Nod32 New User question

Discussion in 'NOD32 version 2 Forum' started by Undecidable, Oct 10, 2005.

Thread Status:
Not open for further replies.
  1. Undecidable

    Undecidable Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    12
    Location:
    Hong Kong
    Have just installed and started using Nod32 2.50.25 on 1 PC.
    Currently using KAV and Symantec/NAV on other machines.
    I like the detailed scanning logs.

    One thing I cannot see how to do:
    how to exclude particular folders or files from on-demand scans?
    a. I can exclude particular extensions from on demand scans.
    b. I can exclude particular folders or files from 'autoprotection' ie Amon.

    Any clues appreciated.
     
  2. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    Well, as far as I am concerned an exclusion option is not available for on-demand scans.

    To exclude extensions go to Setup->Extensions and delete the extension you don't want to be scanned.

    On AMON go to Setup->Exclusions and exclude any folder you want. ;)
     
  3. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    b. excluding folders from AMON:

    i. open control center - click "Threat Protection Modules" | "AMON"
    ii. click the "Setup" button, then the "Exclusions" tab
    iii. add folders and files to be excluded
     
  4. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    a. exlcluding folders from on-demand scanning...

    I think - and it is THINK - that setting up the exclusions for AMON will be carried forward into the on-demand scan if you are using the "Control Center Profile" - but perhaps someone who KNOWS can confirm or deny this...
     
  5. Undecidable

    Undecidable Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    12
    Location:
    Hong Kong
    Apologies, I think I gave the wrong impression to pykko.
    I do know how to:
    a. exclude particular extensions from on demand scans.
    b. exclude particular folders or files from 'autoprotection' ie Amon.

    What I cannot see how to do is:
    . how to exclude particular folders or files from on-demand scans?
     
  6. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    The post has been removed. Using the parameter disclosed would expose the user to risk.
     
    Last edited by a moderator: Oct 10, 2005
  7. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    Sorry, Undecidable, my fault! I misread your post and unfortunately I don't know the answer to your question! :(
     
  8. alglove

    alglove Registered Member

    Joined:
    Jan 17, 2005
    Posts:
    904
    Location:
    Houston, Texas, USA
    As far as I can tell, there is no way to do this through the graphic interface, at least not yet. Somebody else has already made a feature request for this to be added to a future version of NOD32:

    https://www.wilderssecurity.com/showthread.php?p=530483&highlight=exclude#post530483

    This portion of the post has been removed. Using the parameter disclosed would expose the user to risk as its function is somewhat different than its name suggests and was intended only for internal Eset's purposes.
    I would really like to be able to do this from the main NOD32 interface, though. :doubt:
     
    Last edited by a moderator: Oct 12, 2005
  9. Undecidable

    Undecidable Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    12
    Location:
    Hong Kong
    Thanks very much for the replies.

    1. I can confirm that the answer from Webyourbusiness does not work.
    ie setting up the exclusions for AMON do not appear to be carried forward into the on-demand scan.

    2. The response from Brian N. with the parameter that "dares not speak its name" would be v. clumsy to use as there are quite a few directories and files that need to be excluded.

    3. The reason I wish to do it is the same problem mentioned above by Alglove and by burf in
    https://www.wilderssecurity.com/showthread.php?p=530483&highlight=exclude#post530483
    ie many spurious entries.

    4. I should add that I can now see it is a feature request for future versions of Nod32. Enough said.
     
    Last edited: Oct 23, 2005
  10. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    Yes it seems that the parameter I suggested should never have reached the public, because it's only used for testing purposes by Eset. So ignore my prev. reply if you are thinking about trying it :)
     
  11. FirePost

    FirePost Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    212
    One way to do it is to manually build one or more profiles that only include everything else for the scanning targets.
     
  12. charincol

    charincol Guest

    I know exactly what you are asking because I wanted to do the same thing. I have about a dozen or so "security test" programs, i.e. firewall leaktests and others in their own folder on a separate partition. Some of the tests are detected by NOD32 as being dangerous (they only mimic what a malicious program would try to do, they are harmless themselves) and I don't want NOD32 going off when it gets to that folder every time it does its In-depth Scan. What I've done is uncheck the drive letter that the "security test" folder is on and then manually add all the other folders on that partition to be scanned. This is all done in the "Scanning targets" tab of the profile you are changing.
     
  13. Undecidable

    Undecidable Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    12
    Location:
    Hong Kong
    Firepost / charincol

    Thanks for the suggestions.

    I fact most of the messages that I want to avoid relate to the inability to open password protected zips that I believe are safe, eg those for PestPatrol. Nod32 creates one message for each file in the zip - therefore many messages.

    Creating a 'reverse' profile, with everything that I want scanned, would be impractical: just too many - and risky: everytime I added a new directory I would have to remember to add it to the profile.

    Uninstalling all the offending programs and reinstalling on a new separate non-scanned partition could work. However given that I am at the limit of my number of partitions, and that this would mess up my backup, imaging and change checking strategies, I would rather live with the messages!

    thanks
    mc
     
  14. FirePost

    FirePost Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    212
    Only if you add the new directories at a level above an already included directory. If you add something at D: you would indeed have to add the folder to the scan profile. If anything is installed in existing included folders, they are already included. It would provide a workable and practical solution until an "excludes" feature for the on-demand scanner is added.
    And this is why that feature should be added ;)
     
Thread Status:
Not open for further replies.