FastStone Image Viewer opens then closes with red box around app

[auutumn]

Before using Avast 7 Free, I could launch FastStone without incident but after installing Avast 7 Free, when I laucnh the app, there's a red line around the outside of the applicatin and after 30 seconds or so, the app automatically closes. Any idea how to fix this?

[CraigB]

You should have seen a popup from avast asking if you want to run this program inside the sandbox, click on the drop down inside the popup and choose to run normally then re open Faststone.

[DavidR]

Ensure that the avastUI, Additional Protection, AutoSandbox, Settings, is set to Ask, so you will see the interaction and be able to choose, Run Normally and check the Remember my answer for this program option, see image, click to expand.

This will exclude it from future autosandbox interaction, before doing this you have to be sure that the file is clean and was installed by you from a known reputable source.

[CraigB]

David I managed to apply the run normally option inside the auto sandbox set to auto for faststone image viewer, the function does work correctly.

[DavidR]

The main problem is that in the avast 7.0.1407 version the AutoSandbox, default is Auto decide, so unless the OP wouldn't know that nor the significance of the Red border (application is sandboxed).

[CraigB]

What im concerned about is that the OP did not mention the file rep checking process which for me mentioned not enough information or something like that then you get the sandbox popup option where you choose to run this program normally next time  ( as i did )

[DavidR]

If Faststone had already been installed or on the system then there wouldn't have been any File Rep intervention. I believe it is currently used to prevent the download of suspect software and if allowed, then it is run in the autosandbox. I don't know if the file rep will subsequently be extended to the files already on the system.

[richo]

File rep does check files already on the system. I have seen this happen. Seems to me quite a few programs have to be excluded from the auto sandbox for them to function correctly.

[DavidR]

That doesn't mean it is the file rep that is at work.
I made the comment on it 'currently only working on downloads, based on what one of the avast developers said in a previous post.

The autosandbox process is controlled in the first instance by the file system shield (FSS), the suspect.exe file is scanned before it is allowed to run. If it were infected, it could/should be detected by the FSS, so one reasonable thing in its favour is it hasn't had a definitive detection, but requires further analysis.

However, the FSS checks other things amongst those a) is the file digitally signed, b) its location and what it does (this is done in the emulation check). these can trigger a suspicion and it is this suspicion that results in the recommendation to use the autosandbox.

If the Fire Rep is now enabled on the system I would expect to see a File Rep pop-up, like that on the web when downloading, image1. If the user opts to download it is then analysed in the autosandbox, image2, followed by the result of that analysis, image3.

[Mundungas]

Very nice analysis and explanation here I too have FastStone Image Viewer and it was already installed prior Avast 7. And as the default for the AutoSanbox was autodecide it alutomatically analyzed FastStone --in red border(in 9 sec) and determined that it was no trace of malware etc. That pop-up informed me that it was not set to "Ask".

[DavidR]

Well looking back on this images, it is showing a local location, so it appears that it is now implemented in the avast7 Regular release. EDIT an error in my thinking as the local reference is actually for the Browser which downloaded it, not that it already was on the system.

I would imagine that the faststone wouldn't trigger the file rep as there are probably enough instances of it for it not to be new or very rare. So this would be likely to have been the file system shield referring it to the autosandbox.

Yes the 7.0.1407 build had the autosandbox set to Auto mode and not Ask, so the user would have to change that if they wanted to have more control. It may be that in is changed back to Ask as the default.