Advice Request NeuShield

Please provide comments and solutions that are helpful to the author of this topic.

Tutman

Tutman

Level 12
Thread author
Verified
Top Poster
Well-known
Apr 17, 2020
542
Anyone tried the latest version of this? It states that it is low impact on system. Anyone tried or tested it? Or others that may be the best third party stand alone ransomware shield that is free? I know of Kasperskys but don't like the idea that you HAVE to join KSN!

NeuShield Data Sentinel - Ransomware and Data Protection

NeuShield Data Sentinel uses Mirror Shielding and Data Engrams to shield your data so that you can quickly recover it in case of a ransomware attack.
www.neushield.com www.neushield.com
 
  • Like
Reactions: Dave Russo and Stopspying
EndangeredPootis

EndangeredPootis

Level 10
Verified
Well-known
Sep 8, 2019
461
I dont know if its legitimate, but last time testing it was buggy and inefficient, it didnt stop any ransomware, the only thing that stopped making it completely useless was its rollback capabilities, but it only seemed to rollback some files and not others, like EXE files.
You shouldnt be scared joining KSN, right now you are transmitting more personal data to your browser, social media or to your operating system's company than any info you will ever send to any antivirus cloud.

EDIT; upon further inspection it seems like it doesnt stop ransomware but instead reverts any changes made by them, still, it doesnt detect any ransomware neither before or after it has encrypted files.
 
Last edited:
  • Like
Reactions: Protomartyr, harlan4096, Tutman and 1 other person
cruelsister

cruelsister

Level 43
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,224
Tutman- I would strongly suggest that you give Kaspersky Anti-Ransomware Tool a whirl (easy uninstall routine if you decide that you hate it).

Although the name suggests that it is solely an anti-ransom application, it is actually a great deal more. A new build (v5.0.0.15620) was released the other day. One must note a couple of things- first, it has no on demand scanning functionality, but instead will only evaluate a file when that file is run. In addition to whatever ransomware detection mechanism it uses, it also is aware of other types of malware. Also it will connect to the Kaspersky server for Cloud based detection.

I had tried an older build of KAR and quite liked it, so as I had some time I tested this new iteration:

1). Initially I simply ran diverse malware (about 40 samples total)- ransomware, different trojans, and diverse Scriptors (Office exploits, vbs worms, Python ransomware, Powershell nasties, etc) against KAR without changing any settings (nothing really to tweak on it anyway).

Not surprisingly as KAR uses the Kaspersky Cloud, all of the malware I ran was detected without any system changes. But as this was neither illuminating nor amusing, I decided to change things up a bit by recoding 4 of the Worms that KAR had previously detected and stopped. I guess I didn't change 2 of them enough as the Cloud detected them- but the other 2 were allowed to run (seemingly in a temp space). Alter about a minute I saw a popup that stated that the malware was now detected and the actions of it were ROLLED BACK). Upon rebooting the computer, the system was indeed clean.

2). As that was totally boring, I set up a new system and tried various malware with the network disabled to see just how good KAR was without the benefit of definition based detection (Don't try this at home!!!). As KAR needed time to think without benefit of the Cloud, I only ran 10 ransomware files and 10 Scriptors to save time.

The results were quite good. The persistence mechanisms of the Scriptors were rolled back except for one Powershell based worm, and all of the ransomware was stopped save for a modified Locky assassin that was able to encrypt files. And for giggles I coded a LoLbin ransomware file that was able to totally trash the system (Unfair, but I HAD to get something out of this test!).

On the whole KAR did really well and is certainly deserving of more attention.

M
 
  • Like
  • +Reputation
  • Thanks
Reactions: Dave Russo, JB007, cryogent and 14 others
Tutman

Tutman

Level 12
Thread author
Verified
Top Poster
Well-known
Apr 17, 2020
542
cruelsister said:
Tutman- I would strongly suggest that you give Kaspersky Anti-Ransomware Tool a whirl (easy uninstall routine if you decide that you hate it).

Although the name suggests that it is solely an anti-ransom application, it is actually a great deal more. A new build (v5.0.0.15620) was released the other day. One must note a couple of things- first, it has no on demand scanning functionality, but instead will only evaluate a file when that file is run. In addition to whatever ransomware detection mechanism it uses, it also is aware of other types of malware. Also it will connect to the Kaspersky server for Cloud based detection.

I had tried an older build of KAR and quite liked it, so as I had some time I tested this new iteration:

1). Initially I simply ran diverse malware (about 40 samples total)- ransomware, different trojans, and diverse Scriptors (Office exploits, vbs worms, Python ransomware, Powershell nasties, etc) against KAR without changing any settings (nothing really to tweak on it anyway).

Not surprisingly as KAR uses the Kaspersky Cloud, all of the malware I ran was detected without any system changes. But as this was neither illuminating nor amusing, I decided to change things up a bit by recoding 4 of the Worms that KAR had previously detected and stopped. I guess I didn't change 2 of them enough as the Cloud detected them- but the other 2 were allowed to run (seemingly in a temp space). Alter about a minute I saw a popup that stated that the malware was now detected and the actions of it were ROLLED BACK). Upon rebooting the computer, the system was indeed clean.

2). As that was totally boring, I set up a new system and tried various malware with the network disabled to see just how good KAR was without the benefit of definition based detection (Don't try this at home!!!). As KAR needed time to think without benefit of the Cloud, I only ran 10 ransomware files and 10 Scriptors to save time.

The results were quite good. The persistence mechanisms of the Scriptors were rolled back except for one Powershell based worm, and all of the ransomware was stopped save for a modified Locky assassin that was able to encrypt files. And for giggles I coded a LoLbin ransomware file that was able to totally trash the system (Unfair, but I HAD to get something out of this test!).

On the whole KAR did really well and is certainly deserving of more attention.

M
Click to expand...
Wow thanks for the info! I am playing around with Checkmal Appcheck but the free version will not UNDO any damages unless you pay it seems. Have you ever tested Checkmal's tool? I will take your advice (other have told me to use it also!) and get Kaspersky's. (Just don't like the idea of having to be a part of the KSN network with no opt out option) I was asking about both in this other thread: Q&A - What dedicated Anti-Ransomware software to use?
 
Last edited:
  • Like
Reactions: Dave Russo, Protomartyr, harlan4096 and 3 others
ichito

ichito

Level 11
Verified
Top Poster
Content Creator
Well-known
Dec 12, 2013
542
oldschool said:
It sounds like a brand of prophylactic. Probably even less useful. :LOL: No reviews other than PCMag ... Just sayin'. :D
Click to expand...
Ohhh...I would expect more patient and effort from you...it's not hard to find some broader description....like that for example :sneaky:
www.eweek.com

How NeuShield Mitigates the Bite of Ransomware - eWEEK

eWEEK SECURITY PRODUCT OVERVIEW AND ANALYSIS: NeuShield Data Sentinel slays the ransomware threat by protecting files from unwanted changes using advanced data engrams.
www.eweek.com www.eweek.com
or this thread on Wilders
www.wilderssecurity.com

Testing Neushield

Hi All I want to do some testing of this product. Elisha was kind enough to provide test keys and also had a talk with me which to rest any concerns...
www.wilderssecurity.com www.wilderssecurity.com

It doesn't means that app is very good or very bad...it means only that we san see some interrest and perhaps profits

404

www.rsaconference.com www.rsaconference.com
 
  • Like
Reactions: Dave Russo, Behold Eck, upnorth and 2 others

Similar threads

Gandalf_The_Grey
    • +Reputation
    • Like
Security News Kaiser Permanente: Data breach may impact 13.4 million patients
Replies
0
Views
1,387
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Trident
    • Like
    • +Reputation
    • Thanks
Serious Discussion Decoding the Trend Micro Components and Protection Model
Replies
24
Views
2,981
Other security for Windows, Mac, Linux
Mahesh Sudula
Mahesh Sudula
Bot
    • Like
    • Wow
Security News Trezor's Twitter account hijacked by cryptocurrency scammers via bogus Calendly invite
Replies
0
Views
1,122
Security News
Bot
Bot

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top