Hi All!!
Long time free version user recently upgraded to IS version and still learning about it.
When I run Firefox as "virtualized " it stays open for about 20-30 seconds then closes, POOF!!! No messages or anything.
A little help please.
Thanks.
Windows XP Professional SP3 32-bit
Avast 5.0.462, definitions: 100309-1 (Updated today)
Firefox 3.5.8
Hi, may be try to exclude your profile from virtualized locations, in the expert settings…
Hi Logos,
When I look in the “Process Virtualization” tab and go to expert settings I see where I can exclude a process but I’m not understanding what you mean when you say “exclude your profile from virtualized locations”.
Thanks for your response.
OK I suppose you’re using Firefox default profile, go to this panel (see screen shot) and add a line >>> browse to:
C:\Users"you"\AppData\Roaming\Mozilla\Firefox\Profiles\xxxxxx.default
click OK.
edit: I see you’re in XP, so browse to the same folder, in Document and Settings >>> your username >>> application data >>> Mozilla… etc…
OK, I put that line in.
Now when my Firefox goes away a window with the title “Mozilla Crash Reporter” pops up.
Any other suggestions?
no, I wouldn’t mind if an Avast dev would come to help; it works fine here on Seven (firefox virtualized), and I don’t know what causes your issue in XP; I just guessed with the exclusion list thing…
Thanks for trying, it’s appreciated.
Now when my Firefox goes away a window with the title "Mozilla Crash Reporter" pops up.
When this window is shown, please go to %AppData%\Mozilla\Firefox\Crash Reports folder and it should contain two subfolders: pending and submitted. Look for any .dmp files (timestamp corresponding to the actual time) and please send me those files to: kurtin@avast.com. Thanks.
@ pk: while you’re here, one question… when you suggest to exclude browsers profiles from virtualization (for updating issues like addons in ff), it would mean that any infected page downloaded wouldn’t be virtualized … doesn’t really matter, because any further process generated by the browser activity will be virtualized… but if you then run the browser again out of the sandbox, and there are infected pages left in the profile (private data not cleared), then you’re done 
Also, I was surprised to notice that executables (from virtualized apps) were not run in the sandbox…OK must be the way it’s supposed to work.
Why do you think so? Downloaded pages (by FF) should be stored inside cache folder and this folder is in different location than FF profile.
at least on my Win7…
cmd set shows me:
I think so because I never used the default profile in Firefox, and all my files, extensions, cache, cookies, history, bookmarks etc…are in the same folder, somewhere else on the disk…
ps: you didn’t explain why exe (of initially virtualized app) were not run in the sandbox, sorry of it’s a dumb question but I’m rather new to virtualization…
edit: for the exe, may be because they can’t get infected while in use…
pk, I found a .dmp file and a .extra file
the .dmp file is empty, the .extra file has a little in it but not much. I sent them to you.
is there anything else I can do?
Thanks for the help.
Logos,
I think so because I never used the default profile in Firefox, and all my files, extensions, cache, cookies, history, bookmarks etc...are in the same folder, somewhere else on the disk...
So do you use own profile? Anyway, it shouldn’t matter, because bookmarks/cookies/history is stored outside sandbox automatically - from all profiles (you can look for snx_gconfig.xml file in avast data folder for all exceptions). The problem is with addons/extensions because when you update them, lot of files are modified and you must do that when FF is executed outside sandbox or add the exception for the entire FF profile. As I said, cache files (downloaded pages) are not stored in the profile path, but in the different location so excluding FF profile won’t exclude cached files either.
Also, I was surprised to notice that executables (from virtualized apps) were not run in the sandbox...
This is not true, when you download files/documents/… in the browser, we detect if it’s saved in standard way and if it is, we allow it to be saved outside sandbox. But if you execute it from the virualized application, they will be virtualized as well. So, if you e.g. download PDF file, it’s stored outside sandbox, but clicking on it (in FF"s Downloads window) then Adobe Reader will be executed in the sandbox.
anyway I don’t know why I had a doubt with the default profile ::), as opposed to a custom one: in both cases the cache is located together with the rest of the profile in the same one folder, eg for the default profile in:
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\xxxxx.default
while: C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\xxxxxx.default
only contains urlclassifier3.sqlite, XPC.mfl and XUL.mfl
in my case, all of these, as said, are located in one folder. So, in all cases, at the contrary of what you’re saying, the cache is stored in the profile; it’s always been like that in Firefox.
This is not true, when you download files/documents/... in the browser, we detect if it's saved in standard way and if it is, we allow it to be saved outside sandbox. But if you execute it from the virualized application, they will be virtualized as well. So, if you e.g. download PDF file, it's stored outside sandbox, but clicking on it (in FF"s Downloads window) then Adobe Reader will be executed in the sandbox.
that’s not what I’m talking about. You’re referring to secondary processes generated by the sandboxed application, while I was talking about the sandboxed application executable itself: eg, if you launch firefox virtualized, firefox.exe is still run from its original location, there’s no duplicate of it in the sandbox. I’m talking about this executable, just that, nothing else.
Allright, thanks for info, but my cache folder (FF 3.6, Win7) is really stored in different location - you can type about:cache to see cache path.
I edited my last post, about the executable…