Environment variables in exclusions

Discussion in 'ESET NOD32 Antivirus' started by davemcl, Apr 26, 2009.

Thread Status:
Not open for further replies.
  1. davemcl

    davemcl Registered Member

    Joined:
    Apr 26, 2009
    Posts:
    10
    For developer PC's I have configured around 25 exclusions, mostly using environment variables - this is because I have a mix of 32/64 bit O.S. and SQL Server 2005/2008 installed on both C: and D: logical drives.
    None of these exclusions get pushed to the client - am I missing something obvious?

    TIA
    Dave
     
  2. JimmyT

    JimmyT Former ESET Support Rep

    Joined:
    Apr 9, 2009
    Posts:
    14
    Hello,

    Apply the desired settings to a single machine.

    From the RA Console, right-click and select Configurations.

    This will allow you to pull and save a copy of the ESET NOD32 settings from that machine. (.xml file)

    Push out the .xml to a single machine.

    Do you still have the same issue?
     
  3. davemcl

    davemcl Registered Member

    Joined:
    Apr 26, 2009
    Posts:
    10
    Environment variables dont seem to be supported!
    e.g.
    %Program Files%\Microsoft Visual Studio\*.*
    Only drive and UNC paths seem to work, Ill just have to hardcode everything which is a pity.

    Cheers
    Dave
     
  4. SalC

    SalC Registered Member

    Joined:
    Jun 30, 2008
    Posts:
    31
    I'm having this issue also -- 4.0.424
     
  5. davemcl

    davemcl Registered Member

    Joined:
    Apr 26, 2009
    Posts:
    10
    Its a real PIA as I want to define something like
    C:\Users\%USERNAME%\AppData\...

    I cant see a work around - do we hardcode every user in the enterprise!?!
     
  6. andrator

    andrator Registered Member

    Joined:
    Feb 10, 2006
    Posts:
    54
    Location:
    Netherlands
    Hi,

    The last week I've been browsing the NOD32 forums to gather information and possible issues for an upgrade from v2.71 to v4. We have been working with v2 for the last 3 years without any issues. Configuration was a major PITA, because of a lack of documentation and exclusions. The price and quality was very good and worth the time investment to discover everything by myself and this forum.

    I was hoping that v4 would be Enterprise ready ... probably not.

    I also have a mixed 32/64-bit environment with SQL Server.

    How difficult is it to discover if a server has commonly used software installed that requires exclusions and automatically include them or provide templates with the Microsoft KB exclusions.

    At least for v4 I haven't seen the issues from v2 that every exclusion also has to be coded in 8.3 format :D
     
  7. SmackyTheFrog

    SmackyTheFrog Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    767
    Location:
    Lansing, Michigan
    I reported this issue months ago to support and it looked like they ignored it. Its an absolute pain to set up exclusions for all variants of C:\Windows or C:\WinNT, I don't even want to imagine you guys having to deal with per-profile exclusions.
     
  8. ThomasC

    ThomasC Former ESET Support Rep

    Joined:
    Sep 8, 2008
    Posts:
    209
    The ESET security software does not support environmental variables however, the exclusions are stored in the registry which gives us a way to do this without manually entering every users path. When the exclusions are added to the registry they are given sequential 8 digit key values so in order to avoid conflicts in the example we used 88888888. In order for this solution to work you will either need to be running version 3 of our software or in version 4 have self defense turned off which will require a reboot or you could do it in safe mode.

    How we get this to work is creating a batch file that will add some values to the registry, then have the users run it via log-on script or what ever means you see fit. Here are the the values to add.

    reg add "hklm\software\eset\eset security\current
    version\plugins\01000600\profiles\@my profile\excludes\Node_88888888" /v "Flags"
    /t REG_DWORD /d 0 /f

    reg add "hklm\software\eset\eset security\current
    version\plugins\01000600\profiles\@my profile\excludes\Node_88888888" /v "Infilt
    ration" /t REG_SZ /f

    reg add "hklm\software\eset\eset security\current
    version\plugins\01000600\profiles\@my profile\excludes\Node_88888888" /v "Path"
    /t REG_SZ /d %Environmental_Variable%\Path to subdir\*.* /f

    These Values will not show up in the ESET Software exclusions list until EKRN.exe is restarted or a system reboot is initiated. We can restart EKRN.exe by adding

    taskkill /im ekrn.exe /f

    It will restart automatically.

    -Cheers
     
  9. jovball

    jovball Registered Member

    Joined:
    Oct 2, 2008
    Posts:
    7
    Oh please. That answer is so incredibly lame, I can't believe you posted it. If this software isn't enterprise ready, just say so. System administrators don't have time to fool around with that sort of nonsense.

    Read this page from Microsoft on virus scanning recommendations: http://support.microsoft.com/kb/822158

    Notice how every example uses environmental variables. Then go have a talk with your programmers and project managers.
     
  10. hillrb

    hillrb Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    44
    I completely agree with jovball. Environment %variable% pathing needs to be added to NOD32.

    At first, I thought the above was a way to make variables work in NOD32, but no such luck. It is a cheap trick to add the full path based on the variable you set to the users' registries.

    However, for those wondering why the last registry entry doesn't work, it's missing quotes around "%Environmental_Variable%\Path to subdir\*.*". Otherwise, the "reg add" command fails. It should also be noted that you should change the path variables to meet your needs, otherwise it won't work. Each registry entry should only take up one line.
     
  11. SmackyTheFrog

    SmackyTheFrog Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    767
    Location:
    Lansing, Michigan
    Thomas, not supporting env variables is a huge crock of crap and you know it. At least tell us if this is on the roadmap as a feature or not.
     
Thread Status:
Not open for further replies.