Anyone notice any slowdown when running OA++ with other AV?

OA++ doesn't scan http traffic. http://www.emsisoft.com/en/info/oa/KF-Web.html . Webshield does a DNS integrity check and allows you to block domains and unknown BITS jobs-it is not an AV in spite of the name.

 

Is OA++ not an A-V? No A-V properties?

 

I hope this helps a bit...

not when they are downloaded... so no slowdown conflicts there due to OA++.

An AV that does scan downloads as they are received will have some 'time' overhead but if the download is quarantined, then OA++ will never see it try to run.
If the other AV lets the download get into your system then OA++ will look at it if/when it tries to run. But again, the other AV and OA++ aren't competing at exactly the same time.

However, the DNS checking will add some latency, it's an extra step. How much depends on the path to the second 'secure' DNS server. It's a trade off, if you want the extra protection, you bear the extra 'cost' in time.

As said in an earlier post, you'll have the fastest experience if you are totally unprotected. But that speed will only last for about 15-30* seconds, then you get infected and things get really slow.

* I'm not sure what the current 'unprotected time to infection' is, but it's not very long once you're connected to the internet.

 

I'm unsure if you understand OA (I think that you may be confusing its functions).

 

I'm willing to learn if you can explain a bit more...

 

This is incorrect information, sorry. OA++ scans the files after they are created, but does not add the result to the Programs list, it caches it somewhere else. And OA premium (and even OA Free) do the same, they check it for a digital signature and verify with OASIS (it may be free does not use OASIS, though)

 

I think the explanation has been provided.

Perhaps you can explain? I'm willing to learn.

 

OA Free also verify files via OASIS. You can opt-in/out

 

No, not really

The original question of the thread was whether OA++ slowed the PC if another AV was installed. The short answer is that if the 'work' is duplicated it will take longer and therefore appear slower. There was no definition of what 'slower' is in terms of time units.

Since the OP didn't specify at what point the slowdown might occur, it might be wise to list some of the more common ones:
1) turn on the PC and wait for the boot process to complete. Because they're both loading, it will take longer... and thus appear 'slower'.
2) connect to the internet (turn on the router or dial-up, etc. and just let the PC sit there. No slowdown here because not too much is happening.
3) download e-mail and open attachments. Both may take time to verify something that tries to run. Duplicate work takes longer, appears 'slower'.
4) click links because they look interesting. Both may verify the DNS. etc.
5) browse the web and in some cases, just hover your cursor over the wrong spot on the page... Or download anything that's free... Or join an IRC... Or.... depends on what's getting checked. If OA checks something the other doesn't then... if they both check...


My answer was an expansion of the answer by sded, that OA wouldn't slowdown the PC while surfing and downloading because, as Alex confirmed, OA++ only kicks in AFTER a file is downloaded and 'created' somewhere in a folder on the PC. That doesn't slow down your surfing. So while Alex's answer is a correct description of how OA works, it didn't address my point.

My answer was that surfing itself MIGHT be noticeably slower if OA Web Shield was checking the DNS + there was a lot of latency in the route to the DNS, then surfing would appear to be slow since you have to wait until the verification is complete.
It would be even more noticeable if the other AV was also checking the DNS at the same time.

My answer did not address the issue where both check their signatures when something tries to run, double checking takes time and appears slower.

My answer did not address the time taken by OA to contact OASIS or the other to contact it's on-line database. Latency and server response may vary depending on the path from the PC to the vendors database(s).

My answer did not address the possibility of a conflict between OA and another AV which would disable either or both if a deadlock occurred since the issue would not be speed, it would be...

The above question was related to the premise that a totaly unprotected PC would be infected/compromised within seconds of connecting to the internet.

Google is good... you can find answers to this many places, however.

Now to be clear, I haven't done that, I'm a believer in protection.

But, why don't you try it, remove all your protection, turn off your firewall, get out your stop watch and connect to the net and wait... and become a believer... (but that's a bad way to learn, really, I don't recommend it unless you have a rock solid recovery solution).

 

This does mean that help info is not correct. I know it better than help file, because I implemented it. You will not get alert on download, it only scans file and saves result. When it comes to execution it just takes result and produces alert (to reduce start time).

 

This would beg the question of whether the design specs were followed by the implementer (coder) or ignored.

If the implementer ignored the design specs and the differences were not communicated to the person writing the help file, the implementer introduced the error in the help file (making it incorrect).

If the implementer followed the specs but didn't check the help file to determine if it accurately represented the code that he/she had written, the implementer failed rather than the person writing the help file. Because I'm sure that we can agree that it's much easier for an implementer to read the help file than someone else to read the code written by the implementer.

Unless the implementer wrote both the code and the help file....

It appears that you are saying that:
-immediately after a download, the file is scanned against AV sigs if ++ and against digital sigs and OASIS for ++ and Premium (free and paid), and the result is stored 'somewhere' based on what is known at that moment in time.
-the user is not prompted until an attempt is made to run the file.

If the prompt is based only on the results of that scan, results that were stored 'somewhere', possibly days or weeks or months before, the results may be very out-of-date and therefore incorrect. Is that how you implemented the design?

I ask, because you would know, being the implementer.

Of course if the above is how you implemented the design, then there could be an apparent 'slowdown' running OA and another AV because there's double the work being done (a layered security approach perhaps?) plus additional latency to contact the OASIS server. But all wasted if the results are out-of-date or if a second scan is done when an attempt to run the file is made.

 

Nobody on the Earth has mastered to write spec for security good enough that it allowed to disable 100% of the malware. Practically this means that every new malware requires new research and new research brings you to a necessity to implement code not specified initially.

This complicates the things a lot if you care about security more than about just following some spec. In the opposite situation you come with "easy and stable" product which fails most of the modern malware.

You seem to not understand that security is a very specific area where generic approaches do not work. If they did, we'd defeated all the malware long ago.

BTW. Do you feel yourself being able to write such spec? If not, then who do you think is able to?

Concerning reporting changes to help-maker. As for me, some technical details should not come to the help. From the other side I never had a time to read the help fully and nobody ever required me to. As for this piece of help I'm afraid it originated from the V1 with Kaspersky and never was changed since then. That is to say in addition we ever were very limited in resources, sometimes there was just nobody to handle help. You need to understand that investments Mike could afford to OA were not enough, unfortunately, to "manage everything right". So the fact OA appeared is close to a miracle. It is based on Mike's enthusiasm and our hard work (sometimes 36h in a line).