- Sep 9, 2012
- 470
Test xvirus firewall against ransomware pls .-).I want to know at what level firewall function of anti ransomware.TNX
More Fun with Ransomware Part 2
- Thread starter cruelsister
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
- May 1, 2015
- 314
I am using Appguard, really like the program power, with my current av (now its KIS2016 patch b again)
- Jun 29, 2014
- 139
I hear more and more about this software.
It is used for what. It's like the Whitelist system SecureAPlus? Combined with a sandbox if I understand?
I did not find a trial version for a test of this software.
Otherwise good video, I love your tests on ransomware!
- Jun 14, 2011
- 1,850
- Mar 19, 2015
- 217
As an experienced user I don't use anti virus at all, I do file recovery and a lot of file transfer through the network and any AV will slow me down. I never connect USB without checking it first, I download only known files. I trust myself. until now
My main laptop with important files use ESET and that was my luck.
I would never ever think about this before and I don't think anyone of you would.
Happy bought few USB drive from ebay for the windows 10 upgrade I need a lot of them for my work and I need 5 Languages so I'll need 10 stick. the prices on ebay are low 5 dollars for 32 gig.
I connected the usb for testing and guess what one of them has auto run virus which was blocked by ESET.
You'll never know how or when it'll bite you. even buying new USB is risky. I've always asked myself how can they afford them self to sell an item for 4 dollars including shipping the shipping probably costs more. I guess I've got my answer.
My main laptop with important files use ESET and that was my luck.
I would never ever think about this before and I don't think anyone of you would.
Happy bought few USB drive from ebay for the windows 10 upgrade I need a lot of them for my work and I need 5 Languages so I'll need 10 stick. the prices on ebay are low 5 dollars for 32 gig.
I connected the usb for testing and guess what one of them has auto run virus which was blocked by ESET.
You'll never know how or when it'll bite you. even buying new USB is risky. I've always asked myself how can they afford them self to sell an item for 4 dollars including shipping the shipping probably costs more. I guess I've got my answer.
- Sep 9, 2012
- 470
I had the same problem with a mobile phone for 60$.Reportedly picked the wrong vendor software.
- Mar 15, 2011
- 13,070
@yesnoo: Well if we look it very closely, those ransomware create messy parts to make files unreadable and cannot load any programs so with virtualization can revert everything to a normal state.
Dont Ransomware encrypt files related to the software like AX64, Rollback, etc...?
- Mar 15, 2011
- 13,070
@yesnoo: According to some users especially on 'Wilders', those software can handle nasty samples like ransomware efficiently. Yes they encrypt executable files however you will notice that many antivirus does not shutdown easily from its manipulation.
I meant ransomware will not encrypt AX64 or Rollback files? If it will then restore will be possible?
Or ransomware cannot encrypt AX64 or Rollback files?
- Apr 13, 2013
- 3,224
Snapshot applications like Rollback and AX64 are intrinsically protected from encryption by ransomware. In way of explanation, let's say you use Rollback and create a snapshot. When you install a program (or run ransomware) no changes are made to your actual system; Rollback, being integrated into your OS, will re-direct something that tries to write something to the disk to an empty sector of the disk. Windows is then "fooled" into thinking that system changes were made when nothing of the sort have occurred.
In short, anything you run on a Snapshot protected system (ransomware, trojans, legit applications, whatever) is actually being run in a virtual environment and can't touch anything that actually exists. Look at it like a sandboxing program that sandboxes everything all the time automatically.
Hope that was clear (but doubt that it was...).
In short, anything you run on a Snapshot protected system (ransomware, trojans, legit applications, whatever) is actually being run in a virtual environment and can't touch anything that actually exists. Look at it like a sandboxing program that sandboxes everything all the time automatically.
Hope that was clear (but doubt that it was...).
Got the point but yes dont understand it completely.
The virtualization part. It felt like you are talking about Shadow Defender & like light virtualization software & not snapshot program.
The virtualization part. It felt like you are talking about Shadow Defender & like light virtualization software & not snapshot program.
Last edited by a moderator:
- Apr 13, 2013
- 3,224
A snapshot program is virtualization. Once you install it and make your first snapshot all subsequent things that you do on your computer will be made in a virtual environment and not on the actual system.
When you want to revert to a previous stare all the Snapshot application will do is delete the snapshot- this is unlike an Imaging program where stuff has to be replaced on the drive. The upside to a Snapshot (vs Imaging software) is that they are small (only changes are saved) and can be reverted quickly (just a deletion of the changes need to be done). The downside is that if your drive fails you are screwed.
When you want to revert to a previous stare all the Snapshot application will do is delete the snapshot- this is unlike an Imaging program where stuff has to be replaced on the drive. The upside to a Snapshot (vs Imaging software) is that they are small (only changes are saved) and can be reverted quickly (just a deletion of the changes need to be done). The downside is that if your drive fails you are screwed.
i everyone, i am absolutely not an expert, just reading out of curiosity..i read on an italian website that now to distinguish crypted files, you have to look the header of the file.
- Mar 19, 2015
- 217
With all the respect to you (and there is a lot) sandbox isn't the best soloution for everyone and why? space it is eating a lot of space. i tested comodo with ransomware it saved all the changes made by the virus, I ran away from space. so if you do not have double space from the operating system thats not the best solution
Kind regards
- Apr 13, 2013
- 3,224
Done- the use of Comodo Firewall (or any sandbox) should have about zero impact on disk space. Unlike snapshot applications, very little is actually virtualized- and what is can be found in the VTRoot directory which can be totally flushed by sandbox reset or on a reboot.Nothing will otherwise be saved.
I certainly agree with you that you have to be conscious of disk space (I lose sleep at 50%!), but CF isn't the issue. As a suggestion, why not try a program called Treesize. It informs you of what exactly is taking up space on the drives.
Disk Space Manager software at its best: TreeSize Professional
I certainly agree with you that you have to be conscious of disk space (I lose sleep at 50%!), but CF isn't the issue. As a suggestion, why not try a program called Treesize. It informs you of what exactly is taking up space on the drives.
Disk Space Manager software at its best: TreeSize Professional
- Dec 24, 2011
- 480
@ CS,
Does your setup off Comodo Firewall still stand with new version, and would that setup save the user in this case also?
/W
Does your setup off Comodo Firewall still stand with new version, and would that setup save the user in this case also?
/W
- Dec 3, 2015
- 938
What a nasty surprise here in this video 
Thanks for testing this cruelsister, great videos as always, yes I agree virtualization, HIPS, whitelisting and layered security( router level, dns, browsing,download,AM or AR supplementary) can block what the core program may not detect.
Thanks for testing this cruelsister, great videos as always, yes I agree virtualization, HIPS, whitelisting and layered security( router level, dns, browsing,download,AM or AR supplementary) can block what the core program may not detect.
- Apr 13, 2013
- 3,224
Wood- There is no difference in the setup as this build can be considered a minor release.
Similar threads
