Smart Scan scheduled via ERA/ESMC

[sajer_ 0]

Hello everyone,

 

i'd like to ask you, how does smart scan work?

I read on an other eset forum (an older thread) that smart scan does not scan things again he scanned already sometimes.

But now, there is a bug when you schedule a scan WITHOUT cleaning (bc after that the file path is broken and eset will say invalid path) and i realized that a weekend before a scheduled scan found a "ccleaner" setup with google toolbar and reported to me as a threat and i didnt deleted it and waited until this weekend for the scheduled scan (smart) to report me what he found.

And the report said there is one "bad guy", this google toolbar, exactly the same file. So mine question is: as i read, smart scan does not scan thing again he scanned already, but he scanned now this weekend again the exe which inclued the toolbar. This is strange for me, could somebody please explain which scan type should i choose and what is the real difference between the scans?

 

Thank you in advance!

[MichalJ 434]

Hello @sajer_ Witch regards to "smart optimization", this is meant to work in a way, that it does skip files which are whitelisted / marked as safe. As the file you are referring to is a an actual detection (I assume it´s some PUA), it will come up every time you run a scan. If you want to have it "not detected" the right way is to create exclusion for that particular file, ideally either by hash, or by combination of a file path and detection name. You can do it from ESMC "threats" tab, by clicking left click - add exclusion to policy - select a policy, you want to have exclusion applied to. You can do it other way around, to start from "policies", new policy, search for "exclusions" and then upon adding a new one click on "exclude detected threats" and search for that particular detection. 

That should make it gone away from repetitive scans, unless the scan is run with parameter "ignore exclusions". 

Edited February 19, 2019 by MichalJ

[sajer_ 0]

Thank you, for your answer, MichalJ!