Advice Request Avast 2017 free configuration

[Parsh]

Beautiful configurations already shared above. Let me share my settings on home PC as well.
I've my own reasons to allow or avoid 'test all files', 'follow links', 'test whole files' etc. in different scan modes. It will definitely vary by user requirements and scenarios.

General -

1. Reputation Services
2. CyberCapture (allow me to decide)
3. Hardened Mode (moderate)
4. scan for PUPs

• Need NOT have 'Aggressive Hardened mode' with VDS and SmadAV (anti-exe, AV for USB)
• Action for all detections in any mode: ASK (except for malicious websites)
• Always scan by content (not by extension) (except for Full Scan)

Smart Scan > Scan for viruses

1. Scan all files
2. Use code emulation
3. Test whole files
4. Follow links during scan

Spoiler: Explorer scan

Special Scan > Explorer Scan

1. Scan all files (all types)
2. Test whole files
3. Follow links during scan
4. Extract all packers

Spoiler: Quick scan

1. Scan all files (I try to make Quick Scans thorough and less quicker)
2. Use code emulation
3. Follow links during scan
4. Extract Packers (only famous extensions)

Spoiler: Full scan

1. (unchecked) scan all files
2. recognize by content
3. (unchecked) test whole files
4. extract packers (only famous extensions)

Spoiler: Folder scan

1. Scan all files (I scan folders mainly if I need to execute some files, need a clean chit before)
2. Use code emulation
3. Follow links during scan
4. All packers

Spoiler: USB scan

1. Scan > recognize by content (cannot trust extension manipulations)..

Spoiler: File Shield

1. Scan all files
2. extract packers (only famous extensions)
3. Use code emulation
4. Test whole files

Web Shield

1. (Additional) Warn when downloading files with poor reputation (large Avast community = large DB)
2. Scan all files
3. DO NOT test whole files (default)
4. Scan for PUPs

Firewall

1. Use separate settings for Public (ask), Private (auto-decide) network
2. Show notifications about newly created (any) rules
3. some custom system rules
4. log all blocked packets (difficult but helpful for analysing)

Sandbox

1. Assign memory/CPU/time restrictions for unsigned sandboxed processes (I've tested a rogueware that made my VM crawl at 100% CPU usage even in sandbox, hence this rule)
2. (occasional) Drop administrative rights of apps

PS: Just replaced FSecure SAFE + WFC with this AIS setup on home PC. Planning to replace VDS with CS to reduce lags and lack of control.

 

[ForgottenSeer 59295]

interesting just wondering what you meas CS?

 

[shmu26]

interesting just wondering what you meas CS?

I think he means Comodo Internet Security

 

[RejZoR]

I have a config file that you can just import, but avast! cocked it up and importing doesn't work for version 17 which is annoying. It was so easy to offer custom settings to people and now it's not working. Ugh I have no idea when they'll fix it, they don't seem to be in any hurry to fix this...

 

[shmu26]

I have a config file that you can just import, but avast! cocked it up and importing doesn't work for version 17 which is annoying. It was so easy to offer custom settings to people and now it's not working. Ugh I have no idea when they'll fix it, they don't seem to be in any hurry to fix this...

version 17 is not for geeks. It breaks too many things.

 

[Ink]

Sandbox

1. Assign memory/CPU/time restrictions for unsigned sandboxed processes (I've tested a rogueware that made my VM crawl at 100% CPU usage even in sandbox, hence this rule)
2. (occasional) Drop administrative rights of apps

Avast Manual Sandbox is not good for running software virtualised, you'd be lucky to get it to work on default settings and a normal application like Firefox.

 

[Parsh]

Avast Manual Sandbox is not good for running software virtualised, you'd be lucky to get it to work on default settings and a normal application like Firefox.

I am not sure why you said that, got to check it out!
I've switched to Avast after a long time (thanks to MT), but that's on my home PC only. Dad uses that mainly so I've not got a chance to test something inside yet. Will try it tonight. Thanks for the info.
I've KIS and SD (removed SB) on my lappy and that always feels good

 

[Ink]

I am not sure why you said that, got to check it out!
I've switched to Avast after a long time (thanks to MT), but that's on my home PC only. Dad uses that mainly so I've not got a chance to test something inside yet. Will try it tonight. Thanks for the info.
I've KIS and SD (removed SB) on my lappy and that always feels good

Q&A - Need Help to Get Apps to Run in Avast Manual Sandbox (Virtualised)

I ran Firefox under Sandbox for a few days, then it stopped working (days later) and would not load the application.

Tried to run AppFalcon in the Sandbox. First triggered by Hardened Mode so I added to Exclusions, ran again and nothing.

FYI: Manual Sandbox is available in Pro and higher, it's different to Autosandbox.

 

[Parsh]

Q&A - Need Help to Get Apps to Run in Avast Manual Sandbox (Virtualised)
I ran Firefox under Sandbox for a few days, then it stopped working (days later) and would not load the application.

Currently Opera works fine. It should then take time for even me to simulate this, if some issues are to occur.

Tried to run AppFalcon in the Sandbox. First triggered by Hardened Mode so I added to Exclusions, ran again and nothing.

And nothing - you mean it worked in SB right? It did not show a 'SB border' around for the main window, but I couldn't use Lightshot to screenshot. So AppFalcon was SB'ed well. I am using 'Moderate' Hardened mode.

Still, we get that it's not fully compatible with some apps and can break things! I'll keep away from it. Love Comodo for this part, better, if not perfect, in sandboxing.

 

[Ink]

And nothing - you mean it worked in SB right?

No, didn't run.

 

[ForgottenSeer 59295]

Thanks guys, I have added the settings from the max security thread and going to leave it like that as I don't see any performance issues, and don't feel need to put anything in exclusions.