Invisible man 0 Posted May 10, 2021 Share Posted May 10, 2021 (edited) The software does nothing more than just have a list of "Signatures" through which it identifies malicious or suspicious files, otherwise it is useless.. What made me say this is my own experience with it, my laptop was offline for three days, only three days without receiving updates that made eset internet security useless, I opened a file from a removable disk that I didn't know was harmful and now all My files are encrypted by Ransomware !! You at Eset are Experts when it comes to making excuses, and when someone tests your software, You accuse him of doing it incorrectly, or having disabled some features of the software. Now what do you say about what happened to me? I did not disable any of the software's features. Just all that happened is that the software did not receive updates for three days !! Isn't this a simulation of what would happen if I was exposed to a zero-day attack from one of these Ransomware ? You have to do something real about detecting malware and ransomware through its behavior Edited May 10, 2021 by Marcos Redacted Link to comment Share on other sites More sharing options...
Administrators Marcos 5,071 Posted May 10, 2021 Administrators Share Posted May 10, 2021 ESET uses various multi-layered protection mechanisms to protect users from both new and old malware which are explained at https://www.eset.com/int/about/technology/ For any AV it is crucial that you keep it updated all the time. It is untrue that having a different antivirus would protect you from most of threats after a few days, weeks or months without update. We are willing to investigate what happened, therefore we kindly ask you to provide logs collected with ESET Log Collector to start off. Link to comment Share on other sites More sharing options...
itman 1,659 Posted May 10, 2021 Share Posted May 10, 2021 10 hours ago, Invisible man said: I opened a file from a removable disk that I didn't know was harmful and now all My files are encrypted by Ransomware !! A couple of questions. 1. I assume this removable disk was updated on a device other than your own device? 2. When the removable disk was connected to your device, Eset should have shown a popup window on the desktop requesting if you wanted to scan the drive. Did you scan the drive when Eset prompted you to do so? Link to comment Share on other sites More sharing options...
Invisible man 0 Posted May 10, 2021 Author Share Posted May 10, 2021 8 hours ago, Marcos said: ESET uses various multi-layered protection mechanisms to protect users from both new and old malware which are explained at https://www.eset.com/int/about/technology/ For any AV it is crucial that you keep it updated all the time. It is untrue that having a different antivirus would protect you from most of threats after a few days, weeks or months without update. We are willing to investigate what happened, therefore we kindly ask you to provide logs collected with ESET Log Collector to start off. Well, here I will review what happened in detail, and I will send what was done through the logs collected process. Initially, this is the same sample, but with Bitdefender As it is evident in the attached six screen shots, Bitdefender has not received updates for days, "and this is so that the test is fair." When scan the sample and because it is not in the "Signatures" database, Bitdefender finds that the sample is not a malicious file But once the file was run, Bitdefender detects it from its own behavior Not only that, the malware has already managed to encrypt some files, but Bitdefender has recovered them as part of the disinfection process. Now, here is what happened on the side of Eset Internet Security: Also as shown in the screenshots I used the same sample and it was also not detected when I scan because it is not in the Signatures database But this time when running the sample was not detected and Eset Internet Security did not take any action about it !! And to prove that it does nothing more than just detected malware in the Signatures database, I updated the database and only then was the malicious file detected. Note that the files that were encrypted were not recovered as happened with Bitdefender Please explain how the files collected through ESET Log Collector will be sent to you Is it by mail or do I upload the file here in the replies? Link to comment Share on other sites More sharing options...
itman 1,659 Posted May 10, 2021 Share Posted May 10, 2021 Are you testing malware samples or was your device files permanently encrypted by ransomware? The fact that you are showing BitDefender protection mechanisms, indicates you are testing ransomware samples. Link to comment Share on other sites More sharing options...
Invisible man 0 Posted May 10, 2021 Author Share Posted May 10, 2021 42 minutes ago, itman said: Are you testing malware samples or was your device files permanently encrypted by ransomware? The fact that you are showing BitDefender protection mechanisms, indicates you are testing ransomware samples. Do you know what the difference is between you and Bitdefender or Kaspersky? When your software is failed to counter the attack, you do nothing more than justify and try to invent weak excuses. But Bitdefender and Kaspersky are working on developing their software so that real security software are able to protect their customers from any threat, whatever the circumstances. Now do you have anything useful to say? Does your question justify that failure? Link to comment Share on other sites More sharing options...
Invisible man 0 Posted May 10, 2021 Author Share Posted May 10, 2021 51 minutes ago, itman said: Are you testing malware samples or was your device files permanently encrypted by ransomware? The fact that you are showing BitDefender protection mechanisms, indicates you are testing ransomware samples. By the way, I have a question What if that sample was on the device of an Eset Internet Security customer on that day that the database was updated How would Eset Internet Security counter it? Was your software going to ask the user whether it was testing malware samples ؟ or was it supposed to protect him? Link to comment Share on other sites More sharing options...
Invisible man 0 Posted May 10, 2021 Author Share Posted May 10, 2021 10 hours ago, Marcos said: ESET uses various multi-layered protection mechanisms to protect users from both new and old malware which are explained at https://www.eset.com/int/about/technology/ For any AV it is crucial that you keep it updated all the time. It is untrue that having a different antivirus would protect you from most of threats after a few days, weeks or months without update. We are willing to investigate what happened, therefore we kindly ask you to provide logs collected with ESET Log Collector to start off. Now what you have to do is provide real answers First, what is Behavioral Detection from Eset's point of view? Is it only harmful files detected through Signatures database? So why did your software fail to detect and respond to the ransomware? If we said that if the program database was updated, the malicious file would have been detected and blocked !! Well we can say that but that's not called Behavioral Detection This is just a malicious file detected by its Signatures This is what any cheap anti-virus can do ! Link to comment Share on other sites More sharing options...
itman 1,659 Posted May 10, 2021 Share Posted May 10, 2021 Since you seem to be so keen on BitDefender's anti-ransomware behavior protection, note that it's not bullet-proof: Quote The pernicious Petya ransomware got past the behavior-based detection system and encrypted the virtual drive, rending the virtual test system unusable. https://sea.pcmag.com/security/5981/bitdefender-antivirus-plus MarcFL 1 Link to comment Share on other sites More sharing options...
Invisible man 0 Posted May 10, 2021 Author Share Posted May 10, 2021 20 minutes ago, itman said: Since you seem to be so keen on BitDefender's anti-ransomware behavior protection, note that it's not bullet-proof: https://sea.pcmag.com/security/5981/bitdefender-antivirus-plus I didn't mention Bitdefender or even Kaspersky bullet-proof !! But at least they have a real behavior detection system, even if it is not bulletproof, but it exists, strong and effective at least Eset Internet Security should reach their level of detecting malware behavior I don't want you to create bulletproof software, but at least you have to get to their level and then you can criticize one of their mistakes. I am here neither defending nor biasing one party over another party's expense I am here making it clear that you cannot say that you have a security system capable of detecting malicious behavior while it does nothing more than just detect malware through Signatures Since Bitdefender is not strong enough to deal with bullets So your mission should be easy to get to that level of behavior detection Is that not true ?! Link to comment Share on other sites More sharing options...
Invisible man 0 Posted May 10, 2021 Author Share Posted May 10, 2021 36 minutes ago, itman said: Since you seem to be so keen on BitDefender's anti-ransomware behavior protection, note that it's not bullet-proof: https://sea.pcmag.com/security/5981/bitdefender-antivirus-plus I hope that the day will come when Eset Internet Security have a strong enough behavior detection system ,to read an article about one of the strong viruses that managed to pass through Because it is not smart to write an article in which we are talking about a powerful virus that has managed to pass through a weak system that relies only on a signature database ... It will not be interesting Link to comment Share on other sites More sharing options...
Invisible man 0 Posted May 10, 2021 Author Share Posted May 10, 2021 51 minutes ago, itman said: Since you seem to be so keen on BitDefender's anti-ransomware behavior protection, note that it's not bullet-proof: https://sea.pcmag.com/security/5981/bitdefender-antivirus-plus Since you cited an article, I would like to draw your attention to that article as well from the same sourcehttps://me.pcmag.com/en/security-suites/1957/kaspersky-internet-security "But I have a bewildering question, why Eset Internet Security's Behavior Detection System not been evaluated or tested in an article on the same source? Is it possible that Eset Internet Security does not have a real behavior detection system in order to be tested and to show the test results in the article? !!" Link to comment Share on other sites More sharing options...
itman 1,659 Posted May 10, 2021 Share Posted May 10, 2021 Since you just joined the forum 19 hours ago and you have been "camped" on this thread all day, it's fairly obvious you are trolling. So I will just ignore you as everyone else has to date. Link to comment Share on other sites More sharing options...
Invisible man 0 Posted May 10, 2021 Author Share Posted May 10, 2021 5 minutes ago, itman said: Since you just joined the forum 19 hours ago and you have been "camped" on this thread all day, it's fairly obvious you are trolling. So I will just ignore you as everyone else has to date. Believe me, if you had anything to say you wouldn't ignore me As I said earlier, you only have excuses, and it is natural that you do not have words to say Link to comment Share on other sites More sharing options...
Administrators Marcos 5,071 Posted May 10, 2021 Administrators Share Posted May 10, 2021 Closing this topic due to trolling. The OP obviously also lyed, initially pretending to be a user who accidentally felt a victim of ransomare and then he turned out to deliberately perform amateurish tests by skewing the reality to bash ESET in favor of his favorite AVs MarcFL and Aryeh Goretsky 2 Link to comment Share on other sites More sharing options...
Recommended Posts