First off, thanks for an awesome product, and keep up the great work!
Is there any way of adjusting the sensitivity of the Auto Sandbox feature in the free version? If not, is it feasible to make this an option in future builds?
The number of false positives I’ve experienced has increased exponentially in the last couple of weeks. I’m hesitant to disable the feature completely for security’s sake, but honestly, it has yet to encounter anything dangerous, and has only succeeded in identifying perfectly legitimate install programs from trusted websites, gumming up the installation process, and generally being annoying.
same here , it is sensitive on legit programs ,but it doesnt seem to work that well on actual malware , but hey , it is still new , im sure they will improve it step by step.
Well, I was asking for details, but - alas! - he gave none. I do not have those problems in a quantity that I would complain about. As a matter of fact it happens very, very rarely to kick in on benign programs.
Exactly…Its not like its fully automatic. It only recommends that you run the program in the sandbox. You do have the option to open it up up normally. Heck Norton quarantines things automatically without even asking.
Unless you know how Kaspersky works don’t say no. Kaspersky uses heuristic to analyze a program and place it into 3 categories. High,low restricted or untrusted. It’s not a sandbox but once a program is there it cannot do any harm to the system. So Avast uses heuristics to decide if a program should be ran under a sandbox. Same thing.
It does very well , only i never see a autosandbox popup , maybe 1 time i saw it when the signatures didnt cought it.
So i mean , i seen the popup on more legitimate programs then i saw it on actual malware.
For example in the Comodo auto sandbox , it really does sandbox any unknown malware , avast still needs to work on that , but that is understandable , because it is still new in avast.
Effectively you shouldn’t see the autosandbox come up as the blocking is going one at web shield or network shield level.
If you aren’t actually downloading something to your system and then running that file, first the file system shield would scan it and depending on a) signature check, b) heuristics and c) emulation (plus digital signature, location, what it does, etc.), would the decision be made to hand it off to the autosandbox. So there are a lot of steps/checks before it even gets that far down the chain.
There is no way to compare the comodo auto sand box as far as I’m aware it isn’t the same it is a block all (malware or otherwise), where avast doesn’t block all, only that which after all the checking is still considered suspect.