Jump to content

LiveGuard attacking files I developed (new issues)


Go to solution Solved by Marcos,

Recommended Posts

I'm a professional developer.  Last night I updated to version 15.0.18.0.  Not quite sure why this update didn’t happen earlier, but likely irrelevant.

This morning LiveGuard sends every executable that I produce into quarantine for analysis and locks me out of the file I created for 5 min.  When I'm doing unit testing, I should be creating about 2 executables per minute in an automated script.

I had to turn it off to work, I can't take today off to troubleshot this.  But I rather think LiveGuard is essential for normal use.  What is the right way to configure this so that it doesn't attack my own development?

I've not explored the scope of the issue.  The project I'm working on this morning is residing on OneDrive and I'm using Visual Studio.  It may be different on a NAS or a local drive or with JetBrains IDEs.  But I've been working on this project with exactly this setup for a couple of weeks.  Will update if I discover that this “bug” is highly affected by the details of the development environment.

Link to comment
Share on other sites

  • Administrators
  • Solution

That's because you download the files from the Internet (OneDrive). To prevent these files from being submitted, add the folder containing the files to the Exclusion list in the Submission setup:

image.png

Link to comment
Share on other sites

I had failed to end the folder name with a wild card.  It didn't work with just the folder name.  Apparently you need <full path>\* (not just <full path>).

I happened to work on something that was on the local disk this morning and the problem was occurring there as well.  None of this use to be a problem.  Nevertheless Marcos's fix seems to work.

Find exclusions by going to Setup -> Internet Protection -> <settings for> Web Access Control -> Detection Engine -> Exclusions -> <edit for> Detection exclusions.

Link to comment
Share on other sites

19 minutes ago, GPU Programmer said:

Find exclusions by going to Setup -> Internet Protection -> <settings for> Web Access Control -> Detection Engine -> Exclusions -> <edit for> Detection exclusions.

This isn't correct.

To exclude files from LiveGuard only scanning:

Quote

Exclusions

The Exclusion filter allows you to exclude files/folders from submission (for example, it may be useful to exclude files that may carry confidential information, such as documents or spreadsheets). The files listed will never be sent to ESET labs for analysis, even if they contain suspicious code. The most common file types are excluded by default (.doc, etc.). You can add to the list of excluded files if desired.

 

example

To exclude files downloaded from download.domain.com, navigate to Advanced setup > Detection Engine > Cloud-based protection > Submission of samples and click Edit next to Exclusions. Add the exclusion .download.domain.com.

 

Edited by itman
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...