I have posted before (and others have as well) about the various problems with NODs exclusion system. I propose that an a hash-based (MD5 or SHA1) exclusion system be implemented. Each file added to the exclusion list could be hashed and only the hash stored-- similar to the way that the ProcessGuard allow list worked. Off the top of my head, I can think of several obvious advantages over "path based" system currently used: 1) if the file is changed (new version, infected with virus, etc etc) the hash-based system would detect it and ask the user what to do-- the "path based" one would simply ignore it and the system could potentially be compromised 2) multiple copies of the same file but located in different places (network shares, external drives, usb keys etc) would only have to be added once, instead of adding TWO instances (long+short path) for each file. So If I have a copy of a file on my hard drive, a usb key and on 2 machines on my network, rather than have to add EIGHT entries, I can add just one. 3) moving an excluded file to another directory would not require you to re-add those entries to your exclusion list. There is a great freeware author named Nir Sofer who has produced quite a great assortment of utilities, many of which have become indispensable to me for troubleshooting and performing general system upkeep on both my own system and systems I administer. The utilities are small and efficient, and require no installation. You can find Nir's utilities at the following site: http://www.nirsoft.net Now then, among others, there is a particular utility called "Protected Storage Passview" (pspv.exe). This tool is classified as a threat by NOD32 and when it is found NOD throws up an alert. I can see how this tool has potential for abuse, but it has many legitimate uses as well. I have many (let's be nice and just call them "forgetful") users who constantly forget this password or that one. Rather than waste time resetting passwords on the Exchange server etc, I can quickly recover their original password for them. I carry all the Nirsoft utilities on my USB key, and I would like to exclude that file from NOD32, however since each computer assigns the USB drive a different letter, there is no effective way to exclude it globally. Hopefully the developers may see this and consider adding this feature. Perhaps if people are really attached to the path-based method, the exclusion dialog could offer all three choices (exclude folder, exclude file by path, exclude file by hash). I suppose another idea is to limit the size of a file that is excluded using the MD5 method. Example, don't allow MD5-based exclusions on files > 25MB. (just an example). This way the system would not grind to a halt while NOD tries to hash a 1GB file. What do you think? Please!