[LOCKED!] The Latest in Anti-Ransomware

I clone my computer every night to an external hard drive. I use Acronis but also Reflect I understand is also good. By owning three external hard drives, I always have the last three days of my work available to me.

Just another reason to make frequent back ups.

Another great article. Thanks, Bob. You are the best.

Dwayne: Yes, any drive that's mounted in your system and visible to the OS via an assigned drive letter will be accessible to the crypto package. Backup drives must be invisible to the OS to be protected from ransomware. One useful technique is to use a NAS drive for backups that has the ability to schedule its wake time. Make the NAS wake only when a backup is scheduled. Obviously, this technique assumes that you're monitoring the system between backups and will prevent the NAS from waking if an infection occurs.

exactly what you recommend for me to download because I do not download anything unless you say it is safe to do so. I really enjoy reading your opinion, thank you so much all the time you spend helping others.

I have installed a program called WinAntiRansom. It has either been working or I have not been attacked. What is your opinion of this one?

Joe, thank you for your input. I am aware that the drives will be visible if they are online: I guess my question is more of "Are the crypto bad guys known to encrypt all visible drives or just the system drive, i.e. C: drive"
Thanks, Dwayne

I assume that storing your data in the cloud does not prevent it from being encrypted by ransomware.

True?

I use a timer on my external hard drive, it turn's on when a backup is due. The timer turn's off after the backup is made and the external drive goes to sleep.

For those that want more protection, also look into Microsoft's "EMET", the Enhanced Mitigation Experience Toolkit. https://support.microsoft.com/en-us/kb/2458544. Running as a standard user and having the EMET installed stops most, if not all, of these encrypting viruses.
It also breaks many programs that don't or didn't follow Windows programming recommendations. But that's irrelevant to most of us here.

Thanks for the mention of our product CryptoPrevent!
We also wanted to point out v8 beta is now available, if you wanted to check it out, here:
https://www.foolish*t.com/cryptoprevent-beta/

I still think the silver bullet for any type of malware including ransomware is an image backup. I use Macrium Reflect Standard Edition (64) bit. I do a complete image backup once per week. I have used other image backup programs but Macrium Reflect is the only one that I have been able to do a successful restore every time. I have had to do a restore 3 times in the past 5 years. None do to malware. All 3 times were my fault for tinkering with the OS.

Already using the free version of Bit Defender so I downloaded their version. Thank you very much for your article.

https://www.winpatrol.com/winantiransom/
Highly recommend...unintrusive and makes good sense

CryptoMonitor is no longer valid. The author is now working for Malwarebytes and is producing MB AntiRansomware. It was stated early on in the BETA testing that this software was not going to be a stand alone utility but would be included in Malwarebytes other products.

No matter which prevention software you use, please have an offline (not always connected) backup and keep it current.

When it comes to ransomware, in the end the best thing is you back up, you back up, you back up. Removing the ransomware code is never a problem; recovery of the previous data is.

Great article! Does the Ransomware affect only C or can D & E drives be locked up too?

Thank you. Having had the experience with ransomware, I found a way around it in Windows 10. I just asked Cortana to take me to another site. (She wasn't affected.) I know lucky me.

EDITOR'S NOTE: That doesn't sound like a ransomware attack. When ransomware strikes, your files are encrypted (scrambled) and you're pretty much stuck unless you pay the ransom.

Bob, I got an email from Malwarebytes tonight urging everyone to buy Malwarebytes Anti-Exploit Premium $25 to run alongside Malwarebytes Anti-Malware Premium, which I have. What's your thought?

Isn't Win 10 just another form of ransom wear? It took a couple of tries to dump the KB3035583. Then it appeared again from the Balmerites as a recommended upload. I hid this one and discovered a remaining process for GWX which I dumped.

They appear hell bent for charging repetitive fees
and forced upgrades. A protracted ransome?

I asked Norton if my Norton 360 protects my Windows 7 64-bit PC against ransomware. Answer was yes, and if I have a problem they'll fix it free. I also was told that I needn't look into any of the software recommended here because 360 provides adequate protection. Any disagreement?

EDITOR'S NOTE: You asked a salesperson for Norton 360 if their product is the best? Of course they'll say yes! :-)