windows anti ransomware

rgb192
rgb192 used Ask the Experts™
on
I had this question after viewing anti virus software protecting against ransom ware.

Is this for a single computer or network of them?  

The best and cheapest protection is a solid regular backup of your system. Windows 10 has built in backup utilities.

I am looking for a product I can put on 4 personal computers windows 10,8,7 so I can defend my new and old computers
Not for business use
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018
Commented:
Windows Defender for Windows 10 is very good indeed and is free for personal use.

Windows Defender for Windows 8 is also decent and is free.

Windows Security Essentials for Windows 7 is decent and is free.

With all 3, common sense is VERY important. Do not do silly things or go to dodgy places and you should be fine.

No antivirus protects well against current and new ransomware. Use a top notch spam filter to protect and do not open emails from strangers (never).
DP230Network Administrator
Commented:
Hi, we are using Kaspersky Endpoint Security 10, it goes with a bundle key of 10, 20, 30 users (PCs) and it is quite cheap.

For example with a key of 10 PCs, it costs about 400 USD / 1 year. They have options to buy license for 2 or 3 years, so that you can have cheaper price.

If you are looking for free AV, I recommend Avast
Dr. KlahnPrincipal Software Engineer
Commented:
rgb192 said:

"The best and cheapest protection is a solid regular backup of your system."


That's true, but it's half of the picture.  The other half is keeping the backups intact.  Backups must be kept on media that is not accessible from the machine being backed up; not on the cloud, not on network shares, not on a server, not on a secondary hard drive.  Ransomware is becoming more and more clever and if there is a way to get at backup files from the victim machine, someday along will come a very clever version and it will corrupt those too.

imo, the only provably trustworthy backup method is to take an external hard drive to the machine being backed up, connect it, do the backup, and then disconnect it.  Ransomware can cross a lot of things but not a 50 foot air gap to an external backup drive.
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Adam BrownSenior Systems Admin
Top Expert 2010
Commented:
There *are* AV solutions that provide protection from Ransomware. These protections include prompts when encryption attempts start, automated file backup with instant restoration upon deletion, and a number of other things. Traditional AV solutions are not very useful for blocking ransomware, simply because there are so many variants that are out there and it's difficult to prevent them from working without completely disabling encryption capabilities on a computer (which, again, is difficult to do). https://www.pcmag.com/roundup/353231/the-best-ransomware-protection has some information on AV suites that have Ransomware protection capabilities, and other things you can do to protect systems from it.
Jackie Man IT Manager
Top Expert 2010
Commented:
The cheapest is FREE. Isn't it?

I signup for SOPHOS Home and it is a trialware for one year for 10 computers.

https://home.sophos.com/

Its System Requirements are as follows:-

Windows 7, Windows 8/8.1, or Windows 10
Mac OS X 10.10, 10.11 or 10.12

Minimum 1 GB of free disk space
Minimum 1 GB of RAM
There are a number of solutions for home users.  

Hitmanpro.alert/cryptoguard From sophos is excellent.

Winpatrol AntiRansomware (WAR) also is excellent.

You can also use BD Anti ransomware, MBAM anti ransomware (beta), Kaspersky anti ransomware tool for business.  

They are a few others as well.
btanExec Consultant
Distinguished Expert 2018
Commented:
You can consider EMET as it is sort whitelist to augment applocker. It reduce attack surface by monitoring exploitation behavior.

Also look out for Window defender security on its "Controlled folder access" which monitors the changes that apps make to files in certain protected folders. If an app attempts to make a change to these files, and the app is blacklisted by the feature, you’ll get a notification about the attempt. You can complement the protected folders with additional locations, and add the apps that you want to allow access to those folders. This is another measures to alert on ransomware does encryption recursively.

But to be well guarded an endpoint suite will still be advisable rather havng multiple tool in case there is conflict. Importantly make sure these tool or software and signature are readily patched too. Cyber hygiene is really the last line of defence if attack penetrate through even for home user which have to be more proactive since there is no enterprise perimeter defence per se.

https://www.bleepingcomputer.com/news/microsoft/microsoft-will-embed-emet-into-windows-10-starting-this-fall/
Top Expert 2013
Commented:
not sure what the asker wants here, anti malware products, or backup systems?
anyway - if he needs backup systems, i recommend the free Syncback  tool : scroll down for FREE version
https://www.2brightsparks.com/welcome/syncback-syncbackse-syncbackpro.html?gclid=CjwKCAjw_dTMBRBHEiwApIzn_AWsfIPsZIwTS6YUtyDwB4RFysNoZt1fg7MsETim477NS6BMsowAZxoCBJ0QAvD_BwE

as for imaging the whole drive - i use the FREE Paragon software :
http://www.paragon-software.com/home/br-free/download.html
EMET is excellent software, but I always hesitate recommending it,  because without proper setup it slows down the computer considerably.

I have never found multiple solutions to be a problem, as long as only one does on access scanning.
btanExec Consultant
Distinguished Expert 2018
Commented:
Agree with Thomas. However, there case when there is no thorough testing and push off to production that leads to slowness and in worst case endpoint outage. The staging environment for testing and incremental rollout of new software from pilot user to more users will be a risk managed approach.
Shaun VermaakTechnical Specialist
Awarded 2017
Distinguished Expert 2018
Commented:
Cyberreason is a good tool to have over and above standard AV
cyberreason.png
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
There were a lot of suggestions and some of the early and very good answers were left out above.

Author

Commented:
thanks for assistance with ransomware

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial