- Jun 22, 2020
- 201
The technologies you mention in ESET are all signature dependent.
ESET does not work if you deactivate the real-time protection, that shows its dependency. It is adding 2 + 2. And I have seen it in many tests.
Greetings.
Which AV are you using and why did you choose this one ??
- Thread starter TuxTalk
- Start date
ESET does not work if you deactivate the real-time protection, that shows its dependency. It is adding 2 + 2. And I have seen it in many tests.
Greetings.
- Jun 22, 2020
- 201
@CyberDevil What's funny if you may know? I invite you to try it for yourself. Disable real-time protection and try it for yourself. If I'm wrong with this new version 18, I apologize. What I am, from 17 backwards, there was always that problem.
Greetings.
Greetings.
- Apr 4, 2021
- 413
It doesn't respond because the real-time protection module is literally responsible for real-time protection. In version 18 hips has become much more frequent and folder protection protects protected folders even from being read by untrusted software, so I for example have protected browser folders and Wise Care can't even read cookies without manual permission - it's a very powerful new module. Eset doesn't rely on local behavioral analysis - that's true, but that's what makes it the lightest on the market unlike Bitdefender which literally runs a real virtual machine on your PC to analyze new files for threats, but at the same time Eset Smart Security Premium does the same thing in the cloud and then instantly shares the information with all customers in the world.
- Jun 22, 2020
- 201
You are proving me right with your argument. In Avast, for example, I deactivate its real-time protection and the IDS module and cybercapture, it will continue to protect me, in Kaspersky system watcher and others, in Bitdefender ATC and others. Why not in Eset? That's what bothers me about the product.
- Apr 4, 2021
- 413
An example of the interrelationship of different modules in Eset is again in the Folder Protection module. You say it should work separately and you can try to test it by disabling all other modules and Eset fails the test because this module uses the Hips module for protection and the Smart Grid module to get reputation data for software that is not allowed to access the file. Another example is the web protection module, which upon detecting a connection to a known ransomware control center will send signal to the real time protection module to block. Eset does not work with modules enabled individually and this has been discussed many times.
- Sep 2, 2021
- 2,630
This is normal, and in fact it's how Eset works, because the modules are linked together.
But there has been an evolution: if I install a script that will download a payload with Eset realtime disabled, Eset will still block it with a detection....
- Jun 22, 2020
- 201
I am super practical. With the following exercise. Suppose you have a ransomware that if detected by the Eset signatures, that is, a known malware, if I deactivate the real-time protection, will the hips module + the new protected folders module protect me? If it protects, I might give it a chance in my system.
- Apr 4, 2021
- 413
Maybe I'm wrong, but I don't remember Bitdefender allowing you to disable all protection except Hips or behavioral analysis, for example. Although encryption protection there does work independently from the rest of the complex, but this is a feature of the architecture.
However, please do not misunderstand me, I do not claim that Eset is the best antivirus, but the difference is not so great with its pluses. Choosing from the top 5 you choose what is more convenient and affordable for you. The difference in protection is 2-3%.
- Jun 22, 2020
- 201
If they are doing that, that's fine with me, because it didn't happen before.
Greetings.
- Apr 4, 2021
- 413
Using the example of various folder cleanup software, I can tell you that yes, it will protect you. Even hacked pro versions of photo editing software due to low reputation can't open my photos in a protected folder from me. A full-fledged quick ransomware test could be done by @Shadowra if he has time. I don't have a suitable sample. Although I can write something myself in python but probably not today.
- Apr 5, 2021
- 621
Built-in free Windows Defender the rare occasions I use Windows, or whatever it's now called, because I don't need to waste money on paid antivirus. My money is better spent on an annual chess[.]com membership 
- Mar 9, 2014
- 617
Kaspersky Standard. I look for a cheap serial sold in online stores, turn on a free VPN (like Urban) set to the country of that store, activate the AV, then turn off the VPN. Then I do those again when subscription's almost up.
- Jul 17, 2015
- 60
I couldn't find a good deal on McAfee+Advanced so I switched to Avast Premium instead. Got a 10 dev 1 year for $7.00. Not bad
- Jun 5, 2014
- 292
eset is module-based, every module talks to each other so if you disable the real-time you actually cut the info that it sends to other modules because it feeds other modules too. even the hips module talks to others. you can see the modules in the About section on eset products they get updated separately, this was the old era when people disabled the real-time and tested the behavior blocker of antimalware even back then it was wrong and the industry soon recognized how wrong it was. now nearly every antimalware is multilayer and module-based, and all of them are connected and talk to each other.
do you want to see advanced tests? see mitre attacks tests, these tests are much more advanced than that crap amateurish tests on youtube and sites. In the business world, no one cares about YouTube and other tests we choose the product based on our own tests and industry-recognized practices. for example, it took us nearly 3 months to select our solutions, from performance to detection all were tested. Even our developers created some malware so we can see how they react.
tests are wrong because of this :
they don't use zero-day samples, the samples that are used are mostly low-quality from publicly available websites.
in the real world the missed samples are not that important their quality is. a pup missed one or a little risky app is sometimes counted as miss in tests.
the detection of the samples that people are in contact with is more important. a missed sample can be seen just by 20 people who hunted for it! but a detected one is seen by 1000 normal people. the reaction time to important samples is much more critical than detecting a sample that just resides in a malware submission site! . Do you think a million-dollar company can not have some guys just to collect the samples that general people can access and make themselves the king of tests? where do you think the YouTube tests, review tests collect their samples from? do you think the company's malware hunters can not have access to them?! It's easy to have dedicated people just to make detection for publicly available samples and make people think they are the best.
a good company detects real-world malware, the malware you see in everyday surfing, the malware you are in contact with, they train and tune the product for real-world.
The Antimalware companies have dedicated people for hunting malware in the dark side of the web. they have their own crawlers on the internet, their own sensors, honeypots, telemetry data etc, things people who test on YouTube and websites do not have access to.
there is no product that can detect 100% but there are products that protect people near 100 in real-world. they detect the samples that a business or ordinary people get in contact with. a product may miss ransomware or get bypassed in MalwareTips tests! but in real-world protect its users.
- Mar 9, 2019
- 768
Trend Micro Total Security. I had never problems with it. But TM comes without a firewall, uses only the MS Defender.
- Dec 12, 2016
- 1,580
You can use Symantec with firewall and IPS modules only and nothing else installed from Symantec
Unlimited Giveaway - Symantec Endpoint Unmanaged without time limit
System requirements : Want to run a free SPEM server to manage your family computers, PM me for a license file (.SLF) (works up to 10 years ).
malwaretips.com
- Nov 9, 2022
- 649
It uses a firewall booster, thats an enhancement over the windows firewall. I like TM too, have 6 years license here.
- Apr 4, 2021
- 413
By the way, I'd like to add something with advanced IP protection like BlackFog to Eset, but I don't want to install Symantec like you do, I think it will decrease system performance
. The only thing I found is TSplus Advanced Security, but it seems to be more for servers, but it has the function of protection by a large database of compromised IPs.
- Jun 22, 2020
- 201
All antiviruses are module-based. It is no excuse that when you deactivate real-time protection, your AV does not work. What you say is strange, since I subscribe to many people who test antiviruses, and most of them deactivate real-time protection to test the AV in certain scenarios.
Nikola Milanovic
Level 3
- Oct 17, 2023
- 108
I use Xcitium AEP(Client Security) and if there is an unknown file Xcitium will sandbox it so it cannot harm the pc and then VirusScope will do the Machine Learning(Static Analysis) and Dynamic Behavioral Analysis.VirusScope is really good with Valkyrie(Xcitiums Instant Malware Analysis Service)
Similar threads
