Tutman

Level 5
Anyone tried the latest version of this? It states that it is low impact on system. Anyone tried or tested it? Or others that may be the best third party stand alone ransomware shield that is free? I know of Kasperskys but don't like the idea that you HAVE to join KSN!
 

EndangeredPootis

Level 6
Verified
I dont know if its legitimate, but last time testing it was buggy and inefficient, it didnt stop any ransomware, the only thing that stopped making it completely useless was its rollback capabilities, but it only seemed to rollback some files and not others, like EXE files.
You shouldnt be scared joining KSN, right now you are transmitting more personal data to your browser, social media or to your operating system's company than any info you will ever send to any antivirus cloud.

EDIT; upon further inspection it seems like it doesnt stop ransomware but instead reverts any changes made by them, still, it doesnt detect any ransomware neither before or after it has encrypted files.
 
Last edited:

cruelsister

Level 37
Verified
Trusted
Content Creator
Tutman- I would strongly suggest that you give Kaspersky Anti-Ransomware Tool a whirl (easy uninstall routine if you decide that you hate it).

Although the name suggests that it is solely an anti-ransom application, it is actually a great deal more. A new build (v5.0.0.15620) was released the other day. One must note a couple of things- first, it has no on demand scanning functionality, but instead will only evaluate a file when that file is run. In addition to whatever ransomware detection mechanism it uses, it also is aware of other types of malware. Also it will connect to the Kaspersky server for Cloud based detection.

I had tried an older build of KAR and quite liked it, so as I had some time I tested this new iteration:

1). Initially I simply ran diverse malware (about 40 samples total)- ransomware, different trojans, and diverse Scriptors (Office exploits, vbs worms, Python ransomware, Powershell nasties, etc) against KAR without changing any settings (nothing really to tweak on it anyway).

Not surprisingly as KAR uses the Kaspersky Cloud, all of the malware I ran was detected without any system changes. But as this was neither illuminating nor amusing, I decided to change things up a bit by recoding 4 of the Worms that KAR had previously detected and stopped. I guess I didn't change 2 of them enough as the Cloud detected them- but the other 2 were allowed to run (seemingly in a temp space). Alter about a minute I saw a popup that stated that the malware was now detected and the actions of it were ROLLED BACK). Upon rebooting the computer, the system was indeed clean.

2). As that was totally boring, I set up a new system and tried various malware with the network disabled to see just how good KAR was without the benefit of definition based detection (Don't try this at home!!!). As KAR needed time to think without benefit of the Cloud, I only ran 10 ransomware files and 10 Scriptors to save time.

The results were quite good. The persistence mechanisms of the Scriptors were rolled back except for one Powershell based worm, and all of the ransomware was stopped save for a modified Locky assassin that was able to encrypt files. And for giggles I coded a LoLbin ransomware file that was able to totally trash the system (Unfair, but I HAD to get something out of this test!).

On the whole KAR did really well and is certainly deserving of more attention.

M
 

Tutman

Level 5
Tutman- I would strongly suggest that you give Kaspersky Anti-Ransomware Tool a whirl (easy uninstall routine if you decide that you hate it).

Although the name suggests that it is solely an anti-ransom application, it is actually a great deal more. A new build (v5.0.0.15620) was released the other day. One must note a couple of things- first, it has no on demand scanning functionality, but instead will only evaluate a file when that file is run. In addition to whatever ransomware detection mechanism it uses, it also is aware of other types of malware. Also it will connect to the Kaspersky server for Cloud based detection.

I had tried an older build of KAR and quite liked it, so as I had some time I tested this new iteration:

1). Initially I simply ran diverse malware (about 40 samples total)- ransomware, different trojans, and diverse Scriptors (Office exploits, vbs worms, Python ransomware, Powershell nasties, etc) against KAR without changing any settings (nothing really to tweak on it anyway).

Not surprisingly as KAR uses the Kaspersky Cloud, all of the malware I ran was detected without any system changes. But as this was neither illuminating nor amusing, I decided to change things up a bit by recoding 4 of the Worms that KAR had previously detected and stopped. I guess I didn't change 2 of them enough as the Cloud detected them- but the other 2 were allowed to run (seemingly in a temp space). Alter about a minute I saw a popup that stated that the malware was now detected and the actions of it were ROLLED BACK). Upon rebooting the computer, the system was indeed clean.

2). As that was totally boring, I set up a new system and tried various malware with the network disabled to see just how good KAR was without the benefit of definition based detection (Don't try this at home!!!). As KAR needed time to think without benefit of the Cloud, I only ran 10 ransomware files and 10 Scriptors to save time.

The results were quite good. The persistence mechanisms of the Scriptors were rolled back except for one Powershell based worm, and all of the ransomware was stopped save for a modified Locky assassin that was able to encrypt files. And for giggles I coded a LoLbin ransomware file that was able to totally trash the system (Unfair, but I HAD to get something out of this test!).

On the whole KAR did really well and is certainly deserving of more attention.

M
Wow thanks for the info! I am playing around with Checkmal Appcheck but the free version will not UNDO any damages unless you pay it seems. Have you ever tested Checkmal's tool? I will take your advice (other have told me to use it also!) and get Kaspersky's. (Just don't like the idea of having to be a part of the KSN network with no opt out option) I was asking about both in this other thread: Q&A - What dedicated Anti-Ransomware software to use?
 
Last edited:

ichito

Level 9
Verified
Content Creator
It sounds like a brand of prophylactic. Probably even less useful. :LOL: No reviews other than PCMag ... Just sayin'. :D
Ohhh...I would expect more patient and effort from you...it's not hard to find some broader description....like that for example :sneaky:
or this thread on Wilders

It doesn't means that app is very good or very bad...it means only that we san see some interrest and perhaps profits
 
Top