GloopyFlop 0 Posted January 1 Share Posted January 1 I've been developing an app in C# over a number of months with no problems and suddenly two weeks ago, every build has the created exe flagged and removed by ESET I have installed same config on another machine and all worked well, include the solution I built on main dev machine. Due to this, I was convinced my dev box was correupted/infected so I reset and fully rebuilt OS& Apps using another physical drive - still the same issue. It goes like this: load C# project in Visual Studio do a REBUILD immediately the build is complete, ESET jumps in with "Threat Removed, A threat (MSIL/GenKKryptik_AGen.MV) was found in a file that VBCSCompiler tried to access; the file has been deleted" [underline/italic are hyperlinked text] The associated log is: Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here 1/01/2023 3:10:44 pm;Real-time file system protection;file;C:\Users\MalSnaize\OneDrive - IT Stuff\Development\PLC-2022\V010\V010.022 - Copy\obj\Debug\PLC2022.exe;a variant of MSIL/GenKryptik_AGen.MV trojan;cleaned by deleting;AzureAD\MalSnaize;Event occurred on a new file created by the application: C:\Program Files\Microsoft Visual Studio\2022\Community\MSBuild\Current\Bin\Roslyn\VBCSCompiler.exe (770F307D32E33001E65210C257A8B16881ED8CE3).;B709F2748E1F15BE93D3754FE06D87BF04080E06;1/01/2023 2:54:20 pm can anyone help please? Thanks Mal Link to comment Share on other sites More sharing options...
AnthonyQ 48 Posted January 1 Share Posted January 1 Seems like an FP. Extract the detected file from Quarantine and zip it with the password (infected), and send the encrypted zip file to samples@eset.com for investigation. Link to comment Share on other sites More sharing options...
itman 1,630 Posted January 1 Share Posted January 1 (edited) This issue also appears to manifest when using Norton: https://community.norton.com/en/forums/visual-studio-code-issue-norton . The solution: Quote As a developer, you need to create a master folder for all your projects. Then exclude that folder from Both items in the image below. There are a number of like past postings on the forum in regards to Eset FPs on Visual Studio created executable's. As such, above folder exclusion recommendation appears the best permanent solution to the issue. Edited January 1 by itman Link to comment Share on other sites More sharing options...
Administrators Marcos 4,935 Posted January 2 Administrators Share Posted January 2 It was a false positive which was fixed yesterday. Link to comment Share on other sites More sharing options...
Recommended Posts