Dmitry228

As far as I know, such LockScreens were popular years ago but they are not common nowadays at all. Moreover, users would have to know the key combination so it would not help typical home users much.

Ok, you're right. We'll add support for cleaning it via a module update soon.
I've tested it with eicar by replacing the default "explorer.exe" value and it was cleaned alright upon detection and cleaning of the eicar file.

Confirmed, I also disabled the task manager through the registry editor, but ESET is silent and does not see anything

Another thing I checked: when you change WinLogon (namely "Shell" and "Userinit") ESET also does not see anything and does not fix it.

I had the task manager disabled, but ESET did not find it and did not restore it

Hello! I have a little question. Does ESET fix problems like locked task manager, disabled registry editor, changed WinLogon and so on? For example, Kaspersky Lab products have a special tool that fixes all this. The product from Dr.Web fixes it during a scan (if it finds it). Does ESET fix similar problems? Thank you in advance!

Totally agree.
As far as I know, many free cloud-based sandboxes, like Opentip by Kaspersky, Joesandbox and Threatbook (a Chinese online sandboxing platform), can simulate user interaction (moving mouse, and automatically click buttons) to reveal malicious behavior performed by a sample.
As a paid sandbox, ESET LiveGuard ought to be better than these free products.

Okay, thank you! Will this technology be added in the future?

Hello! I am interested in one question: Does ESET have a technology to rollback malicious actions of a program (similar to the one in Kaspersky Lab products) whose behavior was deemed as malicious by the deep behavioral check? For example, moving the files created by such a program to quarantine, deleting registry entries associated with it and those created by it, etc. And if there is no such feature, will it be added in the future? Thank you in advance!

ESET creates industry-leading signatures and is good at detecting known ransomware.
But I hope ESET can improve its behavioral blocker or introduce protected folder function to better deal with unknown ransomware.

If it's that easy to evade LiveGuard then I have to say that LiveGuard seems very basic and ineffective. There are emulators/sandbox out there that can simulate user clicks. There are also malware that tries to fool such sandbox's but countermeasure can be taken to detect such evasion techniques which would indicate that the file is malicious. You can read all about it and much more here:
https://evasions.checkpoint.com/techniques/human-like-behavior.html#check-mouse-movement:~:text=a sample emulation.-,2.2. Check via a request for user interaction,-Some malware samples
It doesn't make much sense to charge premium price for LiveGuard when it can't even do this. LiveGuard would give safe verdict to such samples and users may end up getting infected. Samples marked as safe by LiveGuard probably aren't sent to malware analysts, so till they get their hands on such samples, it's a lost cause. There's a huge room for improvements here for ESET.