Ransomware

Feature on BBC national news today saying that “Ransomware” is now getting popular - with drastic results if you are the victim. If you Google it there are a number of sites that offer removal fixes, but who knows if these sites are kosher themselves?

I don’t understand how Ransomware can get access to your PC without you clicking on something.

  • Have any members had any experience of Ransomware that they can share?
  • Can Avast offer protection against Ransomware attacks? Or are they too individual?
  • What can [Avast users] do 1. to prevent it, 2. if they are hit?

If your concerned about rogues which is the technical category for ransomware, I would recommend MBAM Professional. Tests have shown it over 99% effective against zero day rogue threats.

It is not free but can be had from $15 - $25 US depending on where purchased and it is a lifetime license. It is the lowest cost solution against rogues that I am aware of.

Most conventional AVs are not that effective against rogues since these AVs are signature based. Rogues change their detection footprint constantly to avoid detection. No sooner that a detection signature is developed, it is obsolete since the rogue has morphed into another footprint. Internet security suites like Norton Internet Security used advanced online detection via their Sonar protection to detect rogues.

I use Malwarebytes free to scan from time to time but have not so far purchased the paid-for version - available on their web site for UK £19.95 ~ US $32. I was under the impression that if you have additional real-time protection running from MWB or Norton or whoever it would conflict with Avast on the basis that you never have more than one AV in operation at the same time. Am I missing a trick?

I was under the impression that if you have additional real-time protection running from MWB or Norton or whoever it would conflict with Avast on the basis that you never have more than one AV in operation at the same time.
never install multiple AV.....even if not running realtime

read the reply from quietman7 http://www.bleepingcomputer.com/forums/topic186533.html

Am I missing a trick?
yes.....MBAM is not an AV.....and the price is fore a liftime license

There is a slight difference in that MBAM isn’t an anti-virus application but an anti-malware. So the general rule is no more than one resident AV, the same can be applied to other security applications, e.g. no more than one resident firewall or no more than one resident anti-spy/malware application installed.

You will see from my signature I also have MBAM Pro.

I may well upgrade to the paid-for Malwarebytes based on your recommendations for anti-spy/malware. But I also run Spybot Search and Destroy and SuperAntiSpyware (free versions) scans on occasions. I have a suspicion that one or possibly both of these leaves some kind of a resident footprint on my PC and this might conflict with real-time protection from MBAM?

Do you really really think you’re gaining anything with that? Overkilling? Waste of time?

That is precisely my point: Adding MBAM’s full program might well amount to overkill - unless I believed that it could offer all that and more than what the installed Spybot and SuperAntiSpyware programs can do.

Let me rephrase, what do you think Spybot worth nowadays?

Adding MBAM's full program might well amount to overkill - unless I believed that it could offer all that and more than what the installed Spybot and SuperAntiSpyware programs can do.

Spybot is very dated and most opinions are it’s way, way past its prime as effective anti-malware software.

Your original question was protection against ransonware. Bottom line - your want to prevent this stuff from installing - period. Once it installs, it is a nightmare to get rid of. Check out recent postings from people infected with a rogue AV and the gyrations they went through to remove it. The only way to prevent rogues from installing is to install anti-malware specifically targeted to block it. That software has to be running real time. The free versions of MBAM and SuperAntiSpyware will not prevent rogues from installing nor will they alone throughly clean all traces of it.

I was not aware of the general perceptions of Spybot - until I joined this forum and launched the topic! Your advice seems to be to uninstall Spybot (and SuperAntiSpyware??) and upgrade to the paid-for Malwarebytes real-time protection instead with preventing rogue Ransomware and other nasties in mind.

However I was infected with the “Babylon” toolbar virus (?) recently, and have been discussing how to get rid of it in a separate thread. I have still to try the final fix but in the course of tracing it it was Spybot on my PC that, unlike the other programs incl MBAM free, was able to identify it.

The Malwarebytes people don’t seem to think that there would be a conflict when running MWB [Pro] together with Spybot and SuperAntiSpyware free, but they are noncommittal as far as countering Ransomware is concerned.

Well, Babylon is not a virus, for one. Its just an Adware toolbar, and a hard to remove one, but it presents no real risk to your security, just your privacy and the performance of your browser. Spybot detects it because it is openly spying, if it was real malware, it might not even see it…MBAM probably classifies this a “greyware” at the worst, the don’t consider “protecting” users from common toolbars a priority.

No, that would probably be fine, but its up to you if you think you need all 3, thats a little bit over-redundant for my tastes, but all that matters if if you feel ok with it.

And they should be…no one can say with flat 100% certainty that they will protect you.

Here is a recent review of MBAM Pro by PC Magazine:
http://www.pcmag.com/article2/0,2817,2372364,00.asp.

Rubenking’s tests showed it 100% blocking effective against the scareware i.e. rogue samples he used.

Now if your asking MBAM if they are going to guaranty 100% against all rogues, of course they won’t commit to that. No anti-malware vendor will.

Thanks for the link to the very interesting and objective PC Mag review. Makes you think …

  • few anti-malware programs stand out for prevention and removal in all categories >
  • Malwarebytes [Pro] doesn’t seem to stand out particularly highly overall >
  • grounds for picking and using a combination of the best individual performers >
  • AVG plus WebrootSecure, possibly Norton come over as top of the pops, though whether these can be combined is where life gets complicated.
- AVG plus WebrootSecure, possibly Norton come over as top of the pops, though whether these can be combined is where life gets complicated.
Neither is free and you have to pay for annual subscription renewal. NIS also deactivates if you don't annually pay for renewal leaving you totally unprotected. I guess you can consider that a form of legal ransomware ;D

Well avast at least doesn’t continue to take the annual subscription out of your credit card account unless you specifically tell them to stop your subscription. Norton used to have that nasty habit, I don’t know if that is still the case.

You also aren’t unprotected by avast Pro/IS when your subscription expires, you just can’t get VPS/program updates and there is also the free version to fall back on if required.

Malwarebytes (MBAM) does come out on top!

Please go to PROFILE then Modify Profile then Forum Profile Information then update your Signature: with information like my signature as this helps the helpers offer pertinent advice.

In Account Related Settings select Hide email address from public? to prevent scammers and spammers harvesting your email yahoo.co.uk address.

Spybot Search and Destroy is obsolete.

Malwarebytes (MBAM) is way superior.

Norton used to have that nasty habit, I don't know if that is still the case.
you can turn it off in your account settings

Yes sneaky that it is there at all and presumably that it is enabled by default.