Most Valued Members shocked 60 Posted October 16, 2015 Most Valued Members Share Posted October 16, 2015 in v8 and now in v9, i have noticed that when SS detects something and the information window is activated, only the "copy to quarantine" is active. the other options are not. why? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,288 Posted October 16, 2015 Administrators Share Posted October 16, 2015 1, Submit for analysis - this option is rather deprecated. It made sense in older versions where ThreatSense.Net was used instead of LiveGrid. I'll discuss its removal with developers. 2,3, Exclude (signature) from detection - these options are available for PUA detections. Link to comment Share on other sites More sharing options...
Most Valued Members shocked 60 Posted October 16, 2015 Author Most Valued Members Share Posted October 16, 2015 since ask toolbar was detected upon starting the real times installer, why the exclude options weren't activated? Link to comment Share on other sites More sharing options...
Most Valued Members planet 232 Posted October 16, 2015 Most Valued Members Share Posted October 16, 2015 since ask toolbar was detected upon starting the real times installer, why the exclude options weren't activated? From your screenshot it looks like the bundled Ask Toolbar is detected as a Potentially Unsafe Application instead of a Potentially Unwanted Application and that could be the reason why it's not activated, unless it is an actual UI bug - Is there difference between unsafe and unwanted @Marcos for the options to be available (since the options aren't available for this unsafe detection)? Link to comment Share on other sites More sharing options...
Most Valued Members shocked 60 Posted October 16, 2015 Author Most Valued Members Share Posted October 16, 2015 imo unsafe and unwanted might be the same thing Link to comment Share on other sites More sharing options...
ESET Insiders stackz 115 Posted October 17, 2015 ESET Insiders Share Posted October 17, 2015 (edited) I just reproduced the alert that pavilion_alex is seeing. When the initial notification is displayed, 'Copy to Quarantine' is the only option that can be unchecked or checked, but if you click 'Ignore' you'll get another notification where 'Copy to Quarantine', 'Exclude from detection' and 'Exclude signature from detection' are all available to select. Edited October 17, 2015 by stackz Link to comment Share on other sites More sharing options...
Administrators Marcos 5,288 Posted October 17, 2015 Administrators Share Posted October 17, 2015 You're right.The first detection came from web protection,hence Exclude from detection was unavailable (it works if a PUA is detected on a disk).As for excluding the signature,I think it should be available regardless of the protection module.I'll discuss it with our engineers. Link to comment Share on other sites More sharing options...
Most Valued Members shocked 60 Posted October 17, 2015 Author Most Valued Members Share Posted October 17, 2015 yeah, after i clicked ignore it opened again with all the options available. btw i think all the options should be available regardless on where the detection was occurred. the 'exclude signature' mean the file's unique signature or the virus signature? Link to comment Share on other sites More sharing options...
Dakmp 0 Posted August 13, 2016 Share Posted August 13, 2016 It's quite intrusive, please allow those options from the first popup. Exclude by signature should be based on SHA or similar so doesn't bother you again even if you move to file to another location. Also, improve exclude dialogs to have a pick dialog instead of entering the path directly. I perform a full check of my system the I uninstall the antivirus, bothers me too much! The option to disable until next reboot is not enough for me. I need an option to disable permanently until I choose the opposite. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,288 Posted August 15, 2016 Administrators Share Posted August 15, 2016 It's quite intrusive, please allow those options from the first popup. Exclude by signature should be based on SHA or similar so doesn't bother you again even if you move to file to another location. The "Exclude signature from detection" is applied for any path. Link to comment Share on other sites More sharing options...
Recommended Posts