AV Comparatives May 2018

[novice 20]

ESET         99.1%    3FP          $59.99/year

MSE           100%      5FP          $0/year

AVIRA        100%     0FP      $0/year

https://www.av-comparatives.org/tests/real-world-protection-test-may-2018-factsheet/

[Marcos 5,071]

First of all, there's no security solution that would detect 100% of malware. You could pick an AV with 100% detection in tests and sooner or later you could get infected. Real world and tests are different things and what matters is how an AV performs in real world. On behalf of ESET I can say that I hardly recall a malware-related ticket where the infection was caused by ESET letting malware in. In vast majority of cases it is that the user hasn't applied security measures and RDP is allowed for every user even if a strong password is not used.

Secondly, there is nothing like free AV. You "pay" for it e.g. by displaying ads, limited settings, features, or the price is included in the price of the OS.

[novice 20]

So, if in "real life" the situation is different, what is the point of ESET participating in AV Comparatives????

Remove ESET from  AV Comparatives ( ESET already doesn't participate in AV Test any longer ) and continue to promote the "real life" story.

12 minutes ago, Marcos said:

or the price is included in the price of the OS

This may be, but I paid $120 for Win 7 10 years ago and I have free MSE . For the same period I would have paid $590 for ESET.

 

14 minutes ago, Marcos said:

by displaying ads, limited settings

Bitdefender free doesn't display any adds and the settings are just right for a regular user.

[BALTAGY 32]

I don't understand!! If you have a free Antivirus and you believe it's 100% protection why bother with paid Antivirus like ESET and keep posting that ESET is bad in tests ?!!

There's no such a thing is 100% protection or 100% performance, If the test said ESET 100% i will tell you it's a lie

I can simply get some samples that will show these Antivirus programs as 0% protection or maybe i will make it 65%

[Leonardo 11]

25 minutes ago, BALTAGY said:

I don't understand!! If you have a free Antivirus and you believe it's 100% protection why bother with paid Antivirus like ESET and keep posting that ESET is bad in tests ?!!

There's no such a thing is 100% protection or 100% performance, If the test said ESET 100% i will tell you it's a lie

I can simply get some samples that will show these Antivirus programs as 0% protection or maybe i will make it 65%

+1

[itman 1,659]

Ah ……... our "friend" has returned.

So, let's also refer to some recent AV lab tests where Windows Defender did not do so well:

https://avlab.pl/en/best-antivirus-software-2018-based-three-security-tests

https://www.mrg-effitas.com/wp-content/uploads/2018/06/MRG-Effitas-2018Q1-Online-Banking.pdf

Any one in the IT security field knows Windows Defender is a joke when it comes to any advanced threat protection. After all, Microsoft created Windows Defender ATP for that which by the way only works on Win 10 Pro+ versions and definitely is not free.

-EDIT- In regards to Window Defender ATP, to my best knowledge it has never been subjected to AV lab comparative testing. IBM tested it against their comparable solution with results presented at a recent Blackhat conference. Windows Defender ATP results were so-so. The main point noted in the presentation was that base Windows Defender is in no fashion equal to Windows Defender ATP. So I guess we all for the time being need to rely on Microsoft's frequent press releases on how great Windows Defender ATP is.

Edited June 25, 2018 by itman

[itman 1,659]

2 hours ago, BALTAGY said:

I don't understand!! If you have a free Antivirus and you believe it's 100% protection why bother with paid Antivirus like ESET and keep posting that ESET is bad in tests ?!!

Perhaps because our "friend" doesn't use Eset and has other motives in his postings?

[Marcos 5,071]

The reason why it pays off investing into a good AV is that such vendor has more resources not only for paying gui programmers but also also for investing into research and development. And ESET has increased investments into R&D in recent years a lot.
Another advantage of a paid AV is that users receive technical support. In our country, in urgent matters even developers can pay a visit to VIP customers having issues that are not reproducible in-house.
Also remember that the more computers an AV is installed on, the more attractive it is for malware writers since focusing on that AV will enable them target more victims with less effort.

And by the way, this is a new malware that I've just run into and that was dropped by TeamViewer, probably misused by an attacker. Names of other AVs were removed except the first letter. Of course the results don't tell if it would be detected upon execution or if the payload would be detected but it at least tells something about detection capabilities on systems where malware is not executed (e.g. mail servers, gateways, etc.).

ESET Win32/TrojanDownloader.Nymaim.BA trojan
S clean
A clean
M clean
D clean
B clean
A clean
A clean
K clean

[itman 1,659]

1 hour ago, Marcos said:

The reason why it pays off investing into a good AV is that such vendor has more resources not only for paying gui programmers but also also for investing into research and development. And ESET has increased investments into R&D in recent years a lot.

Eset is one of, if not the leader, in this regard.

Other security vendors notably Microsoft have invested heavily in their advertising budgets to create media presentations that they are indeed doing likewise.

[0xDEADBEEF 43]

Also, some free AV vendors have the nasty history of copying non-free vendor's detection (even the detection name!). They will blacklist whatever some trusted vendors (like ESET) think it is malicious in hours without even examining the samples themselves. They don't pay those trustable vendors and don't get caught and get good scores on some 3rd party tests. This also creates an illusion that they always catch more than some non-free vendors.

[itman 1,659]

Also in regard to free AV solutions, "the devil is in the detail." Below is an excerpt from the documentation in regards to Kapersky's free solution. Note what I have highlighted in red:

Quote

2. There is no point installing a free product. The most important features are always missing.

Not this time. It is true that Kaspersky Free’s feature set is not identical to that of our premium solution, Kaspersky Internet Security; different versions do differentiate, of course. Nevertheless, Kaspersky Free includes the essentials, the basic security components — file antivirus, e-mail antivirus, and Web antivirus.

3. I recently purchased Kaspersky Internet Security, and now you tell me I could’ve had the free version?

You bought Kaspersky Internet Security? Congratulations! You have acquired a first-class security solution. It has the same antivirus engine as Kaspersky Free, but it also includes heaps of additional features, such as online-payment security (Safe Money), technical support, and additional security layers to fend off malware of all sorts.

Kaspersky Free provides basic protection, and Kaspersky Internet Security leaves, shall we say, a bit more room for user error. Ultimately, Kaspersky Internet Security’s System Watcher component makes the paid product better at combating encryptors and yet-unknown threats. Think of Kaspersky Free as something like a bulletproof vest; using Kaspersky Internet Security is more like being entrenched behind a stone wall — on a comfortable sofa.

What we have here in regard to free AV solutions by a vendor with like paid solutions is a classical example of "common sense is indeed not that common." AV vendors are not not-for-profit charitable entities. Despite their somewhat largess statements of "helping the masses," the primary purpose of offering free versions is to entice the user to upgrade to their paid version. The enticement also is sometimes not so subtle such as constant "nag" screens to upgrade to their paid versions and the like. 

Edited June 25, 2018 by itman

[razorfancy 9]

30 minutes ago, itman said:

Also in regard to free AV solutions, "the devil is in the detail." Below is an excerpt from the documentation in regards to Kapersky's free solution. Note what I have highlighted in red:

What we have here in regard to free AV solutions by a vendor with like paid solutions is a classical example of "common sense is indeed not that common." AV vendors are not not-for-profit charitable entities. Despite their somewhat largess statements of "helping the masses," the primary purpose of offering free versions is to entice the user to upgrade to their paid version. The enticement also is sometimes not so subtle such as constant "nag" screens to upgrade to their paid versions and the like. 

The new Kaspersky Free 2019 now has the System Watcher component but doesnt let you change the components settings(File Anti-Virus, Web Anti-Virus, System Watcher, etc).

For me both Eset and Kaspersky provide great protection but I use Eset because is a lot lighter on RAM, CPU and Disk usage.

[Paul.R 0]

hi!

@claudiu 

 

For me the best antivirus are: Kaspersky, ESET, Dr. Web, MSE . I test all of them and I use some of them and I never regret it.

By the way if you want privacy and a better antivirus pay for him, if you want to be a donor of your data to a 3 party use a free one.

Look at those test with a gram of salt. On some test Bugdefender is best solution in galaxy but is just marketing.

[itman 1,659]

Residing in the U.S., I personally don't want anything to do with Kaspersky products.

[novice 20]

1 hour ago, Paul.R said:

By the way if you want privacy and a better antivirus pay for him

If you use Win XP/7/10, Microsoft is already spying on you , so you have nothing to loose using MSE

2 hours ago, itman said:

The enticement also is sometimes not so subtle such as constant "nag" screens to upgrade to their paid versions and the like

Bitdefender free has absolutely no nags/ advertisings.

4 hours ago, itman said:

Eset is one of, if not the leader, in this regard.

Most of third party testing entities would disagree with you, but hey... if you like it is fine.

On the end of the day the truth remains: for the last 14 months ESET is behind MSE in all major tests; as a result ESET decided to quit from AVTest.

The "real life" story doesn't hold water; for a regular person , in real life, the Earth is flat . However , scientists spent time and effort to prove that the Earth is round.

Hard to believe, in "real life" seems to be flat.

And here ends the ESET "real life "saga. 

Edited June 25, 2018 by claudiu

[Daedalus 16]

Everybody please stop responding to this trol. 

Nobody is forcing anyone to use ESET or any other AV vendor for that matter.

 

[novice 20]

31 minutes ago, Daedalus said:

Everybody please stop responding to this trol

Don't worry, I got a warning already , so most likely I will be banned.

This is the new way of hiding the truth.

[itman 1,659]

1 hour ago, claudiu said:

This is the new way of hiding the truth.

Actually censorship on a forum that is run by a vendor for the purpose of assisting in product improvement and problem solving is more than appropriate when topic matter deviates from that objective. On most AV forums, you would have been banned long ago. Or as is often the case on these forums, the mods would have let members personally attack you unmercifully. Case in point, the Symantec-Norton forum. 

Edited June 25, 2018 by itman

[novice 20]

On ‎6‎/‎25‎/‎2018 at 6:17 AM, Marcos said:

On behalf of ESET I can say that I hardly recall a malware-related ticket where the infection was caused by ESET letting malware in

Well,see here:

The OP mentioned : "ESET is installed and updated with recent update on the server  "

Edited June 26, 2018 by claudiu

[razorfancy 9]

On 25/06/2018 at 10:16 AM, claudiu said:

ESET         99.1%    3FP          $59.99/year

MSE           100%      5FP          $0/year

AVIRA        100%     0FP      $0/year

https://www.av-comparatives.org/tests/real-world-protection-test-may-2018-factsheet/

You can just go for example to Youtube and search Windows Defender test and see a lot of videos where malicious aplications bypass Windows Defender/MSE protection.

You have to keep in mind that Windows Defender/MSE doesnt have any behavior blocker like ESET has(HIPS component) and that means that is purely base on signatures so for example if you put Windows Defender/MSE and ESET against a threat that they dont have signature to, Windows Defender will get bypassed by that threat but with ESET there is a chance that threat is detected by the HIPS component.

All of this to say dont believe in those results its impossible that any AV gets 100% protection against any threat because malware code keeps evolving and thats why AV companies keep adding new components to there AVs every year so they can fight against those new threats.

 

Read this to know more about know more about HIPS:

https://help.eset.com/eis/11/en-US/idh_hips_main.html

https://blog.malwarebytes.com/101/2013/05/whatiships/

 

 

Edited June 26, 2018 by razorfancy

[Marcos 5,071]

2 hours ago, claudiu said:

The OP mentioned : "ESET is installed and updated with recent update on the server  "

Don't pick just the sentence that suits you best without quoting the rest: " In vast majority of cases it is that the user hasn't applied security measures and RDP is allowed for every user even if a strong password is not used. "

If one doesn't pay attention to locking a car which would also turn on the car alarm and a thief steals the car, then it's not the fault of the vendor of the alarm that the car was stolen. In case of Filecoder.Crysis which was also reported by the OP you quoted, we find out that the ransomware had been recognized by ESET for months before users got infected simply because the users didn't pay enough attention to security and let virtually anybody connect via RDP easily and with admin rights do whatever they wanted to, including disabling or uninstalling the AV and subsequently running ransomware.

Since everything has been said and to prevent further bashing and ranting, we'll draw this topic to a close. We are open to constructive discussion and criticism as well if there's a reason for it, however, trolling in our forum will not be tolerated. Discussions must be reasonable, polite and without ranting and personal attacks.