How to whitelist a threat / false positive

Discussion in 'ESET NOD32 Antivirus' started by sammyc53, Mar 17, 2008.

Thread Status:
Not open for further replies.
  1. sammyc53

    sammyc53 Registered Member

    Joined:
    Jan 31, 2008
    Posts:
    39
    I have a few false positives that I do not want detected anymore. How would I go about excluding this, or whitelisting these the scanners?

    Eset 3.0 Business Edition
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    The best would be if you compress those files, protect the archive with the password "infected" and submit it to samples[at]eset.com with "False positive" in the subject.
     
  3. sammyc53

    sammyc53 Registered Member

    Joined:
    Jan 31, 2008
    Posts:
    39
    Cool, but what if it is actually a threat that should be kept in eSet's signature database, but I don't want to detect it?

    Example, many admin recovery tools for password recovery will be in the definitions, as they should be. However, I will need them on my desktop.

    Thanks.
     
  4. techtype

    techtype Registered Member

    Joined:
    Nov 1, 2006
    Posts:
    80
    Turn off scanning of "Potentially unsafe applications". They fall into this category.
     
  5. Eryan

    Eryan Eset Staff Account

    Joined:
    Jan 17, 2008
    Posts:
    181
  6. sammyc53

    sammyc53 Registered Member

    Joined:
    Jan 31, 2008
    Posts:
    39
    That's a path exclusion, but that will have to do.

    In my experience, if a False Positive if every released in the Defs, you won't to be able to individually exclude the whole threat, independent on the path. Otherwise, it will disrupt your whole domain. This should be files as a feature request.
     
Thread Status:
Not open for further replies.