windows defender issues? & other AV issues?

Bob Sneidar bobsneidar at iotecdigital.com
Mon Jan 7 19:09:41 CET 2019


No, but I can guess that it is much as has been posted prior to this. Virtually all malware deterrent products use subscription based services, and many of them get their malware signature data from the same sources. False positives are not unheard of, although I suspect they are fairly rare. 

We had an app that was generating a false positive in the AV module in our gateway/routers. Not only could I not copy the installer from the server to the local workstation I was trying to install on, but just opening a folder on the server from a remote location would cause the WAN connection to reset! I didn't connect the dots and couldn't figure out why my folders kept delisting their contents from remote sites until some time later! Informing the developer AND the subscriptions service eventually resolved the issue. 

If we had a list of all LC apps that were failing, along with a list of the libraries they used, we might be able to do a little detective work and figure out what library is causing an issue. Otherwise, it may simply be a matter of setting a dummy apps libraries to not automatically detect, and add one library at a time, rebuilding each time, in order to isolate the errant library. As I understand the problem, not all apps are suffering from this? 

Bob S


> On Jan 7, 2019, at 08:47 , Richard Gaskin via use-livecode <use-livecode at lists.runrev.com> wrote:
> 
> Bob Sneidar wrote:
> 
> > We disable Windows Defender via group policy. A lot of IT
> > administrators do. It's not that it's a bad product, it's that
> > there are alternatives in the marketplace that provide a great
> > many more features, like central management and distribution
> > of policies, which can universally whitelist folders on all
> > domain controlled workstations.
> >
> > For the non-domain systems in a small office with a limited budget,
> > Defender is a great solution as an endpoint malware product. However,
> > these are the issues they will encounter, not just with LC apps but
> > with others.
> 
> Do you know what Defender is doing that other more full-featured packages aren't in terms of application performance impairment?
> 
> In my searches I've found many explanations of the impact of the problem, but nothing about its cause, not even whether Microsoft intends to repair Defender to work more efficiently.
> 
> I'm hoping we can pin down the difference between apps affected by Defender and those that run unimpaired, so we might consider whatever changes may be needed to LC to put it into the latter category.
> 
> -- 
> Richard Gaskin




More information about the use-livecode mailing list