Q&A Need new computer security suggestion

Shadowra

Level 20
Verified
Malware Tester
Sep 2, 2021
964
Be careful with FS. The intrinsic ransomware protection leaves a bit to be desired from time to time, even though files encrypted were within protected folders (eg Pony). Better to use it with CF- at least here the encrypted files will only be within containment.

I'm bouncing on this, I just tested...
I didn't use Pony because the dropper didn't work unfortunately.

For this test, I got a dropper from the Pandora Ransomware.
I then modified the file a little bit (if you knew any, I repacked the malware with a Confuser) . F-Secure Database and DeepGuard did not block.
Honever, the anti-ransomware protection was useless. MP3 file, txt file and jpg file were encrypted....

q2tCueyw.png
 

superleeds27

Level 6
Apr 5, 2017
248
I'm bouncing on this, I just tested...
I didn't use Pony because the dropper didn't work unfortunately.

For this test, I got a dropper from the Pandora Ransomware.
I then modified the file a little bit (if you knew any, I repacked the malware with a Confuser) . F-Secure Database and DeepGuard did not block.
Honever, the anti-ransomware protection was useless. MP3 file, txt file and jpg file were encrypted....

q2tCueyw.png
Ouch
 

blackice

Level 36
Verified
Top poster
Well-known
Apr 1, 2019
2,566
There is no substitute for good computing hygiene and habits. The AV is just for accidents/rare occurrences. Nothing will save you from risky behavior, and with good computing hygiene you probably won't come across much ransomware in a home environment.
 

SeriousHoax

Level 43
Verified
Top poster
Well-known
Mar 16, 2019
3,202
Your reason for changing AV doesn't seem plausible to me. You said the user disabled the AV before getting infected. If the user can disable ESET, then he/she might be able to disable any other AV. Even Comodo's auto containment/sandbox can be disabled manually. So unless you do what user Scirious suggested about password protecting your AV, I don't see how your problem is going to be solved by changing to a different vendor.
Let me know if I misunderstood something.
 
Last edited:

tlacenka

Level 2
Thread author
Verified
Mar 22, 2014
77
yes, you misundersood something...
i wrote what i have tryed on mine HOME computer and the reasons i dont want some security solutions
and i dont have trust to eset actually because of what happened in our WORK computer (which i dont use and i dont have any control over it)
smbdy asks why i dont trust eset - so i answered and i dont want to run it at mine home computer actually
so there are two computers, which i was talking about - i know i can disable anything on mine, but thats not the way how i use mine home computer, same as i dont download anything new - i dont have problem to pay for software (yes, there were long long time ago times, when i didnot have even legal bios), but those times are gone... just want something with CF or sandboxing..thats all btw and i have bought almost all of the sw i have wrote, that i have tryed - because i use it on other computers (parents etc), so money is not issue - the issue is, tthat i have not resource, when i try it on this computer...thats all (maybe mine english is really bad, butt this is how i can write ...it wont be better i think .)
 

Arequire

Level 28
Verified
Top poster
Content Creator
Feb 10, 2017
1,707
  • Like
Reactions: plat1098