[Guide] How to set up Avast IS for max security - Paranoid Style -

  • Thread starter Deleted member 178
  • Start date
Status
Not open for further replies.
D

Deleted member 178

Thread author
HI fellows,

As promised after doing the huge review above, it is time to set up AIS for maximum Protection (aka Umbra's Paranoid Style)

I will start by the Basic Setting:

0- Basic Setting

- Cloud Services: be sure to enable both options

xiiDrXz.jpg

- Password: Most people found it annoying or even useless, but remember some malwares/hackers could shutdown or change the setting of AIS to reduce/turn off its protection. So i suggest you to turn it on.
- Troubleshooting: those boxes are normally checked by default

zSSoeDk.jpg

we are done for the "basic settings" let go for the modules:


1- Scan Computer

Scan Now: don't touch the predefined files , they are set properly for their usage, instead we will create a custom scan, i will call it "Gatling Gun" (it kill Fast & Wide :D )

Rn5HPWa.jpg

HbwwagS.jpg

we will use "code emulation" so if a suspicious code is detected it will be tested in a virtual environment.

Code:
Use code emulation - if this box is checked and avast! detects some suspicious code in a file, it will attempt to run the code in a virtual environment to determine how it behaves. If potential malicious behavior is detected, it will be reported as a virus. Running the code in this virtual environment means that if the code is malicious it will not be able to cause damage to your computer.

We set the heuristic to "High" and enable PUP detection

Code:
Scan for potentially unwanted programs (PUPs) - you can also scan for programs which you may have downloaded unknowingly, typically programs that are used for advertising, or collecting information about your computer or internet use.

and "Follow Links"

Code:
By checking the box "Follow links during scan" you can ensure that the targets of any file system links are also scanned for potentially harmful content. If this box is checked, the content of any folder to which you would be redirected from a folder which is being scanned, will also be scanned

- Packers: We will sect all packers, many malwares are packed inside legit softwares/files
- Actions: i dont allow automatic actions, i want full control of what is detected, so i can clean things myself.

ZcQTow0.jpg


- Performance: I set max Priority for fastest speed and use the persistent cache

Eb74ECZ.jpg

we are finished, this is what it look like in the GUI

KwpGbZA.jpg

Boot-Time scan
set to high.

x7FO1Qm.jpg


2- Real-Time Shield

File System Shield

-Scan When executing: We tick all boxes
-Scan When opening: We tick "scan all"
-Scan When writing: We tick "scan all"
-Scan When attaching: We left all ticked
-Auto-sandbox: we set it to "ask"
-Exclusions: We add all folders of our other security softwares
-Advanced: We tick all
-Actions : we set each category as this -> Repair > move to chest > ask, so only me can decide to delete.

IrEVPEg.jpg

-Packers : We select all
-Sensitivity: we set as this

wFlsupV.jpg

I dont test the whole file since most malwares are coded at beginning or at the end of the file, i prefer not to slow the system.


Mail Shield

we tick "scan inbound message" & "scan outbound message"

- Main Setting: We tick all
- Behavior: We tick all except "unread message only"
- Mail Heuristic: We tick "local Iframe" and "Remote Iframe"
- Actions: we set each category as this -> Repair > move to chest > ask; and "try to remove only packed file; if it fails, remove the whole containing archive"
- Packers: all packers
- Sensitivity: we set to High, tick "code emulation" and scan for PUP


Web Shield

we enable the shield then

- Main Setting: We tick all except "scan traffic for well-known browser only"
- Web Scanning: We tick "scan all file"
- Actions: We set it to ask
- Packers: all packers
- Sensitivity: we set to High, tick "code emulation" and scan for PUP

P2P Shield

- Program: We tick all
- Web Scanning: We tick "scan all file"
- Action: we set each category as this -> Repair > move to chest > ask; and "try to remove only packed file; if it fails, remove the whole containing archive"
- Packers: all packers
- Sensitivity: we set to High, tick "code emulation" and scan for PUP

IM Shield

- Program: We tick all
- Action: we set each category as this -> Repair > move to chest > ask; and "try to remove only packed file; if it fails, remove the whole containing archive"
- Packers: all packers
- Sensitivity: we set to High, tick "code emulation" and scan for PUP


Script Shield

- Main setting: We tick all


Behavior Shield

- Main Setting: We tick all and set to ask
- Trusted Process: we put here all processes of our other security softwares.


3- Firewall

as a safe habit, all networks that is not your "home" network must be set as "public". you can't imagine how it is easy to retrieve your credentials if you are in a coffee shop with wifi connections.

- Policies: We tick all except "use separate settings..." and "Internet sharing mode" then set to "ask"
- Network Profiles: we enable automatic switching.

- Network Connection: we tick "resolve names" , "show full path" and "detailed view" for maximum readability
- Application Rules: i set most apps to "internet out" and "ask"


4- Additional Protection

Antispam

- Main Setting: We left it as this :

t1Ht7go.jpg

Sandbox

- Parameters: we tick all
- Sandbox storage: we select another partition if any.
- Web Browser: we set like this (nothing should remain in the sandbox when we close it)

YTyUzvW.jpg

- Virtualized Process: depend your taste
- Privacy: all blocked
- Internet Access: We set it to "allow certain virtualized application..." and tick "browsers"; so if you have a keylogger in your system, it will not be a ble to leaks datas.
- Safezone: We tick all and allow "only text" for clipboad sharing


Browser Protection

- Browser Plugin: we enable "Webrep" and "Phising Filter"
- Site Correct: we tick all, so we will avoid mistypes that may redirect us to fake malicious websites.


IT'S FINISH !

hope this guide may help you, if i discover new setting i will update this guide.

Thanks :D
 

McLovin

Level 76
Verified
Honorary Member
Malware Hunter
Apr 17, 2011
9,222
Very nice guide. This is like having a couple of thousand guards outside your home.
 
D

Deleted member 178

Thread author
yes it is what i felt after finishing setting it ^^
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top