itman

Checking Eset's Worldwide Authorized Partners web site, there is only one authorized web site for Russia. That is the Eset Russian eStore web site which link was posted in a previous reply.
Purchasing an Eset license from any other Russian web site is at your own peril as to license validity. If Eset for any reason decides to cancel licenses issued by these web sites whether via download, card key, or boxed version, your only recourse is through the site where originally purchased.

I for one am feed up with this constant Eset log upload issue due to their excessive size!
If Eset requires users to create diagnostic logs for them to be able to perform problem resolution, then it is Eset's obligation to provide a "nob" user method to do so from the existing Eset GUI interface. It should not involve user input as to what log options should be selected and the like.
Most important is the upload of these logs be performed automatically after logs have been created to appropriate Eset receiving servers. It is not the user responsibility to figure out how these logs should be uploaded to Eset.

I for one am feed up with this constant Eset log upload issue due to their excessive size!
If Eset requires users to create diagnostic logs for them to be able to perform problem resolution, then it is Eset's obligation to provide a "nob" user method to do so from the existing Eset GUI interface. It should not involve user input as to what log options should be selected and the like.
Most important is the upload of these logs be performed automatically after logs have been created to appropriate Eset receiving servers. It is not the user responsibility to figure out how these logs should be uploaded to Eset.

I for one am feed up with this constant Eset log upload issue due to their excessive size!
If Eset requires users to create diagnostic logs for them to be able to perform problem resolution, then it is Eset's obligation to provide a "nob" user method to do so from the existing Eset GUI interface. It should not involve user input as to what log options should be selected and the like.
Most important is the upload of these logs be performed automatically after logs have been created to appropriate Eset receiving servers. It is not the user responsibility to figure out how these logs should be uploaded to Eset.

I for one am feed up with this constant Eset log upload issue due to their excessive size!
If Eset requires users to create diagnostic logs for them to be able to perform problem resolution, then it is Eset's obligation to provide a "nob" user method to do so from the existing Eset GUI interface. It should not involve user input as to what log options should be selected and the like.
Most important is the upload of these logs be performed automatically after logs have been created to appropriate Eset receiving servers. It is not the user responsibility to figure out how these logs should be uploaded to Eset.

Comments:
7). Will not renew my EIS subscription unless LiveGuard capability is provided in EIS to block and submit for cloud scanning all locally detected suspicious Eset detection's. That is all currently files being submitted to LiveGrid but allowed to run.
8). LiveGuard in ESSP currently does not include the ability to set detection confidence levels and receive a suspicious verdict based on those levels as exists in EDTD. This would also include a display of suspicious factors found.
9). HIPS file wildcard specification capability that I have asked for years.

https://www.bleepingcomputer.com/news/microsoft/microsoft-urges-exchange-admins-to-patch-bug-exploited-in-the-wild/

Correct.
Also, the Eset firewall is "picky" about which CIDR is valid. For example, it will accept 2620:1ec:d::10/64 but not 2620:1ec:d::10/96.

Based on Microsoft write up here: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Win32/AccessibilityEscalation.A&ThreatID=-2147238315 , Microsoft Defender should have removed the malware.
Also this is an old detection dating to 2018.

Kaspersky is one example and it has proven quite effective against 0-day ransomware. By coupling ransomware behavior monitoring with system snapshot taking, Kaspersky is capable of restoring all files encrypted by ransomware.
Also, Kaspersky is not 100% bulletproof in this regard. I have seen a few ransomware that have bypassed its protections. However, they are a very rare occurrence.
It should be additionally noted that it appears Kaspersky has "worked out the kinks" in regards to previous versions system performance impact issues in regards to its system snapshot processing. System snapshot also gives Kaspersky the capability to "rollback" system modifications done by malware. Of note and in reference to postings in the forum Malware section, Eset might detect malware upon execution. However it is powerless to remove system changes performed by the malware prior to discovery. Those changes have to be manually removed.

Now try and restore from that restore point in a week or so. It will fail every time. Restore from a point a few weeks to a month in the past, never works for me. Yes you can create a restore point and then restore from that right away successfully, but beyond that I have never had a restore operation work.

I will note the issue was not fixed in Win 10. A system restore from normal Win 10 operating mode will fail every time.

Kaspersky is one example and it has proven quite effective against 0-day ransomware. By coupling ransomware behavior monitoring with system snapshot taking, Kaspersky is capable of restoring all files encrypted by ransomware.
Also, Kaspersky is not 100% bulletproof in this regard. I have seen a few ransomware that have bypassed its protections. However, they are a very rare occurrence.
It should be additionally noted that it appears Kaspersky has "worked out the kinks" in regards to previous versions system performance impact issues in regards to its system snapshot processing. System snapshot also gives Kaspersky the capability to "rollback" system modifications done by malware. Of note and in reference to postings in the forum Malware section, Eset might detect malware upon execution. However it is powerless to remove system changes performed by the malware prior to discovery. Those changes have to be manually removed.

Kaspersky is one example and it has proven quite effective against 0-day ransomware. By coupling ransomware behavior monitoring with system snapshot taking, Kaspersky is capable of restoring all files encrypted by ransomware.
Also, Kaspersky is not 100% bulletproof in this regard. I have seen a few ransomware that have bypassed its protections. However, they are a very rare occurrence.
It should be additionally noted that it appears Kaspersky has "worked out the kinks" in regards to previous versions system performance impact issues in regards to its system snapshot processing. System snapshot also gives Kaspersky the capability to "rollback" system modifications done by malware. Of note and in reference to postings in the forum Malware section, Eset might detect malware upon execution. However it is powerless to remove system changes performed by the malware prior to discovery. Those changes have to be manually removed.

Kaspersky is one example and it has proven quite effective against 0-day ransomware. By coupling ransomware behavior monitoring with system snapshot taking, Kaspersky is capable of restoring all files encrypted by ransomware.
Also, Kaspersky is not 100% bulletproof in this regard. I have seen a few ransomware that have bypassed its protections. However, they are a very rare occurrence.
It should be additionally noted that it appears Kaspersky has "worked out the kinks" in regards to previous versions system performance impact issues in regards to its system snapshot processing. System snapshot also gives Kaspersky the capability to "rollback" system modifications done by malware. Of note and in reference to postings in the forum Malware section, Eset might detect malware upon execution. However it is powerless to remove system changes performed by the malware prior to discovery. Those changes have to be manually removed.

Here's one you can check out.
Summary here: https://threatpost.com/chrome-deliver-malware-as-legit-win-10-app/175884/
Details here: https://www.rapid7.com/blog/post/2021/10/28/sneaking-through-windows-infostealer-malware-masquerades-as-windows-application/
Checking on VT, Eset doesn't detect the malware .exe, HoxLuSfo.exe, used in this attack.

The file that Hybrid-Analysis flagged as malicious was setup.exe.617CB530.bin. If I recollect correctly, this file has been flagged previously by other security scanners.
Now what are the differences between the Adguard installer and the above file Eset marked as safe.
1. It is validly signed.
2.  It has good reputation due to its wide spread use.
3. All AV scanners except one gave it a safe rating.
Personally, I never would consider installing Adguard since it is a Russian based product.

Most people prefer using Virustotal's free file analysis as it uses multiple vendors to check if a file is bad/suspicious. It could be argued that is better than just using a single vendors database. 

The thing most disconcerting is 23/67 at VT detected this as malicious when I just checked via re-scan including Avast/AVG, BitDefender, Emsisoft, GData, Kaspersky, McAfee, and even TrendMicro-HouseCall. But, LiveGuard returned a safe verdict.

Proof of @Marcos statement of highly suspicious being detected as malicious is shown in this posting: https://malwaretips.com/threads/nod32-antivirus-eset-internet-security-eset-smart-security-premium-15-0-16-0.110527/#post-961628 . Open the last screen shot which is the analysis from Virus Total. A number of behavior based solutions detected this 0-day malware.
The question is if LiveGuard is factoring VT results in its rendering of a highly suspicious detection? Appears this is the case.

Refer to the below Process Explorer screen shot. You will observe that Eset's eamsi.dll is injected into every process where Windows amsi.dll is injected into.

Comments:
7). Will not renew my EIS subscription unless LiveGuard capability is provided in EIS to block and submit for cloud scanning all locally detected suspicious Eset detection's. That is all currently files being submitted to LiveGrid but allowed to run.
8). LiveGuard in ESSP currently does not include the ability to set detection confidence levels and receive a suspicious verdict based on those levels as exists in EDTD. This would also include a display of suspicious factors found.
9). HIPS file wildcard specification capability that I have asked for years.

Comments:
7). Will not renew my EIS subscription unless LiveGuard capability is provided in EIS to block and submit for cloud scanning all locally detected suspicious Eset detection's. That is all currently files being submitted to LiveGrid but allowed to run.
8). LiveGuard in ESSP currently does not include the ability to set detection confidence levels and receive a suspicious verdict based on those levels as exists in EDTD. This would also include a display of suspicious factors found.
9). HIPS file wildcard specification capability that I have asked for years.

Comments:
7). Will not renew my EIS subscription unless LiveGuard capability is provided in EIS to block and submit for cloud scanning all locally detected suspicious Eset detection's. That is all currently files being submitted to LiveGrid but allowed to run.
8). LiveGuard in ESSP currently does not include the ability to set detection confidence levels and receive a suspicious verdict based on those levels as exists in EDTD. This would also include a display of suspicious factors found.
9). HIPS file wildcard specification capability that I have asked for years.

Let's "cut to the chase" in regards to Eset's cloud scanning.
As shown in the diagram in this article: https://help.eset.com/edtd/en-US/overview.html , Eset is using Microsoft's Azure AI servers. Microsoft will gladly allow anyone who so desires use of those servers. Obviously, this use is not for free.
The question however is just how expensive is their use? There is a low budget developer who markets a security product add-on named VoodooShield: https://voodooshield.com/ which is popular with participants of the security forums; e.g. wilderssecurity.com. This product also uses the Azure AI servers. There is both a free and a paid version of this product. As far as I am aware of, both the free and paid versions use the Azure AI cloud servers.