FDISR and NOD32

Discussion in 'FirstDefense-ISR Forum' started by WWS, Feb 4, 2006.

Thread Status:
Not open for further replies.
  1. WWS

    WWS Registered Member

    Joined:
    Jul 13, 2004
    Posts:
    249
    Anyone know how to exclude $ISR snapshots from NOD32?

    It was easy enough to exclude them from Perfect Disk.
     
  2. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    WWS, sorry, no can do, I'm having to live with that issue too. :mad: That's the only thing that I do not like about NOD.

    Acadia
     
  3. WWS

    WWS Registered Member

    Joined:
    Jul 13, 2004
    Posts:
    249
    Bummer.
    Having 2 snapshots, it's like scanning C drive 3 times in a row.
    And it scans the snapshots first.

    Edit: should ask if you asked NOD or anyone about this issue!
     
    Last edited: Feb 4, 2006
  4. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    Yup ... try 10 Snapshots, like I have!! I don't even bother doing an on-demand scan of my c:drive. Whenever I want to do an on-demand scan I simply go to TrendMicro and use their on-line Housecall, much faster. I trust NOD very much for the real-time scanning, which is the only reason for keeping NOD at this point.

    Acadia
     
  5. WWS

    WWS Registered Member

    Joined:
    Jul 13, 2004
    Posts:
    249
    I take it there's no conflict running TrendMicro Housecall while NOD is alive on your system?
     
  6. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    Actually what I do is a little complicated and time consuming, but very safe. First I update one of my Snapshots using the Primary Snapshot so that they are now identical. Then I boot into the newly updated Snapshot and do the Housecall from there, remember, it is now identical to Primary so scanning one would yield identical results as scanning the other.

    I do this for two reasons: When you run the Trendmicro Housecall, it downloads a little bit of software, I believe that it is an ActiveX control of some sort, in order to be able to scan your system; don't worry, ALL of the on-line scanners from all the various AV companies do this. Still, I want it off my system when it is finished, and rebooting back into my Primary does this. Then, the next time that I update the Snapshot that I used for the scanning, the ActiveX is wiped out. The second reason that I use another Snapshot to do the scanning is that I disable NOD for this process and I do not want to disable NOD on my Primary Snapshot if I can help it.

    WWS, you probably DO NOT need to do all of this. I hear that the Trendmicro Housecall always works fine on all systems, and everyone that I have talked too always leaves their NOD fully enabled during the on-line scan. So I do what I do just to play it extra safe; it almost for sure is not necessary, and it is time consuming. I just want the Trendmicro ActiveX, or whatever it is, off my system when I am all done and of course booting back into my Primary guarantees all of this. Good luck.

    Acadia
     
  7. betauser2

    betauser2 Guest

    Hi, I face the same problem with Norton IS 2006 and Panda Platinum 2006 (both of which I'm trialling due to FirstDefence_ISR). I don't think it can be done, anyone know how?

    Thank you! Acadia for raving about FirstDefence best money I've spent!
     
  8. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    Your welcome, betauser2, actually I believe that Peter2150 does even more raving about FD than I do! :D

    I do not have any answer to prevent scanning programs from scanning all of the various Snapshots, I guess that they are simply doing their job after all. I just wish more of the scanning programs made it possible to exclude folders from an on-demand full system scan. :mad: It is interesting that NAV2006 now scans all Snapshots, NAV 2005 did not. As more and more scanning programs start going deeper into the Kernel, that is going to start becoming more and more common.

    Acadia
     
  9. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,059
    Hi all.

    ROFL. Yep I do indeed love my FDISR, even when I screw it up, it is still doing it's job. Just can't beat that. Hey guy's on this AV issue hang on a bit. I've been beta testing the new KAV, and boy it's been somewhat painful, but I love it. First when you do a full scan with KAV, it doesn't scan your other snapshots. But even better than that they have got their new Iswift technology working great. If I do a full scan it takes right at an hour, using the extended database. However after the first full scan I can turn turn on Iswift and now it doesn't scan files unless they are new or have changed. Full scan with iswift takes right at 4 and a half minutes.

    KAV 6.0 is pretty close to release, and heck if you are using FDISR you are quite safe in trying the beta. Goto http://forum.kaspersky.com/ and look in the beta section.

    Pete
     
  10. Bdiamond

    Bdiamond Registered Member

    Joined:
    Apr 26, 2002
    Posts:
    74
    Location:
    N Carolina, USA
  11. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,059
    YES and NO!!!!!!!!!.

    First I am running KAV 6.0 beta. Different technology.

    You can run FD-ISR with KAV 5.0 as long as you didn't install it with Istream. If you did what you need to do prior to installing FD-ISR is to uninstall KAV 5.0, get there KLstreamremover.exe from the website, and put that in your c:\ directory. Run it from there to clean off all the ADS. Then reinstall KAV 5.0 without Istream(non default install) and then you can install and use FD-ISR.

    Pete
     
  12. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    The klstreamremover is included in the KAV 5.0 uninstaller, so no need to use other tools after uninstalling, just uncheck "save NTFS streams for future use" during the uninstall and start the removal in the next window.:)
     
  13. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    Here the NOD scanner takes less time to scan my two snapshots than 9 other AV's which only scan the one :cool:

    So this anomoly of NOD may not be too marked unless multiple snapshots are used.
     
  14. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    Blackcat, I use the max of 10 Snapshots, and for on-demand total system scans NOD is a royal pain in the you-know-what for its inability to exclude files. In fact, I do not use NOD for total system scans, I use one of the on-line scanners for that, and use NOD only for real time scanning, which is the most important for me anyway. :)

    Acadia
     
  15. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,059
    Thanks for the correction Don.

    Pete
     
Thread Status:
Not open for further replies.