Avast Sandboxing and Injection

Discussion in 'other anti-virus software' started by qakbot, Oct 6, 2012.

Thread Status:
Not open for further replies.
  1. qakbot

    qakbot Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    380
    I have been looking online for this answer but don't seem to be able to find anything other than people having problems with Avast sanboxing.

    My question - Most sandboxing technologies can virtualize file and registry modifications. Thats easy, you just re-direct to an alternative area of the file/registry and the application still think its accessing the real areas when in fact its accessing the virtualized areas. But a lot of malware will inject into another process. How does Avast virtualize and injection. Can it ?

    If it can't do this, then the sandboxing/virtualization in Avast is fairly useless for a large percentage of today's malware

    Thanks.
     
  2. vlk

    vlk AV Expert

    Joined:
    Dec 26, 2002
    Posts:
    618
    It does, using a number of techniques. Feel free to try it out.
    There's also some changes in this respect in the upcoming R5 version (whose beta is now publicly available) so you may want to try that out as well.

    Thanks
    Vlk
     
Loading...
Thread Status:
Not open for further replies.