Webroot Secure anywhere..vs Cryptolocker?
- Thread starter ttomm46
- Start date
- Status
- Jan 28, 2013
- 319
Also, does not play well with BitDefender! And will Sandboxie work on Windows 8.1 Pro? Ram usage?
Littlebits
Retired Staff
- May 3, 2011
- 3,893
Cryptolocker is only successful if you get fooled into manually downloading the infected executable file.
It doesn't not automatically download itself or automatically execute itself.
Watching what you download can be the best effective way to avoid it.
For users who don't pay attention and click on doggy downloads, Sandboxie might be the best method to block it if they understand how to use Sandboxie correctly.
Thanks.
It doesn't not automatically download itself or automatically execute itself.
Watching what you download can be the best effective way to avoid it.
For users who don't pay attention and click on doggy downloads, Sandboxie might be the best method to block it if they understand how to use Sandboxie correctly.
Thanks.
I agree what littlebits said, If you watch what you download and learn to use/read UAC without ignoring it you shouldn't have to worry about Cryptolocker regardless how much you "bulletproof" your system.
However, I have tried using samples of cryptolocker yet so I'm not sure how much protection you can get from either program but Sandboxie might be able to.
However, I have tried using samples of cryptolocker yet so I'm not sure how much protection you can get from either program but Sandboxie might be able to.
jelson
Level 2
- Jun 14, 2011
- 54
ttomm46 said:
That's a really good question.
A good defense against Cryptolocker is to do some policy restriction; that's what CryptoPrevent does. (you have to be vigilant about manually updating with the free version: I'm using it myself.) Excellent article about Cryptlocker & CryptoPrevent here.
Top notch ==> CryptoLocker Ransomware Information Guide and FAQ from BleepingComputer. Even explains how to implement a Software Restriction Policy using the Local Security Policy Editor.
An excellent defense is AppGuard; threads on WildersSecurity Forums: ver.3 (rather in-depth and long thread) , ver.4 (just released)
Interestingly, the Hitman folks have come out with "HitmanPro.Alert, now with CryptoGuard" Right now, you can download the beta.
BUT.... you were asking about Webroot. I just got an email from Webroot today which addresses this issue and explains how Webroot SecureAnywhere uniquely protects its users from Cryptolockers on this page:
P.S. The absolute best defense against ransomware (and other malware as well) is a good system imaging and data backup system.
It's the lack of a data backup system that ransomware preys upon. And of course, less than 1% of users (probably more like 0.1%) regularly back their data up off their machines.
- Jan 17, 2013
- 410
I've been using WSA and I believe someone over at wilder had asked the same question. I know that it does detect it and it also protects against system change. With that being said I encrypt all my personal files with axcrypt anyway. Last I checked you can't over encrypt an encrypted file. All my pictures are backed up in BOX. I've ran into things like this before cryptolocker came around. It's always best to have you files back up and then you don't have to worry about it as much.
The Best thing and tip i found on the MalwareTips by our senior members is Backup.Just do a regular and carefully scanned backup on your external Hard Drive or use cloud service four your important Data.Because no antivirus or tool gives you 100% assurity but backup can.
Littlebits
Retired Staff
- May 3, 2011
- 3,893
Many members have gave very useful info concerning Cryptolocker.
This also applies to most other malware infections as well.
As Cryptolocker advances into many other variants, it will be much difficult for security product to be able to block it once it has started. You can add all types of security products to your system to increase the chances to block it but there is no guarantee they will be able to block all of the latest variants. Adding more security products will just cause too many issues and they most likely will still fail to protect you.
Do the following and you will be safe:
1. Never download or run suspicious files from unknown sources.
2. Always utilize UAC prompts, if you are not completely sure then "Deny".
3. Always keep a backup of your important files at least weekly backups- they are a ton of freeware products that will allow you to backup your files to external hard drive or cloud backup. Even Window own backup component or SkyDrive will be sufficient. Also keep complete images (snapshots) of your complete system.
4. If you know to use Sandboxie correctly, it can provide excellent protection without causing other problems, but if you don't then then don't bother until someone shows you the correct way to use it. It is very easy to recover a malicious file from the sandbox which still will infect your system.
Cryptolocker is distributed mostly from fake alert websites which get taken down and then come back as another website. Microsoft working with many other security software vendors has taken down many of these fake alert websites but as soon as one is taken down several more appear to take their place. It is a never ending battle which will probably go on for some time. It is impossible for browser extensions like WOT, McAfee Site Adviser, Google Safe Browsing, SmartScreen, AVG LinkScanner, etc. to detect them all.
Pay attention to what you download is the most effective to avoid this type of malware.
Thanks.
This also applies to most other malware infections as well.
As Cryptolocker advances into many other variants, it will be much difficult for security product to be able to block it once it has started. You can add all types of security products to your system to increase the chances to block it but there is no guarantee they will be able to block all of the latest variants. Adding more security products will just cause too many issues and they most likely will still fail to protect you.
Do the following and you will be safe:
1. Never download or run suspicious files from unknown sources.
2. Always utilize UAC prompts, if you are not completely sure then "Deny".
3. Always keep a backup of your important files at least weekly backups- they are a ton of freeware products that will allow you to backup your files to external hard drive or cloud backup. Even Window own backup component or SkyDrive will be sufficient. Also keep complete images (snapshots) of your complete system.
4. If you know to use Sandboxie correctly, it can provide excellent protection without causing other problems, but if you don't then then don't bother until someone shows you the correct way to use it. It is very easy to recover a malicious file from the sandbox which still will infect your system.
Cryptolocker is distributed mostly from fake alert websites which get taken down and then come back as another website. Microsoft working with many other security software vendors has taken down many of these fake alert websites but as soon as one is taken down several more appear to take their place. It is a never ending battle which will probably go on for some time. It is impossible for browser extensions like WOT, McAfee Site Adviser, Google Safe Browsing, SmartScreen, AVG LinkScanner, etc. to detect them all.
Pay attention to what you download is the most effective to avoid this type of malware.
Thanks.
Hope this help! Read over!
https://community.webroot.com/t5/Webroot-Education/CryptoLocker-Malware-What-you-still-need-to-know/ta-p/69057#.Uo6Q4tKmhDY
https://community.webroot.com/t5/Webroot-Education/CryptoLocker-Malware-What-you-still-need-to-know/ta-p/69057#.Uo6Q4tKmhDY
- Status
