Advice Request keepass secure desktop loop anomaly?? EDIT: Fixed!!

Please provide comments and solutions that are helpful to the author of this topic.

simmerskool

Level 32
Thread author
Verified
Top Poster
Well-known
Apr 16, 2017
2,172
using keepass well over a decade, never a hiccup, until today. running win10, keepass version 2.42 (iirc) (then to 2.52)
Opened app v2.42 to enter pw for database, started to enter pw and got interrupted (don't recall why) suddenly I'm in a loop and cannot enter password. I get a keepass error popup"
"an application has switched the secure desktop to a different desktop. click [OK] to switch back to the secure desktop"
I click ok, and password screen stays open for a second or two, but before I can enter pw, I get the same popup! it just cycles in a loop?? I tried win10 reboot, did not fix it. I installed newer version, 2.52, it just opens into the same loop. I have not tried a full uninstall / reinstall, I can try that, but anything else to try first? The problem happened before installing 2.52, I only installed 2.52 to see if it would fix the issue. I also posted at keepass help forum, no reply yet. While I wait for reply I will save database somewhere safe, and uninstall keepass, and then install it again. If that doesn't fix it?? PS this almost feel like the definition of a virus???

EDIT2 update fixed! so based on edit1 below, I figured there must me sometime type of user config file, searched with "everything" and saw likely candidate
c:\user\****\appdata\roaming\keepass\keepass.config.xml
so I deleted it. (my database is safe). opened keepass, and keepass ran as if starting from scratch, and finally let me enter pw, ie, the secure desktop loop was gone, and appears to be running normally. (another happy ending)

EDIT1 update: running in SUA I uninstalled v2.52 and reinstalled 2.52, app opens ok but then I get the above popup. Then I reboot into admin acct, deleted v2.52, then installed it again, and from the admin acct, keepass working normally, it let me input the pw, and the database opened. All normal. I think fixed. I reboot into SUA, and NO! keepass behaves exactly as it had been with the above referenced loop. So glitch has to be keepass & the SUA desktop, and perhaps some registry entry, although I am somewhat surprised full uninstall / reinstall did not fix this. I'm out of things to try. willing to dig into registry but I'd need some guidance for that.
 
Last edited:

piquiteco

Level 14
Oct 16, 2022
624
using keepass well over a decade, never a hiccup, until today. running win10, keepass version 2.42 (iirc) (then to 2.52)
Opened app v2.42 to enter pw for database, started to enter pw and got interrupted (don't recall why) suddenly I'm in a loop and cannot enter password. I get a keepass error popup"
"an application has switched the secure desktop to a different desktop. click [OK] to switch back to the secure desktop"
I click ok, and password screen stays open for a second or two, but before I can enter pw, I get the same popup! it just cycles in a loop?? I tried win10 reboot, did not fix it. I installed newer version, 2.52, it just opens into the same loop. I have not tried a full uninstall / reinstall, I can try that, but anything else to try first? The problem happened before installing 2.52, I only installed 2.52 to see if it would fix the issue. I also posted at keepass help forum, no reply yet. While I wait for reply I will save database somewhere safe, and uninstall keepass, and then install it again. If that doesn't fix it?? PS this almost feel like the definition of a virus???

EDIT2 update fixed! so based on edit1 below, I figured there must me sometime type of user config file, searched with "everything" and saw likely candidate
c:\user\****\appdata\roaming\keepass\keepass.config.xml
so I deleted it. (my database is safe). opened keepass, and keepass ran as if starting from scratch, and finally let me enter pw, ie, the secure desktop loop was gone, and appears to be running normally. (another happy ending)

EDIT1 update: running in SUA I uninstalled v2.52 and reinstalled 2.52, app opens ok but then I get the above popup. Then I reboot into admin acct, deleted v2.52, then installed it again, and from the admin acct, keepass working normally, it let me input the pw, and the database opened. All normal. I think fixed. I reboot into SUA, and NO! keepass behaves exactly as it had been with the above referenced loop. So glitch has to be keepass & the SUA desktop, and perhaps some registry entry, although I am somewhat surprised full uninstall / reinstall did not fix this. I'm out of things to try. willing to dig into registry but I'd need some guidance for that.
I was going to reply to you on Tuesday when you posted this issue on Keepass, but I was a bit busy and couldn't reply as soon as you posted it. And it seems to me that everything indicates that you managed to solve it. I had a problem similar to yours with my Keepass. I was using keepass version 2.48, that's when I upgraded to v2.52 and started having these same issues. Is that when I decided to dig in and try to figure out why this was happening? What I did was clear the cache and it still didn't solve the problem, just when I created a new KeePass.config.xml configuration file. As soon as I opened keepass it worked like a charm. PS: I only use the portable keepass that I carry with me on the memory card.
 

simmerskool

Level 32
Thread author
Verified
Top Poster
Well-known
Apr 16, 2017
2,172
I was going to reply to you on Tuesday when you posted this issue on Keepass, but I was a bit busy and couldn't reply as soon as you posted it. And it seems to me that everything indicates that you managed to solve it. I had a problem similar to yours with my Keepass. I was using keepass version 2.48, that's when I upgraded to v2.52 and started having these same issues. Is that when I decided to dig in and try to figure out why this was happening? What I did was clear the cache and it still didn't solve the problem, just when I created a new KeePass.config.xml configuration file. As soon as I opened keepass it worked like a charm. PS: I only use the portable keepass that I carry with me on the memory card.
I had this problem before I updated to 2.52, and updating to 2.52 did not solve it. So far it is only really half-solved as yes keepass is now working but still without secure desktop. I suspect the "loop" I was getting was caused by upgrading to ESET v16 because the loop started immediately after v16 and based on keepass's author comment about other security apps causing this problem. Thanks for your input. This is the first snafu I've had with keepass in many many years. I guess I"m safe without secure desktop on this computer, but I liked the extra layer provided by the secure desktop. Made keepass "special" for me.
 
  • Like
Reactions: piquiteco

piquiteco

Level 14
Oct 16, 2022
624
I believe it must have generated some incompatibility with ESET. Yes, the secure desktop on keepass is the essential thing I use whenever I can, it helps a lot against keyloggers. That was nothing @simmerskool, we are here in the MT forum to help people and friends as much as possible.;)
 

simmerskool

Level 32
Thread author
Verified
Top Poster
Well-known
Apr 16, 2017
2,172
I believe it must have generated some incompatibility with ESET. Yes, the secure desktop on keepass is the essential thing I use whenever I can, it helps a lot against keyloggers. That was nothing @simmerskool, we are here in the MT forum to help people and friends as much as possible.;)
yes the author of keepass emailed me and said known issue to him, and has a list of security apps posted. Have not definitely pinning loop down to ESET. will update if & when I know more.
 
  • Like
Reactions: piquiteco

piquiteco

Level 14
Oct 16, 2022
624
Thanks, @Minimalist for posting the ESET forum link.From what I read in the forum, I believe there was some change in the recent v16.0.22.0 update and after that it started to generate some conflict, when keepass is opened in secure desktop, it stays in loop. Wait, @simmerskool,they have created a ticket for further investigation by the developers.
 
Last edited:

simmerskool

Level 32
Thread author
Verified
Top Poster
Well-known
Apr 16, 2017
2,172
Yes it's problem with latest ESET. Here is a thread on their forum: NOD32 v16.0.22.0 prevents KeePass from using Secure Desktop when unlocking database
ok, others see on ESET forum see it too, but Marcos (ESET) did not, but then you tell him to disable Gamer mode to see this bug. So if I enable Gamer mode, the keepass bug will disappear? Testing... I have never used Gamer. Just turned it on and comes up yellow with an ESET warning! & Yes keepass secure screen works with yellow flag Gamer on. So which of the 2 alternatives is better or more secure. I know little of Gamer mode, and since ESET yellow flag's it, for now, I'll disable Gamer, and turn off keepass secure desktop until I know more...
EDIT: the ESET main screen with Gamer enabled merely says Gamer suppresses all notifications and pauses scheduled tasks. Seems like not a big deal, except if you get malware without warning...
 
  • Like
Reactions: Gandalf_The_Grey

Minimalist

Level 9
Verified
Well-known
Oct 2, 2020
443
Yes, gamer mode only disables notifications and some tasks. Eset won't notify you about possible infection attempts but it will still protect you (you just wouldn't be notified about it). The same would happen if you were playing a full screen game or watch a full screen video.
 
  • Like
Reactions: simmerskool

simmerskool

Level 32
Thread author
Verified
Top Poster
Well-known
Apr 16, 2017
2,172
Yes, gamer mode only disables notifications and some tasks. Eset won't notify you about possible infection attempts but it will still protect you (you just wouldn't be notified about it). The same would happen if you were playing a full screen game or watch a full screen video.
curious did you get the sense from ESET forum that this is something ESET will fix, or could be ESET thinks it has overall better security as is in v16. I got the sense from keepass author that it's not something he can fix...
 

Minimalist

Level 9
Verified
Well-known
Oct 2, 2020
443
I don't know if this new behaviour in v.16 is security related.
As I understand they were integrating some Gamer mode detection modifications (Lockscreen being detected as full screen application) and maybe those modifications are causing a problem with Keepass secure desktop window. But that is just me guessing.
If fix is not too complicated I believe that they will release it with one of future module updates.
 
  • Like
Reactions: simmerskool

piquiteco

Level 14
Oct 16, 2022
624
@simmerskool I, did a test with keepass with the secure desktop enabled and disabled, with a keylogger simulator, the keylogger does not record the typed keystrokes of your master password when it is typed on the secure desktop.;)
Screensot_keepass_secure_desktop_enabled.jpg

Screensot_secure_desktop_disable.jpg
 
Last edited by a moderator:

simmerskool

Level 32
Thread author
Verified
Top Poster
Well-known
Apr 16, 2017
2,172
@simmerskool I, did a test with keepass with the secure desktop enabled and disabled, with a keylogger simulator, the keylogger does not record the typed keystrokes of your master password when it is typed on the secure desktop.;)
View attachment 270417
View attachment 270418
so maybe ESET fix this?? unless Reichl can make keepass secure desktop work with ESET v16 and other security apps that break it. thanks for this test!
 
  • Like
Reactions: piquiteco

piquiteco

Level 14
Oct 16, 2022
624
so maybe ESET fix this?? unless Reichl can make keepass secure desktop work with ESET v16 and other security apps that break it. thanks for this test!
Yes, if the problem is related to ESET and there are many complaints on their forum and many open support tickets, they will fix it, we just don't know when...
 
  • Like
Reactions: simmerskool

simmerskool

Level 32
Thread author
Verified
Top Poster
Well-known
Apr 16, 2017
2,172
Yes, if the problem is related to ESET and there are many complaints on their forum and many open support tickets, they will fix it, we just don't know when...
my hunch ESET won't. guessing small subset of ESET users also running keepass, especially since ESET has their own password manager. I suppose I should at least look at ESET's pw mgr.

trying bitwarden for first time. ESET supposedly has 10,000 users, but also extension has marginal reviews and some negative. I've heard of bitwarden, although I've never used it before.
 
  • Like
Reactions: piquiteco

piquiteco

Level 14
Oct 16, 2022
624
Yes, with bad reviews and some negative ones it is best to avoid them. Bitwarden is a good open source password manager, it is reliable and you can use it without fear.
 
  • Like
Reactions: simmerskool

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top