Eset Guard Protection

[alexander14 2]

Please add function :

Eset Innovation Ransom Guard - adds another level of protection to the PC, which monitors suspicious changes in the file system and warns the user when a dangerous activity is recorded, offering to cancel malicious changes. In addition, this technology allows Eset to detect various types of zero-day threats.

About Eset technology:

Planned  feature: Ransom Guard technology:

I have idea how to working Ransom Guard tehcnology.

Innovation Ransom Guard technology is good block virus ransomware (100%).   

Take  md5 hash. 8a669e9418750c81ab90ae159a8ec410   -  thats is md .        

Module  Ransom block  , (8a669e9418750c81ab90ae159a8ec410 )*.*.wncry ,  (md5) *.*.exe ,  ( md5)  *.*.cry

*.*.wncry ,   *.*.exe ,   *.*.cry   ,   *.*.   -  thats is original  virus to encoded crypt file and other.

Module have update  good and block  , special  non md5 hash.    Why?

Module have good block    :

*.* - thats is original md5 hash generated virus crypt file.

. name encounder .

See how to add and update to block special module Ransomware Guard :

 *.*.cry 

*.*.exe , 

*.*.wncry , 

and other texts virus.

-thats is original text of Ransomware 

How working Eset Ransomware detect?

8a669e9418750c81ab90ae159a8ec410).wncry ,   -thats is original block name ransomware  .wncry , .exe ,  .crypt, other   (this is read .txt to rename .wncry, .exe, .etc ).

 8a669e9418750c81ab90ae159a8ec410).exe

 

Eset Ransomware Guard - block  text :  .wncry,  .exe ,   *.*.cry  -  to block , and send to viruslab  and quarantine.   That's is  good Working for feature defense file.

 

Edited October 29, 2018 by alexander14

[Marcos 4,919]

ESET has had a smart HIPS-based Ransomware shield incorporated for a couple of years.

While we appreciate suggestions and feedback, they should be reasonable, realistic and constructive.

As for using MD5 signatures, it would bring ESET to the prehistoric stone age. MD5 hash is not safe and should not be used for other than some internal purposes where security doesn't matter. We use SHA1 internally which is safe enough for the purpose we use it. Moreover, hash-based signatures are trivial and very easy to bypass. We use them typically for whitelisting a particular file. We mainly use DNA detections and DNA hash for detecting malware. It's much smarter than simple signatures or hash blocking since one detection or DNA hash can block thousands of variants of malware. With simple hash signatures, we could not protect users proactively, the engine would grow let's say 1000-fold hand in hand with the memory consumption. So no, thanks, hash detections are a matter of the stone age and we are already ages away.

[alexander14 2]

Yes.

Thats feature Ransomware Intelectual Engine-Humanoud  .  Thats is Heurestic block to robot engine , no Expert human detection.   Thats feature  Human-Robotic Engine -thats is strong robot humanoud  block and threats 0.01 second search and add signature update .  Thats is innovaion humanoud cybersecirity research.

[galaxy 11]

That's a great idea

[Marcos 4,919]

8 minutes ago, galaxy said:

That's a great idea

Not only an idea but reality. We've been using automated detections for years and this system has developed over time.

[galaxy 11]

@Marcos Thanks for your answer, I took a test once, I have to say .. I had nix on my computer;-) ESET is really doing a great job. Youtube videos are complete rubbish that showed me my test. And those who catch a virus have mostly themselves to blame. The largest virus sits in front of the computer;-)