HELP STATION
[SECURITY]
Is this ransomware?
A few days ago, I spotted a couple of strange-looking folders on my data drive: Tprogram136 and Oapplication5. An internet search revealed nothing, so I tried deleting one of the files only for Cybereason RansomFree to pop up and claim it had blocked an attempt to lock my computer. I selected the option to remove the ransomware, but then another file popped up in its place: Tfiles37. Inside these are seemingly random files with various formats. Where are they coming from?
JOHN BUCHANAN
After some extensive research and further scans using John’s other tools – Avast FREE, EEK and Malwarebytes – we suddenly had our eureka moment! The folders in question – hidden by default – are created by Cybereason RansomFree as bait. It monitors these folders and, if it notices attempts to delete or modify the files, it leaps into action.
THIS SO-CALLED ‘HEURISTIC’ DETECTION MEANS THE APPLICATION WORKS SOLELY BY LOOKING FOR CERTAIN TYPES OF SUSPICIOUS BEHAVIOUR ASSOCIATED WITH RANSOMWARE RATHER THAN RELYING ON DEFINITION UPDATES TO SPOT POTENTIAL INFECTIONS. IT CAN BE EFFECTIVE, BUT IS RATHER BLUNT.
This so-called ‘heuristic’ detection means the application works solely
You’re reading a preview, subscribe to read more.
Start your free 30 days