Discussion:
Ask EU: How does a numpty know what's safe?
(too old to reply)
Jane Vernon
2017-05-17 19:33:18 UTC
Permalink
Raw Message
A while back I installed Driver Booster, thought I'm not sure it's been
particularly useful for what I expected. Today, though, it told me that
there had been a big ransomware attack and there were steps I could take
to prevent attack on my computer. This is the advice:

http://www.iobit.com/en/tips-steps-for-window-7-and-later-system-to-set-port-and-prevent-wannacrypt-attacking-78.php

How do I know this isn't actually a really risky thing to do rather than
safe, as it purports to be?
--
Jane
The Potter in the Purple socks - to reply, please remove PURPLE
BTME

http://www.clothandclay.co.uk/umra/cookbook.htm - Umrats' recipes
BrritSki
2017-05-17 19:40:06 UTC
Permalink
Raw Message
Post by Jane Vernon
A while back I installed Driver Booster, thought I'm not sure it's been
particularly useful for what I expected. Today, though, it told me that
there had been a big ransomware attack and there were steps I could take
http://www.iobit.com/en/tips-steps-for-window-7-and-later-system-to-set-port-and-prevent-wannacrypt-attacking-78.php
How do I know this isn't actually a really risky thing to do rather than
safe, as it purports to be?
I read about this port vulnerability elsewhere and blocked port 445
yesterday with no obvious ill effects so far.

The attack they are talking about is the one that affected the NHS.
Jane Vernon
2017-05-19 07:35:17 UTC
Permalink
Raw Message
Post by BrritSki
Post by Jane Vernon
A while back I installed Driver Booster, thought I'm not sure it's
been particularly useful for what I expected. Today, though, it told
me that there had been a big ransomware attack and there were steps I
http://www.iobit.com/en/tips-steps-for-window-7-and-later-system-to-set-port-and-prevent-wannacrypt-attacking-78.php
How do I know this isn't actually a really risky thing to do rather
than safe, as it purports to be?
I read about this port vulnerability elsewhere and blocked port 445
yesterday with no obvious ill effects so far.
Thank you, I'll find the tuit and give it a go.
Post by BrritSki
The attack they are talking about is the one that affected the NHS.
Yes, I knew that. I also understand that it's not only XP users who
need to make sure they are keeping a lid on things and I'm trying not to
be complacent.
--
Jane
The Potter in the Purple socks - to reply, please remove PURPLE
BTME

http://www.clothandclay.co.uk/umra/cookbook.htm - Umrats' recipes
Flop
2017-05-17 21:33:08 UTC
Permalink
Raw Message
Post by Jane Vernon
A while back I installed Driver Booster, thought I'm not sure it's been
particularly useful for what I expected. Today, though, it told me that
there had been a big ransomware attack and there were steps I could take
http://www.iobit.com/en/tips-steps-for-window-7-and-later-system-to-set-port-and-prevent-wannacrypt-attacking-78.php
How do I know this isn't actually a really risky thing to do rather than
safe, as it purports to be?
This is part of Iobit Malaware not Driver Booster. I am not being
pedantic but I need to distinguish between the two.
Ransomware
The anti-ransomware is worth installing - Ransomware does not get
stopped by Anti-virus protection and is very nasty.
An alternative is Malwarebytes Anti-Ransomware.

Driver Booster can be dangerous. It can update too many drivers in a
batch and cause computer crashes. Hence I avoid it and only use the
computer manufacturers updates.
--
Flop
General Norman Schwarzkopf was asked if he thought there was room for
forgiveness toward terrorists.
The General said, "I believe that forgiving them is God's function...
OUR job is to arrange the meeting."
BrritSki
2017-05-18 06:52:55 UTC
Permalink
Raw Message
...- Ransomware does not get stopped by Anti-virus protection
There was a message from Trend Micro on my screen this morning say I WAS
protected against WCRY ransomware (although I think I need to restart to
enable the changes).

They also claim to have tools to remove the encryption caused by WCRY,
but fortunately I have not had a need to use them.
J. P. Gilliver (John)
2017-05-18 07:18:02 UTC
Permalink
Raw Message
Post by BrritSki
...- Ransomware does not get stopped by Anti-virus protection
There was a message from Trend Micro on my screen this morning say I
WAS protected against WCRY ransomware (although I think I need to
restart to enable the changes).
They also claim to have tools to remove the encryption caused by WCRY,
but fortunately I have not had a need to use them.
I'd be very wary - is it really Trend Micro? Do they have any reason to
be contacting you (have you bought any of their products, installed any
of their software, etc.)?

"Tools to undo the encryption" sounds like an excellent way to get
people to run malware (-:, although I think there _are_ some moves in
that direction if you read some of the articles on the matter. But
certainly any _unsolicited_ links to things claiming to do that I'd be
_deeply_ suspicious of!
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)***@T+H+Sh0!:`)DNAf

Another lively meeting of thr 1922 Committee - the secret gathering of BBC
presenters that gets its name from the fact that no one is sober after
twenty-past seven. - Eddie Mair, RT 16-22 April 2011
Jane Vernon
2017-05-19 07:37:22 UTC
Permalink
Raw Message
Post by Flop
Post by Jane Vernon
A while back I installed Driver Booster, thought I'm not sure it's
been particularly useful for what I expected. Today, though, it told
me that there had been a big ransomware attack and there were steps I
http://www.iobit.com/en/tips-steps-for-window-7-and-later-system-to-set-port-and-prevent-wannacrypt-attacking-78.php
How do I know this isn't actually a really risky thing to do rather
than safe, as it purports to be?
This is part of Iobit Malaware not Driver Booster. I am not being
pedantic but I need to distinguish between the two.
OK, but it was the Driver Booster window which presented the alert and
gave the link.
Post by Flop
Ransomware
The anti-ransomware is worth installing - Ransomware does not get
stopped by Anti-virus protection and is very nasty.
An alternative is Malwarebytes Anti-Ransomware.
I wasn't using it as ransomware. See above.
Post by Flop
Driver Booster can be dangerous. It can update too many drivers in a
batch and cause computer crashes. Hence I avoid it and only use the
computer manufacturers updates.
I haven't used it indiscriminately. I used it for a couple of things
that I'd installed myself but otherwise Dell did a lot of updates for me
fairly recently.
--
Jane
The Potter in the Purple socks - to reply, please remove PURPLE
BTME

http://www.clothandclay.co.uk/umra/cookbook.htm - Umrats' recipes
Penny
2017-05-19 14:46:53 UTC
Permalink
Raw Message
On Wed, 17 May 2017 22:33:08 +0100, Flop <***@flop.knot.me.uk> scrawled in
the dust...
Post by Flop
Ransomware does not get
stopped by Anti-virus protection and is very nasty.
Avast assures me it does deal with ransomware - see
https://blog.avast.com/wannacry-update-the-worst-ransomware-outbreak-in-history
--
Penny
Annoyed by The Archers since 1959
Flop
2017-05-19 20:22:47 UTC
Permalink
Raw Message
Post by Penny
the dust...
Post by Flop
Ransomware does not get
stopped by Anti-virus protection and is very nasty.
Avast assures me it does deal with ransomware - see
https://blog.avast.com/wannacry-update-the-worst-ransomware-outbreak-in-history
I think that article was written by Diane Abbott.

I will correct my statement to accommodate the fact that most AV
suppliers have added a bolt-on to their programs which stops ransomware.
--
Flop
General Norman Schwarzkopf was asked if he thought there was room for
forgiveness toward terrorists.
The General said, "I believe that forgiving them is God's function...
OUR job is to arrange the meeting."
J. P. Gilliver (John)
2017-05-19 20:39:56 UTC
Permalink
Raw Message
Post by Flop
Post by Penny
the dust...
Post by Flop
Ransomware does not get
stopped by Anti-virus protection and is very nasty.
Avast assures me it does deal with ransomware - see
https://blog.avast.com/wannacry-update-the-worst-ransomware-outbreak-in
-history
I think that article was written by Diane Abbott.
I will correct my statement to accommodate the fact that most AV
suppliers have added a bolt-on to their programs which stops ransomware.
They can't. Any more than they can stop other forms of malware.

They _can_ look out for, and stop, _known_ ransomwares, just as they can
other forms of malware; and, as soon as a new one appears, they can add
details of it to their updates (which your version of the AV will
download, after a varying delay [less for paid versions, usually]).

Many of the better AV products claim to look out for certain
_behaviours_ - I can't imagine that could catch ransomware immediately,
though: detecting something that's modifying lots of files would work,
but depending on what "lots" is taken as, it would either let through a
significant number of encryptions before triggering, or give lots of
false positives.
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)***@T+H+Sh0!:`)DNAf

Fortunately radio is a forgiving medium. It hides a multitude of chins ...
Vanessa feltz, RT 2014-3/28-4/4
Loading...