We have an issue where real time protection is causing NOD to take too long scanning files every time we save ACAD-like drawings. (ie, saving a drawing takes 9 secs as compared to less than a sec with RTP turned off). Looking at process monitor, the file that ekrn accesses *many* times upon saving a drawing is CDBASE.ini. At this point, the only way I found to get around this is to exclude .ini files from real-tme protection. But I'm afraid that's opening myself up to problems. Is there a better way around this? eg, is there a way to exclude just that one .ini file without *all* .ini files? Or can I exclude files being accessed by our ACAD-like program?