I asked this question at the end of an old thread but I think it got lost in the shuffle. . .I run ESS on a network where the Windows Updates all come down via Windows Server Update Services. This means that by the time my workstations see the updates, they have already been scanned by the server which runs WSUS, and which has NOD32 on it. Consequently, I would like to prevent scanning of update files on client workstations, as I've found that the process is slowed considerably by ekrn.exe sucking the life out of the system whilst scanning the downloaded and installing updates. Unfortunately, I'm not sure what to exclude. I can't exclude the destination directory, because a lot of them go into either c:\windows or c:\windows\system32, and we all know lots of baddies get placed in those two locations as well. There also is no consistent filename to exclude. So does anyone know what I can set to prevent the needless scanning of these files? (I would caution that, even if possible, this exclusion is unwise for people downloading their updates straight from Microsoft. I just want to exclude multiple scans since my server has already done the job) Obviously, a network-wide policy to lower the priority level of ekrn.exe both on realtime protection scans, and on the "startup scan" that happens every time there is a new update, would be nice. Can this be done as well?