Disturbed and filled with Questions!

Discussion in 'ESET Smart Security' started by B0mbardo, Jul 24, 2008.

Thread Status:
Not open for further replies.
  1. B0mbardo

    B0mbardo Registered Member

    Joined:
    Jul 24, 2008
    Posts:
    1
  2. Edwin024

    Edwin024 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    1,000
    WOW... Eset fails miserably.... It seems that ESET has lost it all in just a year.
     
  3. saberfox

    saberfox Former Poster

    Joined:
    Jul 23, 2008
    Posts:
    84
    The reason for this is that ESET has no "proactive protection instruments" to speak of (HIPS, behavior blockers, etc). The tester was testing ESET for a defense mechanism that wasn't even there.
     
  4. Edwin024

    Edwin024 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    1,000
    But ESET does claim to protect your system fully with their instruments... And it certainly doesn't, looking at the vids.

    From the Eset website:

    ESET delivers the fastest, most effective and most proactive antivirus and antispyware software solution to eliminate viruses, spyware, adware, worms, trojans, rootkits and other malware before they attack your system. Nobody does proactive protection better than ESET!

    Well, again: watch the video and see where ESET fails. On almost all of what they promise in their website text.
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    This presentantion is NOT BASED ON REALITY. In real life, the user would need to get that malicious file from somewhere. If it's actually detected (by a standard or generic signature, or by Advanced heuristics), it WOULD HAVE BEEN NEUTRALIZED AND QUARANTINED when being written to the disk so it would have had no chance to perform any malicious action. The guy said he enabled all options before doing the test. But if the file was actually recognized (by AH/generic signatire) and the guy actually enabled AH/RTP on access, THE FILE WOULD NOT RUN at all. So what gives? o_O o_O o_O I'm sorry, but it really seems to me biased, unfair and taken completely out of the reality for the reasons I've mentioned.
     
  6. Melchi501

    Melchi501 Registered Member

    Joined:
    Apr 11, 2007
    Posts:
    90
    Between Outpost Security, Kaspersky 7.0 and Ess who wins? Outpost Security.

    The tester is Igor Pankov : "Igor joined Agnitum in 2003 as a security consultant and later became Product Manager for the Outpost firewall product range(...)"

    But it's just a coincidence n'est-ce pas ?:shifty:
     
  7. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    He disabled all signature-related scanners :rolleyes: and as you said the "presentantion is NOT BASED ON REALITY". So with that protection disabled, the test now proceeds to attempt to show how ESS acts when "HIPS function are active".

    It's at that point I have questions. Is ESS considered a true HIPS and does Eset "promise in their website text" as the poster above is claiming :doubt:

    ESSfud.JPG
     
  8. Jenee

    Jenee Registered Member

    Joined:
    Dec 27, 2007
    Posts:
    185
    I must be stupid but the test did not prove anything to me. If you disable important functions in an antivirus/firewall program, how can you then expect it to perform at its best?
    Supposedly turning off the same functions in different pieces of software is not a good comparison because it is not known if what is left is operating in a similar manner.
    This test is meaningless to me. I'll stay with ESS.
     
  9. Shankle

    Shankle Registered Member

    Joined:
    May 2, 2006
    Posts:
    510
    So what virus protection program is this guy pushing. Usually there is an alterior motive behind things like this. As previously stated how can you test ESS with the options disabled? I have had Eset on my Puter for years and am all over the Web and NEVER have had any virus attacks.
    Some more explanations by the ESET people to help ease my mind would be appreciated.
    Thanks
     
  10. FirePost

    FirePost Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    212
    Yes, and only if it was detected. As has been stated in other places no one detects 100%. Turning off the signature based portion is a valid way to simulate malware that is undetected by the blacklisting or behavioral analysis.

    Equally valid to my mind would be to disable all features of any security program to simulate something that gets around it. These type of tests only show that if something is malware and not blocked it does bad things. Hence the name malware one supposes.

    I do not think this is a support issue though. Perhaps it could be moved to a new thread entitled Silly Tests or Marketing did what!?
     
  11. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Its Quite a Biast test.

    Since Kaspersky 7.0 Default level of protection was only that way to reduce popups... put the " Full " Proactive " " Settings on and make the firewall on Training mode and then lets see what happens -.-

    Its a biast test because all suites should be tested with " FULL Proactive defence" Options on. that way you can properly judge the effectiveness of the suite.
     
  12. GAN

    GAN Registered Member

    Joined:
    Mar 3, 2007
    Posts:
    355
    Of all the useless tests this one must be among the worst and regarding outpost the test show that neither outpost proactive defense detect the threat. Everyone can add an annoying popup each time something is written to registry or some files is changed, but that doesn't mean the application can detect threats. A good security program should inform you when some threats is detected and never bother you if everything seems to be fine.....then they have a piece of software with good threat detection. Security applications that ask you a question every minutes because they are not capable of separate real threats from normal behavior i find to be useless and very annoying. The annoying popup that always ask for permission regardless of a threat or not is nothing to brag about. How should a user that is not familiar with the registry and computers know when they should click "allow" and when they should click "deny" if they see the warning "Application is attempting to modify a critical object". This warning seems like a bad idea to allow in any case and require that you know for sure if the file is clean or not. For a lot of people it's impossible to distinguish a infected file from a clean file with such a warning.

    Not to mention the guy that performed the test works or recently worked for Agnitum and the fact that this test is useless because most of the modules is disabled. This is also the first test i read where outpost beats kaspersky and nod32. Most of the tests i have seen so far rate nod32 and kaspersky pretty high.
     
  13. emperordarius

    emperordarius Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    1,218
    Location:
    Who cares
    This test does prove things. It does prove that Eset completely lacks a Behaviour blocker. BUT, this doesn't mean that Eset isn't providing sufficient protection. Because besides it's good heuristic detection, if the real time protection was on the virus would have been neutralized before it could actually do anything. And maybe even if it wasn't in signatures yet it could be detected using heuristics.

    So the tester made some errors in his testing:

    -Disabled heuristic detection in ESS, because after all isn't heuristics made to detect new viruses Before they are executed?
    -Used partial protection in KIS 7, and didn't use Registry guard, which should have alerted when the virus would have tried to put itself in the startup entry, function which Outpost Firewall DID use.
    -There is no mention of which exact version of programs may have been used. The Malfunctioning guard of KIS 7 may have meant that they're either using a beta software or a build known for those kind of issues.
     
Thread Status:
Not open for further replies.