Avast and development C++ environment

[Dariusz]

Hello

I'm struggling a little with avast. Each app I code/change in source causes avast to go bananas and throw a fit. Would it be possible to other than having that pop-up menu allowing me to start the app, to also have an option to add it to exclude list? It's a bit painful having to add lots of apps to exclude list so that I don't have to be pestered by avast security... Atm its manual job, copy app path, add exclude. Can we have add to exclude on the pop up as well?

Edit, ok I just re-read the popup, it says add Exclusion, but that exclusion vanishes the second I change source code and recompile app...

Regards
Dariusz

[Asyn]

As you're a developer, read here...

-> https://support.avast.com/article/229/
-> https://support.avast.com/article/228/

[Dariusz]

Hey

This seems a bit further down the line as to when I have a product I want to release. I'm in dev stage. Unless you want me to send 40apps to them a day that I'm testing/trying ?

I need the popup window to actually add a file to exclude list when I cliuck to allow/add exclusion. This does not happen now.

[igor]

Can you put the file (or even the build output folder) into the list of global exclusions?

[Dariusz]

Can you put the file (or even the build output folder) into the list of global exclusions?

I've been doing that for 3 years now. I'm sick and tired of it. All I need is for this to actually do what its say its gonna do. "ADD AN EXCLUSION" That wont dissapear after I change source code!!!!


https://pasteboard.co/J5A6Jlm.png

[Dariusz]

Bump, can we get the add exception to actually add exception, please?

[igor]

The exclusion from this window is - intentionally - bound to the specific content (hash).
I can see that this is not the usual DeepScreen/CyberCapture notification (which I assumed you were talking about) - that's Hardened Mode. And Hardened Mode is exactly this - allowing only known or trusted executables to be started. It's not really meant for development environment - but rather for non-technical users, or strict environment where the program shouldn't change. So here I'd probably advice to disable the Hardened Mode on the development machine.

However, placing the file or folder (or even a higher folder if you have a "Projects" folder where you build your apps) into global exclusions should also work.

[Dariusz]

The exclusion from this window is - intentionally - bound to the specific content (hash).
I can see that this is not the usual DeepScreen/CyberCapture notification (which I assumed you were talking about) - that's Hardened Mode. And Hardened Mode is exactly this - allowing only known or trusted executables to be started. It's not really meant for development environment - but rather for non-technical users, or strict environment where the program shouldn't change. So here I'd probably advice to disable the Hardened Mode on the development machine.

However, placing the file or folder (or even a higher folder if you have a "Projects" folder where you build your apps) into global exclusions should also work.

Hey

I very much like the hardened mode, it helped me stop quite a few programs from running in the background. Those pesky auto-updates that silently kick-off when no1 is watching, etc etc.
So I'd like to keep it. Is there really no way to add another option to that pop up menu to add file permanently?

I don't want to whitelist folder, that feels like security issue + I'd have to white list A LOT of folders.

Regards
Dariusz

[Leo3487]

You have not organized your machine
Do not hava a folder PROJECTS or so from where hang all other folders for each of your programs?

[Dariusz]

You have not organized your machine
Do not hava a folder PROJECTS or so from where hang all other folders for each of your programs?

Well yes and now. Perhaps we should not have to whitelist the entire project/folder structure and open them to attacks and just do what the pop-up window says it would do? Add the exception?

[Dariusz]

Bump.

[igor]

I'm afraid we don't want to add a "full exclusion" option into that toaster - that goes against its idea (on contrary, making all exclusions hash-based would make more sense to me). Similarly, we don't wanna add that option into a regular detection toaster, even though it has been asked many times. Having that option in the toaster makes it easy to either misclick, or to add the exclusion because the user "thinks" the file is safe. In a sense, having to go to the settings and enter the exclusion manually is a "filter", making it harder for completely-non-technical users to do what they probably shouldn't.

Yes, I admit in your case it doesn't work very well - but you're a special case, and making it better for you would make it more dangerous for most of the other users.
While I'm happy you like the hardened mode, a developer's machine really isn't the expected environment.
I guess a possible solution would be to make it possible to enter a wildcarded exclusion for Hardened mode only (i.e. that exclusion wouldn't apply to shields or scans)... maybe that happens one day if the exclusion-related interface is reworked.

[Dariusz]

Hello

I see, thank you for the information.

So what about checkbox in avast settings that would say "Developer mode" + "Treat add to exclusion as permanent" and thus allow for dev people to use it without pain? Surely if basic user don't go to settings to add manually exclusions, he won't go to settings to enable developer mode? Or perhaps let us set up config file/pass arguments to avast start to enable it as "behind the scenes" feature that basic people definitely wont use ever ever ever ?

[Dariusz]

Bump

[Asyn]

Well, Igor made it quite clear already. You can't expect a tailor-made AV, just for your needs.