But you also cannot right-click or otherwise copy the object on which Avast alerted. You have to manually copy down the path and filename which is obviously error prone. Nor can you use their browse dialog to point at the file since it only lets you select folders. It isn’t just that the procedure is made difficult but also rather convoluted and entirely manual. The process is belated is that you don’t get a choice at the time of the alert. You have to expend further time and effort.
This is like, yes, you still maintain ownership of your vehicle after it has been towed but you’ll have to go to the nuisance of getting another ride to go pick it up from their lot. Possible? Yes. Rational or with conception towards ease-of-use? No. Do you really continue using something that is more difficult to use than something else equally as good? I like Avast but nuisances can amass to a point where the user just has to go somewhere else if they don’t want excessive interference with the use of their property.
That I didn’t realize. So you’re saying if Avast blocks access to a file (and it’s not in the quarantine chest) that I have to do a reboot to regain access to it? Hmm, that would explain why on every reboot I was seeing Avast complain again about this same false positive. I did find out that disabling Avast got rid of the block but running Avast continously disabled would defeat the purpose for its installation. So the unauthorized (or unintentional) block is a per-Windows session or per-login block and that’s why it is probably not discoverable inside of Avast’s UI. Okay, but that doesn’t mean that I still don’t want to see on what Avast is blocking while I’m using my computer. Guess that’s a feature request: let me see what you’re blocking now.
Too bad Avast doesn’t give me an option in their alert dialog that lets me Ignore Once or Ignore Always (where the later adds an exclusion). When presented with the limited and negative options available in their popup, and with none of them what I want, I X’ed the dialog to close it but nowhere does Avast announce that this results in a default action of blocked.
Actually that was because I thought the log was really reporting what event happened and what action was performed. That’s not the case. The Action field is a drop-down list of what action you want to perform NOW, not what got performed when the event got recorded in the log and what action was performed back then.
That applies only when scanning; i.e., during an on-demand scan. There is no continual scanning of files by the on-access scanner (due to the impact in responsiveness and usability of the host) yet this exclusion list is used by both the on-access (real-time) and on-demand scanners. Adding an item to the exclusion list is not just about speeding up an initiated or scheduled scan (on-demand). It’s also used to keep the on-access scanner from alerting on files the user is or will be accessing or using.
I don’t see how that would help with the exclusion list. For now, it looks like I have to use SRPs (software restriction policies) to allow reading from a folder or file but not writing to it. I can define hash rules for an SRP and there is no speed penalty. Alas, hash SRPs only apply against files, not against all files currently in a folder (and its subfolders). The problem with SRPs is that you can decide whether to block or allow on a file but not on non-existing files that show up later in a folder (that you’ve excluded in Avast). Looks like I need some additional security software to let me have better control over what I exclude from Avast.
In continuing to use Avast, I’ll have to get used to this hodge-podge mechanism of manually adding exclusions (by looking in different places in the UI) and of having to disable and reenable Avast when I find it is blocking access to a file that isn’t identified in a block list within Avast.
Thanks for replying.