How to setup Avast Internet Security for Maximum Protection (2016 Guide)

  • This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.
Official website
https://www.avast.com/en-eu/index

Jack

Administrator
Staff member
Jan 24, 2011
8,691
Operating System
Windows 10
Installed Antivirus
Default-Deny
#1
Avast Internet Security 2016 offers a great level of protection on its default settings. However, there are a few settings which you can change to increase even more the protection offered by Avast Internet Security 2016.


This guide should also cover Avast Premium 2016, and some settings should apply to Avast Free 2016.

AVAST IS.jpg


1. Enable Potentially Unwanted Programs (PUP's) detection
A PUP (potentially unwanted program) is a program that may be unwanted, such as spyware, despite the possibility that users consented to download it. This usually includes: toolbars, browser hijackers or adware (ad-supported software)
  1. Open Avast, then click on Settings (gear icon)

    0.jpg

  2. In the "General" tab, select "Scan for potentially unwanted software (PUPs)".
1.jpg

2. Enable Avast Hardened Mode
Hardened Mode is designed to make protection tougher without interfering with the computer usage much.
Avast by default checks suspicious files with DeepScreen within virtual environment to see how they behave. But if you use Hardened Mode, it starts to behave a bit differently.
  • Hardened Mode: Moderate
    Under normal conditions, if Avast decides that some file is too suspicious by various characteristics, it then throws it into the DeepScren for further scanning. But if Moderate Hardened Mode is enabled, Avast automatically blocks files that are detected as suspicious by preliminary analysis.
    In most cases DeepScreen checks the file and if it doesn't find obvious malicious problems with it, those files are started automatically after analysis. But Hardened Mode (Moderate) blocks it right there.
  • Hardened Mode Agressive
    This mode behaves a bit differently. It actually relies on analysis on a very small scale and mostly relies on a huge whitelist database located in Avast Cloud. If file is located within the cloud and flagged as safe, it will allow to run it. If it's not found or marked as bad, it will block it. So, at least based on my experience, Aggressive Mode is actually much more secure and also a lot less intrusive. Only time that it will cause problems is with some very rare old software or very very new software that isn't used by thousands of users. Usually some very specialized programs used by only few users.
    Moderate mode often feels a bit too paranoid (despite its name) because it often blocks safe programs just because they exhibit local suspicious file characteristics that are basically ignored by the Aggressive mode.

To enable Avast Hardened Mode:
Open Avast, click on Settings (gear icon), then in the General tab, check "Enable Hardened Mode".
You may use Moderate or Aggressive mode. I do recommend the Aggressive mode.
3.jpg


3. Enable "Warn when downloading files with poor reputation"
Avast offers a settings which warn you when you are downloading a file with a low reputation with the Avast network.

To enable "Warn when downloading files with poor reputation":
  1. Open Avast, click on Settings (Gear Icon), then on Active Protection tab and click on Customize in the Web Shield field.
    6.jpg
  2. In the Web Shield settings,please check Warn when downloading files with poor reputation.
    4.jpg

These are the recommended settings for most users. In the next part we will cover some settings which may increase the level of protection, however they may also produce false positive detection.
The below settings are recommend for experienced users only. Not recommended for most Avast users.

Increase the Sensitivity level of Avast.
  1. Open Avast, click on Settings, then on Active Protection and click on the "Customize" link to the Files System Shield field.
    7.jpg
  2. In the Files System Shield settings, click on Sensitivity, then in the "Heuristics" and "Suspicious Behavior (HIPS)" sections, set the level to High.
    9.jpg
  3. Next, we will increase the Sensitivity level for Avast's "Web Shield".
    1. Open Avast, click on Settings, then on Active Protection and click on the "Customize" link to the Web Shield field.
    2. In the Web Shield settings, click on Sensitivity, then in the "Heuristics" section, set the level to High.
    10.jpg

If at any point you wish to revert to the default Avast Internet Security 2016 settings, open the Avast "Settings" menu by clicking on the gear icon in the top right corner.
In the General tab, click on "Troubleshooting" option, then in the "Restore factory defaults" field, click on the "Reset now" button.
reset.jpg

That's it. If you know other settings which will increase the level of security offered by Avast Internet Security 2016, please post them in this thread.
 
Last edited:
May 7, 2016
966
Operating System
Windows 10
Installed Antivirus
Avast
#2
Enabled Site Blocking is a very handy option to manually put Phishing sites to balcklisted but it is for only Advance users not made for Most users.
 

Jack

Administrator
Staff member
Jan 24, 2011
8,691
Operating System
Windows 10
Installed Antivirus
Default-Deny
#3
Enabled Site Blocking is a very handy option to manually put Phishing sites to balcklisted but it is for only Advance users not made for Most users.
Phishing campaigns rely on new and fresh web pages, basically a "decent" phishing page won't stay up for more than 24 hours. So, manually adding (each day) links won't help you that much. As far as I can tell this feature was meant to be used more as a "Parental Control", rather than to improve protection.
 

shmu26

Level 57
Jul 3, 2015
4,680
Operating System
Windows 10
Installed Antivirus
Microsoft
#4
HIPS on level 3 prevents macrium reflect from running a scheduled backup, unless you are there to manually allow it.
any way around this problem?
 

jamescv7

Level 61
Verified
Mar 15, 2011
12,660
Operating System
Windows 10
Installed Antivirus
Microsoft
#5
@shmu26: Maybe try to exclude through global settings since the suspicious HIPS does not have configuration for exclusion.

Link
 
L

LabZero

Guest
#6
Thanks for sharing: awesome guide!
Finally I moved to Avast Free with these settings.
Only encountered problems with hardened mode flagged on aggressive mode related to Shadow Defender blocked when It started on boot and the update process of ProcessLasso.
Added to the exclusion list and now it is ok.
 
Last edited by a moderator:
Y

yigido

Guest
#7
I just saw this guide :) Well explained for even novices.
@Jack can you please make the settings for "privacy concerned" guys? I wonder that. Thanks
 

XhenEd

Level 27
Content Creator
Verified
Mar 1, 2014
1,636
Operating System
Windows 10
Installed Antivirus
Default-Deny
#8
Credits goes to Rejzor for the Hardened Mode explanations. :)
 
Oct 22, 2012
4,055
#9
I would advice novices to not enable WebShield option "Warn downloading files with poor reputation".

I have talked quite a few times on Avast forum & with Rejzor on Wilders too on "Warn downloading files with poor reputation" & "Hardened Mode" i.e those options & Windows Updates.
"Warn downloading files with poor reputation" may block/warn on Windows Updates files And average users could be in prob like the recent Avast & Win 10 updates prob i.e it was due to "Warn downloading file............" option enabled by the user & aborting the connection on the alert by the users.
I too have experienced it blocking Windows Updates when I use to run Avast with the option enabled.

Hardened Mode would not affect Windows Updates or guess nothing reported as such or as per Rejzor would not affect Windows Updates especially "Aggressive Mode" as it uses Avast Whitelist And Rejzor has systems with Hardened Mode enabled "Aggressive Mode" & never experienced it.
 

Evjl's Rain

Level 32
Verified
AV-Tester
Apr 18, 2016
2,121
Operating System
Windows 8.1
Installed Antivirus
Avast
#11
hi everyone. Do you know how to properly config avast sandbox to make it less restricted to sandboxed apps? I'm not able to run any browser in the sandbox. I can't even run IE. It terminates itself after 10 seconds
Thank you
 
Last edited:
Jul 6, 2015
658
Operating System
Windows 10
Installed Antivirus
Avast
#12
I would advice novices to not enable WebShield option "Warn downloading files with poor reputation".

I have talked quite a few times on Avast forum & with Rejzor on Wilders too on "Warn downloading files with poor reputation" & "Hardened Mode" i.e those options & Windows Updates.
"Warn downloading files with poor reputation" may block/warn on Windows Updates files And average users could be in prob like the recent Avast & Win 10 updates prob i.e it was due to "Warn downloading file............" option enabled by the user & aborting the connection on the alert by the users.
I too have experienced it blocking Windows Updates when I use to run Avast with the option enabled.

Hardened Mode would not affect Windows Updates or guess nothing reported as such or as per Rejzor would not affect Windows Updates especially "Aggressive Mode" as it uses Avast Whitelist And Rejzor has systems with Hardened Mode enabled "Aggressive Mode" & never experienced it.
I have set up avast using @Jack reccomendations and found it to be no more intrusive than it was before "Tweaking" it
The only issue i do have is with Web shield slowing my browser down slightly but i guess thats the price to pay if you want safe browsing.
I find that the only time i get the poor reputation popup/warning is when i'm on a download site that seems to bundle software with crap!
As for windows update i have not had any issues "yet" !