Introducing the Malwarebytes Anti-Ransomware Beta

Page 6 of 7 FirstFirst ... 4567 LastLast

  1. Posts : 79
    Windows 10 Build: Redstone
       #50

    Thx Beta 4 now installed.
      My Computer


  2. Posts : 157
    Windows 10 Home 64-bit
       #51

    How many security software programs is MalwareBytes going to release?

    I find that doing frequent backups is the best way to deal with malware, but even here I find that attackers can do things that make restore difficult.
      My Computer


  3. Posts : 7,128
    Windows 10 Pro Insider
       #52

    socklosk said:
    How many security software programs is MalwareBytes going to release?

    I find that doing frequent backups is the best way to deal with malware, but even here I find that attackers can do things that make restore difficult.

    Regular backups is definitely one of the best thing we can do. After the backup is made it needs to be kept off the computer so it can't get infected. If my computer ever gets infected I'm going to use a Linux boot disk to completely wipe my drive then do my restore.
      My Computers


  4. Posts : 356
    windows 10 pro x64 21H1
       #53

    groze said:
    You would still have to reinstall the operating systems get updates, re-install software programs. Then restore your files. I find it a lot easier restoring from a Macrium image and it saves a lot of time.
    Does ransomware encrypt macrium reflect images?
    I do my daily system image backups onto a second internal hard drive, and only seldomly do a system image backup onto an external hard drive.

    Another question: what's going to happen to my dropbox and onedrive files if I get hit by ransomware? Will the encrypted version of my files get synced to the cloud? If so, what's the best way to recover? It's pretty hard to restore a previous version manually on thousands of individual files.
      My Computers


  5. Posts : 11,247
    Windows / Linux : Arch Linux
       #54

    Hi there

    Malwarebytes like most consumer grade AV programs have passed their sell by date - not needed and is an irrelevance nw.

    Unless the database is updated daily how in the world does Malwarebytes distinguish between a legitimate windows program for example PHOTOSHOP.EXE and say a PUP called FOTKINO.EXE. Both programs legitimate windows programs - neither makes any specific dangerous kernel calls / uses any windows loopholes say memory leaks etc . All the PUP does is say call an internet service which in any case you can block with Windows firewall / your router - Photoshop also calls an internet service to check on licence / activation status.

    I can't see how malwarebytes is of any use whatsoever in these situations.

    I'd be interested in seeing if Malwarebytes actually in PRACTICE on typical users machines detects anything serious that Windows defender has missed.

    For the test you need a typical users machine under normal user conditions and not a lab setup with specifically written viruses.!!

    As far as ransomware is concerned - a decent restore from a backup will fix this - typically these days on modern machines a Macrium restore takes probably 15 mins at the most - and even less if you've got SSD's.

    Ransomware probably comes usually from people opening emails with dubious attachments -How many times have people been warned NEVER EVER do that.

    Again if the Ransomware manifests itself as a legitimate windows executable unless the database specifically names the program there isn't a hope that Malwarebytes (or most other AV stuff) will catch it. Even if the specific executable name exists in database the program might be called something else.

    You can only basically make a partial attempt (not 100% effective anyway by comparing the entire executable with a copy of it stored in the AV database and if say there is an over 90% correlation between the two then refuse to run it. This would significantly increase the size of the database and definitely slow your machine down by a significant amount. Also the Ransomware writers would immediately change the code etc so until the next DB update the ransomware would get through.

    I mean don't people have BRAINS on these Forums any more - If I were writing Ransomware or other Malware I'd have a few machines equipped with these products (The AV one's) so my nasties could avoid detection anyway. Just one successful scam would more than pay for extra hardware needed to write these nasties -- and if there's a lot of money to be made you can be sure Organised crime will be involved often with considerable resources too.

    Cheers
    jimbo
      My Computer


  6. Posts : 4,201
    Windows 10 Pro x64 Latest RP
       #55

    Malwarebytes is not an AV program, it is anti-Malware, and recently it was the only system that found and removed a potential attack on this forum, Admins, and SuperMods here use the Pro version in addition to the server based tools - the potential attack went through the in-built defender like an open window - Malwarebytes is not updated daily, but more like hourly.

    The other thing with ransomware is that the modern versions lock the backup programs and the backups so a lot of users cannot use the system they have installed
      My Computers


  7. Posts : 11,247
    Windows / Linux : Arch Linux
       #56

    Hi there.

    I'm talking about HOME computers - SERVERS and CORPORATE computers / networks require a different order of magnitude of protection and they face very different threats. For starters - these are connected probably 100% to the internet so they can get hourly updates etc - a lot of home computers aren't connected 24/7 to the Internet. Home computers don't usually have 100's or even several thousands of totally different types of users. Home computers are generally single user machines.

    If the Ransomware locks the machine it doesn't matter as I assume you'd do the restore from a bootable stand alone (bare metal version of the restore program) - so job done.

    Data can also be recovered if you have decent backups too. A lot of people store data on the cloud and elsewhere. Regular backups should always kill any Ransomware.

    Cheers
    jimbo
      My Computer


  8. Posts : 4,201
    Windows 10 Pro x64 Latest RP
       #57

    The potential attack on this forum was one where the target was the users not the servers, (a bad link in a post), we thoroughly tested using a a variety of user systems, (after we'd isolated the threat to ensure that no user was compromised ), Anti-Virus suites never even saw the attack nor did any of Microsoft's in-built software, malwarebytes Pro flagged the post as malicious without even having to click the link
      My Computers


  9. Posts : 3,105
    W10 Pro + W10 Preview
       #58

    Come on Jimbo, numerous posts stating your anti AV progs efficacity is well documented.
    Nothing stated by you can prove or disprove one way or the other as to which or what is the best protection.
    As for your I quote....."I mean don't people have BRAINS on these Forums any more".
    Are you suggesting yours is the only opinion that counts on this subject?
      My Computers


  10. Posts : 11,247
    Windows / Linux : Arch Linux
       #59

    dencal said:
    Come on Jimbo, numerous posts stating your anti AV progs efficacity is well documented.
    Nothing stated by you can prove or disprove one way or the other as to which or what is the best protection.
    As for your I quote....."I mean don't people have BRAINS on these Forums any more".
    Are you suggesting yours is the only opinion that counts on this subject?
    Hi there

    by BRAINS I meant people should avoid the obvious traps like opening emails from unknown users - and even worse opening the attachments.

    Details of well known scams and how to avoid them have been posted many times on these Forums -- that's what I meant by BRAINS - people have them and should be able to use them. I wasn't implying whether I could qualify for MENSA or not - just warning people that the best defense is normally to use their computers sensibly and not to fall into any trap.

    Fortunately only a very small number of people fall victims to a lot of these things but it's never a bad idea to remind people that they shouldn't totally simply rely on any software system to protect their computers.

    I know a few people who think just because they've installed an AV package then they don't have to worry any more.

    Decent CLEAN backups should always be able to recover a computer again -- note also if your computer has been successfully attacked change all your passwords etc as a matter of course.

    @Barman58 -- I think the efforts of the team to keep the site safe and the users uncompromised are well appreciated. Job well done - thanks.

    Cheers
    jimbo
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 06:13.
Find Us




Windows 10 Forums