I really like the autosandbox feature in avast! 6 but after reading the problems with portable apps and other files like explorer.exe being sandboxed with no input from the user, I will not be installing version 7 until it at least has an ask function. Why was ask removed? Please reinstate it or is it impossible because of the new code? If a person removes autosandbox from avast 7, how much does this affect detection of malware?
Thank you.
It has that, I’m using it. 
Or you could, you know, install version 7 and disable autosandbox.
Perhaps the OP saw the messages about the ask feature going to be removed in future builds? Such as: http://forum.avast.com/index.php?topic=93866.msg747953#msg747953 ?
i have the same problem:(
Yes, that is what I am worried about, ask going away. I guess I will have to disable autosandbox. Wish they would keep ask.
Let me explain in a bit more detail what we’re trying to do here.
First, a little bit of background information. We introduced the Autosandbox feature in v6 as a way to cope with suspicious programs. Traditionally, AV software had to make binary decisions: either call a file clean (and then let it run on users’ machines) or call it infected (and deal with it, i.e. typically quarantine/delete the file). The autosandbox gave us the possibility to let the file run, but without risking that it would do any harm to the system. Therefore, it was a handy tool for our analysts who could relax the heuristic rules without risking too many “hard” false positives.
Now, in v7 (partly in this initial v7 build, and partly in the upcoming builds), we’d like to change this little bit in the following sense:
Instead of “automatically running apps inside the sandbox”, we’d like to use the sandboxing subsystem to act more like an extension of the scanner. That is, when the engine isn’t sure about a file, it would do the following:
In my opinion, this is clear step forward and is really user friendly (much more than the v6 implementation). We may also leave the old v6-style mode there, but once the new system works as expected, I don’t see any reason why anyone would actually want to switch to it.
I hope this helps.
Thanks
Vlk
Seems good, a good balance for common and advanced users and a way to decide.
Thank you for the clarification Vlk.
With Filerep, AutoSandbox, streaming updates, regular def. updates, and WebShield, it sounds tough to penetrate. Once it is fine tuned, I hope to never hear of another person, using avast, with a rogue antivirus install on their computer. Not to mention many all of the other nasties.
The more detailed the sandbox warning and log the better.
What are the risks of allowing the (upcoming) autosandbox… what can it break? I rarely get the ask, and right now I can only remember seeing it in response to manually launching a downloaded standalone program. I suspect there are no risks there, so that is actually the only type of scenario where I allow the autosandbox. However, if I were asked about some component of a sophisticated already installed or installing program, I would disallow the autosandboxing in order to minimize the chances that it would hose the application, install, or system (I’m generally more worried about that than malware). This is why ask appeals to me, although I’m clearly not knowledgeable enough to know how to apply it in the best way.
If the new autosandbox will continue to be a component that can be enabled or disabled, how does one make that decision?