The Best Ransomware Protection of 2017

LOL, what a joke, I tried to install NeuShield, and it failed because it needed the IE11 framework. Thanks, but no thanks!

 

@Rasheed187

Thank you! For feedback about NeuShield!

Watching various videos on YouTube, by Juan Diaz
along with other videos tests/reviews. Below is a small lists of
one's that did well against ransomware.

* Comodo Cloud Antivirus
* Kaspersky Free Antivirus
* Malwarebytes
* Ransom Off
* Sophos Home Premium
* VoodooShield

Would love to have as many views points as possible!
On Zero Days Exploits & Ransomware Protection.....

 

This is Elisha here and I work for NeuShield so I can explain the Internet Explorer 11 requirement. NeuShield Data Sentinel does not use any part of Internet Explorer 11. Instead NeuShield uses the HTML5 rendering engine to render the NeuShield user interface. This rendering engine is a Windows system component that comes standard with Windows 8.1 and Windows 10. However, Microsoft has made it so that the only way to get the HTML5 rendering engine on Windows 7 is to install Internet Explorer 11.

NeuShield does not depend on detecting the threats. Attackers are always coming up with ways to circumvent detection. However, since NeuShield does not rely on detection it can always recover your data even against zero day and Fully UnDetectable (FUD) threats.

 

@elishacloud

Hey there , I would like to different tests/reviews of your NeuShield
by Juan Diaz and Computer Solutions. And at lease a couple of
independence tests/reviews on your anti-ransomware......
Also,does your software slow the PC down any?

Moose

 

@Moose World,

We would be happy to give you a trial copy of the product to test it yourself. You can request the trial key from here. Our product is pretty new and we are working on some 3rd party reviews now. However, there are a couple of reviews out there. We have one review on Geckoandfly and one review on ThinkMobiles. Our product has virtually no performance impact on your system because we don't scan files or add any IO activity. Our client takes less than 20 MBs of RAM and virtually no CPU time.

 

Cool, but why should it be based on HTML5 rendering?

Cool, can you give some more info about "mirror shielding", is it comparable to virtualization? So let's say that I run ransomware myself, how will NeuShield protect me, will it let malware encrypt files first? I'm trying to figure out how it works from a technical point of view.

 

https://www.neushield.com/learn/mirror-shielding/

 

Modifications (writes) are redirected to the "overlay", from my view it is very close to Shadow Defender, the question where/what is the said overlay? Hidden partition, isolated space in the system or in the RAM

 

The user interface is based on the Google Material Design which works best on HTML5.

I have not used Shadow Defender before. However, Shadow Defender appears to be similar to the Windows Enhanced Write Filter. Conceptually they solidify the OS and applications so that changes are lost every time you reboot. NeuShield's Mirror Shielding technology works differently because all changes to protected files are made on the overlay, which is preserved until you manually revert those changes. This gives you control to decide when to revert the changes rather than blindly reverting on every reboot. Most changes don't need to be reverted so these are all kept. If you are hit with malware then you can revert to a pre-attack state, otherwise you can continue to work normally.

The overlay is stored on the file system in the existing partition(s).

 

I still think this needs to be changed though. I have never used software that asked me for IE 11.

Yes, I read it, but I still didn't understand.

So do you always have to select which files to protect? And from what I understood, NeuShield basically doesn't even know when a ransomware attack is taking place. But what I don't get it is, when files are being modified, then this modification will have to take place on both the real system and the overlay, right? So how can you then revert to the last clean state? I'm sorry but I can't visualize it.

 

Conceptually it is not that different from the system snapshot feature that Kaspersky employs. This gives Kaspersky that capability to rollback ransomware encrypted files prior to Kaspersky detecting the ransomware activity.

In the NeuShield case, they lock down the original files and only store changes made to those files. When the file data is displayed via app, NueShield applies all existing changes to the locked down file and renders that. If you are hit by ransomware that encrypts all your files, you simply roll them back to their original locked state or later which they refer to as "reverting." It appears you also have the capability to control at what period of time file changes can be reverted to. If you are hit by ransomware, you would revert back to the period in time immediately preceding the ransomware attack.

Think along the lines of incremental imaging backup processing. When you do a restore, all the incremental backups are applied to the base full image backup.

 

seems a kind of Rollback Rx principle.

 

Hey there, Greetings/Salutations,

Interesting thoughts/points guys....... on NeuShield.

Just wondering about your thoughts on

"ChineseRarypt Ransom does not encrypt files as a typical ransomware does,instead, it place the files in password protected files.....
according to Juan Diaz."

* Wondering what would stop these process and/or processes? Or roll them back...
* Maybe , VoodooShield, SecureAplus or Shadow Defender, RansomOFF.
* And Comobo Firewall, CCAV and SandBoxie.....
* Not sure about ReHIPS?
* Checking into the various-es Sandboxes.......below:


[FONT=Times New Roman, serif]topbestalternatives.com/best-sandbox-software/[/FONT]


Moose

 

@Peter2150

Thank you for your input! On Macrium Reflect, which one are you currently using?
Version # ,Free, Home,....ect?

* MR New Rescue Media builder, how would you boot a non booting PC? By
CD, DVD, or USB stick. You thoughts?
* And what do you like about Pumpernickel? And Con's?
* And finally, anybody know a security software that will stop ChineseRarypt Ransom? Or
how decrypt/decode, ect…..

Always the best,

Moose

 

I would fit in the cons part of Pumpernickel as usual

However over time I learned to accept no GUI and frankly none is really needed. Just a good old fashioned notepad editor to situate matters of personal preferences and you have a 100% iron clad stopper there which compliments any of the rest of your security fence.

@Moose- As @Peter2150 rightly alludes to and points out, there is virtually 0 resource/energy demand to the system since it's teeth is in the driver itself. IMO a very well thought out and simple addition to any security layout which locks things down without the hassle that normally marketed programs make claim to-in other words you can't choke the thing because properly implemented, it more or less becomes a beneficial part of the O/S itself while not actually replacing a part of the O/S.

Conclusion: A solid performer and dependable compliment to say the likes of OSA + ERP which is my own combo and ever since is silenced any intrusions whatsoever-even one's I locally drop on it just for interest.

 

You must have access to a version a lot of people don't have...

 

You should not need to select which files are protected. By default NeuShield protects all the normal user files, such as the Desktop, Documents, Pictures, Music, etc. You can add other folders to protect, but our defaults cover most things.

NeuShield does not currently try to detect ransomware because it is protecting against attacks that bypasses existing detection technologies. Since no detection technology can detect all threats, we ensure that you can recover your data quickly even when the ransomware is not detected.

All modifications to the data are only written to the overlay, not the real disk. Later once the changes are approved we will flush them to the real disk. This give you time to recover the system by deleting file modifications you don't want, such as ransomware activity.

Let me know what other questions you have and I will be happy to answer them.

There are a few problems with rollback features. First of all it is common for these programs to only backup files of a certain size, so for example if ransomware encrypts a larger file they cannot recover it. Secondly, ransomware will target the backed up files so that the rollback data get corrupted. Thirdly, rollback virtually doubles your IO activity, which is already the slowest thing on most computers. This can cause a significant performance impact, especially when using a laptop that doesn't have an SDD. Also, i'm not sure about Kaspersky, but many rollback solutions only rollback data when they detect ransomware activity. If the solution never detects the ransomware then they will never rollback your data.

As others mentioned on this thread you could use a backup for this. However, restoring from a backup can take time. The average amount of time it takes to recover a system as it was before the attack is 6 hours, and that time does not include reinstalling any custom applications you had or installing Windows patches. With NeuShield you can recover a system from ChineseRarypt Ransom in a few minutes.

 

Yes, NeuShield will run fine if you block IE11 from running. If you let us know you are from wilderssecurity.com in your trial request I can make sure you get a full year NFR license.