Glad to see that Eset has joined AVLab test series. Since they are not an AMTSO member, they are not constrained by its testing methodology. As such, they can be more "creative" in testing of malware.
There does appear to be some confusion as to what the various test levels; L1 - L3 mean. So let's review those:
https://avlab.pl/en/modern-protection-without-signatures-comparison-test-on-real-threats/
To sum up the above, Level 3 ranking means malware detection based on behavior methods only. Also, behavior based detection implies that some system modification activities may have occurred prior to detection. Level 1 detection obviously offers the most system protection. However, almost all in the security industry will state that given the current and evolving state of malware development, it is an unrealistic malware detection standard. Rather, Level 3 malware behavior detection today is mandatory in conjunction with Level 1 and 2 methods.
As far as LiveGuard being a contributing factor to ESSP 100% Level 1 scoring, I see no evidence of this in the current test published details. One of many ways to determine LiveGuard effectiveness would be to have AVLab perform a controlled test of both EIS and ESSP. The test malware samples would include a large number of "true" 0-day samples. That is malware in-the-wild not currently being detected by any AV solution; not 0-day malware seen in the last 30 days. This test would also establish Eset's effectiveness using L3 behavior methods.
