Ahmeduchiha 2 Posted April 15, 2020 Share Posted April 15, 2020 (edited) I have suggestion to improve ESET. Application control: monitoring important system files including hosts file, registry keys and prevent apps with suspicious behavior from modifying these files also categorize running app into categories trusted, or restricted or not trusted kind of white list and black list but more advanced. ransomware remediation: it can monitor app behavior and it's actions and take backup of these files that might encrypted temporarily and if these files encrypted by malware ESET can roll back malware action not only for ransomware but any malware can damage the system and it's registry keys. making the software more automated and less user dependent cause I don't know if this app malware or not, is this connection secure or lead to malware so, I would like to see ESET fully automated and take proper action automatically. vulnerability scanner: that searches for weak windows and apps settings also notify for outdated app or OS that might be vulnerable and fix it automatically with notification to the user. URL web search advisor for malicious sites, safe sites , potentially unwanted site that might drop adware and phishing sites. Anti banner and tracking cookies. protection against key logger: by encrypting all key press in real-time by this method even if malware not detected be scanner key caps will be still encrypted and the hacker will gain nothing and this method will work in games, browsers and all apps. microphone protection: protect against potential malware or unsafe app that might use microphone to spy on the user and action taken automatically by ESET to block connection and usage of mic. prevention of transmitting password over insecure connection or insecure website. some improvements to HIPS and behavioral blocker to identify new and unknown malware before doing any damage to the system cause in some cases the threat detected too late after the malware has done damage to the system. ability to disinfect malware only and saving the original file photo, audio or exe file for games. virtualization: to test unknown malware adding notes securely in ESET password manager Edited April 15, 2020 by Ahmeduchiha Frenk 1 Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted April 15, 2020 Administrators Share Posted April 15, 2020 2 hours ago, Ahmeduchiha said: I have suggestion to improve ESET. Application control: monitoring important system files including hosts file, registry keys and prevent apps with suspicious behavior from modifying these files also categorize running app into categories trusted, or restricted or not trusted kind of white list and black list but more advanced. Application Control is planned. 2 hours ago, Ahmeduchiha said: ransomware remediation: it can monitor app behavior and it's actions and take backup of these files that might encrypted temporarily and if these files encrypted by malware ESET can roll back malware action not only for ransomware but any malware can damage the system and it's registry keys. A research was already made, currently there are no plans to back up files. We focus on protection since letting malware run has always negative consequences and 100% remedy is often not possible. Not to say that backing up any files in the event of modification has adverse effect on performance and that could render the machine unusable if big files are modified. 2 hours ago, Ahmeduchiha said: making the software more automated and less user dependent cause I don't know if this app malware or not, is this connection secure or lead to malware so, I would like to see ESET fully automated and take proper action automatically. ESET software is install-and-forget. End users use automatic mode in which they are not prompted for actions (firewall, HIPS, malware cleaning, etc.). 2 hours ago, Ahmeduchiha said: vulnerability scanner: that searches for weak windows and apps settings also notify for outdated app or OS that might be vulnerable and fix it automatically with notification to the user. Patch management is not currently planned. If there is one day, it will be probably in business products. Most likely it would not be a part of ESET NOD32 Antivirus. 2 hours ago, Ahmeduchiha said: URL web search advisor for malicious sites, safe sites , potentially unwanted site that might drop adware and phishing sites. That is not planned. ESET uses a strong URL scanner which protects users from suspicious or malicious URLs. 2 hours ago, Ahmeduchiha said: Anti banner and tracking cookies. Not planned. There are other add-ons and 3rd party applications for that, we make antimalware software. 2 hours ago, Ahmeduchiha said: protection against key logger: by encrypting all key press in real-time by this method even if malware not detected be scanner key caps will be still encrypted and the hacker will gain nothing and this method will work in games, browsers and all apps. Anti-keylogger is part of the secured browser used by Banking and payment protection. 2 hours ago, Ahmeduchiha said: microphone protection: protect against potential malware or unsafe app that might use microphone to spy on the user and action taken automatically by ESET to block connection and usage of mic. Not sure if this is planned but there's a chance we'll have it in the future. 2 hours ago, Ahmeduchiha said: prevention of transmitting password over insecure connection or insecure website. I have no clue what you mean. Both the peer and server would have to support it so SSL is best thing for securing connection. 2 hours ago, Ahmeduchiha said: some improvements to HIPS and behavioral blocker to identify new and unknown malware before doing any damage to the system cause in some cases the threat detected too late after the malware has done damage to the system. Behavior Blocker as well as HIPS and other malware are constantly being improved. 2 hours ago, Ahmeduchiha said: ability to disinfect malware only and saving the original file photo, audio or exe file for games. ESET has always been able to clean malware, e.g. if infected by Virut or other file infecting virus. Cleaning is not possible if a virus rewrites vital data in files. 2 hours ago, Ahmeduchiha said: virtualization: to test unknown malware Again, we make antimalware software. There are other vendors that make hypervizors, such as VMware, Oracle, etc. Nightowl and fabioquadros_ 2 Link to comment Share on other sites More sharing options...
Ahmeduchiha 2 Posted April 15, 2020 Author Share Posted April 15, 2020 Quote prevention of transmitting password over insecure connection: what I mean when visiting http website and require me to enter my username and password the connection and the website is not secure to transmit password so This sounds like something that would require a browser plug-in, not something that can be performed while filtering the network communication via Windows Filtering Platform. As I wrote, there are currently no plans for this. Quote virtualization: to test unknown malware: what I mean here is kind of sand boxing technology testing unknown files using virtualization and hardware capabilities this will help ESET to identify new malware. Files scanned by advanced heuristics are emulated, ie. run in a virtual environment to determine the genes which are essential for smart DNA detections that describe behavior and structure of malicious files. Moreover, files resembling malware are sent via the LiveGrid Feedback system for replication to ESET and subsequently new smart detections are distributed to users via the LiveGrid Reputaiton system. Quote URL web search advisor: what I mean here is the green mark that shows if this website in search result safe or not before visiting or clicking on the link of the website. As I already explained, this is not planned. We already use a strong http(s) scanner that blocks access to dubious and malicious websites. Link to comment Share on other sites More sharing options...
Ahmeduchiha 2 Posted April 15, 2020 Author Share Posted April 15, 2020 Thank you for your reply also is it possible to make ESET password manager check if any of my email password has been leaked or compromised? also does ESET provide Dinamic Data Exchange protection agaist such attack and does it use deep packets inspection to filter data coming to PC and dll code injection protection? I uploaded test files when I test my protection it says that I am vulnerable could you please check these files and I am thankful for your help and I hope I helped ESET with my suggestions. Thank you Link to comment Share on other sites More sharing options...
Ahmeduchiha 2 Posted April 15, 2020 Author Share Posted April 15, 2020 Please submit these files for analysis and test. the password is "infected" without quotes. Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 393 Posted April 18, 2020 Most Valued Members Share Posted April 18, 2020 On 4/15/2020 at 7:07 PM, Ahmeduchiha said: Thank you for your reply also is it possible to make ESET password manager check if any of my email password has been leaked or compromised? also does ESET provide Dinamic Data Exchange protection agaist such attack and does it use deep packets inspection to filter data coming to PC and dll code injection protection? I uploaded test files when I test my protection it says that I am vulnerable could you please check these files and I am thankful for your help and I hope I helped ESET with my suggestions. Thank you I can't answer for eset but I know stickypassword which esets password manager is based on are planning to do this although it seems delayed. Link to comment Share on other sites More sharing options...
fabioquadros_ 1 Posted April 23, 2020 Share Posted April 23, 2020 On 4/15/2020 at 12:03 PM, Marcos said: Application Control is planned. It would be a nice extension for HIPS, basically integrating LiveGrid reputation and HIPS. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted April 23, 2020 Administrators Share Posted April 23, 2020 12 minutes ago, fabioquadros_ said: It would be a nice extension for HIPS, basically integrating LiveGrid reputation and HIPS. Actually HIPS has leveraged LiveGrid from the very beginning. Link to comment Share on other sites More sharing options...
Recommended Posts