The Best Ransomware Protection of 2017

I thought it was interesting to see that some use behavioral monitoring, while others seem to be focused on simply preventing file modification by untrusted apps. But I wonder how those tools will perform when modification is done by hijacked system processes like explorer.exe and svchost.exe.

http://www.pcmag.com/roundup/353231/the-best-ransomware-protection

 

The fact that Rubenking rated Malwarebytes Anti-Ransomware as high as he did was enough for me to stop reading anymore of the article.

 

+1

PCmag tests are really noobish, all the strongest anti-ransomwares are not even mentioned...HMPA , WAR, etc...

Anyway when i see PCmag i always knows something will be botched.

 

Neither are AppCheck or RansomOff (though admittedly this is still beta).

 

HI Peter
but the standalone is only the business version ,isn't?
are you talking about the beta?
can't find the standalone anymore ,is included in v3
thanks

hi guest , may i know who are the strongest anti-ransomewares ?

could please write the entire name?
thanks

 

HPMA = Hitman Pro Alert
WAR = WinAntiRansom Plus or now called Winpatrol WAR Explorer.

Malwarbytes now has one in it's version 3.
There is Ransomoff and appcheck here on Wilders also.

 

Kaspersky has free anti-ramsonware here: https://go.kaspersky.com/Anti-ransomware-tool.html . You have to register with them to get the download.

 

Sandboxie or some form of virtualization. Get some ransomware? Just empty the sandbox. Or roll your VM back to the snapshot you made, etc. Also, always have offline backups. I would not trust ANY security software exclusively.

 

PC Mag is all about advertising; which i found some of their test biased in the past, all for the benefits of big vendors. so i don't give any values on their tests.

 

@boredog
hi
thanks a lot!

 

Correct, these tools will probably never be able to provide 100% of protection. And we all know that these type of reviews don't always give the full picture. But I thought it was an interesting overview of the various protection methods that are being used, perhaps preventing file access by untrusted apps like Panda does is actually a good idea?

 

It's certainly not a bad idea. I assume it is similar to the idea of Kaspersky's Trusted Applications Mode, which I do use in addition to everything else I listed. Unfortunately I do not trust it as a standalone solution for Ransomware. When combined with Sandboxie and offline backups, I feel pretty good about it.

 

Nice to see WSA is in the top 2 but I knew it was great against ransomware. http://www.pcmag.com/article2/0,2817,2470312,00.asp

 

Hopefully CruelSister will test Panda and others that are using this method. I wonder how they will handle code injection and process hollowing.

 

BTW, I ran into some other tools like AbelSoft AntiRansomware and TEMASOFT Ranstop, are they any good?

https://www.abelssoft.de/en/windows/Security-Privacy/AntiRansomware
https://temasoft.com/ranstop-anti-ransomware/

 

Well, you already know my point of view. I would use them as a last layer of defense, and I know they aren't 100% foolproof. But perhaps you can test Ranstop, I've been reading positives things about it.

 

https://www.mrg-effitas.com/wp-content/uploads/2017/05/MRG-Effitas-360-Assessment-2017-Q1_wm.pdf

 

Well, I know you have tested quite a few of tools and are also a fan of layers. But seems like you might have had a change of heart.

 

Of course they don't say that WSA monitors and in most cases can rollback to the pre-infection state so I also assume they never took the time to test that part? Also when things are under Monitored the processes have limited access to the system and to the internet because you got to take all of WSA's different shields into consideration and no one product is 100% effective but WSA does a great job. http://live.webrootanywhere.com/content/592/PC-Shields-Overview

https://www.webroot.com/blog/category/threat-lab/ransomware/

Code:

https://youtu.be/qKXocchgC8o

https://www.youtube.com/watch?v=X4202L5s2bM

https://www.youtube.com/watch?v=IKUlBbs5ik0

 

You know how plans go, sometimes they do and sometimes they don't quite get off the ground.

But, the plan is to NOT have to rely on Virtualization Always-On but employ only certain choice programs that prove their metal.

Before anyone gets any ideas remember we are talking Windows here, remember? Microsoft.

It's still my long held belief that they have done a good enough job just formulating then releasing O/S's and to leave all the other technics up to those Bright Hats, security industry, etc. to apply the best for the rest.

IMHO anything security improvement introduced as an extra like their recent improving WD and mitigations is just a bonus as I see it, and I seen it this way like many of you fine members yourselves for a long time and still do for better or worse. After all they ARE not so bad in stringing together a Basic Framework for the whole world to either pick apart or dress up to suit, be it industry or home user. It's the impression I get from them anyway.

Now back to more on topic, it might be too early to say just who or what is the best ransomware protection for 2017 since those foulware heads have forced a clever new issue on ALL Windows systems at-large (as if those systems didn't already have enough to deal with) and traditional mainstream AV's for the most part been caught with their britches down on this one. (once again)

Third Party protection vendors have been busy on their end trying to rewrite and update their respective programs as things come to light to better offer protection against this newest plague as best they can.

But more to the point, the Best if you want to call it that, as always, will be those FEW who are fiercely dedicated to addressing this issue in particular without adversely also interfering with the normal running of Windows, apps, and browsers which should already be covered by something in the first place.

Anyone could go into much more detail, and do it more concise than myself, but I think that basically sums matters up for the time being.

Now to choices. And I answer this with a question right back at this topic's title.

If any individual/separate program qualifies (for effort, determination and results so far) for 2017 ransomware protection, IMHO, there just happens to be another entry which although currently in beta, has been introduced and is showcased right now of all places right here in this fabulous security forum known as Wilder's Security.

I am no expert by any stretch but been around the block long enough to see that ransomoff has the potential to fit very nicely into that category for 2017.

 

And who did Acronis acquire to be able to add anti-ransomware to it's imaging program?