Author Topic: Visual studio 2019 BackgroundDownload.exe (signed by microsoft) annoying popup  (Read 316 times)

Offline Gdocal

  • Newbie
  • *
  • Posts: 2
I am a programmer. I use VS 2019.
Every 10 minutes I get popup from comodo firewall which ask me  to allow connection for process BackgroundDownload.exe
Which is located in
C:\Users\<UserName>\AppData\Local\Temp\<SOME RANDOM LETTERS>\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe

File is signed by microsoft.

I already allowed access for this application at least 100 times...and even try to block it. this Appliaction everytime connects to different server and process file locates in different folder. I can't see way to workaround this issue

Any ideas how I can use VS 2019 and comodo in same time?


« Last Edit: June 14, 2019, 10:20:14 AM by Gdocal »

Offline futuretech

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 4294
You don't have the firewall set to safe mode other wise you wouldn't get alerts, also you need to use remember my answer so it creates an application rule. Do you have alert frequency level set to very high? Because it will alert for every port and IP address connection attempt. Side note, I have only notice backgrounddownload being run from the program files folder.

Offline jljtgr

  • Comodo Family Member
  • ***
  • Posts: 72
Edit one of the rules you've already made, replace "<SOME RANDOM LETTERS>" as you called it with an asterisk (*).  The rule will now apply as long as no other part of the path changes.  Maybe run Purge to remove the rest.

PS.  It's still possible to get an alert even in safemode if the program runs, exits and is deleted quickly.  Or something like that.  The alert shows the signer, but the file doesn't exist when you ask for the file properties.  I haven't seen it happen with VS2019, only Office 365.

Offline Gdocal

  • Newbie
  • *
  • Posts: 2
Edit one of the rules you've already made, replace "<SOME RANDOM LETTERS>" as you called it with an asterisk (*).  The rule will now apply as long as no other part of the path changes.  Maybe run Purge to remove the rest.

PS.  It's still possible to get an alert even in safemode if the program runs, exits and is deleted quickly.  Or something like that.  The alert shows the signer, but the file doesn't exist when you ask for the file properties.  I haven't seen it happen with VS2019, only Office 365.
I tried with asteriks, didn't help.
Now I removed all previous rules connected to this file, and still same result

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 25474
Could you post the rule with the asterisk? It should look like C:\Users\<UserName>\AppData\Local\Temp\*\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe.

Could you check the HIPS and Containment Logs to see if there are clues to why you are getting this alert?

Offline futuretech

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 4294
You can't use wildcards in that way with the rule, you have to create a file group then you can edit the file path with a wildcard. It is a common misconception to think you can edit the file path of an application rule to make use of the wildcard character and have it work. It must be done within a file group instead.

Edit: Seems it can be done that way, they must have fixed it a some point because it used to not work unless you used the wildcard path in a file group. Make sure <username> is your actual user account name and not the actual text of <Username>.
« Last Edit: June 15, 2019, 12:50:18 PM by futuretech »

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek