Avast antivirus 4.8 home edition-and sandboxie

Eli · July 6, 2008

HI

I have began working with the sandboxie program.

Question: Does the AV still work under this virtual environment? or maybe it works but no need for it there, only outside of the sandbox ?

Thanks

EP

davey · July 6, 2008

HI
I have begun working with the sandboxie program.

Question: Does the AV still work under this virtual environment? or maybe it works but no need for it there, only outside of the sandbox ?

Thanks

EP

Hi Eli,

Another darn good question from the Question Master.

I should hope that you could to test new versions of AV software.

I don't have the capacity yet for a "Sandbox" yet but I am sure interested in the answer.

I avoid any "Free stuff" unless I see it mentioned here on the forum.There is is too much Rogue software out there now.

All they want is one click to allow their download and then you are out of control of your PC.

davey

anonymous_user · July 7, 2008

HI
I have began working with the sandboxie program.

Question: Does the AV still work under this virtual environment? or maybe it works but no need for it there, only outside of the sandbox ?

Thanks

EP

I dont *think* it will work. iirc the sandbox prevents drivers from installing.

But why do you want avast sandboxed anyways? :huh:

Eli · July 7, 2008

I dont *think* it will work. iirc the sandbox prevents drivers from installing.

But why do you want avast sandboxed anyways?

Hi

I shall make myself clearer : My antivirus is avast, being the fact that it works off the browser, the question is if the antivirus is able to get in to the virtual environment to do it`s job .The question comes from the looking at the antivirus , as a second defence line in case the sandbox fails to delete all the "goodies".

Thanks

EP

login123 · July 16, 2008

Hi
...the question is if the antivirus is able to get in to the virtual environment to do it`s job ...

Hi Eli.

I just did this experiment...it may answer your Q.

1. Opened IE7 sandboxed with avast running.

2. Went to the eicar test virus site: http://www.eicar.org/anti_virus_test_file.htm

- eicar files are not real virus files, but they trigger an antivirus alert.

3. Tried to download the test virus files. Avast caught them, so they never downloaded into the sandbox.

4. Turned off avast on access scanner. One really shouldn't do that, but I did anyway.

5. Downloaded the eicar test files. They went into the sandbox, not the folder I sent'em to, of course.

6. Turned avast back on.

7. Scanned the sandbox with avast. avast found and removed the all the eicar test files, so they are no longer present in the sandbox.

So: avast prevented the download of a (not really) malicious file, and then removed it from the sandbox after it was downloaded anyway. Doesn't really mean that avast can be installed into a sandbox, don't know about that, but does mean that if a malicious file gets there, avast will find it just as it would at some other place on the hard drive.

You can use windows explorer to look at the sandbox; on this computer it is located at c:\sandbox and contains all the files and folders modified during a sandboxed session. You may need to have the "show hidden files and folders" option checked.

Also, I think the siren when avast finds something is nifty.

hazelnut · July 16, 2008

I use avira and sandboxie. I do not use avira sandboxed, just my browser.

Avira will warn me if I go to a page with a virus etc and suggest deny access. I say yes.

If I then look in avira events it will list it saying it found it in the sandbox, and that gets emptied anyway

Eli · July 16, 2008

Hi Eli.

I just did this experiment...it may answer your Q.

1. Opened IE7 sandboxed with avast running.

2. Went to the eicar test virus site: http://www.eicar.org/anti_virus_test_file.htm

- eicar files are not real virus files, but they trigger an antivirus alert.

3. Tried to download the test virus files. Avast caught them, so they never downloaded into the sandbox.

4. Turned off avast on access scanner. One really shouldn't do that, but I did anyway.

5. Downloaded the eicar test files. They went into the sandbox, not the folder I sent'em to, of course.

6. Turned avast back on.

7. Scanned the sandbox with avast. avast found and removed the all the eicar test files, so they are no longer present in the sandbox.

So: avast prevented the download of a (not really) malicious file, and then removed it from the sandbox after it was downloaded anyway. Doesn't really mean that avast can be installed into a sandbox, don't know about that, but does mean that if a malicious file gets there, avast will find it just as it would at some other place on the hard drive.

You can use windows explorer to look at the sandbox; on this computer it is located at c:\sandbox and contains all the files and folders modified during a sandboxed session. You may need to have the "show hidden files and folders" option checked.

Also, I think the siren when avast finds something is nifty.

HI

Thank you for your very thorough reply.

I forgot to post it ,but last week I was surfing sandboxed and guess what?...avast gave me the

awakening with it`s siren..., it detected a virus and didn't let in the sandbox just as you described in your test ,the only difference was that this virus was for real!

Regards

Eli

Sign In

Avast antivirus 4.8 home edition-and sandboxie

Recommended Posts

Eli

Link to comment

Share on other sites

davey

Link to comment

Share on other sites

anonymous_user

Link to comment

Share on other sites

Eli

Link to comment

Share on other sites

login123

Link to comment

Share on other sites

hazelnut

Link to comment

Share on other sites

Eli

Link to comment

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Browse

Activity

Home

Mobile

Business

Important Information