[Guide] How to set up Avast IS for max security - Paranoid Style -

Discussion in 'Avast' started by Umbra, Feb 2, 2013.

  1. Umbra

    Umbra Moderator
    Staff Member

    Joined:
    May 16, 2011
    Messages:
    15,956
    Likes Received:
    22,717
    OS:
    Windows 10
    AV:
    Default-Deny
    HI fellows,

    As promised after doing the huge review above, it is time to set up AIS for maximum Protection (aka Umbra's Paranoid Style)

    I will start by the Basic Setting:

    0- Basic Setting

    - Cloud Services: be sure to enable both options

    [​IMG]

    - Password: Most people found it annoying or even useless, but remember some malwares/hackers could shutdown or change the setting of AIS to reduce/turn off its protection. So i suggest you to turn it on.
    - Troubleshooting: those boxes are normally checked by default

    [​IMG]

    we are done for the "basic settings" let go for the modules:


    1- Scan Computer

    Scan Now: don't touch the predefined files , they are set properly for their usage, instead we will create a custom scan, i will call it "Gatling Gun" (it kill Fast & Wide :D )

    [​IMG]

    [​IMG]

    we will use "code emulation" so if a suspicious code is detected it will be tested in a virtual environment.

    Code:
    Use code emulation - if this box is checked and Avast! detects some suspicious code in a file, it will attempt to run the code in a virtual environment to determine how it behaves. If potential malicious behavior is detected, it will be reported as a virus. Running the code in this virtual environment means that if the code is malicious it will not be able to cause damage to your computer. 
    We set the heuristic to "High" and enable PUP detection

    Code:
    Scan for potentially unwanted programs (PUPs) - you can also scan for programs which you may have downloaded unknowingly, typically programs that are used for advertising, or collecting information about your computer or internet use. 
    
    and "Follow Links"

    Code:
    By checking the box "Follow links during scan" you can ensure that the targets of any file system links are also scanned for potentially harmful content. If this box is checked, the content of any folder to which you would be redirected from a folder which is being scanned, will also be scanned
    - Packers: We will sect all packers, many malwares are packed inside legit softwares/files
    - Actions: i dont allow automatic actions, i want full control of what is detected, so i can clean things myself.

    [​IMG]


    - Performance: I set max Priority for fastest speed and use the persistent cache

    [​IMG]

    we are finished, this is what it look like in the GUI

    [​IMG]

    Boot-Time scan
    set to high.

    [​IMG]


    2- Real-Time Shield

    File System Shield

    -Scan When executing: We tick all boxes
    -Scan When opening: We tick "scan all"
    -Scan When writing: We tick "scan all"
    -Scan When attaching: We left all ticked
    -Auto-sandbox: we set it to "ask"
    -Exclusions: We add all folders of our other security softwares
    -Advanced: We tick all
    -Actions : we set each category as this -> Repair > move to chest > ask, so only me can decide to delete.

    [​IMG]

    -Packers : We select all
    -Sensitivity: we set as this

    [​IMG]

    I dont test the whole file since most malwares are coded at beginning or at the end of the file, i prefer not to slow the system.


    Mail Shield

    we tick "scan inbound message" & "scan outbound message"

    - Main Setting: We tick all
    - Behavior: We tick all except "unread message only"
    - Mail Heuristic: We tick "local Iframe" and "Remote Iframe"
    - Actions: we set each category as this -> Repair > move to chest > ask; and "try to remove only packed file; if it fails, remove the whole containing archive"
    - Packers: all packers
    - Sensitivity: we set to High, tick "code emulation" and scan for PUP


    Web Shield

    we enable the shield then

    - Main Setting: We tick all except "scan traffic for well-known browser only"
    - Web Scanning: We tick "scan all file"
    - Actions: We set it to ask
    - Packers: all packers
    - Sensitivity: we set to High, tick "code emulation" and scan for PUP

    P2P Shield

    - Program: We tick all
    - Web Scanning: We tick "scan all file"
    - Action: we set each category as this -> Repair > move to chest > ask; and "try to remove only packed file; if it fails, remove the whole containing archive"
    - Packers: all packers
    - Sensitivity: we set to High, tick "code emulation" and scan for PUP

    IM Shield

    - Program: We tick all
    - Action: we set each category as this -> Repair > move to chest > ask; and "try to remove only packed file; if it fails, remove the whole containing archive"
    - Packers: all packers
    - Sensitivity: we set to High, tick "code emulation" and scan for PUP


    Script Shield

    - Main setting: We tick all


    Behavior Shield

    - Main Setting: We tick all and set to ask
    - Trusted Process: we put here all processes of our other security softwares.


    3- Firewall

    as a safe habit, all networks that is not your "home" network must be set as "public". you can't imagine how it is easy to retrieve your credentials if you are in a coffee shop with wifi connections.

    - Policies: We tick all except "use separate settings..." and "Internet sharing mode" then set to "ask"
    - Network Profiles: we enable automatic switching.

    - Network Connection: we tick "resolve names" , "show full path" and "detailed view" for maximum readability
    - Application Rules: i set most apps to "internet out" and "ask"


    4- Additional Protection

    Antispam

    - Main Setting: We left it as this :

    [​IMG]

    Sandbox

    - Parameters: we tick all
    - Sandbox storage: we select another partition if any.
    - Web Browser: we set like this (nothing should remain in the sandbox when we close it)

    [​IMG]

    - Virtualized Process: depend your taste
    - Privacy: all blocked
    - Internet Access: We set it to "allow certain virtualized application..." and tick "browsers"; so if you have a keylogger in your system, it will not be a ble to leaks datas.
    - Safezone: We tick all and allow "only text" for clipboad sharing


    Browser Protection

    - Browser Plugin: we enable "Webrep" and "Phising Filter"
    - Site Correct: we tick all, so we will avoid mistypes that may redirect us to fake malicious websites.


    IT'S FINISH !

    hope this guide may help you, if i discover new setting i will update this guide.

    Thanks :D
     
  2. McLovin

    McLovin Level 57
    Trusted AV Tester

    Joined:
    Apr 17, 2011
    Messages:
    8,493
    Likes Received:
    4,686
    OS:
    Windows 10
    AV:
    Trend Micro
    Very nice guide. This is like having a couple of thousand guards outside your home.
     
  3. Umbra

    Umbra Moderator
    Staff Member

    Joined:
    May 16, 2011
    Messages:
    15,956
    Likes Received:
    22,717
    OS:
    Windows 10
    AV:
    Default-Deny
    yes it is what i felt after finishing setting it ^^
     
  4. Akash209

    Akash209 New Member

    Joined:
    Feb 11, 2013
    Messages:
    214
    Likes Received:
    9
    Nice dude..!
     
Loading...
Other threads that you may like Forum Date
Windows 10 [Guide] How To Upgrade & Clean Install using Official Windows 10 ISO Operating Systems Aug 5, 2015
Avoid Malware [Guide] Safety Precautions to Setup and Install a 3rd Party Software in Windows Avoid Malware Jan 30, 2012
How to remove Security Protection, Malware Protection and Spyware Protection [Guide] Malware Removal Guides Jun 18, 2011