Author Topic: sandbox question...  (Read 1758 times)

0 Members and 1 Guest are viewing this topic.

Hermite15

  • Guest
sandbox question...
« on: May 07, 2010, 01:22:39 PM »
okay, this is a bit strange: I just run shortly IE8 and Chrome sandboxed. I got my Chrome userdata folder EFS encrypted so I wanted to check what happens in the sandbox folder. It's run there unencrypted, no big deal. This is in "##aswSnx private storage" folder found on drive C where my IE and Chrome data belong. So far no surprise, the explorer tree is respected in the sandbox etc...
 But I found another "##aswSnx private storage" folder on another partition. Wouldn't be surprising if anything from there was run sandboxed. But concerning IE and Chrome, as stated, that's not the case, and still, in this other avast sandbox folder on another partition, I found tens of files belonging to the same IE and Chrome sessions ??? and they're encrypted for most of them (with EFS or not I haven't got a clue). My original IE data on "C" is not EFS encrypted. What tells me they are is the program I use to check the content of Avast sandbox folders, normally hidden from view as some of you know >>> Recuva + scanning of non-deleted files. The sandbox folder on the other partition is a deleted one (screen shot) though, so it's not a duplicate of the one still present on drive C. But why is it written at all? and why and how can it contain encrypted files ??? does the sandbox module, in the process of deleting content, encrypt files at the same time, and why on another partition? thanks.

>>> see screenshot
« Last Edit: May 07, 2010, 01:27:44 PM by Logos »