Are All AV's Vulnerable to Encryption Virus?

https://decrypter.emsisoft.com
That is a decryptor for autolocky, which is a copy cat of the real locky.

AutoLocky is a new ransomware written in the popular scripting language AutoIt. It tries to imitate the complex and sophisticated Locky ransomware, but is nowhere near as complex and sophisticated, which makes decryption feasible.

Victims of AutoLocky will find their files encrypted and renamed to *.locky. Unlike the real Locky ransomware however, AutoLocky will not change the base name of the file. So if a file named picture.jpg is encrypted, AutoLocky will rename it to picture.jpg.locky while the actual Locky ransomware will change it to a random name. In addition victims will find a ransom note on their Desktop with the file name info.txt or info.html.

 

http://www.landzdown.com/anti-spyware-software/free-bitdefender-anti-ransom-tool-released/

Supposed to work on Locky

 

Here is a screen shot

 

Salutations/Greetings!

I guess the real is how to protection the files/documents from being encrypted? And which files/documents ect...
will be encrypted? And the complete removal of various-es ransomware? Maybe using encryption of itself but stronger?
With all the above!

Any thoughts?

 

Install Secure Folders/Privacy Fence and make your folders containing your documents read-only.

Ransomware can encrypt all but operating system files.... malware authors don't want to render a computer unbootable - they only want files on it held hostage they can release back to a victim for a fee, of course!

The best way is prevention by backing up data offline and to secure sites in the cloud. And never ever open an attachment from someone you don't know. When in doubt, delete, delete, delete!

 

I would think that Emsisoft Antimalware would do quite well because of its behavior blocker.

 

Not only. Also ESET provides very good protection against file cryptors as long as you use the latest version of ESET Smart / Endpoint Security and have LiveGrid enabled and working.

 

check in here and there are several anti-ransomeware or fix videos that may help you. Videos made by a computer expert

https://www.youtube.com/user/Britec09/videos

 

Also try secureaplus plus AV and in the locking mode as it protects against ransomwares.

 

For protection against ransomeware, in addition to those mentioned above:

Bitdefender Products, 21015 and later, have an anti-ransomeware feature that is supposed to prevent ransomeware from encrypting files. There is a default set of protected files and you can ad others.

No one mentions HitmanPro Alert?

Did you try to remove the ransomeware and try a System Restore , Recover Files, Shadow Copies?

 

I am also surprised by the fact dat no one mentioned HitmanPro.Alert in this thread. It is the first anti-crypto-ransomware solution, since 2013: https://www.wilderssecurity.com/thre...discussion-thread.324841/page-32#post-2301675

I admit we haven't really marketed HMPA, but I would have expected most Wilders members would know we have this feature for a long time.

 

MRG just published a test of major AV vendors that included 70 ransomware samples. Report doesn't state which ransomware was used. Review the report and make up your mind which product is best for you.

https://www.mrg-effitas.com/wp-content/uploads/2016/05/MRG-Effitas-360-Assessment-Q1-2016.pdf

Note that some vendors with excellent ransomware protection do not participate in MRG tests; notably Emsisoft.

 

My Own dumb question..If i got ransome ware would re installing win 10 work?

 

i just mostly keep games that i can re-down

 

I also prefer to use Zemana AntiMalware Premium along with my other security apps.

 

I wouldn't trust an Antivirus for more than basic virus scanning, be it paid or free. If doubts arise, VirusTotal is a very good tool.

While working on Windows, I Sandboxed pretty much every program, specially LibreOffice and Firefox (both ran as "Limited" on COMODO), so any changes would not be permanent. HIPS was on Safe Mode, and Firewall on Custom Ruleset with Very High prompts (meaning every new change was prompted for confirmation). I also used EMET (W7, not necessary for 10) and a limited account on a day-to-day basis.

 

Yup

 

"I had McAfee LiveSafe and Zemana Antimalware."

your missing the point. it was not just mccrappy that screwed up but zemana also.

I had the same thing happen with powerlics. Norton said it found something , cleaned it but it just came back.

offline with out auto mode set it good. or at least use a program where backups are not just added on to existing one but separate and by date.

 

The Topic!
Are All AV's Vulnerable to Encryption Virus?
I would say no the AV's are safe but executing unknown files in emails from people you don't know well that's the problem, Security is more than your AV, AM you have to use the thing between your ears and education is the best defense IMO.

Daniel

 

The importance of "Backup your files"

 

newest bitdefender added anti-ransomeware added another one. petya

 

Ransonware is rapidly evolving. As such, latest strains are employing advanced infection methods also increasingly being used by the latest non-ransomware malware; namely using the OS against itself as noted here:

Ref.: http://www.csoonline.com/article/3095956/data-breach/the-history-of-ransomware.html
​

As such, a security solution with behavior or HIPS capability to monitor API and system process usage and be able to differentiate adverse malware from valid system behavior is the only way to stop these recent and future ransomware.

​

 

nice article itman

wonder what was meant by "In 2016, TeslaCrypt authors gave up their master decryption key to ESET."

 

FYI - http://www.welivesecurity.com/2016/...ryptor-recent-variants-teslacrypt-ransomware/

 

that is nice eset didn't have to even pay for it