This window is opening up uninvited.
https://www.dropbox.com/scl/fi/p916rstqzcrfrmqrek6qw/DropboxNativeMessaging.jpg?rlkey=a79rv553ejk5e169ayqvpft43&raw=1
Such as shortly after opening Chrome. Apparently something to do with a Chrome extension. But no such extension.
This arose at some stage of trouble shooting a more serious Dropbox
issue: the context menu entries for Dropbox have disappeared. Tried all
the obvious restarts in vain. Most articles/posts I read about NativeHostMessaging or DropboxNativeHostMessaging are over my head.
Don't know how I started it, but now eager to just get rid of it.
Terry
This window is opening up uninvited.
https://www.dropbox.com/scl/fi/p916rstqzcrfrmqrek6qw/DropboxNativeMessaging.jpg?rlkey=a79rv553ejk5e169ayqvpft43&raw=1
Such as shortly after opening Chrome. Apparently something to do with a Chrome extension. But no such extension.
This arose at some stage of trouble shooting a more serious Dropbox
issue: the context menu entries for Dropbox have disappeared. Tried all
the obvious restarts in vain. Most articles/posts I read about NativeHostMessaging or DropboxNativeHostMessaging are over my head.
Don't know how I started it, but now eager to just get rid of it.
On Mon, 10/28/2024 1:22 PM, Terry Pinnell wrote:
This window is opening up uninvited.
https://www.dropbox.com/scl/fi/p916rstqzcrfrmqrek6qw/DropboxNativeMessaging.jpg?rlkey=a79rv553ejk5e169ayqvpft43&raw=1
Such as shortly after opening Chrome. Apparently something to do with a
Chrome extension. But no such extension.
This arose at some stage of trouble shooting a more serious Dropbox
issue: the context menu entries for Dropbox have disappeared. Tried all
the obvious restarts in vain. Most articles/posts I read about
NativeHostMessaging or DropboxNativeHostMessaging are over my head.
Don't know how I started it, but now eager to just get rid of it.
Terry
My guess, is when it isn't malware, it is part of the Dropbox installation. >These could be win32 executables for example. Dropbox is also available
as a Metro.App, in which case the folder of residence is different (and >harder to find and impossible to access and protected by a manifest).
You can list anything, with nfi.exe for example.
C:\Program Files (x86)\Dropbox\Client\171.4.6182\DropboxNativeMessagingHost.exe
https://www.advanceduninstaller.com/Dropbox-577cd3abbfe79ac34d5840776af79ad8-application.htm
"The following executables are incorporated in Dropbox.
They occupy 11.73 MB (12302824 bytes) on disk.
Dropbox.exe (10.80 MB)
DropboxUninstaller.exe (222.35 KB)
DropboxNativeMessagingHost.exe (361.73 KB)
DropboxThumbnailGenerator.exe (36.23 KB)
DropboxUpdateProxy32.exe (286.73 KB)
dbxsvc.exe (45.73 KB)
"
With the disk drive offline, you could try scanning files like that on Virustotal.com
(owned by Google).
Paul
Terry Pinnell <me@somewhere.invalid> wrote:
This window is opening up uninvited.
https://www.dropbox.com/scl/fi/p916rstqzcrfrmqrek6qw/DropboxNativeMessaging.jpg?rlkey=a79rv553ejk5e169ayqvpft43&raw=1
Such as shortly after opening Chrome. Apparently something to do with a
Chrome extension. But no such extension.
This arose at some stage of trouble shooting a more serious Dropbox
issue: the context menu entries for Dropbox have disappeared. Tried all
the obvious restarts in vain. Most articles/posts I read about
NativeHostMessaging or DropboxNativeHostMessaging are over my head.
Don't know how I started it, but now eager to just get rid of it.
Been a long time, but, as I recall, you could configure Chrome to send >messages/data to a client-side application (aka handlers). See if you >previously okayed a handler by going to:
chrome://settings/handlers
Or go into Chrome's settings to look at what permissions you granted per >site, or on allowing protocol handlers.
In Edge-C, a Chromium variant after Microsoft dropped their EdgeHTML
renderer and Javascript script interpreter to use Blink and J8, you go
to edge://settings/content, and scroll down to Site Permissions where
you find an option to enable/disable protocol handlers. I have it
disabled in Edge-C.
For Chrome, might be Menu > Settings > Privacy and security > Site
settings > Additional permissions > Handlers.
I certainly don't want some site that I visit making itself a default >protocol handler for some URL scheme. I disable that "feature".
Paul <nospam@needed.invalid> wrote:
On Mon, 10/28/2024 1:22 PM, Terry Pinnell wrote:
This window is opening up uninvited.
https://www.dropbox.com/scl/fi/p916rstqzcrfrmqrek6qw/DropboxNativeMessaging.jpg?rlkey=a79rv553ejk5e169ayqvpft43&raw=1
Such as shortly after opening Chrome. Apparently something to do with a
Chrome extension. But no such extension.
This arose at some stage of trouble shooting a more serious Dropbox
issue: the context menu entries for Dropbox have disappeared. Tried all
the obvious restarts in vain. Most articles/posts I read about
NativeHostMessaging or DropboxNativeHostMessaging are over my head.
Don't know how I started it, but now eager to just get rid of it.
Terry
My guess, is when it isn't malware, it is part of the Dropbox installation. >> These could be win32 executables for example. Dropbox is also available
as a Metro.App, in which case the folder of residence is different (and
harder to find and impossible to access and protected by a manifest).
You can list anything, with nfi.exe for example.
C:\Program Files (x86)\Dropbox\Client\171.4.6182\DropboxNativeMessagingHost.exe
https://www.advanceduninstaller.com/Dropbox-577cd3abbfe79ac34d5840776af79ad8-application.htm
"The following executables are incorporated in Dropbox.
They occupy 11.73 MB (12302824 bytes) on disk.
Dropbox.exe (10.80 MB)
DropboxUninstaller.exe (222.35 KB)
DropboxNativeMessagingHost.exe (361.73 KB)
DropboxThumbnailGenerator.exe (36.23 KB)
DropboxUpdateProxy32.exe (286.73 KB)
dbxsvc.exe (45.73 KB)
"
With the disk drive offline, you could try scanning files like that on Virustotal.com
(owned by Google).
Paul
Thanks Paul. I'll do some virus/malware scanning but am I right that you suggest the best step would be to re-install Dropbox?
Terry
On Mon, 10/28/2024 5:22 PM, Terry Pinnell wrote:
Paul <nospam@needed.invalid> wrote:
On Mon, 10/28/2024 1:22 PM, Terry Pinnell wrote:
This window is opening up uninvited.
https://www.dropbox.com/scl/fi/p916rstqzcrfrmqrek6qw/DropboxNativeMessaging.jpg?rlkey=a79rv553ejk5e169ayqvpft43&raw=1
Such as shortly after opening Chrome. Apparently something to do with a >>>> Chrome extension. But no such extension.
This arose at some stage of trouble shooting a more serious Dropbox
issue: the context menu entries for Dropbox have disappeared. Tried all >>>> the obvious restarts in vain. Most articles/posts I read about
NativeHostMessaging or DropboxNativeHostMessaging are over my head.
Don't know how I started it, but now eager to just get rid of it.
Terry
My guess, is when it isn't malware, it is part of the Dropbox installation. >>> These could be win32 executables for example. Dropbox is also available
as a Metro.App, in which case the folder of residence is different (and
harder to find and impossible to access and protected by a manifest).
You can list anything, with nfi.exe for example.
C:\Program Files (x86)\Dropbox\Client\171.4.6182\DropboxNativeMessagingHost.exe
https://www.advanceduninstaller.com/Dropbox-577cd3abbfe79ac34d5840776af79ad8-application.htm
"The following executables are incorporated in Dropbox.
They occupy 11.73 MB (12302824 bytes) on disk.
Dropbox.exe (10.80 MB)
DropboxUninstaller.exe (222.35 KB)
DropboxNativeMessagingHost.exe (361.73 KB)
DropboxThumbnailGenerator.exe (36.23 KB)
DropboxUpdateProxy32.exe (286.73 KB)
dbxsvc.exe (45.73 KB)
"
With the disk drive offline, you could try scanning files like that on Virustotal.com
(owned by Google).
Paul
Thanks Paul. I'll do some virus/malware scanning but am I right that you
suggest the best step would be to re-install Dropbox?
Terry
At this point, I'm in the dark as much as you are, as to
what is going on, and what sequence is involved. I entered the
details of the pattern in Google, and nothing is showing up.
If you use Process Explorer from Sysinternals, while that
command prompt window is open, you can hold the mouse over the
line on the screen, and look for the arguments passed to the executable,
to get further evidence of where that command is being crafted.
The Task Manager doesn't give as much info.
https://learn.microsoft.com/en-us/sysinternals/downloads/process-explorer
Paul
Paul <nospam@needed.invalid> wrote:
On Mon, 10/28/2024 5:22 PM, Terry Pinnell wrote:
Paul <nospam@needed.invalid> wrote:
On Mon, 10/28/2024 1:22 PM, Terry Pinnell wrote:
This window is opening up uninvited.
https://www.dropbox.com/scl/fi/p916rstqzcrfrmqrek6qw/DropboxNativeMessaging.jpg?rlkey=a79rv553ejk5e169ayqvpft43&raw=1
Such as shortly after opening Chrome. Apparently something to do with a >>>>> Chrome extension. But no such extension.
This arose at some stage of trouble shooting a more serious Dropbox
issue: the context menu entries for Dropbox have disappeared. Tried all >>>>> the obvious restarts in vain. Most articles/posts I read about
NativeHostMessaging or DropboxNativeHostMessaging are over my head.
Don't know how I started it, but now eager to just get rid of it.
Terry
My guess, is when it isn't malware, it is part of the Dropbox installation.
These could be win32 executables for example. Dropbox is also available >>>> as a Metro.App, in which case the folder of residence is different (and >>>> harder to find and impossible to access and protected by a manifest).
You can list anything, with nfi.exe for example.
C:\Program Files (x86)\Dropbox\Client\171.4.6182\DropboxNativeMessagingHost.exe
https://www.advanceduninstaller.com/Dropbox-577cd3abbfe79ac34d5840776af79ad8-application.htm
"The following executables are incorporated in Dropbox.
They occupy 11.73 MB (12302824 bytes) on disk.
Dropbox.exe (10.80 MB)
DropboxUninstaller.exe (222.35 KB)
DropboxNativeMessagingHost.exe (361.73 KB)
DropboxThumbnailGenerator.exe (36.23 KB)
DropboxUpdateProxy32.exe (286.73 KB)
dbxsvc.exe (45.73 KB)
"
With the disk drive offline, you could try scanning files like that on Virustotal.com
(owned by Google).
Paul
Thanks Paul. I'll do some virus/malware scanning but am I right that you >>> suggest the best step would be to re-install Dropbox?
Terry
At this point, I'm in the dark as much as you are, as to
what is going on, and what sequence is involved. I entered the
details of the pattern in Google, and nothing is showing up.
If you use Process Explorer from Sysinternals, while that
command prompt window is open, you can hold the mouse over the
line on the screen, and look for the arguments passed to the executable,
to get further evidence of where that command is being crafted.
The Task Manager doesn't give as much info.
https://learn.microsoft.com/en-us/sysinternals/downloads/process-explorer
Paul
This from digging around in the registry: https://www.dropbox.com/scl/fi/ogcoehbvqwhrflvd6txao/RegistryPossibleClue.jpg?rlkey=46i0vmsunf8b31iu8ajrylfzk&raw=1
This is the JSON file, (edited for security) :
{
"name": "com.dropbox.nmh",
"description": "Native Messaging Host for interacting with Dropbox Passwords browser extensions.",
"path": "../../../DropboxNativeMessagingHost.exe",
"type": "stdio",
"allowed_origins": [
"chrome-extension://ekldlkji----------- bknj/",
"chrome-extension://dfcjmolhh-----------foipgdekjien/",
"chrome-extension://bmhejbnm------------------kcfabg/"
]
}
I do get passwords frequently into Chrome from Dropbox Passwords, for
fastger logon, so wouldn't want to lose that. Those 'allowed origins'
are obviously not meant to be understood by humans? So deciding what to
do next is obscure!
Reckon I'm going to abandon it for tonight before I do something stupid. Terry, UK Mon 28 Oct 2024 22:07
VanguardLH <V@nguard.LH> wrote:
Terry Pinnell <me@somewhere.invalid> wrote:
This window is opening up uninvited.
https://www.dropbox.com/scl/fi/p916rstqzcrfrmqrek6qw/DropboxNativeMessaging.jpg?rlkey=a79rv553ejk5e169ayqvpft43&raw=1
Such as shortly after opening Chrome. Apparently something to do with a
Chrome extension. But no such extension.
This arose at some stage of trouble shooting a more serious Dropbox
issue: the context menu entries for Dropbox have disappeared. Tried all
the obvious restarts in vain. Most articles/posts I read about
NativeHostMessaging or DropboxNativeHostMessaging are over my head.
Don't know how I started it, but now eager to just get rid of it.
Been a long time, but, as I recall, you could configure Chrome to send >>messages/data to a client-side application (aka handlers). See if you >>previously okayed a handler by going to:
chrome://settings/handlers
Or go into Chrome's settings to look at what permissions you granted per >>site, or on allowing protocol handlers.
In Edge-C, a Chromium variant after Microsoft dropped their EdgeHTML >>renderer and Javascript script interpreter to use Blink and J8, you go
to edge://settings/content, and scroll down to Site Permissions where
you find an option to enable/disable protocol handlers. I have it
disabled in Edge-C.
For Chrome, might be Menu > Settings > Privacy and security > Site
settings > Additional permissions > Handlers.
I certainly don't want some site that I visit making itself a default >>protocol handler for some URL scheme. I disable that "feature".
Thanks, glad to have you and Paul on the case. Much of both replies is
sadly heavy going for me. I've started with your suggestions. Here are a
few screenshots. https://www.dropbox.com/scl/fi/0a1vausdclwx0ufi0ivu5/PrivacySiteSettings-1.jpg?rlkey=gqs5afl8ecolb8b3dlm52un67&raw=1
https://www.dropbox.com/scl/fi/ev0kozcewa6hotd1xn3d7/PrivacySiteSettings-2.jpg?rlkey=51ldsvlm71pvid9xf8pejwezy&raw=1
https://www.dropbox.com/scl/fi/ev0kozcewa6hotd1xn3d7/PrivacySiteSettings-2.jpg?rlkey=51ldsvlm71pvid9xf8pejwezy&raw=1
https://www.dropbox.com/scl/fi/ev0kozcewa6hotd1xn3d7/PrivacySiteSettings-2.jpg?rlkey=51ldsvlm71pvid9xf8pejwezy&raw=1
Bottom line: I'm floundering!
Let me know what info might help diagnosis.
Should I desist deleting any of those options?
Perhaps reinstall Chrome?
Terry
Terry Pinnell <me@somewhere.invalid> wrote:
Paul <nospam@needed.invalid> wrote:
On Mon, 10/28/2024 5:22 PM, Terry Pinnell wrote:
Paul <nospam@needed.invalid> wrote:
On Mon, 10/28/2024 1:22 PM, Terry Pinnell wrote:
This window is opening up uninvited.
https://www.dropbox.com/scl/fi/p916rstqzcrfrmqrek6qw/DropboxNativeMessaging.jpg?rlkey=a79rv553ejk5e169ayqvpft43&raw=1
Such as shortly after opening Chrome. Apparently something to do with a >>>>>> Chrome extension. But no such extension.
This arose at some stage of trouble shooting a more serious Dropbox >>>>>> issue: the context menu entries for Dropbox have disappeared. Tried all >>>>>> the obvious restarts in vain. Most articles/posts I read about
NativeHostMessaging or DropboxNativeHostMessaging are over my head. >>>>>>
Don't know how I started it, but now eager to just get rid of it.
Terry
My guess, is when it isn't malware, it is part of the Dropbox installation.
These could be win32 executables for example. Dropbox is also available >>>>> as a Metro.App, in which case the folder of residence is different (and >>>>> harder to find and impossible to access and protected by a manifest). >>>>> You can list anything, with nfi.exe for example.
C:\Program Files (x86)\Dropbox\Client\171.4.6182\DropboxNativeMessagingHost.exe
https://www.advanceduninstaller.com/Dropbox-577cd3abbfe79ac34d5840776af79ad8-application.htm
"The following executables are incorporated in Dropbox.
They occupy 11.73 MB (12302824 bytes) on disk.
Dropbox.exe (10.80 MB)
DropboxUninstaller.exe (222.35 KB)
DropboxNativeMessagingHost.exe (361.73 KB)
DropboxThumbnailGenerator.exe (36.23 KB)
DropboxUpdateProxy32.exe (286.73 KB)
dbxsvc.exe (45.73 KB)
"
With the disk drive offline, you could try scanning files like that on Virustotal.com
(owned by Google).
Paul
Thanks Paul. I'll do some virus/malware scanning but am I right that you >>>> suggest the best step would be to re-install Dropbox?
Terry
At this point, I'm in the dark as much as you are, as to
what is going on, and what sequence is involved. I entered the
details of the pattern in Google, and nothing is showing up.
If you use Process Explorer from Sysinternals, while that
command prompt window is open, you can hold the mouse over the
line on the screen, and look for the arguments passed to the executable, >>> to get further evidence of where that command is being crafted.
The Task Manager doesn't give as much info.
https://learn.microsoft.com/en-us/sysinternals/downloads/process-explorer >>>
Paul
This from digging around in the registry:
https://www.dropbox.com/scl/fi/ogcoehbvqwhrflvd6txao/RegistryPossibleClue.jpg?rlkey=46i0vmsunf8b31iu8ajrylfzk&raw=1
This is the JSON file, (edited for security) :
{
"name": "com.dropbox.nmh",
"description": "Native Messaging Host for interacting with Dropbox
Passwords browser extensions.",
"path": "../../../DropboxNativeMessagingHost.exe",
"type": "stdio",
"allowed_origins": [
"chrome-extension://ekldlkji----------- bknj/",
"chrome-extension://dfcjmolhh-----------foipgdekjien/",
"chrome-extension://bmhejbnm------------------kcfabg/"
]
}
I do get passwords frequently into Chrome from Dropbox Passwords, for
fastger logon, so wouldn't want to lose that. Those 'allowed origins'
are obviously not meant to be understood by humans? So deciding what to
do next is obscure!
Reckon I'm going to abandon it for tonight before I do something stupid.
Terry, UK Mon 28 Oct 2024 22:07
My guess is those strings are to identify which extension the Dropbox integration is allowed. You said "no such extension" thinking it should
be named Dropbox-something. Do you have ANY extensions installed?
Don't know how I started it, but now eager to just get rid of it.
On 28/10/2024 17:22, Terry Pinnell wrote:
Don't know how I started it, but now eager to just get rid of it.
just uninstall Dropbox and see if it made any difference. you might need
to use revouninstaller (portable) to remove everything related to Dropbox.
<https://download.revouninstaller.com/download/RevoUninstaller_Portable.zip>
Terry Pinnell <me@somewhere.invalid> wrote:
Paul <nospam@needed.invalid> wrote:
On Mon, 10/28/2024 5:22 PM, Terry Pinnell wrote:
Paul <nospam@needed.invalid> wrote:
On Mon, 10/28/2024 1:22 PM, Terry Pinnell wrote:
This window is opening up uninvited.
https://www.dropbox.com/scl/fi/p916rstqzcrfrmqrek6qw/DropboxNativeMessaging.jpg?rlkey=a79rv553ejk5e169ayqvpft43&raw=1
Such as shortly after opening Chrome. Apparently something to do with a >>>>>> Chrome extension. But no such extension.
This arose at some stage of trouble shooting a more serious Dropbox >>>>>> issue: the context menu entries for Dropbox have disappeared. Tried all >>>>>> the obvious restarts in vain. Most articles/posts I read about
NativeHostMessaging or DropboxNativeHostMessaging are over my head. >>>>>>
Don't know how I started it, but now eager to just get rid of it.
Terry
My guess, is when it isn't malware, it is part of the Dropbox installation.
These could be win32 executables for example. Dropbox is also available >>>>> as a Metro.App, in which case the folder of residence is different (and >>>>> harder to find and impossible to access and protected by a manifest). >>>>> You can list anything, with nfi.exe for example.
C:\Program Files (x86)\Dropbox\Client\171.4.6182\DropboxNativeMessagingHost.exe
https://www.advanceduninstaller.com/Dropbox-577cd3abbfe79ac34d5840776af79ad8-application.htm
"The following executables are incorporated in Dropbox.
They occupy 11.73 MB (12302824 bytes) on disk.
Dropbox.exe (10.80 MB)
DropboxUninstaller.exe (222.35 KB)
DropboxNativeMessagingHost.exe (361.73 KB)
DropboxThumbnailGenerator.exe (36.23 KB)
DropboxUpdateProxy32.exe (286.73 KB)
dbxsvc.exe (45.73 KB)
"
With the disk drive offline, you could try scanning files like that on Virustotal.com
(owned by Google).
Paul
Thanks Paul. I'll do some virus/malware scanning but am I right that you >>>> suggest the best step would be to re-install Dropbox?
Terry
At this point, I'm in the dark as much as you are, as to
what is going on, and what sequence is involved. I entered the
details of the pattern in Google, and nothing is showing up.
If you use Process Explorer from Sysinternals, while that
command prompt window is open, you can hold the mouse over the
line on the screen, and look for the arguments passed to the executable, >>>to get further evidence of where that command is being crafted.
The Task Manager doesn't give as much info.
Paulhttps://learn.microsoft.com/en-us/sysinternals/downloads/process-explorer >>>
This from digging around in the registry:
https://www.dropbox.com/scl/fi/ogcoehbvqwhrflvd6txao/RegistryPossibleClue.jpg?rlkey=46i0vmsunf8b31iu8ajrylfzk&raw=1
This is the JSON file, (edited for security) :
{
"name": "com.dropbox.nmh",
"description": "Native Messaging Host for interacting with Dropbox
Passwords browser extensions.",
"path": "../../../DropboxNativeMessagingHost.exe",
"type": "stdio",
"allowed_origins": [
"chrome-extension://ekldlkji----------- bknj/",
"chrome-extension://dfcjmolhh-----------foipgdekjien/",
"chrome-extension://bmhejbnm------------------kcfabg/"
]
}
I do get passwords frequently into Chrome from Dropbox Passwords, for
fastger logon, so wouldn't want to lose that. Those 'allowed origins'
are obviously not meant to be understood by humans? So deciding what to
do next is obscure!
Reckon I'm going to abandon it for tonight before I do something stupid.
Terry, UK Mon 28 Oct 2024 22:07
My guess is those strings are to identify which extension the Dropbox >integration is allowed. You said "no such extension" thinking it should
be named Dropbox-something. Do you have ANY extensions installed?
Terry Pinnell <me@somewhere.invalid> wrote:
Paul <nospam@needed.invalid> wrote:
On Mon, 10/28/2024 5:22 PM, Terry Pinnell wrote:
Paul <nospam@needed.invalid> wrote:
On Mon, 10/28/2024 1:22 PM, Terry Pinnell wrote:
This window is opening up uninvited.
https://www.dropbox.com/scl/fi/p916rstqzcrfrmqrek6qw/DropboxNativeMessaging.jpg?rlkey=a79rv553ejk5e169ayqvpft43&raw=1
Such as shortly after opening Chrome. Apparently something to do with a >>>>>> Chrome extension. But no such extension.
This arose at some stage of trouble shooting a more serious Dropbox >>>>>> issue: the context menu entries for Dropbox have disappeared. Tried all >>>>>> the obvious restarts in vain. Most articles/posts I read about
NativeHostMessaging or DropboxNativeHostMessaging are over my head. >>>>>>
Don't know how I started it, but now eager to just get rid of it.
Terry
My guess, is when it isn't malware, it is part of the Dropbox installation.
These could be win32 executables for example. Dropbox is also available >>>>> as a Metro.App, in which case the folder of residence is different (and >>>>> harder to find and impossible to access and protected by a manifest). >>>>> You can list anything, with nfi.exe for example.
C:\Program Files (x86)\Dropbox\Client\171.4.6182\DropboxNativeMessagingHost.exe
https://www.advanceduninstaller.com/Dropbox-577cd3abbfe79ac34d5840776af79ad8-application.htm
"The following executables are incorporated in Dropbox.
They occupy 11.73 MB (12302824 bytes) on disk.
Dropbox.exe (10.80 MB)
DropboxUninstaller.exe (222.35 KB)
DropboxNativeMessagingHost.exe (361.73 KB)
DropboxThumbnailGenerator.exe (36.23 KB)
DropboxUpdateProxy32.exe (286.73 KB)
dbxsvc.exe (45.73 KB)
"
With the disk drive offline, you could try scanning files like that on Virustotal.com
(owned by Google).
Paul
Thanks Paul. I'll do some virus/malware scanning but am I right that you >>>> suggest the best step would be to re-install Dropbox?
Terry
At this point, I'm in the dark as much as you are, as to
what is going on, and what sequence is involved. I entered the
details of the pattern in Google, and nothing is showing up.
If you use Process Explorer from Sysinternals, while that
command prompt window is open, you can hold the mouse over the
line on the screen, and look for the arguments passed to the executable, >>>to get further evidence of where that command is being crafted.
The Task Manager doesn't give as much info.
Paulhttps://learn.microsoft.com/en-us/sysinternals/downloads/process-explorer >>>
This from digging around in the registry:
https://www.dropbox.com/scl/fi/ogcoehbvqwhrflvd6txao/RegistryPossibleClue.jpg?rlkey=46i0vmsunf8b31iu8ajrylfzk&raw=1
This is the JSON file, (edited for security) :
{
"name": "com.dropbox.nmh",
"description": "Native Messaging Host for interacting with Dropbox
Passwords browser extensions.",
"path": "../../../DropboxNativeMessagingHost.exe",
"type": "stdio",
"allowed_origins": [
"chrome-extension://ekldlkji----------- bknj/",
"chrome-extension://dfcjmolhh-----------foipgdekjien/",
"chrome-extension://bmhejbnm------------------kcfabg/"
]
}
I do get passwords frequently into Chrome from Dropbox Passwords, for
fastger logon, so wouldn't want to lose that. Those 'allowed origins'
are obviously not meant to be understood by humans? So deciding what to
do next is obscure!
Reckon I'm going to abandon it for tonight before I do something stupid.
Terry, UK Mon 28 Oct 2024 22:07
My guess is those strings are to identify which extension the Dropbox >integration is allowed. You said "no such extension" thinking it should
be named Dropbox-something. Do you have ANY extensions installed?
| Sysop: | Keyop |
|---|---|
| Location: | Huddersfield, West Yorkshire, UK |
| Users: | 508 |
| Nodes: | 16 (2 / 14) |
| Uptime: | 01:30:07 |
| Calls: | 9,988 |
| Calls today: | 6 |
| Files: | 13,836 |
| Messages: | 6,358,965 |
| Posted today: | 1 |
