In Protection Status -> Statistics - Real-time file system protection there's a display of the full path of the most recently-checked file. I've been watching this for a while. I've seen some data and log files which some apps update regularly (and now set exclusions for those because I know they're inncocent files). But I also see for example the name of my mail client's .exe turning up there quite often. The mail client is running all the time - it's not being stopped and restarted, so why would real-time scanning look at it over & over again? Moreover, I thought NOD32 had some 'smart' process that prevented it from rechecking unchanging files over & over again... The file count is steadily going up. Although I've turned 'log all objects' on all over the setup tree, I'm not seeing any details via Tools -> Log files of what files are actually being scanned. (I'd like to exclude more of them if it's a waste of time and cpu cycles.) Has anyone managed to get detailed logs produced?