Xvirus Personal Guard 5.0 roadmap

[Dani Santos]

This is the roadmap for the new version of Xvirus. It will take time to develop because i want it bug free. Please help suggesting features or beta testing when the beta is out. I will update this thread frequently.

Roadmap:
1-Right click scan (done)
2-"Delete all" button bug (fixed)
3-Whitlist(done)
4-Usb guard improvement(working now)
5-behavior guard improvment(need suggestions)
6-File guard improvements(need suggestions)
7-More settings(need suggestions)
8-Heuristics
9-Cloud community detection
10-Gui bug fixes
11-Improve current tools vs new tools or both?
12-New alert GUI?(yes or no)
13-Self protection and encryption(by dubseven)
14-Url filtering(by malware test)

Feel free to suggest new things to add on the new version.
Thanks for reading

 

[MalwareT]

What about engine ? And UI which was seen before is awesome.

 

[Dani Santos]

What about engine ? And UI which was seen before is awesome.

Ill use the same engine with improvements(ill add heuristics and cloud), thanks it will be the same GUI except on alerts.

 

[MalwareT]

Ill use the same engine with improvements(ill add heuristics and cloud), thanks it will be the same GUI except on alerts.

Ok, does it work alongside antivirus ?

 

[Dani Santos]

Ok, does it work alongside antivirus ?

Yes it will continue to be an anti-malware like it is now

 

[Dubseven]

You should improve software protection, it's really very easy to crack and self protection.

 

[MalwareT]

I'll suggest you to add these features (if it's possible):
-Vulnerability scanner
-Url filtering (it includes phishing)
-Self protection
-Firewall
-Maybe sandbox
-HIPS

Thanks in advance

 

[Dani Santos]

I'll suggest you to add these features (if it's possible):
-Vulnerability scanner
-Url filtering (it includes phishing)
-Self protection
-Firewall
-Maybe sandbox
-HIPS

Thanks in advance

Thanks for the suggestions.
1) Ill take a look at that
2) I still have to study chrome and firefox i can only get it working with internet explorer
3)now on roadmap
4)we already have one(Xvirus Personal FIrewall)
5)I made one, but i have to improve it because it is very easy to bypass.
6) We prefer behavior blocker, hips makes too many alerts

 

[MalwareT]

And why don't you include firewall in Virus Guard ?

 

[Dani Santos]

And why don't you include firewall in Virus Guard ?

Im planing making a internet security product. Xvirus personal guard is just antimalware, the internet security version will be standlone antivirus

 

[MalwareT]

Paid or free ?

 

[Dani Santos]

Paid or free ?

Paid. It will have antivirus, firewall and cleaner all in one.

 

[Cowpipe]

Some basic 'read only' behavioural analysis using API hooking (with necessary restrictions, for example, no access to other processes, no driver loading, no internet access etc)

If you're still programming in .NET, remember to obfuscate the source-code as .NET include a huge amount of metadata which can be decompiled back to a reasonably understandable source-code . There are many techniques to do this manually but the simplest way is to get a tool to do it for you (dotfuscator for example).

Be very careful about falling into the trap of 'crypting' your binary files, this will automatically annoy your users as they will now be utilising the same tools as malware, leading antivirus companies to detect your software as malicious.

 

[Dani Santos]

Some basic 'read only' behavioural analysis using API hooking (with necessary restrictions, for example, no access to other processes, no driver loading, no internet access etc)

If you're still programming in .NET, remember to obfuscate the source-code as .NET include a huge amount of metadata which can be decompiled back to a reasonably understandable source-code . There are many techniques to do this manually but the simplest way is to get a tool to do it for you (dotfuscator for example).

Be very careful about falling into the trap of 'crypting' your binary files, this will automatically annoy your users as they will now be utilising the same tools as malware, leading antivirus companies to detect your software as malicious.

Thanks im working on that. And i got a sandbox working it blocks and logs the files action on filesystem and registry, but im trying to make the file running inside the sandbox instead of blocking all the actions

 

[Cowpipe]

Thanks im working on that. And i got a sandbox working it blocks and logs the files action on filesystem and registry, but im trying to make the file running inside the sandbox instead of blocking all the actions

API hooking is a good start. Redirect the API calls, so a 'write' command to "C:\Windows\System32\eyioiyw.dll" redirects to "C:\Sandbox\C\Windows\System32\eyioiyw.dll" - and any calls to that path are also redirected etc. Block memory writes for now, just monitor them so you can detect suspicious writes (eg: writing to another process)

 

[WinXPert]

This is the roadmap for the new version of Xvirus. It will take time to develop because i want it bug free. Please help suggesting features or beta testing when the beta is out. I will update this thread frequently.

Count me in for testing

 

[Dani Santos]

API hooking is a good start. Redirect the API calls, so a 'write' command to "C:\Windows\System32\eyioiyw.dll" redirects to "C:\Sandbox\C\Windows\System32\eyioiyw.dll" - and any calls to that path are also redirected etc. Block memory writes for now, just monitor them so you can detect suspicious writes (eg: writing to another process)

But how do i get that dll inside the sandbox? I got it working to make it create files inside the sandbox, the problem is make it reading and writing files from out the computer inside the sandbox