Q&A Impressed with ESET

LiquidExploit

Level 1
Nov 3, 2017
8
ESET is pretty good, though I find that its behavioral analysis is not very good (I hope it improves in the future, it's fairly new in ESET). As a result, I run KART (Kaspersky Anti Ransomware Tool) alongside it. My initial impression was that KART was just for ransomware but it's literally just a portable System Watcher so it detects any malware System Watcher normally would.

I just use it cause it makes up for ESET's sub-par behavioral analysis, but ESET's signatures and heuristics are phenomenal.
 

Vitali Ortzi

Level 21
Verified
Dec 12, 2016
1,078
ESET is pretty good, though I find that its behavioral analysis is not very good (I hope it improves in the future, it's fairly new in ESET). As a result, I run KART (Kaspersky Anti Ransomware Tool) alongside it. My initial impression was that KART was just for ransomware but it's literally just a portable System Watcher so it detects any malware System Watcher normally would.

I just use it cause it makes up for ESET's sub-par behavioral analysis, but ESET's signatures and heuristics are phenomenal.
Kart is underrated
 

shmu26

Level 85
Verified
Trusted
Content Creator
Jul 3, 2015
8,080
Hello everyone from the community!

I am currently using Bitdefender, but I have a 3 year license of ESET Smart Security Premium (I had already used ESET for 3 years). I got a file here (which I downloaded from the internet), which is an activator of the Windows operating system, the only antivirus that detected the file as malicious is ESET. I am impressed to see how powerful ESET's detection engine is compared to other software that.

View attachment 260808

File scan: Virustotal

I'm thinking about going back to using ESET because all the malware I caught to test on the MalwareBazaar website was detected even though they were very recent, I even saw the detection being done by ML-Augur.

I am impressed to see how sensitive ESET is with regards to PUP/Adware detection. What is your opinion about the product? Is it worth switching to this product even if I lose remote control functionality (example Bitdefender Central)?

Sorry for this post, maybe unnecessary but I was impressed to see that only ESET detected the file.

Thank you guys from the community.
If only ESET detected it, please check the date this file first appeared on Virustotal. If it is a very new file, then kudos to ESET. But if it is a relatively old file, then thumbs down for ESET, because we may assume that it was falsely detected.
I use ESET myself, I am not dissing ESET, I am just trying to present a sober approach to the issue, that's all.
 

roger_m

Level 34
Verified
Content Creator
Dec 4, 2014
2,352
If only ESET detected it, please check the date this file first appeared on Virustotal. If it is a very new file, then kudos to ESET. But if it is a relatively old file, then thumbs down for ESET, because we may assume that it was falsely detected.
As you can see from the VirusTotal results, ESET is correctly identifying it as a KMS tool - "Win32/HackKMS.BM Potentially Unsafe." It's not classifying it as malware.
 

Nightwalker

Level 22
Verified
Trusted
Content Creator
May 26, 2014
1,168
As you can see from the VirusTotal results, ESET is correctly identifying it as a KMS tool - "Win32/HackKMS.BM Potentially Unsafe." It's not classifying it as malware.

Exactly and this is not a default detection, the user needs to enable "Potentially unsafe applications" category.

There are many legitimate programs whose function is to simplify the administration of networked computers. However, in the wrong hands, they may be misused for malicious purposes. ESET provides the option to detect such applications.
Potentially unsafe applications is the classification used for commercial, legitimate software. This classification includes programs such as remote access tools, password-cracking applications, and keyloggers (a program that records each keystroke a user types).
If you find that there is a potentially unsafe application present and running on your computer (and you did not install it), please consult your network administrator or remove the application.


In a domestic environment the use of a KMS tool is nothing to worry about, but in a enterprise environment it could means even legal trouble.
 
Top