Jump to content

LiveGuard attacking files I developed (new issues)

GPU Programmer
 Share
Go to solution Solved by Marcos,

Recommended Posts

GPU Programmer

GPU Programmer 0

Posted
Posted

I'm a professional developer.  Last night I updated to version 15.0.18.0.  Not quite sure why this update didn’t happen earlier, but likely irrelevant.

This morning LiveGuard sends every executable that I produce into quarantine for analysis and locks me out of the file I created for 5 min.  When I'm doing unit testing, I should be creating about 2 executables per minute in an automated script.

I had to turn it off to work, I can't take today off to troubleshot this.  But I rather think LiveGuard is essential for normal use.  What is the right way to configure this so that it doesn't attack my own development?

I've not explored the scope of the issue.  The project I'm working on this morning is residing on OneDrive and I'm using Visual Studio.  It may be different on a NAS or a local drive or with JetBrains IDEs.  But I've been working on this project with exactly this setup for a couple of weeks.  Will update if I discover that this “bug” is highly affected by the details of the development environment.

Link to comment
Share on other sites
  • Administrators
  • Solution
Marcos

Marcos 5,074

Posted
  • Administrators
  • Solution
Posted

That's because you download the files from the Internet (OneDrive). To prevent these files from being submitted, add the folder containing the files to the Exclusion list in the Submission setup:

image.png

Link to comment
Share on other sites
GPU Programmer

GPU Programmer 0

Posted
  • Author
Posted

I had failed to end the folder name with a wild card.  It didn't work with just the folder name.  Apparently you need <full path>\* (not just <full path>).

I happened to work on something that was on the local disk this morning and the problem was occurring there as well.  None of this use to be a problem.  Nevertheless Marcos's fix seems to work.

Find exclusions by going to Setup -> Internet Protection -> <settings for> Web Access Control -> Detection Engine -> Exclusions -> <edit for> Detection exclusions.

Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted (edited)
19 minutes ago, GPU Programmer said:

Find exclusions by going to Setup -> Internet Protection -> <settings for> Web Access Control -> Detection Engine -> Exclusions -> <edit for> Detection exclusions.

This isn't correct.

To exclude files from LiveGuard only scanning:

Quote

Exclusions

The Exclusion filter allows you to exclude files/folders from submission (for example, it may be useful to exclude files that may carry confidential information, such as documents or spreadsheets). The files listed will never be sent to ESET labs for analysis, even if they contain suspicious code. The most common file types are excluded by default (.doc, etc.). You can add to the list of excluded files if desired.

 

example

To exclude files downloaded from download.domain.com, navigate to Advanced setup > Detection Engine > Cloud-based protection > Submission of samples and click Edit next to Exclusions. Add the exclusion .download.domain.com.

 

Edited by itman
Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...