Macrium Support Forum

CryptoPrevent settings and MR

https://forum.macrium.com/Topic15856.aspx

By dyhs - 22 July 2017 10:39 PM

Will these settings in CryptoPrevent interfere with Macrium Reflect?

https://forum.macrium.com/uploads/images/73049f44-c961-4d47-a761-cc6e.png

https://forum.macrium.com/uploads/images/22df5e31-3133-4c15-99e8-7749.png


By Nick - 22 July 2017 10:48 PM

Hi dyhs

Thanks for posting. 

Restricting bcdedit.exe will compromise creating rescue and boot media.

vssadmin.exe isn't used by Reflect. 

Please note that both of these restrictions offer very weak protection against malware/ransomware. Both the BCD and Shadow copies can easily be changed using WMI.
By jphughan - 22 July 2017 11:32 PM

From what I can see, even if it weren't for Nick's note that it may not be all that effective, that tool seems apt to create a lot more trouble than it will be worth, and I'm only seeing two screenshots! I gave up on stuff like that a while ago because they inevitably cause issues later, and by that time you may have forgotten you'd made these changes and/or the problematic behavior may not throw error messages that point you in the right direction, so after pulling your hair out for hours or even days trying to figure out what's wrong, in the best case you'll discover the underlying cause and feel the comfort of knowing that it was all your fault to begin with! Tongue

My ransomware protection is at least one offline backup, or offline+cloud for my data that's more important and/or couldn't just be redownloaded.
By dyhs - 23 July 2017 8:57 AM

@Nick
Thanks. BTW I'm looking forward to the new Macrium Image Guardian, that might be a reason to upgrade to V.7 sooner than I thought. Smile

@jphugan
True, all those settings might turn into a nightmare. Anyway you can leave the Default settings and see how it goes.


P.s. I don't recommend CryptoPrevent as main antiransomware defense. I think it was good in the past but it gave disappointing results in recent PcMag's tests.
https://www.pcmag.com/review/353931/cryptoprevent-premium-8