![[correlate]](/data/avatars/m/79/79653.jpg?1556985072){kind=avatar}
- May 4, 2019
- 825
ESET Internet Security 2020 Review | Test vs Malware
- Thread starter [correlate]
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
- May 26, 2014
- 1,130
Nice results,Maybe Eset has improved against Ransomware,which always seem to be its weak spot ,thanks for the link Correlate
- Nov 8, 2016
- 574
A summary of the results would be nice 
Good and intuitive user interface. Lots of settings that can be configurable. ESET passed the malware test with no problems.
Seems that ESET and Kaspersky are the few left softs giving some tweaking freedom for geeks.
- May 4, 2019
- 825
Yes I noticed it markedly improved.
iron Man.ESET’s recent engine update has been fantastic. They have arguably the best signatures now.
My main gripes at this point, if I HAD to complain about something, are:
- SSL decryption behavior by default. Some like it, some aren’t comfortable. This would be ideal to ask at install time.
- UI is kind of wonky — I don’t enjoy custom notification banners. In ESET’s case, theirs don’t fare well on HiDPI displays and with rotation.
- HIPS instead of behavior blocker. They have a very very powerful HIPS built in but none of the “set it and forget it” protection modes trigger on unknown binaries doing suspicious things, which is quite different from most other AVs with a HIPS/BB component. But OTOH you can customize their HIPS to do really elegant and powerful sandboxing if you are willing to invest that effort.
- Price/value.... it costs significantly more than other top tier AVs. Furthermore their pricing model treats Macs and other OSes separately from the PC product which makes it even more expensive if you run multiple OSes.
But yeah I heard that they power Google Chrome’s built in AV scanner for their downloads which is likely how they stay on the forefront of new malware.
My main gripes at this point, if I HAD to complain about something, are:
- SSL decryption behavior by default. Some like it, some aren’t comfortable. This would be ideal to ask at install time.
- UI is kind of wonky — I don’t enjoy custom notification banners. In ESET’s case, theirs don’t fare well on HiDPI displays and with rotation.
- HIPS instead of behavior blocker. They have a very very powerful HIPS built in but none of the “set it and forget it” protection modes trigger on unknown binaries doing suspicious things, which is quite different from most other AVs with a HIPS/BB component. But OTOH you can customize their HIPS to do really elegant and powerful sandboxing if you are willing to invest that effort.
- Price/value.... it costs significantly more than other top tier AVs. Furthermore their pricing model treats Macs and other OSes separately from the PC product which makes it even more expensive if you run multiple OSes.
But yeah I heard that they power Google Chrome’s built in AV scanner for their downloads which is likely how they stay on the forefront of new malware.
I hold the same view myself, however with DoH and ESNI coming, SSL cert interception may soon be the only way to block bad domains ( unless someone wants to fallback onto IP-based blocking ). I may still not be comfortable with it but in a post DoH/ESNI world it may be the only way to filter web traffic at the web layer.
Can you give a pointer for this? I haven't seen them advertise sandboxing capabilities ( unlike Avast, Comodo etc )
I find that having endpoint protection system wide for blocking bad domains and bad data being transferred is more of a defense in depth and I would never choose to compromise a more fundamental form of security like end to end transport security or memory/injection integrity of core system functionality in exchange for that kind of inspection.
As far as HIPS configuration, this recent thread gives on example of how to write complex rule based ACLs for a process: Discuss - ESET - Implement Protected Folders via HIPS
their online documentation provides much more information about what their HIPS policy rules can do, but not a lot of recommendations on how to apply it. I personally think this is more useful for Enterprise than for end users.
I agree, it's huge compromise, but still this may be the only way to do web filtering in the future. Personally, given that without DoH/ESNI on my machines and having web filtering at router level ( not via cert interception ) it has never caught anything useful, I may drop it altogether for myself. But eg for parental control type of web filtering, this may soon be the only option.
This is more similar to Window's native CFA than Sandboxing features though.
- Dec 30, 2012
- 4,809
Yes...They need to make the UI less ambiguous for novice users....
- Mar 16, 2019
- 3,862
I think they do this because most users don't bother about changing any settings so they keep it on by default as it provides more protection. An example, the site mentioned in this thread is only blocked if SSL scanning is turned on. Q&A - HEUR:Trojan-PSW.Script.Generic
It's not blocked when SSL scanning is off. Tested with ESET and Kaspersky, same results. So, the default settings are average user focused so it's on by default.
This is where they should do better with the default settings. HIPS is set to Automatic mode by default. In automatic mode, ESET blocks activity if it matches the predefined rules and anything suspicious is allowed to run. In Smart Mode, ESET would sometimes ask for user permission if it detects anything suspicious. Though it's very rare to receive a prompt from HIPS but it at least does in smart mode while in the default automatic settings it's nonexistent. Smart mode should be the default and many users have been asking for it for the last 2-3 years. I don't understand why don't they listen!
- Jan 30, 2013
- 210
now they are good and thanks for the test but they need to fix removing Eset what a mess they leave behind
in the users system for the unfortunate ones..
in the users system for the unfortunate ones..
- Mar 16, 2019
- 3,862
You're clearly the unfortunate onenow they are good and thanks for the test but they need to fix removing Eset what a mess they leave behind
in the users system for the unfortunate ones..
I uninstalled ESET so many times and never had a problem. Use the ESET uninstaller in safe mode next time to be safe.
- Apr 1, 2019
- 2,868
I also have removed ESET multiple times in the last year and have had no issues. It uninstalls cleanly and if you use their removal tool in safe mode you can get the last couple leftovers. Sorry to hear it gave you problems.now they are good and thanks for the test but they need to fix removing Eset what a mess they leave behind
in the users system for the unfortunate ones..
Glad to see that Eset it upping their game. I do agree that as powerful the HIPS component is (can be when tweaked), I do think that their home products should have something more automated and leave the HIPS for their enterprise offerings. I know some geeks my not like that, but it's not just geeks buying the home versions and I think that needs to be accounted for IMHO.
Agreed.
I've never really been a fan of HTTPS scanning. It seems to cause more issues that it's worth IMHO. HTTPS was always designed to be a secure connection between you and the server with no one in between (both good and bad). It just bugs me that security companies know this, but do it anyways. How many times do you see someone have issues with browsers/websites and the first solution from any company doing HTTPs scanning is to disable it. That to me means they know this causes problems, so why do it?
I guess a good discussion to have would be to decide if HTTPS scanning is even necessary? I mean there's other ways to block web pages (IP blacklisting), but even if a file is downloaded, isn't that what the file scanner, BB, etc... is for anyways? Before we say that it's a requirement, lets not forget who told us it was a good idea/necessary in the first place. Ill give you a hint.........AV companies.
I do agree that as powerful the HIPS component is (can be when tweaked), I do think that their home products should have something more automated and leave the HIPS for their enterprise offerings. I know some geeks my not like that, but it's not just geeks buying the home versions and I think that needs to be accounted for IMHO.Agreed.
I've never really been a fan of HTTPS scanning. It seems to cause more issues that it's worth IMHO. HTTPS was always designed to be a secure connection between you and the server with no one in between (both good and bad). It just bugs me that security companies know this, but do it anyways. How many times do you see someone have issues with browsers/websites and the first solution from any company doing HTTPs scanning is to disable it. That to me means they know this causes problems, so why do it?
I guess a good discussion to have would be to decide if HTTPS scanning is even necessary? I mean there's other ways to block web pages (IP blacklisting), but even if a file is downloaded, isn't that what the file scanner, BB, etc... is for anyways? Before we say that it's a requirement, lets not forget who told us it was a good idea/necessary in the first place. Ill give you a hint.........AV companies.
- May 26, 2014
- 1,130
Just a note for those who struggle with safe mode, Winaero (Free program) has a setting to give you a link to safe mode on your desktop and another link to return to normal mode,true uninstalling Eset with there removal tool works gl
If one improbable day, i had to install a 3rd party AV , ESET IS, Symantec EP and Emsisoft would be my 3 choices.
- May 26, 2014
- 1,130
If you choose Emsisoft would you tweak windows Firewall?
My Windows Firewall is always tweaked. There nothing on my systems that is not tweaked.
(check my security config thread and you will understand
)
Similar threads
