App Review AppGuard against Ransomware

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
5

509322

erreale said:
My mistake. I mean Scan with..second opinion av
Click to expand...

Second opinion scan is OK and all, but what if it doesn't detect anything because it has no signatures to detect with ?

It is better testing methodology to manually inspect what is running in active memory using Process Explorer, Process Hacker, System Explorer, etc. If you find something, then you can check for its autorun.

Also, check if anything placed inside Documents\My Private Folder or any other user-created Private Folders has been encrypted.

If anything else in User Space is encrypted - it isn't important - because after a ransomware infection, you will need to clean install the OS to start over with a known clean system.

The goal of AppGuard Private Folders is to protect user data - and that's it - but a user has to take full advantage of Private Folders.
 
Last edited by a moderator:
  • Like
Reactions: Andy Ful, harlan4096, Duotone and 2 others
Duotone

Duotone

Level 10
Verified
Well-known
Mar 17, 2016
464
Nice test...

Lockdown said:
Guarded ransomware can still encrypt C:\Users\* directories.
Click to expand...
Even in lockdown?!

Lockdown said:
The goal of AppGuard Private Folders is to protect user data - and that's it - but a user has to take full advantage of Private Folders.
Click to expand...
If I add a drive say F: and set it to protected would that suffice?! I store macrium images on that drive..
 
Last edited:
  • Like
Reactions: XhenEd
5

509322

Duotone said:
If I add a drive say F: and set it to protected would that suffice?! I store macrium images on that drive..
Click to expand...

Protected mode, at this time, does not block the execution of files with a proper certificate. However, the digitally signed ransomware would have to encrypt connected drives and specifically the Macrium image file type.

All this matters if you are paranoid. In that case, don't leave any external drives connected to the system all the time.
 
  • Like
Reactions: XhenEd and harlan4096

Similar threads

NB InfoTech
    • Like
App Review Want to try? | Comodo Antivirus Test & Review | Comodo Internet Security vs Ransomware | 2024
Replies
4
Views
404
Video Reviews - Security and Privacy
bazang
bazang
L
    • Like
App Review Windows Defender Controlled Folders bypassed by ransomware
Replies
1
Views
363
Video Reviews - Security and Privacy
oldschool
oldschool
NB InfoTech
    • Like
App Review Trend Micro Maximum Security Antivirus Review | Trend Micro vs Ransomware Test | [TESTED]
Replies
1
Views
729
Video Reviews - Security and Privacy
Bot
Bot

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top