Anti-Ransomware Software Overview

There are two types of Anti-Ransomware software programs: those that protect the system in real-time against incoming threats, and those that disinfect the system after a successful ransomware attack.

The following overview of anti-ransomware programs looks at programs that have been designed specifically for those purposes.

It doesn't include general purpose security software that includes ransomware protection as well. In addition, we made the decision to separate programs designed to protect the system against ransomware attacks from decryptors that decrypt files after successful attacks.

As far as prevention is concerned, there is more that users can do, for instance making sure they run up to date security software, do back ups of important data and keep the backups detached from the system, or use common sense.

Here is a short introductory video on ransomware.

Anti-Ransomware Software

The following programs are designed to protect against ransomware, and/or disinfect computer systems that are already infected.

The programs are sorted alphabetically, and a table at the end provides you with information on how they stack up against each other.

Only a few provide protection against most, if not all, ransomware types, while most protect you only against certain common types, or let you disinfect an already infected computer system.

The listing is quite large, and will grow only over time as ransomware threats become even more mainstream than they are already.

If you want a recommendation, the best solution in our opinion right now is WinPatrol WAR thanks to its layered approach and solid defense system.

AbelSoft AntiRansomware

abelsoft antiransomware

AbelSoft AntiRansomware is a commercial program that runs a background guard that scans the system for software that resembles ransomware. It uses algorithms to detect ransomware, and protects user folders as well as custom folders by monitoring them specifically for changes.

A 30-days limited trial version is provided on the developer website.

Bitdefender Anti-Ransomware Software

Bitdefender Anti-Ransomware

Bitdefender's program runs silently in the background after it has been installed on a supported version of the Windows operating system.

It has been designed to protect the system against the CTB-Locker, Locky and TeslaCrypt crypto ransomware families.

According to Bitdefender, it will protect against known and possible future versions of these families.

CryptoPrevent

cryptoprevent

CryptoPrevent is a long standing program designed to protect the operating system in real-time against ransomware and other threats.

It displays options on first run to select a protection level which you may increase or decrease as you see fit. The higher the level the better the protection, but the more likely it is that false positives occur.

The program adds group policy objects to the Windows Registry that prevent executable files from running in certain locations on the system. It furthermore uses hash definitions, program filtering and logic based on certain attributes of executable files to determine whether it should be launched on the system.

GridinSoft Anti-Ransomware

GridinSoft Anti-Ransomware is available as a free beta release. The product page offers little information on how the protection works unfortunately, but states that it prevents data from popular ransomware families and cyberlockers.

HitmanPro.Alert

hitmanpro.alert

HitmanPro.Alert is on first glance an anti-exploit program which should help against certain ransomware attacks as well.

But instead of stopping there, it includes protection against CryptoGuard ransomware as well. The program requires a valid HitmanPro license.

Interestingly enough, its feature set makes it quite the unique tool even if you compare it against other anti-exploit software such as EMET or Malwarebytes Anti-Exploit.

HitmanPro.Kickstart

hitmanpro kickstart

HitmanPro.Kickstart is a complementary software for HitmanPro that you can boot from to run HitmanPro to remove ransomware infections from the Windows operating system installed on the PC.

It has been designed specifically to remove lock screen ransomware from the computer system.

Kaspersky Anti-Ransomware Tool for Business

kaspersky anti-ransomware tool

Kaspersky's solution against ransomware is called Kaspersky Anti-Ransomware Tool for Business. While designed for businesses in particular, the program is available as a free download currently on Kaspersky's website.

The anti-ransomware program runs in the background after installation monitoring the file system for suspicious activity. It comes with a signature database to detect known threats, and uses a cloud-based service on top of that.

The program supports rollback operations, and ships with options to trust certain applications.

Malwarebytes Anti-Ransomware (Beta)

malwarebytes anti-ransomware

Malwarebytes' program is currently offered as a beta that is free to install. It is unclear right now if the program will remain free after the beta or may be integrated in the company's other products.

Apart from preventing infections from known ransomware such as CryptoLocker, CryptoWall, CTBLocker and Tesla, it implements something the developers call proactive protection against ransomware.

Malwarebytes Anti-Ransomware uses advanced proactive technology that monitors what ransomware is doing and stops it cold before it even touches your files. It has no shot at encrypting. And it does not rely on signatures or heuristics, so it’s light and completely compatible with antivirus.

The program needs to run on the computer system to block ransomware from attacking the computer successfully.

McAfee Ransomware Interceptor (Beta)

mcafee ransomware interceptor

McAfee Ransomware Interceptor is a beta program designed to monitor the system, detect ransomware processes, and terminate and block them before they start to do damage to the system.

The program offers little information in regards to the ransomware threats that it protects against, or how it determines whether a process is ransomware.

Controls are limited to starting and stopping the monitoring, and to whitelist files to avoid having processes flagged as ransomware that are not.

The only other option provided at this point in time is to view the program's detection log.

RansomFree

ransomfree

RansomFree creates honeypots on the local file system, and monitors those for suspicious activity.

Read also:  Portrait Display service makes millions of HP, Fujitsu and Philips notebooks vulnerable

Folders and files that it creates are randomized, but placed always at the top of the directory structure based on the characters used for the names.

The main idea is that ransomware cannot distinguish between lucrative and honeypot files. This means that ransomware will usually go through the file listing from top to bottom, and if it does, RansomFree will block it from encrypting legitimate files.

The program works on Windows 7 and newer, and supports local and network drives.

SBGuard Anti-Ransomware

sbguard anti-ransomware

SBGuard Anti-Ransomware hardens the operating system against ransomware threats. It is not a a program that monitors the system for threats, but will modify certain settings on the system to make it harder for ransomware to attack the data on it.

According to the description, it injects around 700 Registry entries to force Windows Group Policy to use inbuilt software execution restriction capabilities in certain locations, and prevent certain file types from executing.

Trend Micro Anti-Ransomware Tool

trendmicro anti-ransomware

Trend Micro's program for Windows has been designed specifically for lock screen ransomware. It refers to ransomware that limits user access to the computer.

The company has released two versions of the program for home users. The first can be used if the ransomware blocks access to the operating system only, but not to Safe Mode with Networking.

You can run the tool in Safe Mode with Networking then to remove the threat from the system and restore its full functionality.

The second version of the program is provided as a bootable USB version which you can run if both Safe Mode and regular mode are blocked by the ransomware.

WinPatrolWar (formerly known as WinAntiRansom)

winantiransom plus

WinPatrol War is a commercial anti-ransomware software program that block ransomware threats on Windows systems. While commercial, it is available for a one-time payment starting at $69.95 for a single-device lifetime license, or $19.95 for a single device one-year subscription.

The program uses a layered approach, and mixes it up with all kinds of cool features. For instance, it protects important files using its SafeZone feature to prevent ransomware slipping by from manipulating files.

Other layers include network lockdown, which protects mapped drives, and Registry protection, which protects important Registry keys from being manipulated by ransomware.

While designed specifically for ransomware, WinPatrol War will block other malware as well thanks to its layered approach.

Anti-Ransomware Software Comparison

Program NameFreeBetaRansomwareReal-time ProtectionDisinfectionSupported OSComments
AbelSoft AntiRansomwarenonounknownyesnoWindows 7 and up Trial available, full version price is €14.90
Bitdefender Anti-RansomwareyesnoCTBLocker, Locky, TeslaCryptyesnoall supported versions of Windows
CryptoPreventyesnounknown, developer cites "large number of cryptoware"yesnoWindows XP to Windows 10Paid versions available, protects against other malware, folder watch protection
Gridinsoft Anti-Ransomwareyesyesunknownyesnoall supported versions of Windows
HitmanPro.AlertnonoCryptoware protectionyesnoWindows XP to Windows 10requires HitmanPro
HitmanPro.KickstartnonoLock Screen onlynoyesWindows XP to Windows 10requires HitmanPro
Kaspersky Anti-Ransomwareyesnounknownyesrollbackall supported versions of Windows
Malwarebytes Anti-RansomwareyesyesCryptoLocker, CryptoWall, CTBLocker, Teslayesnoall supported versions of WindowsProactive Protection against new ransomware
McAfee Ransomware InterceptoryesyesMost unknown, Locky, TeslaCrypt, WannaCryyesnoWindows 7 and up
RansomFreeyesnoagainst more than 40 tested variantsyesnoall supported versions of WindowsHoneypot system
SBGuardyesnohardens the systemnonoall supported versions of Windows
Trend Micro Anti-RansomwareyesnoLock Screen onlynoyesall supported versions of Windows
WinPatrol Warnonomost, if not all, ransomwareyesnoall supported versions of WindowsLayered protection, File, network and Registry protection

Ransomware Decryption Tools

While it is best to prevent ransomware from landing on a system, the following tools may help you remove ransomware from an infected machine.

The list is updated regularly, if you know of a new program, let us know. Instructions on identifying ransomware are provided when you click on the links.

You may also use services such as No More Ransom or ID Ransomware for help in identifying the ransomware type that infected your machine.

Now You: Did we miss a program? Do you use special software to protect your system against ransomware?

Summary
Article Name
Anti-Ransomware Software Overview
Description
The Anti-Ransomware Software lists security programs designed to protect Windows operating systems from ransomware attacks, and tools designed to remove ransomware infections.
Author
Publisher
Ghacks Technology News
Logo
Advertisement
Please share this article

Facebooktwittergoogle_plusredditlinkedinmail



Responses to Anti-Ransomware Software Overview

  1. T J March 30, 2016 at 12:34 pm #

    Another product from Malwarebytes is Malwarebytes Anti-Exploit.
    It is not anti-ransomware but it does protect vulnerable programs.
    There are 2 versions, free and premium.

    The free version protects Chrome, Firefox (Cyberfox, Palemoon, etc), IE, Opera from exploits. It also protects Java .

    As well as browsers, the premium version protects PDF readers (Adobe, Foxit) , Office (Microsoft, Libre, Open), Media Players (Win media player, VideoLan VLC, Quicktime, Winamp).
    The user can also use custom shields.

    • BRW March 31, 2016 at 1:21 am #

      Hello
      Found locky and another unknown file associated with locky with I uninstalled BD that I didnt have before I installed it

  2. Dave March 30, 2016 at 1:09 pm #

    I was sort of expecting my anti-virus to protect against this stuff

  3. cdr March 30, 2016 at 1:16 pm #

    Thanks. I just downloaded and installed the BitDefender selection. While I have good backups and my IDS / IPS warns me about suspect sites, another layer is ok by me.

    • cdr March 30, 2016 at 1:46 pm #

      I use Norton Internet Security for my base protection. A quick lookup told me it offers crypto protection. How does it compare to those mentioned above?

  4. Henk van Setten March 30, 2016 at 1:39 pm #

    I'm using Malwarebytes Anti-Ransomware since it came out.

    It uses a kind of heuristic approach that so far got me a false positive once -- but in fact, this false positive gave me the idea that the Malwarebytes "proactive" approach may actually work for flagging unusual events with unknown software.

    The case was this: I was using FastCopy to transfer a lot of files from an old encrypted TrueCrypt volume to a new encrypted BoxCryptor volume. This, of course, meant a lot of on-the-fly re-encrypting. Malwarebytes Anti-Ransomware intervened immediately by quarantining the innocent FastCopy. As I say, this false positive in fact bolstered my impression that Malwarebytes Anti-Ransomware may actually be effective in a true ransomware situation.

    Of course the best ransomware protection remains simply this: making frequent system backups on a local harddrive that you always make sure to disconnect right after having refreshed your backup.

  5. dan March 30, 2016 at 2:38 pm #

    Nice round-up, Martin. One quick correction: you have listed a Hitman Pro license as required for CryptoPrevent in your comparison table: I believe you meant to put that in the next row down.

  6. mo.eu March 30, 2016 at 2:58 pm #

    Martin, another interesting article that set me thinking about what I want to do on my systems. Just one small suggestion apart from what dan mentioned earlier about CryptoPrevent / Hitman Pro: In the table you mention "Malwarebytes Anti-Malware" where I think you mean "Malwarebytes Anti-Ransomware" - I believe these two products are different.

  7. Maelish March 30, 2016 at 3:54 pm #

    Is this a real problem outside of corporate environments? I know no one who's had an issue with ransomware.

    • Tom Hawack March 30, 2016 at 4:13 pm #

      Maybe those you know use anti-ransomware. Ransomware is a true problem and the trend is up. But I wouldn't advise anyone searching for a first experience with Bitcoins to use anti-ransomware.

      • Maelish March 30, 2016 at 4:36 pm #

        But do you actually know anyone affected? How did they get infected?

      • Tom Hawack March 30, 2016 at 4:51 pm #

        I don't know personally anyone having been infected by ransomware but I don't know everyone. Web search engines offer a plethora of individuals as well as companies (hospitals included) having endured the ransomware infection (yes, even hospitals, no Robin Hood here targeting the bad and wealthy alone). As for the process itself it uses the same paths as any other malware, too many means, vectors to describe them all.

      • Maelish March 30, 2016 at 5:03 pm #

        I stand corrected. Someone I used to work with said they have been hit several times at their business. So this article seems a lot more valid to me suddenly. :-)

      • Tom Hawack March 30, 2016 at 5:11 pm #

        @Maelish, Bleepingcomputer dot com has a lot of documentation on ransomware.
        One can start with bleepingcomputer dot com/virus-removal/locker-ransomware-information

      • Jeff-FL March 30, 2016 at 11:43 pm #

        @Maelish, I repair PC's and have had several customers who've been hit with ransomware attacks. It's very real, and extremely damaging if you don't have backups.

        As to how they get infected, not much different than how people are infected with other viruses/malware. Generally by doing dumb stuff online, or falling for phishing scams. Visiting some porn sites or other sites (like torrent sites) that promise free movies, music, etc. These type sites can't get legit ad servers like adsense, so they use shit ad servers that often get infected themselves. Then if the user lacks proper protection, their PC can get infected.

      • AnorKnee Merce May 24, 2017 at 7:42 am #

        @ Jeff-FL

        Many Windows users have a false sense of security, ie they think their computers are invulnerable to ransomware and other malware by just getting fully patched/updated, eg with the March 2017 MS17-010 patch against the Eternalblue/SMBv1 exploit or with the Group A patching method for Win 7/8.1.

        In actual fact, like you said, most users get infected with ransomware by clicking on stuffs foolishly or greedily, No amount of Windows patching can prevent this.
        ....... Similarly, no amount of arrests by the police and relevant news can prevent foolish people from being affected by Internet scams, money scams, Ponzi schemes, etc.

        "A fool and his/her money are soon parted."
        ....... And not "An unpatched computer and his/her money are soon parted."

        There are reports that a few Win 7 and Win XP computer users have never patched/updated for years and could still remain uninfected by malware or ransomware. Windows Update for security is way over-rated. In fact, a few users see M$'s Windows Update as a bigger malware and ransomware, eg processor-blocking updates, ... and see Win 10 as an NSA spyware.

    • Hy March 30, 2016 at 6:45 pm #

      @Maelish: “But do you actually know anyone affected?”

      Yes, I know personally of one person attacked by ransomware. She is in a sciences faculty (department) of a large university in western Europe, and she and her entire department were attacked by ransomware at this time last year.

    • Nate Phillips December 25, 2016 at 6:21 am #

      I've serviced Macs and PCs belonging to home users affected by ransomeware. This is a cybersecurity issue that will only get worse as there are many criminals pursuing the lucrative market of home users. The worst one was only recent where a small business owner had all of his docs, adobe files and pictures locked by RSA-2048 algorithm intrusion. Evidence shows that he opened a email containing JavaScript, .exe, .bat and .cmd. We were successful in removing the infected files but we had to keep the laptop for 2 days. This is occurring every hour nowadays.

  8. endriu March 30, 2016 at 4:00 pm #

    Hi guys!
    I was wondering which free antivirus/security software would you recommend?
    Or a non-free software but with "lifetime" license (without subscription)?

    Im using COMODO security however wouldn't mint to change it for something better.

    • Dave March 30, 2016 at 4:31 pm #

      This isn’t like Photoshop or Excel. Anti-virus is one software category that is subscription-based because the databases constantly need updating. New features in the software itself - such as anti-randsomware - are as essential as the classic features. Using an old version defeats the point of the software and paying the subscription pays for developers to keep the software useful.

      • Joel March 30, 2016 at 7:45 pm #

        I'm sure he meant an antivirus that you pay for - once!
        & of course gets updated for life...
        Without needing to pay yearly for the right to get updates.. :)

      • Dave March 30, 2016 at 9:30 pm #

        I don't think you have any "right" for indefinite updates. I don't like the subscription models used now by the big software companies (eg Adobe and Autodesk). I think these models were introduced so that they don't have to keep adding new features to get users to upgrade. The whole thing is bad and I could write a lot about it. Not today though.

        It is possible to continue to use old anti-virus software with an old database if you want to. But why should you get lifetime updates unless you have paid a fair price to get them? Something like £1000 upfront maybe. And with that option, I'd prefer the freedom of being able to chose the best product each year when it's time to renew.

        I don't understand this expectation. Doesn't the OP know that a lot of people need to do a lot of work to make these updates, and that they need to be paid a fair wage, and that the updates are ESSENTIAL?

    • AnorKnee Merce May 24, 2017 at 7:47 am #

      @ endriu

      I recommend Avast Free AntiVirus or AVG Free.

  9. Dacko March 30, 2016 at 4:30 pm #

    Hi,
    Try this antiransomware software ( WinAntiRansom ). It is not free but is excellent.

    https://www.winpatrol.com/WinAntiRansom/

  10. brixy March 30, 2016 at 4:31 pm #

    I thought that my antivirus should (at least try) to protect me from all kinds of threats...
    now every av company has this sh..!

    Buy this - because when you were buying other stuff from us we were lying to you that we will do our best to protect you from EVERY POSSIBLE THREAT!

  11. silentwarrior March 30, 2016 at 6:06 pm #

    You missed WinAntiRansom, it is very effective in blocking Ransomware and wins head to head tests against products you have listed above. Please see the following video of it blocking Petra as proof. https://www.youtube.com/watch?v=3YXYnAiSYrY

  12. oz March 30, 2016 at 6:33 pm #

    Thanks for the article, Martin!

    It's doubtful that I'd ever install anti-ransomware software because I do backup regularly, and I keep the 4 previous backsups on hand at all times. Those backups are stored on an external drive that is never connected, except for doing backup or restore operations, and it only takes about 7 to 10 minutes to do a full restore. Of course, something could happen that might eventually change my mind, but for now I'll stick with my current plan as it is working quite well.

    • Tom Hawack March 30, 2016 at 6:46 pm #

      Malware can infect a HDD's boot sector, but you must know that better than I, so I guess your backups include the entire source disk and not files alone.

      • Joel March 30, 2016 at 7:49 pm #

        Heyyy,
        A quick word of 'why isn't backing up files alone, enough'?
        o.O

      • Martin Brinkmann March 30, 2016 at 9:35 pm #

        Joel, backups may be enough, but there are two issues. First, depending on when the backup gets done and how it is done, it may include the malware already or even backup the encrypted files. This can be overcome of course by creating independent backups and keeping them stored in a place that is not connected to your PC.

        Second, while backups may restore the system, you may be in the dark as to how the system was compromised in first place. This may not always be the case, but security software may reveal how the malware tried to attack the system.

      • Jeff-FL March 30, 2016 at 11:47 pm #

        Oz's '7 to 10 minutes to restore' comment sounds very much like an image restore tool, such as Macrium Reflect, so I'm close to certain he's referring to a full partition backup.

        I do a similar thing - upon waking up every morning, I power on the PC, and then run a script that a) does a complete image of my C: drive and b) creates a separate backup of my firefox profile (using Mozbackup). Today's image replaces the one before it, so they don't stack up. If disaster were to strike, I never have to go back further than the morning of the same day.

  13. oz March 30, 2016 at 6:57 pm #

    yes, my backups are always full disk copies including mbr.

    my data is usually kept on a separate disk, too.

    • Tom Hawack March 30, 2016 at 7:13 pm #

      Certainly the best security policy (separate disk connected only for backup/restore). OK.

  14. beerpatzer March 30, 2016 at 7:27 pm #

    Does Ransomware use its own encryption tools to encrypt the files, or does it rely on Windows BitLocker? As a Home version user, I don't have BitLocker...

  15. Joel March 30, 2016 at 8:14 pm #

    Out of the free 'better looking ones' [capability and reputation wise] such as MalwareBytes and Bitdefender - which would U recommend?
    and should this quote of MalwareBytes download page [on their forum] trouble me and have me choose BD over MB?
    "As this is the very first beta we do encourage beta users to install the product in non-production environments for testing purposes."
    Thanks for info!
    @ Martin & all the informative users\commentators

    • Martin Brinkmann March 30, 2016 at 9:33 pm #

      Joel, I would not run beta software on a machine you require or do work on.

      • Joel March 30, 2016 at 9:40 pm #

        Alright, thanks!
        So if anyhting - BitDefender it shall be then :)

    • Tom Hawack March 30, 2016 at 10:12 pm #

      One thing is sure as always : the ability of the market to propose applications which correspond to public expectations but also the risk as always to have this market offer applications that "fit" rather than quality code that 'handles". i'm pointing no company in particular but maybe is it worth reminding that a software's name and pretensions doesn't qualify it as such to be the right product. We know this happens with anti-virus, anti-malware products so it may be worth reminded that anti-ransomware specific applications make no exception to the rule.

      I hear, read here an orchestra of praise for WinAntiRansom, fine, why not? But I wouldn't consider a product to be in principle the best on the basis it is acclaimed by a trio of fans, whatever their sincerity that I do not doubt of.

      Facts, as far as I'm concerned, are called Hitmanpro.Alert together with Hitmanpro.kickstart requiring an annual license valid for both. A highly sophisticated product in its architecture though so easy to use for everyone. I've never had the slightest problem with either and I am assured both are as efficient as can be. Moreover both handle anti-ransomware as other system-wide protections not found in traditional anti-malware.

      I just wished to share this experience together with a modest general recommendation. In times of crisis it is often a reflex to jump too quickly to solutions we may not have weighed extensively enough.

  16. ted March 30, 2016 at 9:02 pm #

    WinAntiRansom blocks Petra!!!
    https://www.winpatrol.com/winantiransom/

  17. Jeff-FL March 30, 2016 at 11:51 pm #

    Everyone should be creating backups! if you have friends or relatives who are noobs, insist they make backups. Any data you value should always be in at least two places at the same time. Having solid backups removes the power from malware like this.

  18. ilev March 31, 2016 at 7:57 am #

    I use HitmanPro Alert since the first beta.

  19. rkr3 March 31, 2016 at 3:07 pm #

    How about Heimdal Pro (https://heimdalsecurity.com/en/)? It's often available free for a year's subscription.

    Anyone have any views on the same as regards protection against ransomware?

  20. vanp April 3, 2016 at 7:10 pm #

    1. I use HitmanPro.Alert and Emsisoft Anti-Malware. I'm considering WinAntiRansom (WAR) in addition. Can anybody tell me if what I have is enough, or would adding WAR be a good additional "set of eyes" on the problem?

    2. I've had the FBI virus (if that's the proper description) twice and something else once (on a different computer with different software from what's listed above). I didn't spend a lot of time reading the instructions; I knew immediately it was malware and restored a system image to solve the problem each time. One of these I'm pretty sure I got from Amazon.com. Another I think I got from a music site (can no longer remember the name). The other I don't know. Can anybody tell me if the FBI thing is actually ransomeware? I think it was out before the term "ransomeware" came into common usage.

    3. So, Maelish, while it may not be common on an individual home computer, it's possible and should be taken seriously.

    4. I'm using the Pale Moon browser. This page scrolls very slowly, and when typing the letters are delayed in appearing. Anybody know what's going on? I'm new to this site but don't think this should be normal anywhere.

  21. LimboSlam April 10, 2016 at 8:12 am #

    @Martin Brinkmann: CryptoPrevent blocks CryptoLocker variants, copycats, and similar ransomware.

    You can read more about there blocking/filtering module here: https://www.foolishit.com/cryptoprevent-malware-prevention/technical-information/, more towards the bottom.

  22. Eric April 14, 2016 at 4:29 pm #

    minerva-labs.com covers all ransomeware.. not sold to private people though..

  23. CHEF-KOCH May 14, 2016 at 6:51 am #

    Does it really matter which tool you use? I mean seriously, they all updating the databases and trying to improve their tools asap. Again it's more matter of which solution / company you can trust.

    I think they all suck if new stuff popping up, since you can't protect against something which you not know about.

  24. star May 26, 2016 at 7:19 pm #

    trend micro max 10 did not install on safe mode ,it asks me to go to regular mode ;

    while I installed it ,it says its in conflict with malawarebytes .do I have to choose one over the other ?

  25. Curt Esser May 27, 2016 at 11:41 pm #

    Are any of the other AV security products developing a solution? I've seen write-up that Emsisoft does. I was wondering about other popular ones such as Avast, AVG, Kaspersky, Webroot, and others I do not recommend such as Symantec Norton and Intel McAfee? Thanks for putting the list together.

  26. boredog August 6, 2016 at 10:23 pm #

    if you want to see some real life testing. go watch cruelsister videos posted on youtube. she not only knows what she is doing but has awesome tunes during her videos too. she has tested various software including WAR. if she makes a bypass, she will work with the program author to help get it fixed. you can find her on malwaretips.

  27. varo September 12, 2016 at 11:45 pm #

    this project fight ransomware in different way https://www.kickstarter.com/projects/1707157687/ransomware-immunizer?ref=user_menu

  28. Michel September 20, 2016 at 3:54 pm #

    Given that these apps evidently don't protect against the same ransomewares, how many do you recommend simultaneously running real time in addition to a user also running an antivirus and a HIPS app. (Malware Defender or WinPatrol) real time?

    I have a Dell Latitude E6500 with 4 GB RAM, an Intel Core 2 CPU P8700 running at 2.53 and 2.54 GHz, using 32-bit Win 7 Home Premium. The hard drive is 200 GB or more.

  29. Traveltravel January 5, 2017 at 1:24 am #

    HI

    Can you test AppCheck (free) anti-ransomware? It's available here

    https://www.checkmal.com/en/

    • jelson May 24, 2017 at 6:51 am #

      Second that...

  30. George March 15, 2017 at 4:26 pm #

    You should check out MalwareFox too.

  31. Calin March 22, 2017 at 2:12 pm #

    Another product is TEMASOFT Ranstop. It does reactive detection and blocking of ransomware, including ransomware that runs from remote, or runs in legitimate processes (scripts executed by the browser, etc). In addition it does real time file protection so and recovers affected files automatically. In case of undetected threats, you can still recover the files manually.

  32. smalleyes March 27, 2017 at 8:08 pm #

    hi guys, does anyone knows how to run MB Anti-Ransomware Silently or hide it from systray atleast.

  33. boredog April 26, 2017 at 9:06 pm #

    You asked about other products besides antiransomware dedicated.

    1. Appguard
    2. Voodooshield
    3. Shadow Defender

    Always have a good image program. Anyone giving advice to not should, is giving bad advice.

    If you want to test ransomware on your own to see what really works, go to testmyav dot com. You will need a LinkedIn acoount to be able to download them.

    • jelson May 24, 2017 at 11:10 pm #

      AppGuard and VoodooShield are both superb antimalware products

  34. star stern April 27, 2017 at 9:31 pm #

    there are 100's of malware protection ,but to download them all will have the most malware on system possible ,am using malawarebyts.com and am fine ,

    there are so many system cleaning tools ,but to download them all ,will have the most jammed computer an using cclean and am fine ,

    there are so many anti virus programs ,but if will download them all ,will be the most infected ,am using trend micro and am fine ,

    but when it comes to ransome ,was still getting them,but again here to download all ransome protection ,will just be conflict each other and will have no protection at all ?

    any tips ,advice, aside trend micro which is the top rated anti ransome program ,what else me to do ??

    • OhMyCyber May 25, 2017 at 6:40 pm #

      There's no question, trying to protect our home/small business machines is huge, & a huge time sucker these days! Plus needing to be a rocket scientist. ;) Additionally , it's so individualized (not talking enterprise), while we get excellent recommendations & advice, it may not work on my/your particular machine machine, for any number of reasons. And, of, if makes my machine to slow, too inconvenient or complicated, I'm not gonna use, or use it less than %100, thus leaving me vulnerable.
      And, I'm not even mentioning the privacy concerns that are fundamentall to thinking about the security of my systems.
      Geez, "May we live in interesting times."
      Thank you Martin, for all your contributors, commentariats & for this terrific site!

  35. tom warner May 24, 2017 at 12:18 am #

    Eset Smart security and NOD detect ransomware like wannacry

  36. rich thomas May 28, 2017 at 9:46 pm #

    Is it advisable to run separate anti-ransomware software too, if one's current anti-virus solution has some anti-ransomware functionality? Obviously, running 2 solutions may provide more security, but in the past with anti-virus software the consensus has been not to run 2 products at once to prevent conflicts and performance impact. FWIW, I'm currently running Avast and am considering whether to add one of the free solutions in the article as reinforcement.

    • Martin Brinkmann May 28, 2017 at 10:19 pm #

      Rich it depends but my answer to that would be no usually unless you are very insecure when it comes to the Internet or don't follow best security practices (such as installing security updates and keeping software up to date).

      You may not get a lot of mileage out of running one of the free solutions if your resident antivirus solution protects you against (some) ransomware attacks already.

  37. rich thomas May 30, 2017 at 1:01 pm #

    Thank you for your reply, Martin. I am concerned about the risks posed today (shouldn't we all be?) but my security practices are thorough (hence me considering anti-ransomware software).

    Maybe I will try 1 or 2 of the products mentioned in the article (1 at a time, obviously), and report back here as to whether there is any performance hit. If there is not, then perhaps there is no harm in running an additional anti-ransomare product for extra security.

  38. Charles July 31, 2017 at 6:43 pm #

    I use iobit software excllent anto ransome ware .They have agreat deal of different software for
    your computer check it out. Thanks

  39. Homie August 16, 2017 at 12:08 pm #

    Add some Application Control to your Windows 7/8/10 (Home Edition) machine. As a home user you probably can't get your hands on tools like SRP, AppLocker, AppSense Application Control, Palo Alto Traps or UBA solutions like SentinalOne. But you can block the unknown with a program called VoodooShield, this will run side-by-side with your AV and network security program and will popup when "something" unknown wants to execute on your machine.

    Here you can see how it blocks WannaCry v2:
    https://www.youtube.com/watch?v=1fYL4ECVOfs

Leave a Reply