Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Other security for Windows, Mac, Linux
NeuShield
Message
<blockquote data-quote="cruelsister" data-source="post: 897393" data-attributes="member: 7463"><p>Tutman- I would strongly suggest that you give Kaspersky Anti-Ransomware Tool a whirl (easy uninstall routine if you decide that you hate it).</p><p></p><p>Although the name suggests that it is solely an anti-ransom application, it is actually a great deal more. A new build (v5.0.0.15620) was released the other day. One must note a couple of things- first, it has no on demand scanning functionality, but instead will only evaluate a file when that file is run. In addition to whatever ransomware detection mechanism it uses, it also is aware of other types of malware. Also it will connect to the Kaspersky server for Cloud based detection. </p><p></p><p>I had tried an older build of KAR and quite liked it, so as I had some time I tested this new iteration:</p><p></p><p>1). Initially I simply ran diverse malware (about 40 samples total)- ransomware, different trojans, and diverse Scriptors (Office exploits, vbs worms, Python ransomware, Powershell nasties, etc) against KAR without changing any settings (nothing really to tweak on it anyway).</p><p></p><p>Not surprisingly as KAR uses the Kaspersky Cloud, all of the malware I ran was detected without any system changes. But as this was neither illuminating nor amusing, I decided to change things up a bit by recoding 4 of the Worms that KAR had previously detected and stopped. I guess I didn't change 2 of them enough as the Cloud detected them- but the other 2 were allowed to run (seemingly in a temp space). Alter about a minute I saw a popup that stated that the malware was now detected and the actions of it were ROLLED BACK). Upon rebooting the computer, the system was indeed clean.</p><p></p><p>2). As that was totally boring, I set up a new system and tried various malware with the network disabled to see just how good KAR was without the benefit of definition based detection (Don't try this at home!!!). As KAR needed time to think without benefit of the Cloud, I only ran 10 ransomware files and 10 Scriptors to save time. </p><p></p><p>The results were quite good. The persistence mechanisms of the Scriptors were rolled back except for one Powershell based worm, and all of the ransomware was stopped save for a modified Locky assassin that was able to encrypt files. And for giggles I coded a LoLbin ransomware file that was able to totally trash the system (Unfair, but I HAD to get something out of this test!).</p><p></p><p>On the whole KAR did really well and is certainly deserving of more attention.</p><p></p><p>M</p></blockquote><p></p>
[QUOTE="cruelsister, post: 897393, member: 7463"] Tutman- I would strongly suggest that you give Kaspersky Anti-Ransomware Tool a whirl (easy uninstall routine if you decide that you hate it). Although the name suggests that it is solely an anti-ransom application, it is actually a great deal more. A new build (v5.0.0.15620) was released the other day. One must note a couple of things- first, it has no on demand scanning functionality, but instead will only evaluate a file when that file is run. In addition to whatever ransomware detection mechanism it uses, it also is aware of other types of malware. Also it will connect to the Kaspersky server for Cloud based detection. I had tried an older build of KAR and quite liked it, so as I had some time I tested this new iteration: 1). Initially I simply ran diverse malware (about 40 samples total)- ransomware, different trojans, and diverse Scriptors (Office exploits, vbs worms, Python ransomware, Powershell nasties, etc) against KAR without changing any settings (nothing really to tweak on it anyway). Not surprisingly as KAR uses the Kaspersky Cloud, all of the malware I ran was detected without any system changes. But as this was neither illuminating nor amusing, I decided to change things up a bit by recoding 4 of the Worms that KAR had previously detected and stopped. I guess I didn't change 2 of them enough as the Cloud detected them- but the other 2 were allowed to run (seemingly in a temp space). Alter about a minute I saw a popup that stated that the malware was now detected and the actions of it were ROLLED BACK). Upon rebooting the computer, the system was indeed clean. 2). As that was totally boring, I set up a new system and tried various malware with the network disabled to see just how good KAR was without the benefit of definition based detection (Don't try this at home!!!). As KAR needed time to think without benefit of the Cloud, I only ran 10 ransomware files and 10 Scriptors to save time. The results were quite good. The persistence mechanisms of the Scriptors were rolled back except for one Powershell based worm, and all of the ransomware was stopped save for a modified Locky assassin that was able to encrypt files. And for giggles I coded a LoLbin ransomware file that was able to totally trash the system (Unfair, but I HAD to get something out of this test!). On the whole KAR did really well and is certainly deserving of more attention. M [/QUOTE]
Insert quotes…
Verification
Post reply
Top
