Can I make an app to be trusted in ThreatFire?

[Leach]

Guess it's a silly question but I'm new to TF and my attempts to let an app run failed. TF always kicks out an app, quarantines and says it's a trojan, I disagree with that. We have been arguing but TF is winning so far. I saw here several users and would like anyone could explain how to make TF 'blind' to a particular app it considers a malware, please.

[jmonge]

exclude the application within tf

[Leach]

Quote:

Originally Posted by jmonge

exclude the application within tf

jmonge, thank you for your answer. Hi.

Are you saying I should put the program's name onto the 'ThreatFire->Advanced Tools->Custom Rule Settings->Process Lists->Trusted? Yes, the app is within that list and the box is checked but it won't help a bit, TF ignores it. Also tried to add a rule onto the 'Custom Rules' list and made some exclusions but couldn't manage it as well. The rule's check box was marked too, may be I made it somewhat wrong.

[Greg S]

Quote:

Originally Posted by Leach

jmonge, thank you for your answer. Hi.

Are you saying I should put the program's name onto the 'ThreatFire->Advanced Tools->Custom Rule Settings->Process Lists->Trusted? Yes, the app is within that list and the box is checked but it won't help a bit, TF ignores it. Also tried to add a rule onto the 'Custom Rules' list and made some exclusions but couldn't manage it as well. The rule's check box was marked too, may be I made it somewhat wrong.

What is the app?

[jmonge]

Leach that is very strange isue

[Leach]

Greg S, hi.

Thank you, I think it's never mind now as I found some pretty remarkable thread on ThreatFire forums. Here.

Quote:

The trusted applications list in ThreatFire is for custom rules only. There is no way to allow an identified malware. You can only allow PUAs (Possibly Unwanted Applications) and yellow suspicious behaviour alerts. This is how ThreatFire works.

It's just impossible to exclude a detected malware currently... 'cause that's how it works... The only way is to send'em a link or an app so that they can include it into PUA. Nonsense. Anyways meanwhile I've found another app detected as a malware on my PC. That one was great - 'cause twas one, absolutely harmless, just packed with a non standard EXE-packer with extra... features to say. Don't think I can use ThreatFire with that restrictions. Have to find something else.