Auslogics - again

[jimwillsher 65]

Sorry to harp on about this, but please can someone advise on how I make a *permanent* exclusion for something that ESET classes as a PUA but which I feel is unfounded. Every day my file gets scanned and shows an alert; every day I say "no action". Rinse and repeat.

I've now resorted to deleting the utility and will simply re-download it when I need it, but that is NOT the solution. There must be a way in EEA or ERA to exclude this alert type or marking the file as safe. i don't really want to use path names as I have several copies/versions of this file.

 

Many thanks

 

 

Jim

[Marcos 4,934]

You can exclude a particular PUA by name via a policy:

 

[jimwillsher 65]

Thanks Marcos, but I can't find that anywhere in the EEA or ERA tree (ERA 6.5, EEA 6.6 beta)

[Marcos 4,934]

It's under Antivirus -> Paths to be excluded from scanning (Edit) -> Add.

[jimwillsher 65]

Thanks Marcos, I've configured that but it doesn't seem to want to work for me. Hopefully the screenshots show how I have defined the policy, and I have confirmed that the policy has been applied.

 

[Marcos 4,934]

The threat name must be entered as

@NAME=Win32/Auslogics.F

We plan to improve this in future versions (likely in v7) so that the detection name does not have to have "@NAME=" prepended.

[jimwillsher 65]

Thank you very much Marcos, that was the missing piece in my jigsaw :-) That's working perfectly.

Excellent!

 

Jim