ESET v18

cartaphilus

Level 11
Verified
Top Poster
Well-known
Mar 17, 2023
541
Must be Windows 11 Enterprise LTSC , and with me ESET is always under a magnifying glass, basically i dont like the company at all, since i got the license for free, why dont give it a (short) try.
Just out of curiosity it appears you have the same love for ESET as I do for Webroot and Comodo. Might I ask (PM would be great so we don't pollute the thread) why?
 

Vitali Ortzi

Level 27
Verified
Top Poster
Well-known
Dec 12, 2016
1,641
You guys use Enterprise LTSC Windows 11 ? Since the install of Eset this issue.
And Marcos :sick:

That is exactly what Marcos always thinks.
ESET is actually a great company with great devs and a great product yes not perfect but overall most users don't have any issues or significant issues
About Marcos yes he definitely does ignore users complains and in my opinion goes against eset ethics

Anyway I have good experience with ESET endpoint v11 and past few days I have been running the new v12 with ESET endpoint advanced and it so far works well but haven't really checked if the new ESET ransomware remediation is working (rollback ) and I hope they will give it to all consumers as most competitors have rollback in consumer products
 
Last edited:

Game Of Thrones

Level 7
Verified
Well-known
Jun 5, 2014
300
ESET is actually a great company with great devs and a great product yes not perfect but overall most users don't have any issues or significant issues
About Marcos yes he definitely does ignore users complains and in my opinion goes against eset ethics

Anyway I have good experience with ESET endpoint v11 and past few days I have been running the new v12 with ESET endpoint advanced and it so far works well but haven't really checked if the new ESET ransomware remediation is working (rollback ) and I hope they will give it to all consumers as most competitors have rollback in consumer products

we have the same experience on all of our systems (business & home) nearly 250 systems. The eset ones work flawlessly.fast no bug
 

Vitali Ortzi

Level 27
Verified
Top Poster
Well-known
Dec 12, 2016
1,641
we have the same experience on all of our systems (business & home) nearly 250 systems. The eset ones work flawlessly.fast no bug
What products have you guys licensed from eset and how's their edr,xdr ?
Btw what av , endpoint software have you tried before that wasn't fast like eset or had problems?
Btw did you have any experience with Kaspersky (I moved from Kaspersky to eset )
 
  • Like
Reactions: micasayyo

Game Of Thrones

Level 7
Verified
Well-known
Jun 5, 2014
300
What products have you guys licensed from eset and how's their edr,xdr ?
Btw what av , endpoint software have you tried before that wasn't fast like eset or had problems?
Btw did you have any experience with Kaspersky (I moved from Kaspersky to eset )
the simplicity of their home products goes through edr xdr too, we tried Bitdefender avast, etc many brands, in home and business environments you need a balance between performance simplicity and detection. our systems are 70% Kaspersky 30% eset in the near future will be 50-50 (I'm leaving our company but the road plan is there). both of them are ok and good. our devs even wrote some malware with mitre attacks implemented and both Kaspersky/eset were good near 100 detections although I have to give credit to Bitdefender too, in those tests it was like Eset and Kaspersky we did not use Bitdefender because of some reasons:

unlike what everyone is talking about that Bitdefender gets lighter after some time that it is installed it does not. we measured the IO, CPU, and RAM usage of different brands, bitdefender has the lowest IO usage because it loads everything into the RAM, which some people think is good. it is not. other brands like eset/Kaspersky use much lower RAM but a little more IO and work much better, websites apps and the whole system are snappier with Eset/Kaspersky.
it seems from some time ago Bitdefender has had some issues regarding the app launching performance and some website loading performance their whitelisting and catching seem not working ok, if you see their new app version changelogs they are rewriting some parts of their apps and are implementing new drivers. the performance issue of Bitdefender is real. we had a fun test on 8 of our systems. 5 on bit 3 on eset, we ran a blind test and most people could tell which system was on eset and which was on Bitdefender. In terms of polished design and execution of detection, UI, being light, bugs,etc, no other brand came close to Kaspersky/eset.
some other things I have to mention is bugs and working with apps like VPNs and apps that people use daily for their college jobs etc, we had much fewer problems with eset/Kaspersky.

one of the things I have to mention that is not mentioned in forums like MalwareTips: we had an experience with eset, one of our employees' daughter was having an eset detection on her laptop(we gave them an eset home edition to secure the whole house of employees), we examined it and the interesting part was eset was detecting a PUP with Augur their name of machine learning(AI) detection! they have a machine learning detection just for PUPs! we never saw that in any other apps, it did not have any database detection for it but it detected the PUP with machine learning and the app was a true PUP.

Another aspect is offline protection Eset Kaspersky Bitdefender has good offline protection too, unlike what many people think, a normal user does not get into malware every day, maybe 1 in 3 years! but that one sample most of the time is old, not a new and sophisticated one. in colleges etc, USB drives get used a lot and there are many offline systems, the update policy of ESET and Kaspersky suits these environments too. eset detects nearly 100% in the wild malware offline with their 5 to 7 times per day of database update. if you get online there are pico updates too, updates that are released minute by minute and have a 1KB size and the newly improved suspicious detection of livegrid(Kaspersky KSN is the same for Kaspersky)

missing malware in a test is not a good indication to choose a product, a brand that can get bypassed in MalwareTips tests might be a good choice based on real-world performance evaluations. in the wild samples, good offline detection, using the cloud detection on every file not just the ones that the user downloads with the browser, etc these are at the same time important to choose a product. after 3 months of testing and evaluating the brand, we choose Kasper/eset.

about cloud detection: Kaspersky and ESET are some of the few brands that use cloud detection on every file no matter where they come from. this increases their reliability in many different environments and increased security in many circumstances
 

Vitali Ortzi

Level 27
Verified
Top Poster
Well-known
Dec 12, 2016
1,641
the simplicity of their home products goes through edr xdr too, we tried Bitdefender avast, etc many brands, in home and business environments you need a balance between performance simplicity and detection. our systems are 70% Kaspersky 30% eset in the near future will be 50-50 (I'm leaving our company but the road plan is there). both of them are ok and good. our devs even wrote some malware with mitre attacks implemented and both Kaspersky/eset were good near 100 detections although I have to give credit to Bitdefender too, in those tests it was like Eset and Kaspersky we did not use Bitdefender because of some reasons:

unlike what everyone is talking about that Bitdefender gets lighter after some time that it is installed it does not. we measured the IO, CPU, and RAM usage of different brands, bitdefender has the lowest IO usage because it loads everything into the RAM, which some people think is good. it is not. other brands like eset/Kaspersky use much lower RAM but a little more IO and work much better, websites apps and the whole system are snappier with Eset/Kaspersky.
it seems from some time ago Bitdefender has had some issues regarding the app launching performance and some website loading performance their whitelisting and catching seem not working ok, if you see their new app version changelogs they are rewriting some parts of their apps and are implementing new drivers. the performance issue of Bitdefender is real. we had a fun test on 8 of our systems. 5 on bit 3 on eset, we ran a blind test and most people could tell which system was on eset and which was on Bitdefender. In terms of polished design and execution of detection, UI, being light, bugs,etc, no other brand came close to Kaspersky/eset.
some other things I have to mention is bugs and working with apps like VPNs and apps that people use daily for their college jobs etc, we had much fewer problems with eset/Kaspersky.

one of the things I have to mention that is not mentioned in forums like MalwareTips: we had an experience with eset, one of our employees' daughter was having an eset detection on her laptop(we gave them an eset home edition to secure the whole house of employees), we examined it and the interesting part was eset was detecting a PUP with Augur their name of machine learning(AI) detection! they have a machine learning detection just for PUPs! we never saw that in any other apps, it did not have any database detection for it but it detected the PUP with machine learning and the app was a true PUP.

Another aspect is offline protection Eset Kaspersky Bitdefender has good offline protection too, unlike what many people think, a normal user does not get into malware every day, maybe 1 in 3 years! but that one sample most of the time is old, not a new and sophisticated one. in colleges etc, USB drives get used a lot and there are many offline systems, the update policy of ESET and Kaspersky suits these environments too. eset detects nearly 100% in the wild malware offline with their 5 to 7 times per day of database update. if you get online there are pico updates too, updates that are released minute by minute and have a 1KB size and the newly improved suspicious detection of livegrid(Kaspersky KSN is the same for Kaspersky)

missing malware in a test is not a good indication to choose a product, a brand that can get bypassed in MalwareTips tests might be a good choice based on real-world performance evaluations. in the wild samples, good offline detection, using the cloud detection on every file not just the ones that the user downloads with the browser, etc these are at the same time important to choose a product. after 3 months of testing and evaluating the brand, we choose Kasper/eset.

about cloud detection: Kaspersky and ESET are some of the few brands that use cloud detection on every file no matter where they come from. this increases their reliability in many different environments and increased security in many circumstances
Screenshot 2024-12-09 123512.png

they have improved a lot in terms of ai and a pup ai detection proves so
btw there is a new ransomware remediation (rollback ) that i hope people test
 

zkSnark

Level 5
Verified
Well-known
Jan 13, 2019
224
After reading all the praise for ESET, I too downloaded a trial version of ESET Smart Security and uninstalled Kaspersky. Ran it on default settings and changed only 1 setting in Protection, as per @CyberDevil 's advice given here.

However, one issue I am facing is that ESET is deleting an application EXE file (SFVIP media Player).

1) Downloaded the file from GitHub. This EXE file is the latest version (v1.2.7.90) and the scan results were clean on Virus Total and Any.run. But ESET deleted the EXE file from my computer as a suspicious file.

VT - VirusTotal
Any.run - Malware analysis SFVipPlayer.exe No threats detected | ANY.RUN - Malware Sandbox Online

2) Downloaded the previous version (v1.2.7.88) from the same GitHub. Ran the tests on VT and AR and the results were clean too. And ESET did not delete this file.

VT - VirusTotal
AR - Malware analysis SFVipPlayer.exe No threats detected | ANY.RUN - Malware Sandbox Online

3) Downloaded the latest version (v1.2.7.90) from GitHub, but from a different repo. VT and AR scan results were not clean for this file, as they marked it Suspicious. However, ESET did not delete the file.

VT - VirusTotal
AR - Malware analysis SFVipPlayer.exe Malicious activity | ANY.RUN - Malware Sandbox Online

It's surprising that ESET is automatically deleting the latest version, which is clean in scans, from my computer but did not delete the suspicious version.

Can anyone please check the above results and give your feedback? Thanks.
 

CyberDevil

Level 9
Verified
Well-known
Apr 4, 2021
424
SFVIP media Player

Could you provide a link to the official repository? This is quite dangerous, because I downloaded the archive from the first google link (the first one!) and got this result (Eset also indicated that the file was suspicious, I added it to the exception, but luckily decided to double-check):
1733747019209.png


Btw Kaspersky:

1733747267681.png
 
Last edited:
  • Like
Reactions: zkSnark

zkSnark

Level 5
Verified
Well-known
Jan 13, 2019
224
Could you provide a link to the official repository? This is quite dangerous, because I downloaded the archive from the first google link (the first one!) and got this result (Eset also indicated that the file was suspicious, I added it to the exception, but luckily decided to double-check):
View attachment 286568

Btw Kaspersky:

View attachment 286569
This one has the 2 clean versions but ESET deleting the latest version - Releases · K4L4Uz/SFVIP-Player
This one is the suspicious version which ESET did not delete - Release SFVIP-Player · austintools/SFVIP-Player
 

mlnevese

Level 28
Verified
Top Poster
Well-known
May 3, 2015
1,763

CyberDevil

Level 9
Verified
Well-known
Apr 4, 2021
424
This one is the suspicious version which ESET did not delete - Release SFVIP-Player · austintools/SFVIP-Player
1733748597294.png


As you can see, I got Eset to delete the file instantly. It was the same one I downloaded the first time.

This one is the suspicious version which ESET did not delete - Release SFVIP-Player · austintools/SFVIP-Player
Eset deleted those for me, too. I think it's because of similar metadata. I tried sending the file for analysis through the antivirus interface.

--
Generally very strange player ... The repository with the trojan looks better styled and more official than the clean repository. At first glance, the player doesn't seem to have an official website.
 
  • Like
Reactions: zkSnark

zkSnark

Level 5
Verified
Well-known
Jan 13, 2019
224
Running a trial version of ESET Premium, it didn't delete the trusted files even in the most aggressive settings. The suspicious one was blocked by Chrome.
Mine is ESET Home Premium trial version. Is yours same too? If yes, then, it's surprising that the same AV is deleting the file on my pc but not on yours.

View attachment 286570

As you can see, I got Eset to delete the file instantly. It was the same one I downloaded the first time.


Eset deleted those for me, too. I think it's because of similar metadata. I tried sending the file for analysis through the antivirus interface.

--
Generally very strange player ... The repository with the trojan looks better styled and more official than the clean repository. At first glance, the player doesn't seem to have an official website.
ESET did not delete this version. It is still available on my pc. Only the clean version was deleted. Did you download the latest clean version?
 

CyberDevil

Level 9
Verified
Well-known
Apr 4, 2021
424
ESET did not delete this version. It is still available on my pc. Only the clean version was deleted. Did you download the latest clean version?
So we have three files, so it's easy to get confused, let's go through them again in order.

1. Release SFVIP-Player · austintools/SFVIP-Player - I've downloaded several times and Eset immediately deletes the file after unzipping.

2. Releases · K4L4Uz/SFVIP-Player - Eset also deletes the latest version, while the previous version v1.2.7.88 downloaded without problems and has a good reputation in SmartGrid.

I think the clean version is deleted by Eset because both of them have similar metadata and are not digitally signed, so the Eset cloud service takes the clean version as a modification of that malicious one.
 
  • Like
Reactions: zkSnark

zkSnark

Level 5
Verified
Well-known
Jan 13, 2019
224
So we have three files, so it's easy to get confused, let's go through them again in order.

1. Release SFVIP-Player · austintools/SFVIP-Player - I've downloaded several times and Eset immediately deletes the file after unzipping.

2. Releases · K4L4Uz/SFVIP-Player - Eset also deletes the latest version, while the previous version v1.2.7.88 downloaded without problems and has a good reputation in SmartGrid.

I think the clean version is deleted by Eset because both of them have similar metadata and are not digitally signed, so the Eset cloud service takes the clean version as a modification of that malicious one.
So on my laptop, ESET deleted the latest clean version v1.2.7.90 only. It did not delete the malicious version v1.2.7.90 and the previous version v1.2.7.88.
Are you using the ESET Home Security Premium?
 

CyberDevil

Level 9
Verified
Well-known
Apr 4, 2021
424
So on my laptop, ESET deleted the latest clean version v1.2.7.90 only. It did not delete the malicious version v1.2.7.90 and the previous version v1.2.7.88.
Are you using the ESET Home Security Premium?
1733752315230.png


Can you check the reputation via the explorer context menu? It removes the file as suspicious due to the file reputation data. Maybe you have problems accessing SmartGrid? I'm not sure.
 

zkSnark

Level 5
Verified
Well-known
Jan 13, 2019
224
View attachment 286571

Can you check the reputation via the explorer context menu? It removes the file as suspicious due to the file reputation data. Maybe you have problems accessing SmartGrid? I'm not sure.
I had downloaded this suspicious file and opened the EXE file, maybe 5 times just to test if ESET flags it as suspicious and deletes it, but ESET never deleted it any time, whereas the clean version was deleted immediately. Just now, I checked it with File Reputation as you suggested and ESET deleted the file after 2 days on my laptop. Surprising.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top