Something that has puzzled me ever since I first got NOD32:

- Whenever I open a file (so far these have only been deliberate tests, whew) NOD32 does warn me that the file (Correctly) is a virus, but _Every single time_ It has been unable to delete the file. Not only that, I can remove the file easily enough myself. I shouldn't say easy though because the NOD32 popup keeps popping up and being in the way. It can't rename the file either. How do I get it to work properly?

- Scanning exclusion.
I've a dozen of times told NOD32 to leave certain files alone, recently the anapod manager file (anamgr.exe) and it still keeps scanning it 1200 times or so per minute. Yes I have checked, there are no duplicas of the file, no cache or hidden such either. I've even restarted after adding the exclusions. Still no go.

If anyone can help me with this I'd be very glad.

The problems have been with all the versions I have run of NOD32, and With Windows XP Pro Eng SP1 and SP2, no difference.

/Anam

{QUOTE-> …Whenever I open a file (so far these have only been deliberate tests, whew) NOD32 does warn me that the file (Correctly) is a virus, but _Every single time_ It has been unable to delete the file. Not only that, I can remove the file easily enough myself. I shouldn't say easy though because the NOD32 popup keeps popping up and being in the way. It can't rename the file either. How do I get it to work properly?... <-QUOTE}
There are 2 main times when Nod32 cannot delete a file, the first is when Nod32 On-Demand Scanner detects a file infected in a email, you will need to go to your Inbox and delete the infected email, if Nod32 was to delete the file, a “.DBX” file, it would remove the entire “Inbox”, this is not a Nod32 issue, it is how Microsoft handles emails.

The second way is if a file has been injected into memory, in order to remove the infected file, reboot into “Safe Mode” and rerun the scan, this time you should have options available to delete the infection…

{QUOTE-> …I've a dozen of times told NOD32 to leave certain files alone, recently the anapod manager file (anamgr.exe) and it still keeps scanning it 1200 times or so per minute. Yes I have checked, there are no duplicas of the file, no cache or hidden such either. I've even restarted after adding the exclusions. Still no go… <-QUOTE}
Go to Control Centre> AMON> Setup> Exclusion and “ADD” the file in question…

Hope this helps…

Cheers ;D

{QUOTE-> There are 2 main times when Nod32 cannot delete a file, the first is when IMON detects a file infected in a email, you will need to go to your Inbox and delete the infected email, if Nod32 was to delete the file, a “.DBX” file, it would remove the entire “Inbox”, this is not a Nod32 issue, it is how Microsoft handles emails.

The second way is if a file has been injected into memory, in order to remove the infected file, reboot into “Safe Mode” and rerun the scan, this time you should have options available to delete the infection…


Go to Control Centre> AMON> Setup> Exclusion and “ADD” the file in question…

Hope this helps…

Cheers ;D <-QUOTE}

1)Well. No. The first was a file I downloaded and deliberately ran to see if amon would detect it. It did, but couldn't remove it. Now, if NOD32 had such a hard time removing it, how come I could simply go delete the file myself manually? This has happened every single time I've tried this, no matter what virus. The file wasn't locked or anything.

2) That's what I did, and it doesn't seem to care about the exclusion.

Please send a email to support@nod32.com with both issues, they may want a link to the file in question. If you do not get a response please advise us here.

Also, would appreciate being kept in the loop as to your outcome...

Cheers ;D

{QUOTE-> 2) That's what I did, and it doesn't seem to care about the exclusion. <-QUOTE}Apparently, according to this thread (http://www.wilderssecurity.com/showthread.php?t=42476), NOD32 requires you to exactly match the short/long pathname version of the file specification that the app is trying to create/open/execute. Try using a short pathname exclusion as well, and see if that helps. This issue is news to me, and I think is something that should be made a sticky on this forum if true. It is a bug, IMHO, and certainly is at least highly unexpected behavior!

Hi all,

The exclusions just don't work, period.

Tried it dozens of times, NOD just keep on scanning them, a pain in the .........

rgds,
Martin