Advice Request Ransomware protection

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.

Tume

Level 2
Thread author
Verified
Mar 30, 2018
67
Hi guys! I just think a lot, how I can prevent Ransomware touching my files at all. Is there any program what can deny all programs using specified folders (Whitelist mode)? I know there is WD, but I shutdown it, because I use FortiClient.

I think that I'm well protected about any other threads, but no ransomware #####.

If I want lockdown example my Sync.com local folder, how I can do it (Only program what needed it is Sync.com own program)?
 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
There's plenty of free programs out there. Most AVs by default can stop ransomware. Dependent on your own setup, there's a vast arrange of software to choose from. You could look at CheckMAL Appcheck Anti-ransomware. If you dislike it, you can uninstall it after.

~LDogg
 
5

509322

Hi guys! I just think a lot, how I can prevent Ransomware touching my files at all. Is there any program what can deny all programs using specified folders (Whitelist mode)? I know there is WD, but I shutdown it, because I use FortiClient.

I think that I'm well protected about any other threads, but no ransomware [edited].

If I want lockdown example my Sync.com local folder, how I can do it (Only program what needed it is Sync.com own program)?

Secure Folders. It is abandoned freeware. You would have to ask others which version of WIndows it works on.
 

FrFc1908

Level 20
Verified
Top Poster
Well-known
Jul 28, 2016
950
the most important : good backup software ( i cannot stress this enough!! ) like macrium reflect free or aomei backupper standard. save those backed up images on an external harddrive and store it somewhere safe. get a systemwide imaging program , rollback rx home is great , you can make and reverty back snapshots of your system when something goes wrong. harden your system with NVT systemhardener and NVTosarmor and get a firewall with good heuristics and blocking capabillities like comodo with cruelsisters settings and your more than protected!!
 

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
the most important : good backup software ( i cannot stress this enough!! ) like macrium reflect free or aomei backupper standard. save those backed up images on an external harddrive and store it somewhere safe. get a systemwide imaging program , rollback rx home is great , you can make and reverty back snapshots of your system when something goes wrong. harden your system with NVT systemhardener and NVTosarmor and get a firewall with good heuristics and blocking capabillities like comodo with cruelsisters settings and your more than protected!!
I cant recommend comodo firewall with forticlient , its buggy but yes backupping is the most important thing, if keeping something media on disk
Anyways with good browsing habits, and not doing illegal things will prevent ransomware 100%

edit: I know person watching anime as streamable on internet and his clicky habits did lead into ransomware, even you aint doing illegal things you never can be sure tho:unsure: Its curve of learning wich is safe wich isnt, what you should do what you shouldnt
 

imuade

Level 12
Verified
Top Poster
Well-known
Jul 29, 2018
566
RansomOff is good, but it gave me some problems when I uninstalled it (it removed all my taskbar icons and deleted my browser saved password and cookies).
AppCheck by Checkmal is performing very well on most tests and it seems very friendly with Windows OS and other intalled SW.
Kaspersky Anti-Ransomware Tool for Business makes use of Kaspersky Security Network and comes with System Watcher
 

cruelsister

Level 42
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,133
Yeah, the memory use of Ransomstopper is a bit excessive. But the real issue is the protection methodology they employ for unknowns- that being Honeypots.

A honeypot will only protect those folders (like AppData) where the honeypot exists. So for other folders there will be absolutely ZERO protection. This may not seem to be an issue for some, but others may do things like save Photos, Docs, etc in other folders; even worse would be someone that saves a Macrium Free image to a data drive. All of these will be prone to encryption.

Further a honeypot protection routine can be (without going in to boring and inconsequential details) overwhelmed by certain encryption routines as I have demonstrated in the past. This is not an optimal protection scheme.

Bribon- of the two I would go with Ransomoff; but keep in mind that with CF you will need neither.
 

Tume

Level 2
Thread author
Verified
Mar 30, 2018
67
Forticlient is enough as standalone protection

Heilig Defense RansomOff on easy mode for basic protection, or advanced more to set up complete lockdown
Heilig brings a lot weird problems, I have to uninstall it earlier.

Keeping an up-to-date backup of your most precious files is a good defense.
I have Macrium Reflect 7.1 Home, that's not problem.

the most important : good backup software ( i cannot stress this enough!! ) like macrium reflect free or aomei backupper standard. save those backed up images on an external harddrive and store it somewhere safe. get a systemwide imaging program , rollback rx home is great , you can make and reverty back snapshots of your system when something goes wrong. harden your system with NVT systemhardener and NVTosarmor and get a firewall with good heuristics and blocking capabillities like comodo with cruelsisters settings and your more than protected!!

I have Macrium Reflect 7.1 Home, NVT OSArmor and WFC. But none of them actually doesn't help me, if ransomware infected local storage and sync.com upload these to cloud?
 
5

509322

Hi guys! I just think a lot, how I can prevent Ransomware touching my files at all.

Disable cloud storage auto-sync. Manually sync.

Use a USB flash drive to backup\store the files that you do not want to risk encryption by ransomware. You can use a soft to allow\deny access to the flash drive.

The willingness to do a few simple and easy extra steps is a whole lot more effective than any anti-ransomware will ever be.
 

Tume

Level 2
Thread author
Verified
Mar 30, 2018
67
Disable cloud storage auto-sync. Manually sync.

Use a USB flash drive to backup\store the files that you do not want to risk encryption by ransomware. You can use a soft to allow\deny access to the flash drive.

The willingness to do a few simple and easy extra steps is a whole lot more effective than any anti-ransomware will ever be.

Hmm. Interesting idea. Maybe I will buy USB-stick and keep Sync.com local folder there then :hmm:

But how I can use whitelist what program can use that USB?
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top