Avast! 7 beta update (7.0.1443)

[Dim@rik]

I'm not running a sandbox, the addition of any process or what happens, but when you start using the context menu of the sandbox does not appear in the frame of red circle of the application.

Check please.

W7 x64 Home

[true indian]

updated via UI...

again...rebooted all shields disabled..tried repair and it didnt work..so i had to go for clean install and it works like charm now

[BODUL]

Hi...

Installed over the AIS 7.0.1442 and browsers had problem with loading pages within sandbox. Also FF13 had problem with opening, showing error (when it is runed within sandbox).
After that I tried with clean installation and everything was good until today when problems came back.
And one more thing - there is no webrep in Opera 12.00 (64bit-version).
Outside sandbox everything works well.

See you...

[Dch48]

I did a custom install without the browser protection and remote connection parts. No web rep for me.

[Charyb]

I did a custom install without the browser protection and remote connection parts. No web rep for me.

Won't you be missing out on SiteCorrect and phishing protection by doing this?

[RejZoR]

I'm wondering one thing, do you guys at avast! have that much confidence in Auto Sandbox that you're auto excluding all the stuff from Auto Sandbox that doesn't raise any supicion during actual sandboxing? Because once you click "Continue execution", the file is permanently excluded. And knowing the history, in all the time since it's introduction, it has detected 1 single documented insatance of malware based on its behavior inside Auto Sandbox.

Is it just me or i find this a bit of a security (detection) concern?

[true indian]

I'm wondering one thing, do you guys at avast! have that much confidence in Auto Sandbox that you're auto excluding all the stuff from Auto Sandbox that doesn't raise any supicion during actual sandboxing? Because once you click "Continue execution", the file is permanently excluded. And knowing the history, in all the time since it's introduction, it has detected 1 single documented insatance of malware based on its behavior inside Auto Sandbox.

Is it just me or i find this a bit of a security (detection) concern?

+1 on that...i guess they should remove that continue execution button to avoid the user clicks on it and gets infected..also we need improvements in autosandbox analysis and behaviour shield.

[motoavast]

Please add a WebRep(Browser Protection) in Maxthon 3

[hectic-mmv]

I'm wondering one thing, do you guys at avast! have that much confidence in Auto Sandbox that you're auto excluding all the stuff from Auto Sandbox that doesn't raise any supicion during actual sandboxing? Because once you click "Continue execution", the file is permanently excluded. And knowing the history, in all the time since it's introduction, it has detected 1 single documented insatance of malware based on its behavior inside Auto Sandbox.

Is it just me or i find this a bit of a security (detection) concern?

+1 on that...i guess they should remove that continue execution button to avoid the user clicks on it and gets infected..also we need improvements in autosandbox analysis and behaviour shield.

If autosandbox analyses malware behavior, it moves file into the chest automatically.

[RejZoR]

Well, judging by my observations, that is one big IF. Because till date i haven't witnessed a single malware like behavior detection and i was intentionally throwing malware at it. I still think it's not a good idea unless you made some MASSIVE changes to the behavior analysis (because right now they are non-existent).

[true indian]

If autosandbox analyses malware behavior, it moves file into the chest automatically.

I guess i and rejzor have seen only 1 such instance...can u explain how should a file inside the autosandbox behave to make autosandbox to find it as malware..cozz 99% of the time it comes out with conclusion of not enough evidence on the pieces of malwares i have tested it with and this can cause many users to run the files normally...so better remove the continue execution button.

[Asyn]

Installed over the top of AIS 7.0.1426, rebooted & suffered total loss of internet.
[...]
Any advice guys?

More info might help...
- OS..?? (32/64 Bit..? - which SP..?)
- Other security related software installed..??
- Did you try a clean reinstall with the uninstall tool yet..??

[RejZoR]

Exactly. I've never seen a single malware conclusion inside Auto Sandbox and i have never seen Behavior Shield decide that some EXE is malicious using Auto-Decide (default) setting.

I think my concern is perfectly justifiable considering i've seen many behavior blockers perform with outstanding results. Kaspersky PDM, AVG's IDP hell even old and outdated ThreatFire shows more life than avast!'s Behavior Shield ever did (i'm assuming Behavior Shield component is also responsible for Auto Sandbox analysis). Just not avast. Not when it was released with v5, not later with v6 when i expected at least something and yet another letdown during v7 release. Now the Auto Sandbox is taking the part in it and i'm seeing exactly the same pattern.
The feature and idea sounds great but i'm seeing little (or shall i say none) actual results from it.

And now that entire exclusion decision lies on the analysis that aren't even there, i'm concerned, of course.
Before you had to manually exclude, until you did that, the file was always executed inside sandbox.
Now you just slam Continue execution and here we go, executing live malware on a host system.

[true indian]

I think my concern is perfectly justifiable considering i've seen many behavior blockers perform with outstanding results. Kaspersky PDM, AVG's IDP hell even old and outdated ThreatFire shows more life than avast!'s Behavior Shield ever did

have to agree..we need avast team to wake up  and get the sandbox analysis and behav blocker working..My request is to remove the continue execution button

[lukor]

Installed over the top of AIS 7.0.1426, rebooted & suffered total loss of internet.
I get a ERROR 10045.

Hi, could you please try to open your network adapter properties and check if Avast firewall driver is properly installed. You should see a line with "avast! Firewall NDIS Filter Driver". It should be installed on all your adapters. Does it help if you would uncheck this driver (either for your ethernet or VPN connection for test).


Thanks.
Lukas.