This site is for Avast Business products only. For articles on AVG Business products, see AVG Business Help. If you are in the right place but cannot find what you are looking for, please contact Avast Business Support for further assistance.


This Article Applies to:

  • Avast Business CloudCare


Sandbox is a virtualization tool in Avast Business Antivirus that allows you to browse the web or run applications in a virtual, safe environment that is completely isolated from the rest of your PC's system. This feature is useful when you want to run suspicious or untrusted applications without risk.

When you run an application in Sandbox, all necessary files are always copied to Sandbox storage where they can be modified as needed without affecting the original files. Any new files created during virtualization are also saved to Sandbox storage. Sandbox storage is a file space completely isolated from the rest of your system and other Sandboxes. By default, Sandbox storage is created in the same drive as the original file.

Sandbox is not available for macOS devices.

Sandbox Storage Tab

Specify where Sandbox storage is created, choosing either the same drive as the modified file or on a specific drive.

Web Browsers Tab

In this section, you can optimize virtualization and storage settings for browsers run in Sandbox.

Exclusions: you can enable specific check boxes to specify browser options that should not be virtualized. Your options include All settings and components, Bookmarks, History, and Cookies.

Maintenance: you can save virtualized files for web browsers only to improve web browser performance in the sandbox. These cached contents can be deleted at any time, or automatically if you enable the check box and choose either every x number of days, every week on a specific day of the week, or every first chosen day of the week occurring each month.

Virtualized Processes Tab

In this section, you can create a list of applications or folders containing applications for Sandbox to automatically virtualized. You can add an application or folder by entering the path to the application or folder and clicking Add.

Privacy Tab

In this section, you can specify the locations that should not be accessed by virtualized applications.

Private pre-set locations: by default everything in this predefined list is blocked, but you can choose to allow anything in the list by clicking the Allowed button beside it.

Private custom locations: you can define your own locations to be either allowed or blocked by typing in the exact location path, choosing the permission, and clicking Add.

Exclusions Tab

Configure the list of locations that are not virtualized by entering the exact file location path to be excluded. These exclusions will only apply when Sandbox is used to virtualize potentially infected files, and will ensure the specified locations are not brought into the virtualized environment.

For more information on standard and component-specific exclusions, see Configuring Antivirus Exclusions.

Internet Access Tab

Specify whether to allow all or selected virtualized applications to access the internet, or to block internet access for all virtualized applications. For applications besides web browsers, you can enter the folder name into the text box and click Add.