I wouldn't be surprised if Sciter comes bundled with a VM for running JS, but it's not explicit on their website. They do position themselves an an alternative to Electron. And it looks like every anti-virus package uses this product.
"In almost 10 years, Sciter UI engine has become the secret weapon of success for some of the most prominent antivirus products on the market: Norton Antivirus and Internet Security, Comodo Internet Security, ESET Antivirus, BitDefender Antivirus, and others. The use of HTML/CSS has allowed their UI to stay in touch with modern GUI trends throughout all these years, and will continue to well into the future.
Sciter Engine is a single, compact DLL of 5+ Mb in size. Application using it are 10+ times smaller than the ones built with Electron or Qt. And size of the distribution matters, one of main Sciter’s customers discovered “golden 40 seconds” rule: for the user, to buy a product, it should not take more than 40 seconds from the click on “download” button to the UI to appear on screen."
---
As mentioned by others, this would be separate from the JavaScript VM mentioned in the OP and would not run as a privileged account (it would just be the UI people interact with).
> one of main Sciter’s customers discovered “golden 40 seconds” rule: for the user, to buy a product, it should not take more than 40 seconds from the click on “download” button to the UI to appear on screen."
Is this another case of a metric becoming a target and thus no longer useful as a metric? The quality of software should be how well it performs its intended purpose, not by the conversion rate of the user funnel.
You can have the best performing software in the world and it is still worth exactly nothing if you can't sell. The reality is that cheaply developed software that sells well is usually good business.
With my limited knowledge on the matter, NOD32 (ESET) has 3 processes : ekrn.exe (SYSTEM), eguiProxy.exe (User) and egui.exe (User).
egui.exe is responsible of the UI interacting with the user and seems to not be running at all if the user never brings up the UI.
Considering the memory usage of the UI (~25 MB), looks like they choose to run a very lightweight UI (tray icon only) with eguiProxy.exe (2 MB) then start egui.exe if the user brings up the UI.
To be noted: the memory usage of the UI is almost the same as ekrn.exe which I suppose is the AV engine (1)
[1] I don't run the full suite and some features have been disabled (SSL MITM, web inspection and email inspection)
"In almost 10 years, Sciter UI engine has become the secret weapon of success for some of the most prominent antivirus products on the market: Norton Antivirus and Internet Security, Comodo Internet Security, ESET Antivirus, BitDefender Antivirus, and others. The use of HTML/CSS has allowed their UI to stay in touch with modern GUI trends throughout all these years, and will continue to well into the future.
Sciter Engine is a single, compact DLL of 5+ Mb in size. Application using it are 10+ times smaller than the ones built with Electron or Qt. And size of the distribution matters, one of main Sciter’s customers discovered “golden 40 seconds” rule: for the user, to buy a product, it should not take more than 40 seconds from the click on “download” button to the UI to appear on screen."
---
As mentioned by others, this would be separate from the JavaScript VM mentioned in the OP and would not run as a privileged account (it would just be the UI people interact with).