"Exclude signature from detection" disabled in "Threat found" dialog

[User2345 0]

Hi,

I am currently evaluating ESET NOD32 Antivirus. It is detecting the following installer in my folder where I am archiving all my installers:

I am fully aware of this "threat" and I want to keep this installer.

Enabling "Exclude signature from detection" sounds exactly like the setting I want. However, this checkbox is disabled with the result that when I click "Ignore threat" button, that the same dialog will show up again whenever Windows Explorer, Total Commander or any other tool will access this folder.

[User2345 0]

Interesting, "Exclude signature from detection" can be selected for PUA:

[Marcos 5,070]

Only potentially unwanted or unsafe applications can be excluded from the alert window for security reasons. To exclude threats by the detection name, you must use detection exclusions in the advanced setup.

[User2345 0]

Thank you, this will explain a bit. However, it reveals a problem in categorization: It doesn't make sense to categorize one toolbar as adware and handle it as a threat but categorize the other just as PUA which is basically doing the same.

[Aryeh Goretsky 378]

Hello,

Just because a computer program is a toolbar does not automatically means it is a potentially unwanted application or adware.  You could have a toolbar which includes a cryptocurrency miner or a credential stealer, or downloads malware like a computer virus, trojan, or worm and so forth.  Or you could have a toolbar which does not perform any malicious or potentially unwanted or unsafe actions at all.  Each toolbar has to be examined to determine what types of activities it performs in order to help with its classification.

Regards,

Aryeh Goretsky