AVAST antivirus developers strive for perfection in malware detection. Cybercriminals do not rest with their evil schemes to take advantage – mostly economical – over poor users. Always, but especially since version 8 of AVAST, we have improved the detection of recently discovered malware by trying to identify them before our users are threatened.
The AutoSandbox technology allows suspect processes to run inside of the avast! Sandbox, which is a completely isolated environment from where nothing can leave, trapping an eventual infection and blocking further harm to the system.
The AutoSandbox is used to monitor all files and Windows Registry operations
- that attempt to hook into running processes
- make changes in system components
- exploit and hide network connections
- attempt to disable the antivirus protection or Windows firewall, and so on.
The fundamental engine of this process are the generic virus signatures. They are like the fingerprints of a virus which allow them to be discovered. AVAST adds nearly 2,000 virus signatures each day to its virus definition updates. Generally, a single signature can identify multiple malware. A single malware can also be detected by several of the virus definitions of our database. Through our avast! CommunityIQ, almost 200 million users worldwide give us up-to-date information and we detect more than 50,000 new infections daily. The number of different malware analyzed daily by our Virus Lab reaches 40,000.
DeepScreen for potential threats Read more…
The avast! Sandbox is a special security feature which allows you to run potentially suspicious applications automatically in a completely isolated environment. Programs running within the sandbox have limited access to your files and system, so there is no risk to your computer or any of your other files. This feature is connected to the FileRep cloud feature which identifies new files for additional analysis. So now we are able to warn you even before we have had the opportunity to examine this malware in our Virus Lab.
Here’s how it works: By default, if an application is started and avast! detects anything suspicious, it will automatically run the application in the Sandbox. The advantage of running an application in the Sandbox is that it allows you to check suspicious applications while remaining completely protected against any malicious actions that an infected application might try to perform.
The browser or other application will then open in a special window with a red border, indicating that it is being run inside the Sandbox. When the Sandbox is closed, it will be restored to its original state and any downloaded files or changed browser settings will be automatically deleted.
You can change the AutoSandbox settings, so that avast! will ask you first before putting an application in the Sandbox. In the settings, the AutoSandbox can also be disabled completely, or you can specify any files or applications that should be excluded and never run automatically in the Sandbox. In the “Browser Protection” tab, you can further specify that your browsers should always be run in the Sandbox to ensure you are protected while surfing the web.
To learn more about the AutoSandbox, please read our previous blog, AutoSandbox – why are you annoying me?
You can ask questions, make comments, learn about security issues, or just say hello on our avast! Antivirus page on Facebook. Over 2 million people have “liked” us. Will you please Like avast! today?