Avast Hardened Mode questions

Discussion in 'other anti-virus software' started by Jarmo P, May 25, 2014.

Thread Status:
Not open for further replies.
  1. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,186
    I just activated it. Is it some sort executable control hips?

    This does not seem at all suitable to novices, but rather something for more security conscious like maybe us reading this thread? This goes out of normal AV scope for in my opinion.

    Hardened Mode set to moderate:
    I have needed to allow executables for Sandboxie and AppGuard. For AppGuard I did not get a popup. Just noticed that the GUI was prevented from running by Avast. And had to manually start AG GUI, after which it was popped up to be allowed to add.

    Why are the files written sometimes with CAPS and sometimes not?

    C:\Program Files\SANDBOXIE\Start.exe <- Notice Sandboxie written in caps
    C:\Program Files\SANDBOXIE\SandboxieRpcSs.exe
    C:\Program Files\SANDBOXIE\SANDBOXIEDCOMLAUNCH.EXE <- Notice SandoxieDcomLaunch in caps
    C:\Program Files (x86)\Blue Ridge Networks\AppGuard\AppGuardGUI.exe
    C:\PROGRAM FILES\SANDBOXIE\SbieSvc.exe <- Notice Program Files in caps
    C:\Program Files\Sandboxie\SandboxieCrypto.exe
    C:\Program Files\Sandboxie\SandboxieBITS.exe

    Should I be worried that my SBIE install is corrupted or is the problem with Avast exception list reporting?

    Also strange that as well known apps like Sandboxie and AppGuard get prompted to allow to run, in the moderate setting.

    What seems good, is that Hardened Mode seems not to conflict, so far, with SBIE. Like almost every other program whitelist control does.
     
  2. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,186
    Hmmm, maybe I should have posted in the antimalware section. No one here seems to have any knowledge to share. Anyone, any experience?
     
  3. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,273
  4. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,186
    Thank you for the link act8192.

    That is darn complicated, I have to agree with RejZor's post, sigh.

    Usually in programs there are levels of control, but with these I doubt if the terminology is even right if "moderate" is giving more prompts than "aggressive". Myself I don't even really know what DeepScreen is. To me it should be enough that there is an AV part and how it is implemented should not be something a user is demanded of knowledge.

    Also it is a bit unclear if Avast will silently block something or if it gives user a prompt everytime. Again confusion in terminology. Or if the prompt is given, is there only a limited time to respond before it disappears and the file gets blocked? Or if it is blocked at the first time and response to prompt is for the subsequent runs. The Help file is almost non existent in advice.

    I'll maybe study the innings when I feel up to it.

    Hope someone else can give light about the lower/uppercase confusion.
     
  5. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,273
    I am confused as well.
    Deepscreen used to be sandbox which apparently became a better sandbox.
    In the old one there was an option to Ask on alert. Deepscreen has no Ask. They'll just block. And exception list doesn't work, at least for me.
    To complicate matters, Deepscreen behaves dirrerently when Reputation is or is not enabled, ' cause it uses cloud db.
    I used hardened mode for a bit, and that just added to the variables to understand, check and maintain.
    There is no user guide nor a decent Help file and the settings are burried in odd places.
    I actually got so fed up with this confusion when I couldn't run something totally safe and known, that I uninstalled Avast and have no antivirus running at all at this point. I do have few logs saved, so if you tell me in what log you saw the upper/lowe case, I'll look at mine.
     
  6. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,186
    capture_001_26052014_233700.jpg
    It is not a log file. Above is screencapture of my settings window (in finnish language). I just copy/pasted them exception by exception to my original post.

    Btw I might also go disable the Hardened Mode (Puolustustila in finnish ... actually perhaps not a best made translation word decision), since it is so undocumented. It is not anyways avast! default setting.
     
    Last edited: May 26, 2014
Loading...
Thread Status:
Not open for further replies.