Is it a good idea to exclude "temp folders" from scanning?

Discussion in 'ESET NOD32 Antivirus' started by loverboy, Nov 20, 2010.

Thread Status:
Not open for further replies.
  1. loverboy

    loverboy Registered Member

    Joined:
    Mar 25, 2009
    Posts:
    59
    utorrent, emule or (in my case) COMODO (it is a firewall) temp folders are continuously written to store temp files, that in the first two cases (utorrent and emule) when completed go into another directory.

    So, to prevent NOD32 from being too much occupied in scanning temporary files I usually exclude those folders from scanning.
    Is it a good idea?
    Are we sure that files are scanned when moving from that "excluded directory" to the destination one at the end of the download?
     
  2. 3GUSER

    3GUSER Registered Member

    Joined:
    Jan 10, 2010
    Posts:
    812
    No , it is not a good idea in my opinion . There are plenty of threats that load from temp directories.

    In ESS/NOD32 v3 and v4 you can exclude UTorrent and Emule traffic from being scanned.
     
  3. loverboy

    loverboy Registered Member

    Joined:
    Mar 25, 2009
    Posts:
    59
    Why scanning incomplete files that have no use until they are completely downloaded?
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Excluding Utorrent/Emule folders is safe as long as malware authors don't exploit the exclusion.
     
  5. loverboy

    loverboy Registered Member

    Joined:
    Mar 25, 2009
    Posts:
    59
    No.
    I am asking if EAV 4 scans files while they are moving from a directory to another, and so making useless scanning those files while they are incomplete
     
  6. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Many programs use that folder, including malware. It's better not to add the exclusion.

    For example, if you click run on IE the file won't move to your download folder, and will directly execute from the temporary folder. If you had added the exclusion, ESET won't scan it.

    There are many other scenarios such as drive-by exploits, installer unpacking malware there, etc so I do not recommend it.
     
  7. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    The inherent risks of Peer-to-Peer File Swapping

    There are some Security Forums that will not support you if you state or it is determined you run P2P :ouch:

    How to exclude certain files or folders from real-time scanning if you must

    You shoud flush your Temp Folder on occasion as an extra security measure.

    The desitination directory is
    Code:
    [b]%temp%[/b]
    Via CTRL + A & CTRL + D in Safe Mode
     
    Last edited: Nov 20, 2010
  8. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses

    In a word NO.

    Exclusions are for other security products or your https banking site.
     
  9. xan K

    xan K Registered Member

    Joined:
    Sep 15, 2008
    Posts:
    152
    Location:
    Dominican Republic
    You better not exclude it. Besides, the performance you'd get from excluding that folder will probably be negligible.
     
  10. loverboy

    loverboy Registered Member

    Joined:
    Mar 25, 2009
    Posts:
    59
    OK, thank you all :thumb:
     
Thread Status:
Not open for further replies.