Help with Visual Studio 2008

Karamel · October 4, 2010, 4:08pm

When compiling with visual studio 2008 / 2010, Comodo Internet Security 5 complain about one or more .bat files being executed, Comodo Internet Security 4 didn’t have this problem.

My question is how do i correctly setup Comodo Internet Security 5 so it doesn’t complain ?

see attachment for process tree info

[attachment deleted by admin]

Citizen_K · October 4, 2010, 9:10pm

Batch and other scripts files are intercepted with v5. The setting is called Do heuristic command-line analysis for certain applications.

Try adding the .bat file to Trusted Files.

Karamel · October 4, 2010, 10:04pm

Too bad you can’t disable or put the process (visual studio) under a exclude filter for “Do heuristic command-line analysis for certain applications”

:-La
Or perhaps you can add a fancy new feature:
If example a .bat file gets executed by a process (cmd.exe) by which parent process (doesn’t need to be the direct parent) is visual studio 2008 (devenv.exe) then it is allowed.

:-[
Ah right i forgot to mention, visual studio generates the .bat files during build, goes like this:

Generate .bat file, it gets created in the %TEMP% folder
Gets executed and then removed right after.

So it has a random name every time.

And disabling “Do heuristic command-line analysis for certain applications” seems to be a bad idea, security risk, etc…

Can this be solved another way without compromising security ?

Dennis2 · October 5, 2010, 6:22am

If it is executed by cmd

You will have to allow cmd to execute %TEMP%*.bat

is for the random name.

Dennis

Karamel · October 5, 2010, 9:43pm

Too bad there wasn’t a more secure way to do this

Well i did what you said but i also had to add “%TEMP%*.bat” to ‘Computer Security Policies’, ‘Defense+ Rules’
and under ‘Use a Custom Policy’ → ‘Run an executable’ and add the exe files the bat files executes under the ‘Allowed Applications’.

Not the most elegant or secure way but oh well, i can always hope for some new features to get added to comodo that will make this more secure hint hint

Like my feature idea in the previous post.

If you have a better way of doing this, do tell.

Thanks for your help.

Dennis2 · October 6, 2010, 5:54am

You could make VcBuildHelper.exe a Installer or Updater, but this then gives VcBuildHelper.exe a lot of rights but less rights to cmd itself.

I presume the way Visual Studio 2008 does this has not changed from Visual Studio 2005.

Dennis