Hello:

Background Information

I currently use Outpost Firewall Pro 2009 (OP). During OP's normal install process it detects Nod32 2.7 and then defers to Nod32 for real time scanning protection.So OP defers it's own real time antispyware tool in favour of Nod32.
time antispyware product defers to a specific real time antivirus product.

-{ Quote: " AMON, the file system monitor, is a memory-resident (working in the operating memory after each restart of a computer) file scanning program. Automatic execution of AMON after computer restart is a fundamental defense against malicious code. Quitting AMON is not recommended and should only be done under special circumstances. Execution of two different antivirus monitors (from different developers) is not recommended since it can cause a system crash and, especially on Windows NT systems, might lead to serious problems.
" }-

My Question is to Eset ( nod32 2.7)

Since the eset warning is for antivirus products can the user conclude that other NON AV real time scanners work in harmony with AMON?

The fact that OP defers an ASW tool to the Real time AV make me think that OP believes the answer is NO.

But for the sake of my SAS real time ASW product I would like Eset's official view on this matter.

Comment

The fact that some users say they do run more than 1 real time scanner with no impact is not convincing enough, as there could be conflict at a low level we would never notice. I would like the most effective possible zero conflict real time scanning set up as a goal.

-{ Quote: "
Since the eset warning is for antivirus products can the user conclude that other NON AV real time scanners work in harmony with AMON?

The fact that OP defers an ASW tool to the Real time AV make me think that OP believes the answer is NO." }-

It really doesn't matter if it is called Antivirus real time scanner or AntiSpyware real time scanner . If it is scanner , it is scanner and it doesn't matter if it will scan for worms/trojans and/or adware/riskware/hijackware , etc ..... simply because it is more or less the same - simple file/driver/service running , etc.

It could be another antivirus or antispyware but they both have drivers loaded for their real-time protection operation .

In order to ensure there are no conflicts , you must exclude all the files and folders of the (other) program + its drivers . For example - in AMON you could exclude all SAS folders and files + its drivers (you can check them with some utility like Autoruns or ESET SysInspector itself).

You could do the same for SAS - exclude the ESET NOD32 folder + ESET drivers (files) that load on start-up

-{ Quote: "It really doesn't matter if it is called Antivirus real time scanner or AntiSpyware real time scanner . If it is scanner , it is scanner and it doesn't matter if it will scan for worms/trojans and/or adware/riskware/hijackware , etc ..... simply because it is more or less the same - simple file/driver/service running , etc.

It could be another antivirus or antispyware but they both have drivers loaded for their real-time protection operation .

In order to ensure there are no conflicts , you must exclude all the files and folders of the (other) program + its drivers . For example - in AMON you could exclude all SAS folders and files + its drivers (you can check them with some utility like Autoruns or ESET SysInspector itself).

You could do the same for SAS - exclude the ESET NOD32 folder + ESET drivers (files) that load on start-up" }-


Thanks for the reply. FWIW I already have my 3 main security tools Nod32 2.7, OP FW Pro 2009 and SAS 4.29 mutually excluding each other. As you suggest, I will also check the drivers.

But it is my understanding that all this does is prevent the tools from scanning each other's files and finding false positives or wasting time.

The conflicts I am concerned about is when a set of real time scanners say Nod32 and SAS both attempt to scan other files just opening or being read NOT one of their own software files. My concern is that this file will be at a minimum read twice or worse in the dash to scan the file escapes all scanning. If that file is a trojan or a virus you see the point I'm sure.

Anyway, I'm awaiting Eset's response.

-{ Quote: "But it is my understanding that all this does is prevent the tools from scanning each other's files and finding false positives or wasting time." }-

Well , yes , you are right.

-{ Quote: "The conflicts I am concerned about is when a set of real time scanners say Nod32 and SAS both attempt to scan other files just opening or being read NOT one of their own software files. My concern is that this file will be at a minimum read twice or worse in the dash to scan the file escapes all scanning. If that file is a trojan or a virus you see the point I'm sure.
" }-

Yep . Correct , again :) I have seen this situation numerous times (mostly in the past years) . F-prot and Panda installed together , attempt to run Eicar and have a look what's going on ;D That is why it is recommended that you have only one real-time anti-virus/antimalware protection scanner at the same time .

Thanks again.

I have put this question to Eset directly and now wait for their comments on this matter.

I would not be surprised if they confirm your 1 RT scanner only point. It's good to spend some time doing verification work/testing before drawing a conclusion. But I see how this is moving!

But I can wait, a few days will not matter. FWIW, I only have one RT scanner running anyway.

Hello Thread:

Well after reading many posts here and elsewhere and reviewing the feedback to the issue from 3 vendors, Agnitum, SAS, and Eset I have reached a "conclusion".

To avoid conflict and speed problems and preserve realtime protection for my set up I will use only 1 RT Product at a time.

So when OP defers to Eset and Avira and others for realtime protection they are indicating the best direction.

Some say they do doubling of RT and I believe them BUT I have concluded it is unwise to attempt it. Pick 1 RT protector, maximize it and stick with it.

So for me this means that although I could turn on 3 RT protection functions in 3 different products I only have 1 active.

SAS real time OFF
OP FW Pro 2009 real time OFF
(Trial) Avira Antivir Premium real time guard ON and mail-guard ON heuristic at medium both settings ON.

Your mileage may differ. 8)