whenever i access safezone and visit certain webpages such as my email and log in, i receive “the following pages have become unresponsive” There is a button to kill pages. Also I receive a pop-up that is titled "Plug-in Unresponsive : The following plugin is unresponsive: UNKNOWN would you like to stop it?
I am forced to revert back to my OS ans terminate all sandboxed processes then go back into safezone mode and access my email again.
This happens every time i try to log in. I thought the safezone browser didnt have any plug-ins and none show when i check the settings.
I am a paid subscriber for avast and i tried calling tech support and they tried to get me to purchase avast total support to remote in my sys and pay $170. The tech guy was trying to say maybe i was infected. I am 110% sure i am not infected as avast boot-time/scans and MBAM and kaspersky free scans have found no trace of infection. However boot time scan did find corrupted files
This is an avast program issue and i would like some assistance with this as i have paid to use this product. Ive already tried to uninstall-Reinstall and disk cleanup… No help…
CAN SOME PLEASE PROVIDE SOME TROUBLE SHOOTING TIPS. otherwise i will have to go back to another av product and i really dont want to do that but the lack of support here is putting a bad taste in my mouth
Hi
As far as the tech support incident, we have had numerous complaints of ‘pressure tactics’ to sell supposed support packages/services. We recommend using the forum for avast issues. The support is effective and free.
I personally can’t offer any “troubleshooting tip” as I have not experienced the issues you have described.
However, there will be someone with more experience with the SafeZone Module. Providing the following info could help in resolving your issue.
What OS are you using.
What version of Avast
Security profile/programs.
As avast! [SafeZone] sandbox runs with Chrome by default, your descriptions of unresponsiveness does sound as if a plug-in is hanging, even tho avast! sandbox does not have any plug-ins installed by default.
I’m assuming (you’ve yet to say) you’re running at least version 8.0.1483? There are some settings within the sandbox that you can use to clean and clear the sandbox out if you’ve not done so already: Avast! GUI>Security>Tools>Settings>Web Browsers>Maintenance. For automatic deletion on close, clear the box. Also, is this MBAM Pro?
If that does not give the results you need, then see the second .jpeg below:
(Note: This will completely reset the Safe Zone back to default settings only. Use only as a last resort until all other options are looked at.)
No, i only have AIS as my AV program and i run MBAM alongside as well. After the avast tech told me i might be infected, even though i knew i wasnt, i downloaded a stand alone security scanner from kaspersky to re-check my sys, all was well and there was no infections found just as i thought. It was only a malware remover/detector not a av prog. But the issue explained above has been persistent since 4+ months ago . As you can tell i only usually post when i have issues, and i never really seem to get a real fix for them. Does having avast and windows firewall running concurrently cause issues?
Thanks, i will try these steps and see how it goes the next couple of days and report back. And yes it is AIS and MBAM pro. Also im not sure if i have reported this issue before but when i browse the internet i have it selected to always open sandboxed, 80% of the time my audio will not work. i notice that sometimes if i open the browser without it being sandboxed, audio will work. This is sporadic to but have had this issue about .4 months + . I also noticed that " c:\windows\SysWOW64\ctfmon.exe is always sandboxed automatically when my sys is running. I dont know how to clear that. Ive made sure all software and drivers are updated on my system but that process remains sandboxed automatically… any suggestions?
? - Under the sandbox > settings > web browser menu, If i have the Exclusion “all settings and components” checked, does that mean everything will be virtualized by default ? Or does it mean the settings and components will not be virtualized when i have a sandboxed browser open? I had this unchecked, but i decided to check the box.
Well, as a rule, I never change things from default settings, with very few exceptions .
So, the question you have is, are the settings in the Web Browser section default? Yes. Never touched them. You want your browser to run as a virtual application in a virtual environment separate from the real system you run on. That way, stuff in the virtual never sees the real system and stays in the virtual system until you delete it from the virtual environment. Hence the Maintenance section may apply for you here.
My concern/ question was, in the exclusions section if I checked the " all settings and components" box does that mean that avast will put extensions and all other browser extensions virtualized when I run my browser sandboxed? By default, the box was unchecked and I noticed with it being unchecked my browser extensions were not virtualized when running it sandboxed. Is this correct?
Reason for ticking all boxes in the EXCLUSIONS section in the first .jpeg is to protect the web browser from attack and unwanted changes to the browser being used.
For example, a “script not responding” error box will pop up from time to time (likely referring to Flash plugin) but as the process is being run virtualized, no damage or changes to it can occur in the real system. Simply clicking “Stop script” is enough to prevent a change and then, when I close the session, I check to make sure that all data in sandbox is actually deleted. Sometimes it’s not, so I clear it then.
Seems you are running a part of your browser not virtualized by not having the boxes ticked? If so, there is a workaround. Workaround for saving bookmarks, favorites, or anything else, etc., is to, for example, notepad the url, close and terminate the Safe Zone Browser session, and open the actual real browser you want to save your bookmark in from the notepad. Close the real browser and resume Safe Zone. (Security outweighs convenience.)
Thanks for the response. To make sure I understand I will need a simple answer. I want my entire internet browsing sessions to be sandboxed so does this mean I need to have the options under the exclusion section ( all settings and component, bookmarks, cookies, history) Checked or Unchecked ?
I had the exact same problems as you, with the audio and the flash player, then avast just shut off completely. Makes me want to get a different Security program.
I think it is the Virtualisation process, but not sure how to fix it. Let me know if you work it out.
If you want the entire session to be virtualized (completely sandboxed) then one should check the general box that includes all options: “All settings and components” under exclusions. If a box is not ticked, then that option will be excluded from virtualization.
Bookmarks
History
Cookies
For example, if you wish to save any bookmarks in a session, you then would leave that option unticked. Personally, I use notepad and sometimes take some time to get around to actually putting it into the real browser; sort of a test to see whether I really need it or not.
Have no problem running off a saved url notepad file; use that all the time.
You’ll note that the general exclusion setting also includes extensions and add-ons, something you may have an issue with in Safe Zone sessions. Virtualization will make any such problems temporary inasmuch they will end when the sandbox is cleared out (emptied) at close of session. It won’t prevent changes to these things within the sandbox, but as long as changes are locked inside the sandbox (don’t spill out) and cannot get into the real system, you have the protection you need right there. Some, not all, malware looks to see if it is running in a sandbox, and if it detects it is in a sandbox, it will not run at all. This is one of the many techniques used to avoid detection by an antivirus engineer looking for such when running a suspected malware sample sent to them.
Thanks for the reply. I kept all boxes checked but noticed that when i am in safezone, i am unable to save files to an external drive now that these changes are made. But i guess i can deal with it.
Now to deal with another constant problem that i mentioned before = " c:\windows\SysWOW64\ctfmon.exe is always sandboxed automatically when my sys is running. I dont know how to clear that. Ive made sure all software and drivers are updated on my system but that process remains sandboxed automatically… "
avast is always putting this in the sandbox. I believe this is a legit prog on my computer so im confused as to why it would be sandboxed. How do stop this from happening?
Behavior you now see is to be expected now that you’ve set the main tick box to run all elements of your browser to be virtualized.
Re the second issue, (“c:\windows\SysWOW64\ctfmon.exe is always sandboxed automatically when my sys is running”) you’ve to check to see if this file is clean or not first. Avast! sandboxing is done on the premise that a file, when scanned, is not well-known, or is not the correct actual file it should be. Hence, under this scenario, sandboxing is actually protecting you from harm.
One of the criteria used is “Reputation Services”.
For now, we’ll stop here until you’ve submitted your file to virus total dot com and pasted the resulting url of the scan in your next reply. Should there be more than, say, two detections, then would be best to have a certified malware expert have a look at your system, as I am not qualified to go any further than that. Motto here is ‘do no harm to a victim’s system’ and I certainly do not wish to cause harm here.
How do I locate he file to submit to virus total? I’m hoping troubleshooting this issue will fix the sound to work when I run my browsers sandboxed as that is my focus. If I’m looking at YouTube videos for an example and my browser is sandboxed, the sound will not work. I have to close and reopen regularly. I have no plugins or 3rd party extensions. I run stock browsers and have tried uninstalling reinstalling
The Scan on VT was clean. It seems to be a legit file. What are my next steps?
File name: CTFMON
Detection ratio: 0 / 48
Analysis date: 2013-10-09 04:01:34 UTC ( 1 day ago )
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Microsoft Corporation. All rights reserved.
Publisher Microsoft Windows
Product Microsoft® Windows® Operating System
Version 6.1.7600.16385
Original name CTFMON.EXE
Internal name CTFMON
File version 6.1.7600.16385 (win7_rtm.090713-1255)
Description CTF Loader
Signature verification Signed file, verified signature
Signing date 4:17 AM 7/14/2009
Signers
[+] Microsoft Windows
[+] Microsoft Windows Verification PCA
[+] Microsoft Root Certificate Authority
Counter signers
[+] Microsoft Time-Stamp Service
[+] Microsoft Time-Stamp PCA
[+] Microsoft Root Certificate Authority