDlls\SHDOCVW.dll Ipc O \KnownDlls\shell32.dll Ipc O \KnownDlls\SHLWAPI.dll Ipc O \KnownDlls\user32.dll Ipc O \KnownDlls\USERENV.dll Ipc O \KnownDlls\version.dll Ipc O \KnownDlls\wininet.dll Ipc O \KnownDlls\WINTRUST.dll Ipc O \KnownDlls\wldap32.dll Ipc O \LsaAuthenticationPort Ipc O \NLS\NlsSectionCType Ipc O \NLS\NlsSectionLocale Ipc O \NLS\NlsSectionSortkey Ipc O \NLS\NlsSectionSortTbls Ipc O \NLS\NlsSectionUnicode Ipc O \RPC Control\DNSResolver Ipc O \RPC Control\SbieSvcPort Ipc O \Security\LSA_AUTHENTICATION_INITIALIZED Ipc O \Windows\ApiPort Ipc X \BaseNamedObjects\a2antimalware_service Ipc X \BaseNamedObjects\GoogleDesktop.exemn Ipc X \BaseNamedObjects\mc2SWDIJMutex Pipe ------------------------------- Pipe \Device\NamedPipe\A-SQUARED_ANTI-MALWARE_PIPE Pipe \Device\NamedPipe\KSTIPipeAdmin Pipe \Device\NamedPipe\Win32Pipes.0000030c.00000001 Pipe \Device\NamedPipe\Win32Pipes.00000804.00000001 Pipe \Device\NamedPipe\Win32Pipes.00000804.00000002 Pipe \Device\NamedPipe\Win32Pipes.00000928.00000001 Pipe \Device\NamedPipe\Win32Pipes.00000a14.00000001 Pipe O \Device\Afd Pipe O \Device\Afd\AsyncConnectHlp Pipe O \Device\Afd\Endpoint Pipe O \Device\NamedPipe\ Pipe O \Device\NamedPipe\WBServer0 Pipe X \Device\NamedPipe\A-SQUARED_ANTI-MALWARE_PIPE Pipe X \Device\NamedPipe\KSTIPipeAdmin Pipe X \Device\NamedPipe\lsarpc Pipe X \Device\NamedPipe\samr Pipe X \Device\NamedPipe\srvsvc Pipe X \Device\NamedPipe\wkssvc WinCls ------------------------------- WinCls FirefoxMessageWindow WinCls TGuardForm WinCls O Shell_TrayWnd WinCls X #0 WinCls X #32770 WinCls X _GD_Index WinCls X DDEMLMom WinCls X FirefoxMessageWindow WinCls X Progman Does this help? |
|||||||||||
|
|||||||||||||
|
| |
|
tzuk
|
|
I see a lot of A-Squared resources so let's go one by one.
For the first resource, go to Sandbox Settings -> Resource Access -> File Access -> Full Acess, click Edit and type:
Then restart sandboxed Firefox and see if it makes a difference to A-Squared. |
|||||||||||||
|
_________________ tzuk
|
|||||||||||||||
|
| |
|
mattblau
|
|
Thanks for your reply tzuk,
but sorry, did't work - next step? |
|||||||||||
|
|||||||||||||
|
| |
|
tzuk
|
|
Next step is Sandbox Settings -> Resource Access -> IPC Access -> Direct Access.
Click Add, enter a resource name, click OK, and redo again for all resources. The resources are:
I hope this time it works. |
|||||||||||||
|
|||||||||||||||
|
| |
|
mattblau
|
|
Sorry, no succes - still not working.
Maybe I have to tell, that Firefox is not installed in SB, it is only started in the sandbox. Any other step to go? |
|||||||||||
|
|||||||||||||
|
| |
|
tzuk
|
|
In that case please run through Resource Access Monitor again and post the output here. I want to make sure that your entries had effect, before we move on to locate any other resources that may be necessary.
|
|||||||||||
|
|||||||||||||
|
| |
|
mattblau
|
|
ok, I'll do but:
- Firefox sandboxed? I think yes. - a2 sandboxed? I think yes too, because it wouldn't show up in the log, right? If not, tell me the scenario. Thanks! |
|||||||||||
|
|||||||||||||
|
| |
|
tzuk
|
|
Don't run A2 sandboxed. The relevant resources will show up in the monitor because they are accessed by the sandboxed Firefox.
|
|||||||||||
|
|||||||||||||
|
| |
|
mattblau
|
|
(Drive) \Device\CdRom0
(Drive) \Device\CdRom1 (Drive) \Device\HarddiskVolume1 (Drive) \Device\HarddiskVolume10 (Drive) \Device\HarddiskVolume11 (Drive) \Device\HarddiskVolume2 (Drive) \Device\HarddiskVolume3 (Drive) \Device\HarddiskVolume4 (Drive) \Device\HarddiskVolume5 (Drive) \Device\HarddiskVolume6 (Drive) \Device\HarddiskVolume7 (Drive) \Device\HarddiskVolume8 (Drive) \Device\HarddiskVolume9 (Unk) 00000022 \Device\KeyScrambler (Unk) 00000022 \Device\SandboxieDriverApi (Unk) 00000022 \Device\WMIDataDevice (Unk) 00000035 \Dfs (Unk) 00000039 \Device\KsecDD (Unk) 000000F1 \Device\RasAcd Clsid ------------------------------- Clsid X {F9D7362A-4F6F-4168-BD4A-62B5489BEC5B} ? Ipc ------------------------------- Ipc \BaseNamedObjects\_GD_Mozilla_Email_Operation Ipc \BaseNamedObjects\_GD_Network_Event3 Ipc \BaseNamedObjects\_GD_Network_Event4 Ipc \BaseNamedObjects\_GD_Singleton_Creation_Lock2144 Ipc \BaseNamedObjects\_GD_Singleton_Creation_Lock214401C0EE3A Ipc \BaseNamedObjects\_GD_Status_Single Ipc \BaseNamedObjects\{A3BD3259-3E4F-428a-84C8-F0463A9D3EB5} Ipc \BaseNamedObjects\{A64C7F33-DA35-459b-96CA-63B51FB0CDB9} Ipc \BaseNamedObjects\a2_86E168CFIpc2Mutex Ipc \BaseNamedObjects\AutoUnhookMap$00000860$67800000 Ipc \BaseNamedObjects\AutoUnhookMap$00000af4$67800000 Ipc \BaseNamedObjects\AutoUnhookMap$00000e3c$67800000 Ipc \BaseNamedObjects\AutoUnhookMap$00000e94$67800000 Ipc \BaseNamedObjects\ComPlusCOMRegTable Ipc \BaseNamedObjects\crypt32LogoffEvent Ipc \BaseNamedObjects\FirefoxStartupMutex Ipc \BaseNamedObjects\GoogleDesktop.exeqc Ipc \BaseNamedObjects\KeyScrambler Yield Icon Event Ipc \BaseNamedObjects\kPidExitProcDataNameId Ipc \BaseNamedObjects\KSEncryptionEvent0 Ipc \BaseNamedObjects\KSEncryptionEvent1 Ipc \BaseNamedObjects\KSProcEvent860 Ipc \BaseNamedObjects\mchLLEW2$860 Ipc \BaseNamedObjects\mchLLEW2$af4 Ipc \BaseNamedObjects\mchLLEW2$e3c Ipc \BaseNamedObjects\mchLLEW2$e94 Ipc \BaseNamedObjects\mchMixCache$860 Ipc \BaseNamedObjects\mchMixCache$87c Ipc \BaseNamedObjects\mchMixCache$af4 Ipc \BaseNamedObjects\mchMixCache$e3c Ipc \BaseNamedObjects\mchMixCache$e94 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000860, API $00f20000 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000860, API $71a135ef Ipc \BaseNamedObjects\Mutex, mAH, Process $00000860, API $71a14a07 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000860, API $71a18cd3 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000860, API $77e071e9 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000860, API $77e07381 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000860, API $7c802213 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000860, API $7c91d250 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000860, API $7c91d5e0 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000860, API $7c91dc40 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000860, API $7c91ddb0 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000860, API $7c91df60 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000860, API $7e368ccb Ipc \BaseNamedObjects\Mutex, mAH, Process $00000860, API $7e37929a Ipc \BaseNamedObjects\Mutex, mAH, Process $00000860, API $7e37aafd Ipc \BaseNamedObjects\Mutex, mAH, Process $00000860, API $7e37f140 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000860, API $7e37f3c2 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000860, API $7e3b673f Ipc \BaseNamedObjects\Mutex, mAH, Process $00000860, API $7e3b6783 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000860, API $7e6da52f Ipc \BaseNamedObjects\Mutex, mAH, Process $0000087c, API $77e071e9 Ipc \BaseNamedObjects\Mutex, mAH, Process $0000087c, API $77e07381 Ipc \BaseNamedObjects\Mutex, mAH, Process $0000087c, API $7c91d250 Ipc \BaseNamedObjects\Mutex, mAH, Process $0000087c, API $7c91d5e0 Ipc \BaseNamedObjects\Mutex, mAH, Process $0000087c, API $7c91dc40 Ipc \BaseNamedObjects\Mutex, mAH, Process $0000087c, API $7c91ddb0 Ipc \BaseNamedObjects\Mutex, mAH, Process $0000087c, API $7c91df60 Ipc \BaseNamedObjects\Mutex, mAH, Process $0000087c, API $7e368ccb Ipc \BaseNamedObjects\Mutex, mAH, Process $0000087c, API $7e37929a Ipc \BaseNamedObjects\Mutex, mAH, Process $0000087c, API $7e37aafd Ipc \BaseNamedObjects\Mutex, mAH, Process $0000087c, API $7e37f3c2 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000af4, API $00e80000 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000af4, API $77e071e9 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000af4, API $77e07381 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000af4, API $7c802213 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000af4, API $7c91d250 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000af4, API $7c91d5e0 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000af4, API $7c91dc40 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000af4, API $7c91ddb0 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000af4, API $7c91df60 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000af4, API $7e368ccb Ipc \BaseNamedObjects\Mutex, mAH, Process $00000af4, API $7e37929a Ipc \BaseNamedObjects\Mutex, mAH, Process $00000af4, API $7e37aafd Ipc \BaseNamedObjects\Mutex, mAH, Process $00000af4, API $7e37f140 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000af4, API $7e37f3c2 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000af4, API $7e3b673f Ipc \BaseNamedObjects\Mutex, mAH, Process $00000af4, API $7e3b6783 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000af4, API $7e6da52f Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e3c, API $00a20000 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e3c, API $71a135ef Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e3c, API $71a14a07 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e3c, API $71a18cd3 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e3c, API $77e071e9 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e3c, API $77e07381 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e3c, API $7c802213 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e3c, API $7c91d250 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e3c, API $7c91d5e0 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e3c, API $7c91dc40 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e3c, API $7c91ddb0 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e3c, API $7c91df60 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e3c, API $7e368ccb Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e3c, API $7e37929a Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e3c, API $7e37aafd Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e3c, API $7e37f140 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e3c, API $7e37f3c2 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e3c, API $7e3b673f Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e3c, API $7e3b6783 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e94, API $00bc0000 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e94, API $71a135ef Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e94, API $71a14a07 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e94, API $71a18cd3 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e94, API $77e071e9 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e94, API $77e07381 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e94, API $7c802213 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e94, API $7c91d250 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e94, API $7c91d5e0 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e94, API $7c91dc40 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e94, API $7c91ddb0 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e94, API $7c91df60 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e94, API $7e368ccb Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e94, API $7e37929a Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e94, API $7e37aafd Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e94, API $7e37f140 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e94, API $7e37f3c2 Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e94, API $7e3b673f Ipc \BaseNamedObjects\Mutex, mAH, Process $00000e94, API $7e3b6783 Ipc \BaseNamedObjects\MUTEXkPidExitProcDataNameId Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000860, API $00f20000 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000860, API $71a135ef Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000860, API $71a14a07 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000860, API $71a18cd3 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000860, API $77e071e9 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000860, API $77e07381 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000860, API $7c802213 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000860, API $7c91d250 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000860, API $7c91d5e0 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000860, API $7c91dc40 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000860, API $7c91ddb0 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000860, API $7c91df60 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000860, API $7e368ccb Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000860, API $7e37929a Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000860, API $7e37aafd Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000860, API $7e37f140 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000860, API $7e37f3c2 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000860, API $7e3b673f Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000860, API $7e3b6783 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000860, API $7e6da52f Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000af4, API $00e80000 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000af4, API $77e071e9 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000af4, API $77e07381 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000af4, API $7c802213 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000af4, API $7c91d250 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000af4, API $7c91d5e0 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000af4, API $7c91dc40 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000af4, API $7c91ddb0 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000af4, API $7c91df60 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000af4, API $7e368ccb Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000af4, API $7e37929a Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000af4, API $7e37aafd Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000af4, API $7e37f140 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000af4, API $7e37f3c2 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000af4, API $7e3b673f Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000af4, API $7e3b6783 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000af4, API $7e6da52f Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e3c, API $00a20000 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e3c, API $71a135ef Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e3c, API $71a14a07 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e3c, API $71a18cd3 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e3c, API $77e071e9 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e3c, API $77e07381 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e3c, API $7c802213 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e3c, API $7c91d250 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e3c, API $7c91d5e0 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e3c, API $7c91dc40 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e3c, API $7c91ddb0 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e3c, API $7c91df60 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e3c, API $7e368ccb Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e3c, API $7e37929a Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e3c, API $7e37aafd Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e3c, API $7e37f140 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e3c, API $7e37f3c2 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e3c, API $7e3b673f Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e3c, API $7e3b6783 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e94, API $00bc0000 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e94, API $71a135ef Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e94, API $71a14a07 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e94, API $71a18cd3 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e94, API $77e071e9 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e94, API $77e07381 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e94, API $7c802213 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e94, API $7c91d250 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e94, API $7c91d5e0 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e94, API $7c91dc40 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e94, API $7c91ddb0 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e94, API $7c91df60 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e94, API $7e368ccb Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e94, API $7e37929a Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e94, API $7e37aafd Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e94, API $7e37f140 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e94, API $7e37f3c2 Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e94, API $7e3b673f Ipc \BaseNamedObjects\NamedBuffer, mAH, Process $00000e94, API $7e3b6783 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000860, API $5f1d0000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000860, API $5f210000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000860, API $5f250000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000860, API $5f290000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000860, API $5f300000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000860, API $5f340000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000860, API $5f380000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000860, API $5f3c0000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000860, API $5f400000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000860, API $5f440000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000860, API $5f480000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000af4, API $5f140000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000af4, API $5f180000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000af4, API $5f1c0000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000af4, API $5f200000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000af4, API $5f270000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000af4, API $5f2b0000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000af4, API $5f2f0000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000af4, API $5f330000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000af4, API $5f370000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000af4, API $5f3b0000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000af4, API $5f3f0000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000e3c, API $5f140000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000e3c, API $5f180000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000e3c, API $5f1c0000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000e3c, API $5f200000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000e3c, API $5f240000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000e3c, API $5f280000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000e3c, API $5f2c0000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000e3c, API $5f300000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000e3c, API $5f340000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000e3c, API $5f380000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000e3c, API $5f3c0000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000e94, API $5f1d0000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000e94, API $5f210000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000e94, API $5f250000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000e94, API $5f290000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000e94, API $5f2d0000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000e94, API $5f310000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000e94, API $5f350000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000e94, API $5f390000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000e94, API $5f3d0000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000e94, API $5f410000 Ipc \BaseNamedObjects\NamedBuffer, mix, Process $00000e94, API $5f450000 Ipc \BaseNamedObjects\RotHintTable Ipc \BaseNamedObjects\SbieDllDummyEvent_2144 Ipc \BaseNamedObjects\SbieDllDummyEvent_2172 Ipc \BaseNamedObjects\SbieDllDummyEvent_2804 Ipc \BaseNamedObjects\SbieDllDummyEvent_3644 Ipc \BaseNamedObjects\SbieDllDummyEvent_3732 Ipc \BaseNamedObjects\SbieServiceInitComplete_DcomLaunch Ipc \BaseNamedObjects\SbieServiceInitComplete_RpcSs Ipc \BaseNamedObjects\ScmCreatedEvent Ipc \BaseNamedObjects\shell.{210A4BA0-3AEA-1069-A2D9-08002B30309D} Ipc \BaseNamedObjects\shell.{7CB834F0-527B-11D2-9D1F-0000F805CA57} Ipc \BaseNamedObjects\shell.{A48F1A32-A340-11D1-BC6B-00A0C90312E1} Ipc \BaseNamedObjects\ShellCopyEngineFinished Ipc \BaseNamedObjects\ShellCopyEngineRunning Ipc \BaseNamedObjects\UrlZonesSM_Admin Ipc \BaseNamedObjects\userenv: User Profile setup event Ipc \BaseNamedObjects\ZoneAttributeCacheCounterMutex Ipc \BaseNamedObjects\ZonesCacheCounterMutex Ipc \BaseNamedObjects\ZonesCounterMutex Ipc \BaseNamedObjects\ZonesLockedCacheCounterMutex Ipc \RPC Control\actkernel Ipc \RPC Control\epmapper Ipc \RPC Control\OLEE5E681FCDBD04F798572E24A6CB8 Ipc O \BaseNamedObjects\AVSDA_KERNELOBJECT_2007_0410_095423 Ipc O \BaseNamedObjects\AVSDA_KERNELOBJECT_2007_0410_095508 Ipc O \BaseNamedObjects\KeyScrambler Driver Mutex Ipc O \BaseNamedObjects\KeyScrambler Tray Icon Mutex Ipc O \BaseNamedObjects\mc2SWDIJ1 Ipc O \BaseNamedObjects\RTSSSharedMemoryV2 Ipc O \BaseNamedObjects\Sandboxie_DeviceIdList Ipc O \BaseNamedObjects\Sandboxie_DeviceSetupClasses Ipc O \BaseNamedObjects\ShimCacheMutex Ipc O \BaseNamedObjects\ShimSharedMemory Ipc O \BaseNamedObjects\WEBGUARD_KERNEL_OBJECT_200705111149 Ipc O \BaseNamedObjects\WEBGUARD_KERNEL_OBJECT_200705111153 Ipc O \BaseNamedObjects\WEBGUARD_KERNEL_OBJECT_200705111154 Ipc O \BaseNamedObjects\WEBGUARD_KERNEL_OBJECT_200705111157 Ipc O \KnownDlls\advapi32.dll Ipc O \KnownDlls\appHelp.dll Ipc O \KnownDlls\COMCTL32.dll Ipc O \KnownDlls\comdlg32.dll Ipc O \KnownDlls\CRYPT32.dll Ipc O \KnownDlls\gdi32.dll Ipc O \KnownDlls\iertutil.dll Ipc O \KnownDlls\imagehlp.dll Ipc O \KnownDlls\kernel32.dll Ipc O \KnownDlls\MSASN1.dll Ipc O \KnownDlls\msvcrt.dll Ipc O \KnownDlls\NETAPI32.dll Ipc O \KnownDlls\Normaliz.dll Ipc O \KnownDlls\ole32.dll Ipc O \KnownDlls\oleaut32.dll Ipc O \KnownDlls\rpcrt4.dll Ipc O \KnownDlls\Secur32.dll Ipc O \KnownDlls\shell32.dll Ipc O \KnownDlls\SHLWAPI.dll Ipc O \KnownDlls\user32.dll Ipc O \KnownDlls\USERENV.dll Ipc O \KnownDlls\version.dll Ipc O \KnownDlls\wininet.dll Ipc O \KnownDlls\WINTRUST.dll Ipc O \KnownDlls\wldap32.dll Ipc O \LsaAuthenticationPort Ipc O \NLS\NlsSectionCType Ipc O \NLS\NlsSectionLocale Ipc O \NLS\NlsSectionSortkey Ipc O \NLS\NlsSectionSortTbls Ipc O \NLS\NlsSectionUnicode Ipc O \RPC Control\DNSResolver Ipc O \RPC Control\SbieSvcPort Ipc O \Security\LSA_AUTHENTICATION_INITIALIZED Ipc O \Windows\ApiPort Ipc X \BaseNamedObjects\a2_86E168CFIpc2Map Ipc X \BaseNamedObjects\GoogleDesktop.exemn Ipc X \BaseNamedObjects\NamedBuffer, mAH, Process $0000087c, API $77e071e9 Ipc X \BaseNamedObjects\NamedBuffer, mAH, Process $0000087c, API $77e07381 Ipc X \BaseNamedObjects\NamedBuffer, mAH, Process $0000087c, API $7c91d250 Ipc X \BaseNamedObjects\NamedBuffer, mAH, Process $0000087c, API $7c91d5e0 Ipc X \BaseNamedObjects\NamedBuffer, mAH, Process $0000087c, API $7c91dc40 Ipc X \BaseNamedObjects\NamedBuffer, mAH, Process $0000087c, API $7c91ddb0 Ipc X \BaseNamedObjects\NamedBuffer, mAH, Process $0000087c, API $7c91df60 Ipc X \BaseNamedObjects\NamedBuffer, mAH, Process $0000087c, API $7e368ccb Ipc X \BaseNamedObjects\NamedBuffer, mAH, Process $0000087c, API $7e37929a Ipc X \BaseNamedObjects\NamedBuffer, mAH, Process $0000087c, API $7e37aafd Ipc X \BaseNamedObjects\NamedBuffer, mAH, Process $0000087c, API $7e37f3c2 Pipe ------------------------------- Pipe \Device\NamedPipe\KSTIPipeAdmin Pipe O \Device\Afd Pipe O \Device\Afd\AsyncConnectHlp Pipe O \Device\Afd\Endpoint Pipe O \Device\NamedPipe\ Pipe O \Device\NamedPipe\WBServer0 Pipe X \Device\NamedPipe\KSTIPipeAdmin Pipe X \Device\NamedPipe\lsarpc Pipe X \Device\NamedPipe\srvsvc Pipe X \Device\NamedPipe\wkssvc WinCls ------------------------------- WinCls O CicLoaderWndClass WinCls O Shell_TrayWnd WinCls X #0 WinCls X #32770 WinCls X _GD_Index WinCls X DDEMLMom WinCls X FirefoxMessageWindow WinCls X Progman |
|||||||||||
|
|||||||||||||
|
| |
|
tzuk
|
|
This time I see hardly any A2 resources at all in the output, must be because you're no longer running A2 sandboxed. Try to add the one resource that does show up this time:
Sandbox Settings -> Resource Access -> IPC Access -> Direct Access Add:
|
|||||||||||||
|
|||||||||||||||
|
| |
|
mattblau
|
|
Still not working
The funny thing is: Avira Antivir Premium Webguard is working, Webroot Spysweeper is working - a2 not... If you have another idea, please let me know. Until this issue is not solved, I run Firefox not in SB. |
|||||||||||
|
|||||||||||||
|
 | a-squared is not able to see firefox in SB | |
|
||
Use the RSS feed to watch this topic for replies |
|
|