I am a happy user of free Avast Antivirus. I am using Avast for almost 2 years now, and it is always updated.
But I have a small but annoying case like this.
Avast seems to hate a particular EXE file by automatically sandboxing it all the time, regardless a manual scan (by right-clicking the file in Explorer and choose to scan it with Avast) confirmed that no thread found on that file.
I excluded the file from AutoSandbox, even disable AutoSandbox, but this does not stop Avast from sandboxing that file.
But if I copy the file to another folder and run it there, it would be fine. No automatic sandboxing.
Do I have to clear a cache or something like that?
I am a desktop programmer. I develop applications with Delphi.
I protect an application of mine with Enigma Protector. After compilation, I would run Enigma Protector to protect the EXE file.
When I run the EXE after protected with Enigma, Avast would ask me to sandbox it or not. While this is a little annoying, it is okay for me.
But now (it has been a week or two), even if the EXE is not protected after compilation, Avast would automatically sandbox it without asking. Even if I disable AutoSandbox.
What makes me ask this question in Avast forum instead of Enigma forum, is that if I move the EXE (protected or not) to another folder, then the problem dissapear.
I can assure you that my application does not contain malicious code. It even does not contain any code to access networks of any kind.
I do have legitimate license of Enigma Protector, and in recent releases Enigma have resolved many false positives with various antivirus.
I think this related more to Avast, with reason mentioned above.
The fact that it doesn’t sandbox when the exe is in another folder suggests that the thing causing this behavior isn’t related to the file itself, but rather the path. Now, i doubt avast gets all suspicious about folder names in the path, so i expect avast is set to always sandbox that file.
Now, i am not aware that avast CAN be set to always sandbox something by the user, and the OP said it happens even with autosandboxing turned off and with that file in the exclusion list. Is it possible to make avast sandbox something always?
Some setting of the autosandbox could be corrupted. Adding it to the exclusion list of autosandbox, lowering the sensibility and many combinations of settins could “resolve” the problem, even when autosandbox may be completely off.
In any case, the ftp incoming folder is write-only (so after uploading you won’t see the zipped file).
Of course, the actual link is NOT that, but ftp://ftp.avast.com/incoming/ and the OP should post here the name of the uploaded zip (usually in the form of forumUsername-topicNumber-date-time.zip or something unique (to avoid overwriting).
Please include a text file in the zip with details; specially including a link to this topic.