Technically all AV's should block ransomware, after all their sole purpose is to block malware which ransomware is. Some have specific modules for this which may, or may not, be marketing fluff. Top free AV's would be Kaspersky, Bitdefender, Microsoft Defender and Avast, just pick one and maybe supplement it with a secondary program such as Voodoo Shield or OSArmour, if you chose to run Defender in W10 or 11 you can use Configure Defender and/or Hard Configurator to jack up the protection a notch.
Defender has two ransomware protection 1. Controlled Folder 2. A special setting for ASR Rules https://learn.microsoft.com/en-us/m...de#use-advanced-protection-against-ransomware
Just bear in no antivirus which has ransomware protection, or even standalone anti-ransomware product will protect you against all ransomware. The best way to avoid ransomware is to not be click happy and be very careful about what files you open. The vast majority of infections happen when you manually open an infected file.
i have in mind that MS Defender is only able to fully detect ransomware when running an offline scan? is that still true? so if, why so? and why do offer other vendors antiransomeware without such behavior? From my technical knowledge an offline scan is the only way to detect it before starting the OS. this means that eg Eset and others need to scan before the system starts (scan on boot or similar feature).
Giving Avast One Essential a try. Maybe be ok. I just noticed that on this system can't see difference between what I have read and not on this site. Wonder why? On other system fine.
How about then, when you install a program, which seems to be legitimate one. After the installing procedure, it drops and run a .cmd .bat file, that uses legitimate 7zip or rar command line function to rapidly encrypt you %homepath% ? That is why im not using standard environment variables, which mean, i do not save anything to "dowloads, music, documents etc" folders. I made my own folders for music, documents etc.
You can also use AppCheck Free, this tool uses behavioral monitoring, while many AV's rely mostly on cloud scanning. I believe Bitdefender Free also has behavior monitor, but I'm not sure if it's specialized to monitor for suspicious file activity like AppCheck. https://www.tomsguide.com/reviews/bitdefender-antivirus-free-for-windows https://www.softpedia.com/get/PORTA...---Antispyware/AppCheck-Anti-Ransomware.shtml
I use the Malwarebytes AntiRansomware beta which is free. This works with Avast, BitDefender and Panda Dome and probably many others.
It appears that you can still get the free Kaspersky Anti-Ransomware Tool. You could pair that with any product.
Kaspersky: https://www.kaspersky.com/free-antivirus#compare-table Avast: https://www.avast.com/en-ph/free-antivirus-download#pc Bitdefender: https://www.bitdefender.com/solutions/free.html
Yes, but they don't all work the same. I believe that AppCheck and HMPA constantly monitor the file system for ransomware like activity, I don't believe that all AV's do this. What most of them do is they send files to the cloud to get a verdict, but this is not the same as monitoring the file system for suspicious I/O activity.
Correction: some report that Bitdefender free doesn't have ransomware protection. https://www.pcmag.com/reviews/bitdefender-antivirus-free
It has ransomware protection, but not the rollback function like the paid one. Many tests on youtube shows it have very good protection against ransomware...
AFAIK, Windows Defender doesn't monitor the file system for ransomware behavior, at least not in the same way as HMPA and AppCheck do. That's why I always recommend these tools, because they function as a second line of defense. OK, so it can block ransomware from running, but if this ransomware somehow managed to still encrypt some files, then you are toast?
