Not sure if this belongs in the Virus section or here…
I have a trial version of Avast installed…
OS : Win 7 64Bit SP1
Program : 6.0.1000
Engine/Definitions : 110227-0
First Issue - XBMC Installer
When I try and run and the XBMC Installer downloaded from hxtp://xbmc.org/download/ - xbmc-10.0.exe. It displays a Sandbox warning explaining the application may be unsafe and recommends running it in a Sandbox.
This happens with a fresh download or one that has been on the system for a month or so.
The MD5 for the file is 904b5dde64954fad637d196d72347bf8 which shows some hits on google for the filename so I am guessing it is not corrupted.
Scanning the file for with the virus checker shows no problem found.
Second Issue - EasytTune Gigabyte
On a possibly related note, since an Avast update yesterday the EasyTune6 utility from gigabyte also pops a warning when the system starts.
Is the sandbox feature new ? (I don’t remember seeing it before)
Are these both simply false positives ?
Is there any information on what things the Sandbox code looks for ?
Hello hexascape and welcome to the forums:
That is the “Auto-Sandboxing” feature in V.6 and it is new!
The avast! AutoSandbox is a special security feature which allows potentially suspicious applications to be automatically run in a completely isolated environment with no risk to your computer or any of your other files.
By default, if an application is started and avast! detects anything suspicious, it will ask you if you want to run the application in the Sandbox. If you answer “Open in sandbox”, the application will then be started inside the Sandbox where it cannot cause any damage to your system.
This allows you to check any suspicious applications while remaining completely protected against any malicious actions that an infected application might try to perform.
The browser or other application will then open in a special window with a red border, which indicates that it is being run inside the Sandbox.
Alternatively, in the AutoSandbox settings, the AutoSandbox can be configured to run suspicious applications automatically in the Sandbox. It can also be disabled completely, or you can exclude any files that should never be run in the Sandbox.
The AutoSandbox settings can also be found in the Expert Settings for the File System Shield.
In avast! Pro Antivirus and avast! Internet Security, the main Sandbox settings will also be used by the AutoSandbox - for example, whether or not downloaded files and other browser options are automatically deleted when the sandbox is closed.
These settings are not available in avast! Free Antivirus and when the Sandbox is closed any downloaded files will be automatically deleted.
You can find further information in the ‘Help Center’ of the program.
That is a great explanation of the Avast Sandbox! Thank you!
But only suspicious files are run in the sandbox, correct? Meaning that it may be a virus or a false positive? If a file has a virus and Avast knows about it, is that file run in the samdbox as well?
Can you go to a website and have Avast run it in the sandbox if you are suspicious of the site? What about for files?