This setting confuses me me somewhat. By default it isn't enabled yet when you query the setting it is recommended for inexperienced users? To this end should it therefore not be enabled by default or are Avast under the impression that the majority of their users are experienced? Also, can someone explain what exactly the hardening does because I cannot find a detailed description of this settings accomplishments? I know RejZoR uses it, can you oblige?
Well, if the system will be used by a casual user who pretty much only browse the web, listens to music, watches movies and here and there plays a game, Hardened Mode will work great. You can basically enforce a system lockdown with it if you also password protect avast! so it's pretty much impossible to infect it (Aggressive Mode). Works great for my sister, she mostly uses certain photo editing apps and browses the web along with multimedia. She hardly ever installs anything though that doesn't mean she doesn't do that. It should also work great for elderly people. So it certainly has its uses. Hell, even i use it on my Windows 8.1 tablet because i don't install much there so it never gets in the way, but offers great protection. As for both modes... Moderate will just block any file that invokes DeepScreen, even if it would not get detected/blocked after completed analysis. So, the DeepScreen analysis don't really matter here, if file has characteristics supsicious enough to ttrigger DeepScreen, it will get blocked entirely. Aggressive however relies more on digital signatures and whitelists along with cloud info. Which is often actually less aggressive than Moderate mode and causes less blocking. At least from my experience like half a yeara go if not more already. It will basically block anything and everything that isn't strictly on avast!'s list of safe files/programs. And the database is apparently quite extensive because you really have to dig a very unpopular app for Hardened mode to block it.
Thanks for the updates/info. So we talking effectively of an in-built HIPS then? I'll set mine to aggressive and run with it. Thanks again!
It is not working so well with Sandboxie for instance. I have tried hardened mode before with aggressive mode and got into popups. I tried again because of your post RejZor and same happens. It is in my opinion not so suitable for us running SBIE and not wanting to get into a popup troubles. I disabled it again.
I don't use SBIE when I use Avast on my main PC, I use their sandboxing instead. I have SBIE on my VM's and no AV.
Well, you have to understand that Sandboxie changes everything and casual users usually don't use such programs. With some tweaking and exclusion of certain Sandboxie folders i'm sure it would be possible to make it working.
It is not about tweaking or any such stuff in Sandboxie settings. It is about that the hardened mode does not recognize many of the essential processes SBIE needs to run. They need to be allowed with the popups from avast! and I am not going to go into that whitelisting ever again. Perhaps it is the problem that Sandboxie needs to be updated so often when say browsers are updated etc. That hardening mode is just a nuisance with it. Not that I know if frequent updates cause the issue or it is some incompatibility issue in general. Would be nice if you went and searched out what it is.
Not Sandboxie settings, avast! settings. You need to exclude certain SBIE elements. Also be aware that if you'r etalking for the latest SBIE released no that long ago, the reason lies in that fact. Every time files are very new, avast! will react like that until files become more known within avast! cloud "community".
I am a new user to Avast, installed with moderate harden mode. It keeps popping up messages saying file has been blocked but I can allow it. What puzzles me is that it finds programs on my system which have not been run for years, (but I need to keep in order to be able to open the files created by it , should the need arise (e.g taxcalc 2009.exe, used to prepare my 2009 tax return). I am even getting warnings about files I do not think I still have (since I uninstalled them). Why warn me or even block execution of files that have not been started and may not be installed. Or is my system (windows XP) infected in some way that means it tries to run almost every .exe file on the disc (but not all). Also the pop up is there for such a short time that I do not have time to find out enough to decide whether to authorise execution. Will this be solved by cancelling hardened mode, and if so, what would I lose