Best ransomware blocker based on zero day feedback

[maaster]

Hello All,

Just a curious question I thought of asking today.

Which security suite withstood the ransomware attack in 2017 or has better results in withstanding ransomware attacks zero day? In need of buying a new AV. Thought this discussion might help me decide.

Perhaps there might already be a thread on this topic. If it is there pls point out to me.

Thanks.

 

[JM Safe]

Hello @maaster , I recommend Zemana and Kaspersky, Emsisoft. Zemana uses innovative and powerful technologies to detect ransomware behaviour, but also zero day malware. ZAM 3.0 is now in beta and it will offer even bigger protection with AI method, a new file reputation method to detect zero day malware more efficiently, Smart Scan and more. Emsisoft and Kaspersky have also good behaviour blocking technologies to prevent ransomware infections.

 

[Moonhorse]

Comodo Cloud AV
Comodo internet security
Comodo firewall


I vouch for comodo cloud av
- light
- no bloatware/ads
- set up default block mode & forget
- not buggy like cf/cis

Someone correct me that ransomware can be signed as trusted, and make it throught CCAV but thats very unlikely, and same thing can happen with any other av vendor aswell

 

[brod56]

Are you buying a new AV? Kaspersky, BitDefender and Emsisoft are your best options - very powerful, tweakable products with built-in anti-executable solutions if you wish to use them top improve anti-ransomware protection.
You can also opt for free solutions, such as Comodo Firewall (make sure to check Cruelsister's setup) and Voodooshield. They are more complex but also very reliable.

 

[amico81]

There are some videos of @cruelsister where qihoo360 is a good defender against ransomware

 

[bribon77]

I use Comodo Firewall with the Cs configuration. and it's good for the Rasomware.
I would say.
Free Comodo Firewall with the Cs settings.
payment: Kaspersky well configured.

 

[Wraith]

Comodo Firewall(properly configured) and Kaspersky Free Antivirus. This combo will destroy any ransomware and malware you throw at it. But the best defence against ransomware is a proper backup stored at a location isolated from the main system.

 

[bribon77]

But the best defence against ransomware is a proper backup stored at a location isolated from the main system.

Strongly agree, in the battle against Ransomware, the backup is the most effective.

 

[kylprq]

just comodo with cs settigs + disable cloud lookup very lover usage of resources and you wanna antivirus go with kaspersky free or security cloud but no necessity for me

 

[Der.Reisende]

Why not adding a Anti-Ransomware solution next to the AV of your choice?

I would recommend CheckMAL AppCheck AntiRansomware Free, it comes with Behavior Blocker, Auto-Backup (limited to preset), Remediation of affected files, MBR Protection.
Free and efficient against most ransomware.
Make sure to have a backup anyway in case a malware of a system / hardware failure cripples your system. Don't attach the external HDD to your running system unless performing / restoring from a backup, it will be targeted by malware otherwise.
Product Introduction - CheckMAL

 

[stefanos]

I would recommend KFA + OSArmor and aomei backupper or aomei onekey recovery or macrium reflect backup.

 

[stefanos]

There are some videos of @cruelsister where qihoo360 is a good defender against ransomware

Not alone. With OSArmor and voodooshield is my configuration when I use 360TS(voodoosheld is activate only if i play unsafe with virus cracs) is realy very safe

 

[Arequire]

Someone correct me that ransomware can be signed as trusted, and make it throught CCAV but thats very unlikely, and same thing can happen with any other av vendor aswell

There's been a few instances of Comodo staff accidentally tagging malware as trusted in the past, but the chance of running into that specific malware sample is so low it simply isn't worth worrying about.
There's also malware using high-quality stolen certificates (ones that would bypass the TVL, unlike most signed malware which use low-quality certificates that wouldn't), but those aren't used against home users as they're far too expensive for most blackhats to get their hands on and a complete waste to use against insignificant peons such as us.

 

[stefanos]

Comodo Cloud AV
Comodo internet security
Comodo firewall


I vouch for comodo cloud av
- light
- no bloatware/ads
- set up default block mode & forget
- not buggy like cf/cis

Someone correct me that ransomware can be signed as trusted, and make it throught CCAV but thats very unlikely, and same thing can happen with any other av vendor aswell

The last year i used for 7 months comodo cloud. After realy hard tests never i had one infection. For normal users is top the protection.

 

[Moonhorse]

The last year i used for 7 months comodo cloud. After realy hard tests never i had one infection. For normal users is top the protection.

Yep, im not happy clicker or download anything besides sw upgrades...its useless to have tons of security running on your pc so after all im just trusting to ccav only

And since the auto-sandbox is the magic, i would say that Comodo cloud AV with default block mode is more user friendly than cf + av/ cis ( unless you set up it as cs and never touch it again)

 

[stefanos]

Yep, im not happy clicker or download anything besides sw upgrades...its useless to have tons of security running on your pc so after all im just trusting to ccav only

And since the auto-sandbox is the magic, i would say that Comodo cloud AV with default block mode is more user friendly than cf + av/ cis ( unless you set up it as cs and never touch it again)

And is light. Very low ram. I like it very mutch

 

[maaster]

Hi All,

From whatever responses I have got, all are based on detection rates. Which antivirus suite withstood the ransom ware attack of 2017? i.e.) When most failed which emerged victorious during that period?

 

[brod56]

Hi All,

From whatever responses I have got, all are based on detection rates. Which antivirus suite withstood the ransom ware attack of 2017? i.e.) When most failed which emerged victorious during that period?

That doesn't have to work that way any good product, well tweaked and coupled with safe surfing habits, will protect you well from ransomware.

 

[LDogg]

CFW with CS settings should do the trick.

~LDogg

 

[kylprq]

There's been a few instances of Comodo staff accidentally tagging malware as trusted in the past, but the chance of running into that specific malware sample is so low it simply isn't worth worrying about.
There's also malware using high-quality stolen certificates (ones that would bypass the TVL, unlike most signed malware which use low-quality certificates that wouldn't), but those aren't used against home users as they're far too expensive for most blackhats to get their hands on and a complete waste to use against insignificant peons such as us.

you can avoid this with disable cloud lookup cut off tvl and maybe disable trust signed apps but last one can be very annoying

And since the auto-sandbox is the magic, i would say that Comodo cloud AV with default block mode is more user friendly than cf + av/ cis ( unless you set up it as cs and never touch it again)

ı remember cs said cf is elegantly coded or something like that and its really lower systems friendly