App Review ESET Smart Security Premium & Shade Ransomware

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.

adnage19

Level 5
Thread author
Verified
Well-known
Sep 22, 2016
211
Really interesting video test - ESET vs undetected by signatures ransomwares



Not good, not bad. First sample detected without problems with the new Anti-Ransomware protection. Unfortunately, second sample was able to decrypt files, even if ESET made few alerts.

edited by mod: embedded the video.
 
Last edited by a moderator:

Stas

Level 10
Verified
Well-known
Feb 21, 2015
456
Nope, the first one was blocked by HIPS (Anti-Ransomware module). Thes second one was detected but files were already encrypted so ESET was too late :p
After executing second sample there was a popup from eset why he allow it what was it???
 
  • Like
Reactions: Der.Reisende

Azure

Level 28
Verified
Top Poster
Content Creator
Oct 23, 2014
1,712
I don't know whether the result would have been different. Still, I think it would have been better to test ESET 10 on Windows 10. Since then you can have ESET full protection. Anyone that has ESET 10 on Windows 10 should be able to notice that on the Antivirus setting there's a setting for AMSI. That is only available for Windows 10.

With that said,unless someone does an intensive comparison test on ESET on both Windows 7(or 8) and Windows 10. We might not know how truly effective ESET can be.
 

adnage19

Level 5
Thread author
Verified
Well-known
Sep 22, 2016
211
I don't know whether the result would have been different. Still, I think it would have been better to test ESET 10 on Windows 10. Since then you can have ESET full protection. Anyone that has ESET 10 on Windows 10 should be able to notice that on the Antivirus setting there's a setting for AMSI. That is only available for Windows 10.

With that said,unless someone does an intensive comparison test on ESET on both Windows 7(or 8) and Windows 10. We might not know how truly effective ESET can be.
Wow, I didn't know, that this feature is only on Windows 10. I'm curious if it wouldn't make a difference.
 
Last edited:
  • Like
Reactions: Der.Reisende

Azure

Level 28
Verified
Top Poster
Content Creator
Oct 23, 2014
1,712
Wow, I didn't know, that this feature is only on Windows 10. I'm curious if it wouldn't make a difference.
Yeah, you can see it in here
ESET Internet Security - Online Help
Working with ESET Internet Security > Computer protection > Antivirus
https://i.imgur.com/MhtoimQ.png
"Enable advanced scanning via AMSI – Microsoft Antimalware Scan Interface tool that allows application developers new malware defenses (Windows 10 only)."

Now would having that make a difference? I don't know. I think that's a question for expert testers like @hjlbx and @cruelsister.
 

adnage19

Level 5
Thread author
Verified
Well-known
Sep 22, 2016
211
no bro, actually he ignore it, because gray icon is 'ignore' while the blue is 'disconnect' or 'clean', so he allowed the second sample to run
You are right, I just used Russian alphabet + Google Translate :D
It's interesting then why he ignored it. Unfortunately I completely don't know what kind of alert was that. Somebody should translate it :D
 

adnage19

Level 5
Thread author
Verified
Well-known
Sep 22, 2016
211
Ok, everything's right with the test, explanation:
 

Attachments

  • Screenshot_20161029-145406.png
    Screenshot_20161029-145406.png
    315.7 KB · Views: 404

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top