Install an AntiVirus, that would prevent you from getting the ransomware in the first place, as most Antivirus solutions can easily detect that stuff. Most viruses are immediately detected by Antivirus programs. Good AV programs I recommend are either Avast, AVG, Malwarebytes Antimalware or SuperAntiSpyware, I'd recommend using Avast, AVG or Malwarebytes, because they detect any malicious programs quickest.
AVs are just one half of the story here. Everyone have its own favorite, but if you're putting up the list, put there at least Kaspersky, Avira, Bitdefender, Eset etc.
They would detect this one, but not every possible infection out there. And more, they would detect original malware, but not surely attack from compromised local computer (that one would have administrator rights and there ar possibilities to disable AV). So, all that crooks need is one irresponsible individual with admin rights in local network...
There are some good antiransom solutions out there, but not yet 100%.
Last edited by AndreTen; 29 Jun 2017 at 12:46.
MBAM and SAS are not AV; they are AM (anti-malware) and SAS is really a cleaner. (Although MBAM like to think they are a full-blown AV, but they're not quite there yet.) Have to be careful how you term these things, as some uninformed person could install SAS and think they are protected, when they are not.
Not a silly question at all. You* should run as a standard user not as a user that is part of the administrators group (this is nothing to do with the built in Administrator account).
It is trivial to bypass UAC and get administrator token if you are running as part of administrators group which most people do as it the default for the first account made when you install Windows.
This (for example) shows how easy it is and why everyone should run as standard user: UAC Bypass Using eventvwr.exe and Registry Hijacking | enigma0x3
What it means is if you run as standard user you have to validate UAC prompt for such malware. If your user is part of administrators group (as is default) it can bypass it without you knowing - you will not even be asked.
Of course if you are prompted and say "OK - do as you wish" to every UAC prompt or turn UAC off then nothing will help you.
EDIT[*] to be honest though even though I know I should, I don't. If I get malware I therefore expect zero sympathyLuckily I have a backup....
Last edited by lx07; 29 Jun 2017 at 12:26. Reason: honesty
Thanks to you both for honest answer about running as admin. Admit, I do the same on my home PC, but not on my work one, where I'm resisting it for several years now. It can be pain in the *** sometimes thou.Not a silly question at all. You* should run as a standard user not as a user that is part of the administrators group (this is nothing to do with the built in Administrator account).
It is trivial to bypass UAC and get administrator token if you are running as part of administrators group which most people do as it the default for the first account made when you install Windows.
This (for example) shows how easy it is and why everyone should run as standard user: UAC Bypass Using eventvwr.exe and Registry Hijacking | enigma0x3
What it means is if you run as standard user you have to validate UAC prompt for such malware. If your user is part of administrators group (as is default) it can bypass it without you knowing - you will not even be asked.
Of course if you are prompted and say "OK - do as you wish" to every UAC prompt or turn UAC off then nothing will help you.
EDIT[*] to be honest though even though I know I should, I don't. If I get malware I therefore expect zero sympathy
My work PC is a VM that I connect via Cisco VPN. At the moment I have access through port 23 (only) to one specific server and that is it. I can't see their network let alone the internet.
I asked to ftp a txt file program I'd written over once and they almost laughed at me before saying "Er, no, we don't allow that". Conversely I have QSECOFR authority so could shut it down.
It is a funny thing security - based on human trust and hope more than sense really.
I guess it just makes me angry that you would say someone deserves to be attacked because they lack the knowledge to prevent it. And lack of sense is really a very derogatory term, while lack of knowledge isn't.
Have you ever heard the term, "He doesn't have sense enough to pour p**s out of a boot with the directions written on the heel?" When you say someone lacks sense, that's exactly what it means to me.
Again, yes, there are obvious things you can do to ameliorate the risk, but think about what you're saying . . . Is it really so obvious to the little old grandmother (I are one) or the little old grandfather who mostly use their computer for emailing and skyping with their friends and family? Or what about the ten-year-old who is using his/her mother's computer?
Think . . . Engage brain before putting fingers to the keyboard! Don't put yourself above those with less knowledge than yourself by using such derogatory terms to describe them. One of these days, you're might find someone who thinks you don't have any sense or deserve what you get just because you didn't know how to protect yourself.
Yup there are still a few of us left. Small banks is my area (up to tens or hundreds of branches only) but I went to the IBM Common show last year and there are lots of small midsize retail/insurance guys still at it. It isn't fasionable server really but it is my job and (thanks to gods) doesn't seem to be dead yet.
I didn't mean that regarding people at all.
I was talking about the enterprises I quoted. The police in the UK for example were compromised because they either didn't get enough money to upgrade their 34000 PC (still on XP) or didn't employ someone to do it. When they offered a job (for a massive upgrade if you think about it) they offered a pitiful salary and so got presumably feeble applicants.
I was not talking about individuals being rubbish but if you want a project manager to upgrade 34000 PC you do not offer them a salary less than a supermarket clerk would earn. What will happen? The person (however good they are) will fail as the budget is insufficient. If they were good they would work elsewhere and even if they had some bizarre loving of law enforcement they would be stammered by the lack of money for hardware.
That is all. I'm not saying the people are stupid - I'm saying you get caught out because your don't have enough money. Or, if you do have enough money in an enterprise environment (for example banks where I work) and get caught out then you are stupid.
Quote
