post #1 of 1
Thread Starter 
This won't protect the PC from infection, but it has very good chances to protect certain DATA you choose from being encrypted. So the rest of your PC will still be encrypted by the ransomware, but the folders you protected will remain untouched.


Secure Folders (free and abbandonware sadly):

Supported OS: WinXP - Windows 8( all 32 and 64-bit editions ) (might work for successive Windows, but since the author abbandoned it, the official support ends with Win8).

http://download.cnet.com/Secure-Folders/3000-2092_4-76081193.html

All one needs to do is:
1) Select the folders he needs to protect.
2) Set them to READ ONLY (setting them to LOCK, denies read too, in case you want the data to be not only impossible to encrypt, but also to read. The downside, is that you won't be able to read them either, without disabling protection, while with read only, you will still freely read them without disabling protection).
3) Assign 2 hotkeys for enabling/disabling protection (and remember to re-enable protection after you have disabled it for some reason).

"Trusted programs" are programs with free access to that folder. This is cosy, but it's also a weakness. Theoretically, a ransomware that is programmed to target that process (code injection/process hollowing), can bypass the protection using the "trusted program". Explorer.exe is the prime candidate of a process that you would like to add to "trusted" for convenience. But it's also a target that exists in every PC, so it's a potential target.
Thus, the best is to leave it without ANY trusted programs or add (as calculated risk) a program if it's a bit obscure, that a malware writer wouldn't probably think to attack.

Basically, normally, you want protection enabled. If you need to update something in the folder or write/save in any way, you need to use the hotkey that disables protection, do what you want to do, use the hotkey to re-enable protection once you 're finished. That's it.


Video of Secure Folders vs various well known Ransomware.

https://www.youtube.com/watch?time_continue=85&v=051WlQRsG0U

Note how the files in the "unprotected folder" get encrypted (the file extension changes), while those protected by Secure Folders don't.

Nothing is 100% certain, but it's the simplest defence one can adopt. All you have to remember are 2 hotkeys...

Worst case scenario, a ransomware writes the MBR and prevents entering Windows (Petya is an example). Chances are you will be able to retrieve your data in the "Secured Folder" using a Linux CD and copy them to a flash/external drive or something. If your precious data is safe, then you can just format and get rid of the ransomware.


That's the simplest way that i know, as user-friendly as possible, to safeguard your data, if you can't stop the infection.

That's all folks.


EDIT: Known vulnerability. If 2 PCs are connected via network, the protected files can be tampered from the other PC of the network. Is this likely to happen in case of a ransomware attack? No, unless the malware writer specifically targets "Secure Folders". Possible, but improbable. For PC not connected to others, there is no known vulnerability.
Edited by Undervolter - 7/14/16 at 12:00pm
Main
(16 items)
 
Dedicated Encoder
(15 items)
 
 
CPUMotherboardGraphicsRAM
FX-8320@4Ghz Gigabyte 970 UD3P rev2.1 Gainward GTX 750Ti Corsair XMS3 1600Mhz 16GB (4x4GB) 
Hard DriveHard DriveOptical DriveOptical Drive
Crucial BX100 250GB Western Digital Green 2TB LiteOn Blu-Ray Burner IHBS 112-2 LG BH16NS55 Blu-Ray Burner 
CoolingOSMonitorKeyboard
Scythe Katana 3 Windows 7 Pro 64bit ASUS 22" VS228HR Microsoft Wired Keyboard 600 
PowerCaseMouseAudio
EVGA 430W Sharkoon VG4-V Logitech M90 Onboard 
CPUMotherboardGraphicsRAM
FX-8300 Asrock 970 Extreme3 HIS 6570 Silence Corsair XMS3 1600Mhz 8GB (2x4GB) CAS9 
Hard DriveHard DriveOptical DriveCooling
Plextor M6S 128GB Toshiba 2TB SATAIII LiteOn Blu Ray burner IHBS 112-2 Xigmatek Balder 
OSMonitorKeyboardPower
Windows 7 Pro 64bit Samsung S22B350H Microsoft Wired 600 Corsair VS350 
CaseMouseAudio
Lepa LPC 306 Logitech M90 Onboard 
  hide details  
Reply
Main
(16 items)
 
Dedicated Encoder
(15 items)
 
 
CPUMotherboardGraphicsRAM
FX-8320@4Ghz Gigabyte 970 UD3P rev2.1 Gainward GTX 750Ti Corsair XMS3 1600Mhz 16GB (4x4GB) 
Hard DriveHard DriveOptical DriveOptical Drive
Crucial BX100 250GB Western Digital Green 2TB LiteOn Blu-Ray Burner IHBS 112-2 LG BH16NS55 Blu-Ray Burner 
CoolingOSMonitorKeyboard
Scythe Katana 3 Windows 7 Pro 64bit ASUS 22" VS228HR Microsoft Wired Keyboard 600 
PowerCaseMouseAudio
EVGA 430W Sharkoon VG4-V Logitech M90 Onboard 
CPUMotherboardGraphicsRAM
FX-8300 Asrock 970 Extreme3 HIS 6570 Silence Corsair XMS3 1600Mhz 8GB (2x4GB) CAS9 
Hard DriveHard DriveOptical DriveCooling
Plextor M6S 128GB Toshiba 2TB SATAIII LiteOn Blu Ray burner IHBS 112-2 Xigmatek Balder 
OSMonitorKeyboardPower
Windows 7 Pro 64bit Samsung S22B350H Microsoft Wired 600 Corsair VS350 
CaseMouseAudio
Lepa LPC 306 Logitech M90 Onboard 
  hide details  
Reply