Jump to content

Archived

This topic is now archived and is closed to further replies.

BDeep

Excluding malware (or perceived malware)

Recommended Posts

This has come up before but I am bringing it up again because it is an important topic. Is there a way to exclude detected hashes in endpoint products either directly in the endpoint or via remote administrator? We have some code and programs being popped as malware that does not live in one specific directory. ERA detects all of the hits as the same hash. We would like to exclude the hash as a false positive.

Share this post


Link to post
Share on other sites

This is not possible. Hashes are not calculated real-time. You can submit the file to ESET for analysis and possible whitelisting, however.

Share this post


Link to post
Share on other sites

This is not possible. Hashes are not calculated real-time. You can submit the file to ESET for analysis and possible whitelisting, however.

Thanks Marcos.

I also found this. Looks like something related (but not exactly as I posted) is in the works: https://forum.eset.com/topic/8813-threat-exclusion/

Share this post


Link to post
Share on other sites

 

This is not possible. Hashes are not calculated real-time. You can submit the file to ESET for analysis and possible whitelisting, however.

Thanks Marcos.

I also found this. Looks like something related (but not exactly as I posted) is in the works: https://forum.eset.com/topic/8813-threat-exclusion/

 

 

That's correct. However, exclusions by names can only work for potentially unsafe or unwanted applications. If an innocuous application is detected as a threat, it should be submitted to ESET for a review. If you are 100% positive that it's clean, you can exclude the file with a full path completely until the detection is fixed on ESET's part.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...