Jump to content

SeriousHoax

Members
  • Content Count

    72
  • Joined

  • Last visited

  • Days Won

    2

Everything posted by SeriousHoax

  1. Does ESET have any defense against this except manually creating HIPS rules?
  2. Any thoughts on this? https://www.bleepingcomputer.com/news/security/windows-explorer-used-by-mailto-ransomware-to-evade-detection/
  3. I am not saying it's bad at this but saying I've seen it missing script malwares more than other types. I always email those samples to the ESET lab and they also response when they add those to the signatures. But haven't found any sort of serious misses in recent times like ransomwares but I will share here if I find such. I think @itman may have some examples of misses. Edit: Well I was right about him. He even has logs.
  4. I think Trend Micro is one of the products that kind of does what you are suggesting and blocks most of the suspicious script executions by default. It may result in some false positives but it's very good against script based malwares where ESET is a bit weak in this department.
  5. Yeah right. I usually use ask for most HIPS rules so personally troubleshooting what needs to allowed for certain modification would be better. Ok, thanks.
  6. @Marcos What windows related processes should I allow if I want to allow manual modification of files in that folders like manually renaming, moving, pasting new files.
  7. Description: A Manage application section like Kaspersky or an Application network rules section like Kaspersky or maybe both. Details: Currently there is no way to know which programs I ran on my PC that was trusted by Eset or not. By having an Application manager it would make really easy give a detailed representation. Eset already kind of has this but that's for running processes only but not for all the products and also this window just shows information but I can't interact with it like it's possible in Kaspersky. And for Firewall, it's possible to add rules for specific programs of course but it would be better if there was list of all applications to show what is set to allowed by Eset and what not. This should be interactive too so if a user want to deny let's say "Cleaner" internet connection then the he/she would select Ccleaner from the list and deny it internet access instead of the current situation where user need to manually browser the program to block it in Firewall. The current implementation should always be there of course but my proposed interface would make everything much easier. Also a program can have multiple files that access to the internet. From this list it would be much easier to find that out. So, overall user experience would improve a lot. To have a closer look you may try installing Kaspersky to understand how this two mode works on their product. I don't want Eset to have the exact same to same that Kaspersky has but the basic idea should be the same. I love Eset because it's great product and super lite. But I want Eset to have these features. I'm sure it's not just me but everybody would appreciate it and it will make the product even better. Examples:
×
×
  • Create New...