Logical Continue Of
Improve Cloud Detection and SONAR
http://community.norton.com/t5/Norton-Product-Ideas/Improve-Cloud-Detection-and-SONAR/idi-p/415570
Provide in main product packet (e.g. NAV, NIS, N360 installers) the tools to recover normal system state to make user able each time after missed infections to restore normal state. This is as Norton can't block all malware actions. Kaspersky is already and a long time have such tools to help AV to keep OS and programs normally workable after missed infections.
Want to say more: include in this tools statistic submission module to view how many times and what users is mostly recover by themselves. Make detailed auto-submissions, in which will be stored detailed info that exactly was and bacame.
And than make (another) monitoring rule for this field (registry item).
It wil be good like Windows Defender on WinXP does but it is no good anough - not all actions.
You can do allow changes made by protocol them to user be able to restore (deny) them and so return to previous system state.
Glad to see here other people from Russia! :)
I saw this idea - I can't say that manual Quarantine ability needs in NPE - it can be prodices with main AV product.
But here I'm talking about restoring prev. state after some suspicious services was added, registry items such as disabling task manager and CMD and different others, deny ability of autorun entries and other at least provided by MS Windows Defender in WinXP OS. It is differ from just quarantine and removing quarantine samples - it is restoring of normal (prev.) setting of software and OS - it is malware footsteps what restrict normal user work and actions. They must be restored in all ways - some people looks for answers on the Internet, some reinstall some programms, some reinstall whole OS if this leaved settings are critical or their quantity is big.
Thus malware footsteps may be very-very annoing.
To prevent users from doing this - security product can contain such ability. If virus flowed - other manual methods of fixing it work may be applied and of cause it can leave its footsteps in OS.
Missed virus - it is AV fault - then provide user in power tools to resolve this issue, make auto-submission statistics on this - and see how it is useful (it will be very useful), make detailed statistics - that entries was corrected and on what. Than update your AV engine to monitor changes in this areas and such AV products will have more effectiveness then others.
So it is good for all - for end users and in effectiveness => reputation of AV engine
Logical Continue Of
Improve Cloud Detection and SONAR
http://community.norton.com/t5/Norton-Product-Ideas/Improve-Cloud-Detection-and-SONAR/idi-p/415570
Provide in main product packet (e.g. NAV, NIS, N360 installers) the tools to recover normal system state to make user able each time after missed infections to restore normal state. This is as Norton can't block all malware actions. Kaspersky is already and a long time have such tools to help AV to keep OS and programs normally workable after missed infections.
Want to say more: include in this tools statistic submission module to view how many times and what users is mostly recover by themselves. Make detailed auto-submissions, in which will be stored detailed info that exactly was and bacame.
And than make (another) monitoring rule for this field (registry item).
It wil be good like Windows Defender on WinXP does but it is no good anough - not all actions.
You can do allow changes made by protocol them to user be able to restore (deny) them and so return to previous system state.
Already was at least in Kaspersky Iinternet Security 2010 (autumn-2009 - summer-2010):
"Отмена нежелательных изменений на вашем компьютере."
"Cancel ability of unwanted changes on your computer."