Vista - what to exclude from scanning?

Discussion in 'ESET NOD32 Antivirus' started by jimwillsher, Mar 11, 2009.

Thread Status:
Not open for further replies.
  1. jimwillsher

    jimwillsher Registered Member

    Joined:
    Mar 4, 2009
    Posts:
    668
    Hi all,

    I've upgraded a batch of computers from V3 to V3 (AV BE). The users are complaining that the computers are far far slower than before the upgrade.

    Is anyone aware of the best settings for Vista? Are there certain things I should switch off? Just to try to get performance back to what it was with 3.0.684....

    Many thanks,


    Jim
     
  2. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,853
    Best settings are default buddy. You can use the default buttons to reset back. They are what I use also. :thumb:
     
  3. jimwillsher

    jimwillsher Registered Member

    Joined:
    Mar 4, 2009
    Posts:
    668
    Ok great, I'll give these a go.

    Cheers,



    Jim
     
  4. Quitch

    Quitch Registered Member

    Joined:
    Apr 24, 2008
    Posts:
    94
    Microsoft recommend a set of exclusions for anti-virus running on Windows: http://support.microsoft.com/kb/822158

    This can be summarised as follows for Vista machines:

    %windir%\SoftwareDistribution\Datastore\Datastore.edb
    %windir%\SoftwareDistribution\Datastore\Logs\edb*.log
    %windir%\SoftwareDistribution\Datastore\Logs\Edbres00001.jrs
    %windir%\SoftwareDistribution\Datastore\Logs\Edbres00002.jrs
    %windir%\SoftwareDistribution\Datastore\Logs\Edb.chk
    %windir%\SoftwareDistribution\Datastore\Logs\Tmp.edb
    %windir%\security\database\edb.chk
    %windir%\security\database\edb.log
    %windir%\security\database\edbres00001.jrs
    %windir%\security\database\edbres00002.jrs
    %windir%\security\database\tmp.edb
    %windir%\security\database\Secedit.sdb
    %windir%\security\logs\*.log
    %allusersprofile%\NTUser.pol
    %Systemroot%\system32\GroupPolicy\registry.pol
     
  5. GrammatonCleric

    GrammatonCleric Registered Member

    Joined:
    Jan 8, 2009
    Posts:
    372

    The only problem with that is:
    What prevents me from writing a code that will store itself in those directories?
     
  6. jimwillsher

    jimwillsher Registered Member

    Joined:
    Mar 4, 2009
    Posts:
    668
    None of those are directories, they are all files. And all these files are never actually executed.

    Many thanks to Quitch for the list, much appreciated.



    Jim
     
  7. Quitch

    Quitch Registered Member

    Joined:
    Apr 24, 2008
    Posts:
    94
    No problem, I just wish more AVs would implement the list as a checkbox.

    To answer this:

    1. None of these are executables files, none of them are folders.

    2. The SoftwareDistribution files are locked by the Automatic Updates service, if you don't exclude them you may find that Windows/Microsoft Update does not work reliably and a security vulnerability can lead to a much more worrying scenario than exclusions.

    3. Attempting to overwrite any of these would trigger a UAC prompt.

    4. I can't think of an entry point to those locations that wouldn't be scanned by NOD32 first.
     
Thread Status:
Not open for further replies.