jimwillsher 65 Posted July 10, 2017 Posted July 10, 2017 Sorry to harp on about this, but please can someone advise on how I make a *permanent* exclusion for something that ESET classes as a PUA but which I feel is unfounded. Every day my file gets scanned and shows an alert; every day I say "no action". Rinse and repeat. I've now resorted to deleting the utility and will simply re-download it when I need it, but that is NOT the solution. There must be a way in EEA or ERA to exclude this alert type or marking the file as safe. i don't really want to use path names as I have several copies/versions of this file. Many thanks Jim
Administrators Marcos 5,451 Posted July 10, 2017 Administrators Posted July 10, 2017 You can exclude a particular PUA by name via a policy:
jimwillsher 65 Posted July 10, 2017 Author Posted July 10, 2017 Thanks Marcos, but I can't find that anywhere in the EEA or ERA tree (ERA 6.5, EEA 6.6 beta)
Administrators Marcos 5,451 Posted July 10, 2017 Administrators Posted July 10, 2017 It's under Antivirus -> Paths to be excluded from scanning (Edit) -> Add.
jimwillsher 65 Posted July 12, 2017 Author Posted July 12, 2017 Thanks Marcos, I've configured that but it doesn't seem to want to work for me. Hopefully the screenshots show how I have defined the policy, and I have confirmed that the policy has been applied.
Administrators Marcos 5,451 Posted July 12, 2017 Administrators Posted July 12, 2017 The threat name must be entered as @NAME=Win32/Auslogics.F We plan to improve this in future versions (likely in v7) so that the detection name does not have to have "@NAME=" prepended.
jimwillsher 65 Posted July 12, 2017 Author Posted July 12, 2017 Thank you very much Marcos, that was the missing piece in my jigsaw :-) That's working perfectly. Excellent! Jim
Recommended Posts