Hey guys.

Just installed Nod32 and I have two questions.

1.) How do I exclude files/directories from the scanner?

2.) What's the purpose of the AMON > setup > exclusion list? I put a directory in there, but the scanner still scanned what I excluded, so I assume that's for something else.

Hi Mike

Both questions answered (I hope) together:

Since NOD32 V2 was released (as far as I can recall), the exlude feature does not always work as intended. A little sleuthing & manual input by the user is required to get the feature to work, as documented here:
http://www.wilderssecurity.com/showthread.php?t=13536

To paraphrase another member, the issue is that NOD32 may require any of the following path types to exclude properly:

- a short names path (DOS 8.3 format)
- a long names path
- a combination of these paths

Regards
Optigrab

That's not going to help in my case. The paths to what I want to exclude are already short
Oops..... no they're not. That's 9 letters, not 8. Let me try it.
D:\Documents\documents.zip and D:\Documents\website\adware\

Is the AMON exclusion where it *should* exclude directories from the scanner? That looks like it's just for the resident module.

I don't want it triggering on my local copy of my spyware collection and that zip file is very large and doesn't need to be scanned.

Nope, didn't work for the scanner or the resident monitor. Tried it with both long and short paths.

That bug is kinda old .... they are working on that right?

Mike, Amon doesn't scan compressed files by default in the first place.

Did you make alterations there?

{QUOTE-> quoting: Mike Healan link=board=39;threadid=16851;start=0#msg104319 date=1069849275]
That bug is kinda old <-QUOTE}

Amen. >:(

Acadia

Mike,

what system do you use and what version of program components you have installed (this info can be found in CC-NOD32 System Tools-Information)? On my computer, it works flawlessly.

Marcos (this is not Mike speaking), here it is on my system:

NOD32 Antivirus System information
Virus signature database version:***1.563 (20031125)
Dated:***Tuesday, November 25, 2003
Virus signature database build:***4057

Information on other scanner support parts
Advanced heuristics module version:***1.004 (20031028)
Advanced heuristics module build:***1037
Archive support module version:***1.007 (20031104)
Archive support module build version:***1074

Information on installed components
NOD32 For Windows 95/98- Base
Version:***2.000.6
NOD32 for Windows 95/98- Standard component
Version:***2.000.6
NOD32 For Windows 95/98- Internet support
Version:***2.000.6

Operating system information
Platform:***Windows 98
Version:***4.10.2222 A
Version of common control components:***5.81.4916
RAM:***384 MB
Processor:***Pentium(r) III Processor

Thank you,
Acadia

(don't know why my handle appears with the information or why it turned red in color, I didn't do anything more than copy/paste)

Marco,

latest version ( I assume ) bought last night.

NOD32 Antivirus System information
Virus signature database version:***1.563 (20031125)
Dated:***Tuesday, November 25, 2003
Virus signature database build:***4057

Information on other scanner support parts
Advanced heuristics module version:***1.004 (20031028)
Advanced heuristics module build:***1037
Archive support module version:***1.003 (20030903)
Archive support module build version:***1056

Information on installed components
NOD32 For Windows NT/2000/XP - Base
Version:***2.000.6
NOD32 For Windows NT/2000/XP - Internet support
Version:***2.000.6
NOD32 for Windows NT/2000/XP - Standard component
Version:***2.000.6

Operating system information
Platform:***Windows 2000
Version:***5.0.2195 Service Pack 4
Version of common control components:***5.81.4916
RAM:***512 MB
Processor:***AMD Athlon(tm) XP 1700+ (1460 MHz)

Tony,

Yeah, I played around in the settings a bit.

{QUOTE-> quoting: Acadia link=board=39;threadid=16851;start=0#msg104349 date=1069854148]
(don't know why my handle appears with the information or why it turned red in color, I didn't do anything more than copy/paste)
<-QUOTE}

LOL ;D

An old, OLD YabbSE bug. it's the / me that does that

{QUOTE-> quoting: Mike Healan link=board=39;threadid=16851;start=0#msg104436 date=1069878579]
An old, OLD YabbSE bug. it's the / me that does that
<-QUOTE}
Hi Mike,

That´s not a bug, that´s a feature. ;D

Pieter

Hi Mike and Acadia,

does the problem occur also on directories with their names shorter than (or equal to) 8 characters?

{QUOTE-> quoting: Marcos link=board=39;threadid=16851;start=0#msg104618 date=1069927548]
Hi Mike and Acadia,

does the problem occur also on directories with their names shorter than (or equal to) 8 characters?
<-QUOTE}

Seems to be. I put a virus in my c:\upx\ folder after excluding it and AMON caught it when I tried to unzip it. I'm looking now to see if the scanner catches it.

C:\upx\WBECHE.EXE - Win32/PSW.WbeCheck.A trojan

Didn't work. Less than 8 characters and exclude didn't work when I scanned the whole C: drive.

Mike, just 2 remarks:

1.) Exluding files/directories in AMON setup does not make these objects exluded from being scanned by NOD32 scanner

2.) It's not clear whether you unzipped the file to the directory excluded from scanning (would you please post the exact path to the infected file detected by AMON?)

1.) Ok, so how do I do that? Exclude something from the scanner?

2.) The zip is at C:\upx\adbreak.zip. When I extracted wbecheck.exe from it to c:\upx\webcheck.exe that set off AMON even though I have c:\upx\ excluded.

Mike,

unfortunately, particular files/directories cannot be excluded in NOD32 scanner. You can only select what directories/drives you wish to scan.

As to the second point, it really seems there is some problem with exluding files in AMON. I can't tell you for sure if something will change in the next program comp. update, but let's see.