FD-ISR snapshot and NOD32 scan...

Hi,

Is there a way to indicate to NOD32 not to scan all the snapshots? Right now, having 3 snapshots, it is the equivalent of NOD32 scanning 3 times my C drive

Is there a file (snapshots) from FD-ISR that can be exclude from the NOD32 scan?

Thanks,
Atomas31

 

Atomas,
I'm not sure about this, but

I have two snapshots :
If I open Windows Explorer and go to the folder "C:\$ISR", I see 3 subfolders :
1. C:\$ISR\0 = first snapshot
2. C:\$ISR\1 = second snapshot
3. C:\$ISR\A = I don't know.

If you exclude the last two subfolders in NOD32, it might be possible that only the first folder = first snapshot is scanned and not the other two.
Again I'm not sure if this info is right, but it sounds logical and it isn't dangerous.

PS.: Let me know if it makes a difference in scanning time.

EDIT :
If you use the classical method of FDISR : work and rollback snapshot, than you only have to scan the primary snapshot, BEFORE you copy/update FROM work snapshot TO rollback snapshot and that will keep your rollback snapshot "clean".

 

Hi Erik,

I see one problem, I don't have any folder call $ISR in c:\ Where does my snapshots are if not in C:\ (I don't have any partition on my system)?

Thanks for your help,
Atomas31

 

Maybe the folder is hidden, I don't remember this.
I have all hidden files unhidden via folder options.

EDIT :
It is a HIDDEN folder, I checked it.

 

After checking, you are right I had to unhidde the system protected files... Thanks,

Atomas31

 

And ... any improvement in the scan time ?

 

Nope, I will need someone to indicate to me how to exclude the folders $ISR/1 and $ISR/2 from the scans? I try to put them on the exclusion list (as permanent) on AMON configurations but they are still being scan

 

Ask in the NOD32 forum, they will teach you this immediately.

 

In order to exclude FD-ISR from a NOD32 (On Demand) scan. see attachment

In order to exclude it from a scheduled scan just add: /exclude=$ISR to the command line.

...screamer

 

This would mean that none of the snapshots will be scanned by NOD32

I might be wrong, but it should be like this :

/exclude=C:\$ISR\1 = second snapshot
/exclude=C:\$ISR\A = ?

This should scan "C:\$ISR\0" only, which is probably the primary snapshot.

Of course I'm not sure, because I don't have NOD32.
If your method is correct, than the scan time will also be alot shorter, but I have doubts that the primary snapshot will be scanned.

 

NOD32 will only exclude "one" file. I choose to exclude FD-ISR as a complete folder. If my scan shows something strange... I can include FD-ISR in a separate scan. So far I haven't had to do this since the only malicious files I have received are via e-mail and NOD32 picks-em-up as they're downloading.

...screamer