Results 1 to 9 of 9

Thread: Where is the sandbox for Avast?

  1. #1
    Join Date
    Mar 2010
    Posts
    2,442

    Question Where is the sandbox for Avast?

    A question.

    Avast supports Sandbox feature.

    If i execute something in sandbox, where does this thing happen, RAM or HDD?
    IF HDD, what location?

    Thanks,
    Grr

  2. #2
    Join Date
    Jul 2010
    Posts
    120
    Quote Originally Posted by Grr View Post
    A question.

    If i execute something in sandbox, where does this thing happen, RAM or HDD?
    IF HDD, what location?
    On HDD

    Currently using Comodo which has a similar feature, comodo creates a folder named VritualRoot in C:\

    My guess, since dont have Avast currently, is Avast either has the sandboxed folder in My Documents or in C:\Program Files\Avast

  3. #3
    Sandbox will store the files in the HDD.

    What applications do you want to run sandboxed?

    I think this question would be better answered by someone who is using Avast Pro or at the Avast support forum.

    Well, anyway I searched their forum and found this:


    Q: Can you tell me what happens when you download something from the net while running in sandbox?

    A: The sandbox has a setting "Automatically detect default locations for saved/downloaded files and save files to these locations outside the sandbox"

  4. #4
    Join Date
    Mar 2010
    Posts
    2,442
    Thanks Raghav & Ashwin. I did check in my documents & Prog Files but no such folder.

  5. #5
    Join Date
    Mar 2010
    Posts
    2,442

    Lightbulb

    Finally found the answer:

    What exactly is isolated?

    All file-system changes done by a sandboxed application are virtualized (these modified files are stored in the hidden folder in root: "\## aswSnx private storage"). The folder can be visible if you set HideTarget=0 in "%avast data folder%\snx_lconfig.xml" file. File changes are cached in memory, so any unapproved file modifications in this hidden folder may lead to "undefined" state. I think these attempts are also blocked by our driver (not sure right now). All registry changes are also virtualized (see "HKEY_CURRENT_USERS\__aswSnx private storage" hive), all named objects (events, sections, ...) are virtualized (download winobj.zip to see Windows Object Manager namespaces), in-process communication (LPC/ALPC) is virtualized. Process/Thread/... modifications are blocked or limited. Windows names/classes/SCM/WinHooks will be virtualized in next version.

    Avast sandbox uses pre-defined exceptions for the most browsers (see snx_gconfig.xml), i.e. bookmarks/cookies/history are excluded automatically from the virtualization and everything you'll download (by standard way, e.g. by using SaveAs dialogs, ...) are also excluded. However, every file which would be saved by malware is virtualized. We plan to add more options into expert settings in upcoming versions.
    Quoted from

    Tried to edit snx_lconfig.xml, but no luck.

  6. #6
    Join Date
    Feb 2010
    Location
    New Delhi
    Posts
    2,042
    Thanks grr for the info.

  7. #7
    Join Date
    Nov 2010
    Location
    Malaysia
    Posts
    58
    There is a known bug in the Avast sandbox (Program virtualization) that causes BSOD while you upload files....the Avast forums says it will be fixed by ver 5.1. See

  8. #8
    Join Date
    Mar 2010
    Posts
    2,442
    Quote Originally Posted by constantine View Post
    There is a known bug in the Avast sandbox (Program virtualization) that causes BSOD while you upload files....the Avast forums says it will be fixed by ver 5.1. See
    Thanks constantine.
    I removed Avast from my system. Waiting for version-6, which would include free sandbox.

  9. #9
    Join Date
    Sep 2011
    Location
    FRANCE
    Posts
    1
    First, I am sorry to reup this topic today.
    The thing is that I only find here what I wanted to know about the avast sandbox.
    Concerning the edition of the snx_lconfig.xml file, I modified & saved it under the safe mode. Then when it restarts normally you can see the '\## aswSnx private storage' folder !
    Your post is the hopeful result of a very long research on the Internet. So, BIG, BIG, BIG thanks

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •