TrendMicro Ransom Buster: Windows ransomware protection
TrendMicro Ransom Buster is a standalone program for Microsoft Windows devices to protect data on the device against all forms of ransomware.
TrendMicro states that Ransom Buster is free for a limited period only. While we don't know precisely for how long and what follows after, the most likely explanation is that the company plans to sell it for a price eventually.
TrendMicro security customers don't need the product as the company's security programs support the same feature set already.
TrendMicro Ransom Buster
The Ransom Buster download has a size of 120 Megabytes currently. The security software connects to a TrendMicro server during installation. The installation itself is pretty straightforward. It begins with a system compatibility check. The license agreement lists location and language of the installation which you may change.
The default install location is c:\program files\Trend Micro and the default language is English. You are asked to enter an email address during the last step of the installation. This step is mandatory, but there appears to be no verification of that email address.
Ransom Buster loads a configuration wizard after installation. You use it to select folders on the local Windows device that you want the program to protect.
Ransom Buster protects files that reside in the Documents folder by default. A click on Manage Folders opens a drive and folder browser that you use to add more directories that you want to be protected by the security program.
I could not add more folders from the c: drive however in that particular version of Ransom Buster though and can't say if this is by design or a bug. It limits the use of the application significantly, however.
Ransom Buster displays a "get protection for unlimited folders" popup eventually while you run it. This does not change the limitation in regards to adding folders that reside on the c: drive, but it unlocks options to add more folders from other drives. It is sufficient that you state that you shared the link with your friends as this is not verified.
The program resides in the system tray afterward. A right-click on the icon displays options to launch the management interface and to exit it.
You don't find a program entry in the Windows Start Menu, and need to load it from C:\Program Files\Trend Micro\Titanium\UIFramework\ instead by running uiWinMgr.exe if you exit the program.
The installer adds two autostart entries, Trend Micro Client Session Agent Monitor and Platinum user session agent, however.
Ransom Buster supports a trusted list of programs that you may add applications to. These are allowed to interface with files in protected folders under any circumstance.
The program monitors the protected folders in the background while it runs. It displays a prompt when it notices that unrecognized software attempts to access files protected by Ransom Buster. The prompt displays the name of the program and options to block access or trust the program instead.
Access to the file is blocked if you select the option and allowed if you select to trust the program. The prompt reveals no information other than the file name of the program that attemps to access protected data.
Â Closing Words
TrendMicro Ransom Buster limits access to protected folders on Windows machines. It uses the same mechanic that Windows Defender's Controlled Folder Access feature uses to protect folders on machines running Windows 10. This makes it a solid alternative for use on previous versions of Windows.
The fact that you can't add more folders on c: limits the program significantly, however. It remains to be seen whether that is a bug that TrendMicro will address in future versions or intentional.
It is too early to tell whether the protective features of Ransom Buster are better, identical or worse than those of Controlled Folder Access or other anti-ransomware software. (via I Love Free Software)
Now You: Do you run anti-ransomware software on your devices?