ESET NOD32 conflict with Malwarebyte's Anti Malware Real-Time protection?

Discussion in 'ESET NOD32 Antivirus' started by FoxTint, Mar 16, 2010.

Thread Status:
Not open for further replies.
  1. FoxTint

    FoxTint Registered Member

    Joined:
    Mar 16, 2010
    Posts:
    3
    Hi, first post :)

    I just installed EN32 today, and also purchased the full version, but what worries me is it might have conflict with MBAM real time protection, which comes with the full paid version of the software.

    Any help on this issue? Right now MBAM real time Protection is disabled, and when I get the all clear 'Go', i'll start using both of the software.

    NOTE: MBAM is not an AV scanner, just a Malware scanner.

    FoxTint. :doubt:
     
  2. Capp

    Capp Registered Member

    Joined:
    Oct 16, 2004
    Posts:
    2,125
    Location:
    United States
    Welcome to Wilders!

    I personally have not seen any instances of conflicts between these two. Keep in mind that running any multiple instances of security products comes with risks of conflict. The best bet is to just give it a try on your system and see if you find any problems and go from there, but as I mentioned, I've never run into any problems with these two not playing nice together.

    HTH
     
  3. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    There was a problem with MBAM real time loading with Avast!V5 on bootup where they were competing with each other. It caused the system to freeze. Avast came out with a new build and solve the problem. I guess the only way to test it is to try it.
     
  4. FoxTint

    FoxTint Registered Member

    Joined:
    Mar 16, 2010
    Posts:
    3
    Thanks a lot you two, I really appreciate your help.

    FoxTint ;)
     
  5. Danutak

    Danutak Registered Member

    Joined:
    Apr 21, 2008
    Posts:
    51
    running MBAM and NOd32 v4, I could not load any pages. As soon as I exited MBAM the pages started to load. Obviously the two programs do not work very well together. Any suggestion ladies and gentlemen?
    I am not very advanced, sorry.

    I had enough and I exited MBAM. I felt saver on net with it running. :(
     
  6. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    I assume you're talking about the paid version of MBAM. You'll have to run it on demand until you can get Eset to create a fix. Tell them to ask Avast what they did to fix their conflict with MBAM.
     
  7. Danutak

    Danutak Registered Member

    Joined:
    Apr 21, 2008
    Posts:
    51
    Yes I am running the paid version. Thank you very much. In a month my 2 years subscription ends. I wonder if I should stick with Nod. I love Esset though. Thanks
     
  8. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,732
    Both offer real time protection - that's NOT recommended!
    (and it has something of paranoia - one engine aint enough)

    I had same experience with NOD 2.7 and MBAM - and nothing changed till v4.
     
  9. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    I researched the issue of having 2 real time detection software products running at the same time. It is bad idea.

    But let me be clear you could have Nod32 with it's real time scanning and SAS or OP at the same time BUT only one of these products with real time enabled.

    For example when user installs OP it detects Nod32 and then turns off it's conflicting modules so for that vendor the conflict is real!

    1 at a time for real time, like AV's, only one.
     
  10. Danutak

    Danutak Registered Member

    Joined:
    Apr 21, 2008
    Posts:
    51
    I already use Malwarebytes only on demand. Thank you for an explanation. Escalator. Thank you so much. The computer is running smoothly now.:D :D
     
  11. leofelix

    leofelix Registered Member

    Joined:
    Sep 6, 2009
    Posts:
    171
    Location:
    Italy
    I use NOD32 v 4.0.474.0 and MalwareBytes' AntiMalware pro 1.44 (MBAM is not set to start with windows, I'm used to apply MBAM realtime module when Windows is already started).

    Even if it is correct not to use two or more resident antivirus (or 2 security suite or 2 personal firewalls) at once: I have no problem at all with NOD32 and MBAM Pro (Even with Avira and Gdata antivirus which I use on other computers of mine)

    MBAM is not an antivirus and it has been developed to work with the most of antivirus.

    Since I joined MalwareBytes' Corp forums 2 years ago, I know that while a few ESET NOD32/SMart Security users had issues with MBAM real time module the most of ESET NOD32 users have no problems at all.
    I do not know the reasons.

    Cheers:)
     
    Last edited: Mar 18, 2010
  12. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    The issue is not running using these 2 products.

    It is the use of 2 heuristic / signature based real time scanners trying to work at the same time. They fight.

    For those who say, "I do it no problem" I believe you.

    BUT it is like high blood pressure there are NO visible symptoms no messages no GUI pop ups nothing.

    So it turns out that 2 RT scanners like Eset 32 and OP pro in my case is worse than none. You think you are covered and you are NOT.

    So in these cases 2 < 1.
     
  13. sunoracle

    sunoracle Registered Member

    Joined:
    Mar 25, 2010
    Posts:
    51
    So what are we supposed to do, given that products like MBAM and SAS offer protection against things that NOD32 doesn't (or doesn't do very well at)?

    I got hit a couple of months ago by a trojan that came along with an installer from a vendor that makes an app I use for work. NOD32 didn't detect it at all.

    I noticed odd amounts of disk activity, and CPU and RAM usage shot way up. Task manager showed me something was spawning hundreds of processes named dll32.exe.

    I shut the PC down and got on my Mac to check into what it might be, and found some info, plus saw a lot of recommendations for MBAM and SAS. I installed MBAM, it detected the trojan, removed it, and I could then do more scans with several AV packages and anti-spyware packages to make sure my PC was clean. I was then able to get my newest data off and restore the whole system from a backup.

    I'm currently running NOD32 4.2 and MBAM 1.45 on my computer (Win 7 64-bit and my wife's (Win 7 32-bit) and I'm not really seeing any behavior on either one that would tell me there is a conflict and they are "fighting each other."
     
  14. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    Taking Escalader's advice, I think the key word here is real time as opposed to on demand. Running your MBAM real time next to your Eset, might not show any conflicts until you get infected and both apps try to go into action at the same time. As Escalader explained 2<1:ouch:
     
  15. sunoracle

    sunoracle Registered Member

    Joined:
    Mar 25, 2010
    Posts:
    51
    That's fine, but NOD32 didn't protect me without MBAM, so I'm not sure I have anything to lose by using them both real-time at once.

    I suppose I could just switch to KAV, since it has seemed to provide better detection of a wide variety of malware, but it has other issues. Sophos could be another option, although I'm not sure if they really want to deal with the retail end-user (they've always preferred to sell to large businesses).

    I've been quite happy with NOD32 over the past several years. However, I feel that it has now become so profitable to infect someone's computer that many people are exposed to a larger quantity and variety of threats than in the past, and the threats are being developed professionally like any other business software. (There's probably much more money in developing malware if you're a software engineer in a number of countries than there is in being part of a 1000 person team working on some component of Oracle or something.)

    My getting infected by that trojan and NOD32 not detecting it was a warning sign I can't ignore. (It was a several year old threat from what I could find out, so ESET should have been able to detect it by now.)

    I also found that some people at the Malwarebytes forum recommend both NOD32 and MBAM.

    http://forums.malwarebytes.org/index.php?showtopic=45716&view=findpost&p=227061


    http://forums.malwarebytes.org/index.php?showtopic=42086&view=findpost&p=208700
     
  16. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    Hi Escalader, Which of your OP or Eset do you run real time scanning? :)
     
  17. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,732
    didnt you scanned it with both engines manually?
    Or tried a test run in a sandbox?
    i dont trust anyone even when it distributed safe files in the past.
     
  18. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
    I'm using ESS 4 with MBAM Pro together for a while now, no problems :) Also, as far as I know, apart from the IP Blocker feature MBAM only scans starting processes, so it isn't heavy.

    I like trying out new software and currently I have ESS, MBAM Pro and Prevx all running together realtime, without any problems, without setting exclusions for eachother.
     
  19. sunoracle

    sunoracle Registered Member

    Joined:
    Mar 25, 2010
    Posts:
    51
    At the time I was only using NOD32.

    No, I did not. I was rather rushed at the time and simply relied on NOD32 to protect me.

    I'm going to have to modify how I do things in the future.
     
  20. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,732
    you asked - and the cheapest answer is -> http://sandboxie.com/

    Returnil and Bufferzone are other options
    http://www.trustware.com/
    http://www.returnilvirtualsystem.com/

    Returnil has the option to reset system to its status right after booting,
    same for Shadow Defender and Deep Freeze. but that aint a sandbox.


    Anyway eset and mbam are signature driven - a behavior blocker can help
    to prevent some suspicious actions - like Zemana Antilogger, Malwaredefender,
    Threatfire, Mamutu aso (i dont know all - look here for a complete collection
    --> https://www.wilderssecurity.com/forumdisplay.php?f=30 )

    On the other hand vs keyloggers you could use KeyScrambler or a virtual machine
    with no confidential data in it - whats not there cant be stolen.
     
  21. focus

    focus Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    276
    Location:
    USA
    I use Nod32 v4.2.40 AV only and the latest version of SAS both in realtime mode with no problems at all. I tried MBAM realtime once with Nod32 and had dramatic performance problems so I now use MBAM free and do manual scans periodically. I also have Winpatrol Pro and Zemana Antilogger running reatime too and am thinking about adding Keyscrambler.

    An added note to this, I have noticed an improvement in realtime performance, email and browser, since upgrading Nod32 from v4.0.474 in the past week. I have left most of the Nod32 settings at their default values whereas I had changed some of the settings prior for more aggressive protection. I think I will leave things as they are for now as I like the new promptness in response time.
     
  22. T-RHex

    T-RHex Registered Member

    Joined:
    Jun 10, 2009
    Posts:
    97
    So some here say not to use Nod32 and MBAM real-time together.
    Over at MBAM they say it was designed to work alongside AV software.

    Something everyone is missing is that there is a need for MBAM only because Nod32 is obviously letting stuff through that MBAM isn't.

    MBAM has proven that it can detect and remove things that Nod32 cannot. The question is, why isn't ESET getting this functionality in Nod32 ASAP? Obviously it *can* be done, as MBAM (and A2 and SAS) are doing it.

    Saying "well, no AV can get everything" isn't an answer and "Nod32 is an AV not an anti-whatever" is also not an answer. It shouldn't matter what it's called -- whether it's a virus, a trojan, spyware, hijackware, whatever -- it's all crap that we don't want, and the software we pay for (and I've paid since v2.7) should do everything it can to block this stuff. Otherwise we'll switch to a competitor, and there are a lot to choose from.

    Now I have to figure out why my system is hanging, throwing BSODs and generally misbehaving. All since I installed Nod32 v4 and MBAM, and even after disabling MBAM...
     
  23. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    The problem is MBAM not the AV. Your system hangs (on start up I presume) because NOD and MBAM are starting at the same time. I solved that problem because I use Avast! that has a 10 second wait if you need it. The other thing is heuristics. Please see Escalader's post #12. I reverted MBAM back to on demand.
     
  24. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    In my W7 64 bit my OP Pro FW, I did not install it's ASW scanner for on demand or RT scanning.

    I use Nod32 AV 4.2.35.0 build 5044 as of today.

    FWIW I'm also methodically minimizing W7 services using Black Vipers guidelines.
     
  25. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    Neither did I. :)
     
Thread Status:
Not open for further replies.