I recently switched from Bitdefender to Avast. Avast seems to do a good job, is invisible (no ads every minute) and so far, does not have false positive detection on my binaries (GeeXLab, FurMark, GPU Caps Viewer, GPU Shark, and so on… — update: in fact, it has false positives!). Avast seems to be a solid antivirus except that window that appears each time I try to execute a freshly compiled executable:
Really, really annoying!
What is it?
It’s an Avast feature called CyberCapture that performs a 15 seconds scan on any new executable:
In a nutshell, CyberCapture is a cloud-based smart file scanner. Rather than relying on the latest definition updates, CyberCapture isolates suspicious files in a safe environment and automatically establishes a two-way communication channel with the Avast Threat Labs for immediate analysis. This allows us to clear away all the false code, misdirection, and other stuff malware creators use to mask malware’s true intentions. By peeling away layers of obfuscated code in the cleanroom environment of our cloud, CyberCapture is able to fully dissect the file and observe the binary level commands inside the malware and fully understand the instructions hidden there.
For regular users, this is probably a good protection. But for a developer that compiles and generates a lot of new executables every day, CyberCapture is a real pain in the ass! Fortunately, there is a simple way to disable CyberCapture: go to Avast Menu > Setting > Protection > Core Shields and uncheck Enable CyberCapture Technology: