CryptoPrevent settings and MR


Author
Message
dyhs
dyhs
Proficient Member
Proficient Member (267 reputation)Proficient Member (267 reputation)Proficient Member (267 reputation)Proficient Member (267 reputation)Proficient Member (267 reputation)Proficient Member (267 reputation)Proficient Member (267 reputation)Proficient Member (267 reputation)Proficient Member (267 reputation)
Group: Forum Members
Posts: 164, Visits: 640
Will these settings in CryptoPrevent interfere with Macrium Reflect?

https://forum.macrium.com/uploads/images/73049f44-c961-4d47-a761-cc6e.png

https://forum.macrium.com/uploads/images/22df5e31-3133-4c15-99e8-7749.png



Nick
Nick
Macrium Representative
Macrium Representative (2.5K reputation)Macrium Representative (2.5K reputation)Macrium Representative (2.5K reputation)Macrium Representative (2.5K reputation)Macrium Representative (2.5K reputation)Macrium Representative (2.5K reputation)Macrium Representative (2.5K reputation)Macrium Representative (2.5K reputation)Macrium Representative (2.5K reputation)
Group: Administrators
Posts: 1.4K, Visits: 7.9K
Hi dyhs

Thanks for posting. 

Restricting bcdedit.exe will compromise creating rescue and boot media.

vssadmin.exe isn't used by Reflect. 

Please note that both of these restrictions offer very weak protection against malware/ransomware. Both the BCD and Shadow copies can easily be changed using WMI.

Kind Regards

Nick - Macrium Support

jphughan
jphughan
Most Valuable Professional
Most Valuable Professional (4.3K reputation)Most Valuable Professional (4.3K reputation)Most Valuable Professional (4.3K reputation)Most Valuable Professional (4.3K reputation)Most Valuable Professional (4.3K reputation)Most Valuable Professional (4.3K reputation)Most Valuable Professional (4.3K reputation)Most Valuable Professional (4.3K reputation)Most Valuable Professional (4.3K reputation)
Group: Forum Members
Posts: 3K, Visits: 21K
From what I can see, even if it weren't for Nick's note that it may not be all that effective, that tool seems apt to create a lot more trouble than it will be worth, and I'm only seeing two screenshots! I gave up on stuff like that a while ago because they inevitably cause issues later, and by that time you may have forgotten you'd made these changes and/or the problematic behavior may not throw error messages that point you in the right direction, so after pulling your hair out for hours or even days trying to figure out what's wrong, in the best case you'll discover the underlying cause and feel the comfort of knowing that it was all your fault to begin with! Tongue

My ransomware protection is at least one offline backup, or offline+cloud for my data that's more important and/or couldn't just be redownloaded.
Edited 22 July 2017 11:32 PM by jphughan
dyhs
dyhs
Proficient Member
Proficient Member (267 reputation)Proficient Member (267 reputation)Proficient Member (267 reputation)Proficient Member (267 reputation)Proficient Member (267 reputation)Proficient Member (267 reputation)Proficient Member (267 reputation)Proficient Member (267 reputation)Proficient Member (267 reputation)
Group: Forum Members
Posts: 164, Visits: 640
@Nick
Thanks. BTW I'm looking forward to the new Macrium Image Guardian, that might be a reason to upgrade to V.7 sooner than I thought. Smile

@jphugan
True, all those settings might turn into a nightmare. Anyway you can leave the Default settings and see how it goes.


P.s. I don't recommend CryptoPrevent as main antiransomware defense. I think it was good in the past but it gave disappointing results in recent PcMag's tests.
https://www.pcmag.com/review/353931/cryptoprevent-premium-8

Edited 23 July 2017 12:24 PM by dyhs
GO

Merge Selected

Merge into selected topic...



Merge into merge target...



Merge into a specific topic ID...




Similar Topics

Reading This Topic

Login

Explore
Messages
Mentions
Search