Advice Request Need new computer security suggestion

Please provide comments and solutions that are helpful to the author of this topic.

Shadowra

Level 33
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,223
Be careful with FS. The intrinsic ransomware protection leaves a bit to be desired from time to time, even though files encrypted were within protected folders (eg Pony). Better to use it with CF- at least here the encrypted files will only be within containment.

I'm bouncing on this, I just tested...
I didn't use Pony because the dropper didn't work unfortunately.

For this test, I got a dropper from the Pandora Ransomware.
I then modified the file a little bit (if you knew any, I repacked the malware with a Confuser) . F-Secure Database and DeepGuard did not block.
Honever, the anti-ransomware protection was useless. MP3 file, txt file and jpg file were encrypted....

q2tCueyw.png
 

superleeds27

Level 6
Verified
Apr 5, 2017
275
I'm bouncing on this, I just tested...
I didn't use Pony because the dropper didn't work unfortunately.

For this test, I got a dropper from the Pandora Ransomware.
I then modified the file a little bit (if you knew any, I repacked the malware with a Confuser) . F-Secure Database and DeepGuard did not block.
Honever, the anti-ransomware protection was useless. MP3 file, txt file and jpg file were encrypted....

q2tCueyw.png
Ouch
 

blackice

Level 38
Verified
Top Poster
Well-known
Apr 1, 2019
2,720
There is no substitute for good computing hygiene and habits. The AV is just for accidents/rare occurrences. Nothing will save you from risky behavior, and with good computing hygiene you probably won't come across much ransomware in a home environment.
 

SeriousHoax

Level 47
Well-known
Mar 16, 2019
3,630
Your reason for changing AV doesn't seem plausible to me. You said the user disabled the AV before getting infected. If the user can disable ESET, then he/she might be able to disable any other AV. Even Comodo's auto containment/sandbox can be disabled manually. So unless you do what user Scirious suggested about password protecting your AV, I don't see how your problem is going to be solved by changing to a different vendor.
Let me know if I misunderstood something.
 
Last edited:

tlacenka

Level 2
Thread author
Verified
Mar 22, 2014
77
yes, you misundersood something...
i wrote what i have tryed on mine HOME computer and the reasons i dont want some security solutions
and i dont have trust to eset actually because of what happened in our WORK computer (which i dont use and i dont have any control over it)
smbdy asks why i dont trust eset - so i answered and i dont want to run it at mine home computer actually
so there are two computers, which i was talking about - i know i can disable anything on mine, but thats not the way how i use mine home computer, same as i dont download anything new - i dont have problem to pay for software (yes, there were long long time ago times, when i didnot have even legal bios), but those times are gone... just want something with CF or sandboxing..thats all btw and i have bought almost all of the sw i have wrote, that i have tryed - because i use it on other computers (parents etc), so money is not issue - the issue is, tthat i have not resource, when i try it on this computer...thats all (maybe mine english is really bad, butt this is how i can write ...it wont be better i think .)
 

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,813
  • Like
Reactions: plat

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top