ESET v18

[CyberDevil]

Can someone explain why such a rule in Eset blocks the entire internet? I just saw a list of dangerous ports here on the forum, but found that trying to completely block any port results in loss of internet access. I don't understand how this works.

 

[Jonny Quest]

Would somebody help me to understand this, please

I know Leo's videos can be a bit controversial, but at 10:28 he tests ESET against ransomware protection. He has real time protection disabled and claims this known ransomware should be blocked by HIPs protection. When it isn't, there are about 4 replies that say this:

Sad to see such a big mistake in a review : 12:16 It directly says there, right in the thing you moused-over in the UI, that "ESET Live Grid must be enabled for Ransomware Shield to function properly".

I am running a trial version of ESET Internet Security, and when I disabled the real time shield, and checked the Live Grid setting, it was still On. Real time didn't disable it, and I'm sure, I would think that it wasn't disabled on his end either (he didn't go to that setting and turn it off), so what are they talking about, does Live Grid need real time protection on as well, would that ransomware have then been blocked?

And in my uneventful online life, do I really need to pay more to get Live Guard, as I'm not downloading the internet everyday? Otherwise, there are some really nice features in ESET Internet Security.

 

[cofer123]

Leo's testing methodology is flawed when it comes to ESET. ESET has repeatedly and clearly stated (on their forums, on their documentation and by Marcos on some of Leo's videos) that it needs all modules enabled to work.

It's been like this for many years and he refuses to learn either by ignorance or actual malice at this point. His recent comparison video is a clear example of bad testing methodology, as he uses a heavily outdated version of ESET against ransomware while using more up-to-date competitor solutions. Had he an used updated version of ESET on that test, it would've caught the ransomware just like the others.

Edit: regarding Live Guard, unless you often download files from unknown sources, I would say it's not really worth it. You will get the signatures eventually anyway as these unknown files get flagged by ESET.

 

[Jonny Quest]

Leo's testing methodology is flawed when it comes to ESET. ESET has repeatedly and clearly stated (on their forums, on their documentation and by Marcos on some of Leo's videos) that it needs all modules enabled to work.

It's been like this for many years and he refuses to learn either by ignorance or actual malice at this point. His recent comparison video is a clear example of bad testing methodology, as he uses a heavily outdated version of ESET against ransomware while using more up-to-date competitor solutions. Had he an used updated version of ESET on that test, it would've caught the ransomware just like the others.

So ESET would need the Real time protection on as well, all modules on as you said, in this test to have blocked the ransomware. So the others who mentioned Live Grid, it really wasn't the issue then, as it was On. I agree, I'm not a fan of disabling modules to test a product, I don't use my AV in half mode protection.

edit: thank you for your follow-up edit, I appreciate that as well

 

[Bill K]

Additional anti-ransomware software that I've seen suggested to combine with ESET Internet Security is the free version of AppCheck.

 

[Vitali Ortzi]

Additional anti-ransomware software that I've seen suggested to combine with ESET Internet Security is the free version of AppCheck.

Eset didn't put the ransomware remediation into consumer products unfortunately

https://forum.eset.com/topic/43704-ransomware-remediation/

What I do in my PC is use layers although I'm using the version that does have ransomware remediation (hitman pro alert , comodo fw , checkpoint threat emulation, Symantec ips all as extra layers to ESET endpoint advanced )

There are all kinds of free anti ransomware tools people can use and one of the best ones is Kaspersky anti ransomware Wich has the incredible behavior module roll back of system watcher

 

[cartaphilus]

Would somebody help me to understand this, please

I know Leo's videos can be a bit controversial, but at 10:28 he tests ESET against ransomware protection. He has real time protection disabled and claims this known ransomware should be blocked by HIPs protection. When it isn't, there are about 4 replies that say this:

I am running a trial version of ESET Internet Security, and when I disabled the real time shield, and checked the Live Grid setting, it was still On. Real time didn't disable it, and I'm sure, I would think that it wasn't disabled on his end either (he didn't go to that setting and turn it off), so what are they talking about, does Live Grid need real time protection on as well, would that ransomware have then been blocked?

And in my uneventful online life, do I really need to pay more to get Live Guard, as I'm not downloading the internet everyday? Otherwise, there are some really nice features in ESET Internet Security.

ESET keeps saying that it requires all the default modules to work in order to guarantee 100% functionality of each module. The modules play off each other and they hand over the tasks in the identification and kill chain. You can't just disable things willy nilly like in any other AV and smile thinking that you have defeated the AV.

Leo is being disingenuous and idiotic. He is disabling real time protection because it functions too well to protect against the threat. It's like someone testing a bullet proof vest but the vest stops all the bullets so they decide to test just the plate carrier without the plates themselves and OH MY GOD NYLON STRAPS AND MATERIAL DOES NOT PROTECT AGAINST BULLETS!!!!!

If he is not skilled to design his own encryptor not detected by the real time portion of the AV then maybe just maybe he shouldn't touch that portion of the test? Yes I am a general surgeon so I know how to cut thus today I will perform your brain surgery since why not? It's surgery and I am a surgeon?!

What's worse than no test? A test performed idiotically causing misinterpretation of the results.

 

[Sorrento]

Most of these YouTube tests for me are for amusement only: As far as I can remember in this life, I've never turned off my AV, dumped 2000 malware files on my desk and ran them one after the other usually not giving the AV the ability to restart after an infection & based the effectiveness of the AV for normal use on the results - These files would normally have to get onto your PC & by normality would be scanned by your browser etc - As for ransomware its really the only thing that does worry me & so multiple external drive backups of all data should sort it.

 

[Jonny Quest]

ESET keeps saying that it requires all the default modules to work in order to guarantee 100% functionality of each module. The modules play off each other and they hand over the tasks in the identification and kill chain. You can't just disable things willy nilly like in any other AV and smile thinking that you have defeated the AV.

Leo is being disingenuous and idiotic. He is disabling real time protection because it functions too well to protect against the threat. It's like someone testing a bullet proof vest but the vest stops all the bullets so they decide to test just the plate carrier without the plates themselves and OH MY GOD NYLON STRAPS AND MATERIAL DOES NOT PROTECT AGAINST BULLETS!!!!!

If he is not skilled to design his own encryptor not detected by the real time portion of the AV then maybe just maybe he shouldn't touch that portion of the test? Yes I am a general surgeon so I know how to cut thus today I will perform your brain surgery since why not? It's surgery and I am a surgeon?!

What's worse than no test? A test performed idiotically causing misinterpretation of the results.

Thank you, as that's all he did, was stir the pot with how he tested it, and got people worked up, or in my case questioning it.

I appreciate the replies from you all, as they have a great discount for first time users. Not only is the protection solid, but I also like the Tools module, like Running processes, Network Inspector (I also used that in Kaspersky Plus) and the Firewall that can be as busy (notifications) as I want or don't want.

 

[Jonny Quest]

Something that just kind of hit me, is there is no upsell within the Essential app that I'm missing "these features" from the Premium version that I could have. Just a nice clean UI and modules.

 

[Jonny Quest]

With LiveGuard, why wouldn't I want the files deleted immediately after analysis? What is the thought or "benefit" of them having it for 30 days?

 

[Vitali Ortzi]

With LiveGuard, why wouldn't I want the files deleted immediately after analysis? What is the thought or "benefit" of them having it for 30 days?
View attachment 286725

It gives them time to further time to analyze the sample probably very rarely they are going to do so anyway

 

[Jonny Quest]

It gives them time to further time to analyze the sample probably very rarely they are going to do so anyway

Thank you that's what I was kind of thinking too (I just needed confirmation), a little more time on their end, otherwise that may not have offered that as an option (30 days).

 

[Szellem]

This Leo kid is a real troll. His tests are irrelevant and misleading. He has more malice than professional knowledge.

 

[Sorrento]

Leo at some time in the pas seemed to have some association with Emsisoft or am I mistaken here?

 

[Szellem]

Leo at some time in the pas seemed to have some association with Emsisoft or am I mistaken here?

No, you're right.