Huchim

Level 5
Verified
Malware Tester
I have spent maybe 10 years of my career making trusted boot / secure boot systems. My experience has been that SRP type solutions tend to be treated as nagware by the average user — it’s like seeing those self signed certificate dialogs. Customers don’t treat “this thing isn’t trusted” as a very serious error — they at best treat it like it is an unnecessary safety nag and at worst think it’s a conspiracy to use the Microsoft Store or join some developer program, etc....
What users take seriously is “this contains a virus” or “this is considered harmful”. That is more like a cloud reputation scanner (like SONAR or Emsi Anti Malware Network or more or less a cloud AV).
I'm agree! Average users need a proper behaviour blocker and adblocker on their systems. I have just tested the new version of ESET and is light but I don't notice a difference with V12. I found a ML/Augur signature detection on real-time protection, seems like a heuristic detection not from dynamic detection, It has a great detection capability, currently testing it with Kaspersky at same time to get another reference. Maybe I'll test it at same time with Norton next month to test their new modules; script detection and link guard
 
I'm agree! Average users need a proper behaviour blocker and adblocker on their systems. I have just tested the new version of ESET and is light but I don't notice a difference with V12. I found a ML/Augur signature detection on real-time protection, seems like a heuristic detection not from dynamic detection, It has a great detection capability, currently testing it with Kaspersky at same time to get another reference. Maybe I'll test it at same time with Norton next month to test their new modules; script detection and link guard
And on top of that, there are some ways that baselining/trusting can break down too:

If you restrictively baseline based off binaries already on your system, that will affect a lot of apps that auto-update by downloading and executing binaries (including AV engines, Chrome, Firefox, etc). And if you basically say "whitelisted binaries are allowed to get and process other whitelisted binaries" that starts opening you up to exploit-based or fileless attacks. For example, on macOS an old vulnerable version of the Sparkle app updating framework could be fooled into downloading and unpacking arbitrary things from an attacker.

All in all, it takes a lot of dedication from a power user to make this scheme work well. It's simply not realistic to expect the Average Joe or even Above Average Joe to get a lot of benefit from this kind of a setup. They are much better served by the combo of web antiphishing, strong signatures, and a cloud white/blacklist system that controls the sensitivity of a behavior blocker. (Unsurprisingly, that's what every top notch AV suite goes for!)
 

blackice

Level 12
Verified
And on top of that, there are some ways that baselining/trusting can break down too:

If you restrictively baseline based off binaries already on your system, that will affect a lot of apps that auto-update by downloading and executing binaries (including AV engines, Chrome, Firefox, etc). And if you basically say "whitelisted binaries are allowed to get and process other whitelisted binaries" that starts opening you up to exploit-based or fileless attacks. For example, on macOS an old vulnerable version of the Sparkle app updating framework could be fooled into downloading and unpacking arbitrary things from an attacker.

All in all, it takes a lot of dedication from a power user to make this scheme work well. It's simply not realistic to expect the Average Joe or even Above Average Joe to get a lot of benefit from this kind of a setup. They are much better served by the combo of web antiphishing, strong signatures, and a cloud white/blacklist system that controls the sensitivity of a behavior blocker. (Unsurprisingly, that's what every top notch AV suite goes for!)
I consider myself a slightly above average Joe when it comes to computers and this is exactly how I’d feel. Idealwould be running default deny setups, but with my skill level and time for these sorts of things it feels like more work than the benefit you get is worth. Also, for the average home user that is cautious, most decent AVs with some web filtering at some level (extension, dns, router) will do the trick.

It's very light and signatures are great, but I always feel that the settings section could do some work to make it more easier to navigate.
I agree, the UI is cumbersome. I am glad I was able to import the HIPS rules. It’s a hassle to setup a bunch of rules, but robust.
 

F 4 E

Level 1
I've tried most of the main AV programs, and so have had plenty of experience in setting up options in various releases of Norton and Kaspersky, but Eset is just way too involved for me.

Nowadays, I want an AV that gives good protection and doesn't take all afternoon to set up.

For that reason, F-Secure does me nicely.
 

artek

Level 4
I've tried most of the main AV programs, and so have had plenty of experience in setting up options in various releases of Norton and Kaspersky, but Eset is just way too involved for me.

Nowadays, I want an AV that gives good protection and doesn't take all afternoon to set up.

For that reason, F-Secure does me nicely.
I feel the same way. The main problem I have with ESET is the complicated menu structure and HTTPS scanning. I just want a pure virus scanner, no poorly implemented firewall, password manager, or any other bloat.
 

elquenunca

Level 3
Why do you hate it? its very light on system resources, it has much better protection capabilities than eset and has more advanced methods of protecting you
I have been using the Internet for years since I started with windows 95 and the only time an antivirus broke my computer was norton, in one of his updates he asked me to reboot and the computer died after rebooting, I am talking about surely more than 25 years since then I will never use norton:mad::cry::)
 

F 4 E

Level 1
I have been using the Internet for years since I started with windows 95 and the only time an antivirus broke my computer was norton, in one of his updates he asked me to reboot and the computer died after rebooting, I am talking about surely more than 25 years since then I will never use norton:mad::cry::)
And Norton is STILL causing problems. One more reason I'm glad I dumped it, too !

 
And Norton is STILL causing problems. One more reason I'm glad I dumped it, too !

In most of these cases it’s been advanced and aggressive security features clashing badly with uncommon Windows features. If anything Symantec is flying too close to the sun with their aggressive approach to both behavior blocking, ML/AI based heuristics, and a deep packet inspection IPS system built all into one package. that’s one thing I dislike about these crazy “kitchen sink” suites.
 

SeriousHoax

Level 11
Verified
Malware Tester
Hi, can someone demonstrate how light ESET is please? Also, can you choose which module to install, like Avast?
The best way to demonstrate is to use it personally. ESET is the lightest AV for me. Previous version was already the lightest but they somehow made this version 13 even lighter. I ditched ESET 2 months ago for no apparent reason and settled with Windows Defender. But last night installed this new version to check this out and now I don't feel like going back to Windows Defender at the moment. I've always been a fan of AVs that has better offline signatures and ESET is also the best in that category.
 
And nothing, trying EIS 13 yesterday I found it disabled with a nice Relevant Knowledge in the machine along with other little things, I had to make a grind to not format. EIS 13 is very light, there is no doubt but it still lacks many things.
 
  • Like
Reactions: venustus

blackice

Level 12
Verified
And nothing, trying EIS 13 yesterday I found it disabled with a nice Relevant Knowledge in the machine along with other little things, I had to make a grind to not format. EIS 13 is very light, there is no doubt but it still lacks many things.
I’m not sure what you mean by disable? And had to make a grind? Did you find a way to circumvent the self protection and disable it?
 
Yes, even though it was installed, Eset was as if it were not present, once Eset was removed even Windows Firewall and Defender did not work. There were also other adware.
 
  • Like
Reactions: venustus