RansomFree Vs. PC Matic – How They Stack Up

PC World recently published an article on a new software that is claiming to block ransomware, RansomFree.  RansomFree is a behavioral analysis software that runs in the background of your PC by collecting data on what is considered normal behavior and what is considered not.  If any red flags arise, the software will stop the execution and give the user the ability to either override the alert and continue with what they were doing, or ask RansomFree to permanently quarantine the application as malicious.

RansomFree

PC Matic’s malware researcher and product manager, Devin Bergin, tested the software.  It should be known that it indeed blocked 100% of his ransomware samples.  That being said, there are two major issues with this security solution.

First, RansomFree does not do any testing for you to determine if the application is safe.  Once it is deemed malicious by the user, there is no further testing.  This could scare users to be a bit careless, which could cause the user to override the alerts because they don’t want their application to forever be known as malicious.

Second, this solution implements the use of decoy files as a means of protection against file encryption.  This sounds like a good idea, until we dig a bit deeper.  A risk included with using decoy files means you may end up with a few files being encrypted before the behavioral analysis detects an issue and is able to stop it.  Theoretically this shouldn’t be an issue, because the ransomware will be encrypting the decoy files, not legitimate ones.  However, a risk, as pointed out by BleepingComputer, is that these decoy files are named with either ! or ~ at the beginning of the file name.  This will bump these files to the top of the list which would typically cause the ransomware to encrypt them first.  However, with the advancements in ransomware, it is not difficult for the cyber criminals to create a different methodology to target alternative files first.

PC Matic

Now, let’s compare RansomFree to PC Matic.  PC Matic, too, blocked 100% of the ransomware samples.  However, that is to be expected, because they are our samples.  That being said, PC Matic did block 100% of the ransomware samples when tested by AV Comparatives.

PC Matic also includes an advanced mode that allows users to make decisions on unknown files without waiting for classification by our malware team, although we don’t recommend using it all the time.  If users choose not to add the application to their whitelist, the PC Matic malware research team will test and categorize these applications within 24 hours of attempted execution.  By allowing for the malware research team to do appropriate testing, there is no risk of a trusted application being permanently quarantined as malicious, like with the use of RansomFree.

Conclusion

Overall, both security solutions have the same end result.  Ransomware is blocked.  Although, as ransomware developers change their encryption tactics, RansomFree may catch less ransomware before encryption, while PC Matic will still block the unknown right away with our whitelist technology.

Also, RansomFree puts the determination of “trusted” versus “untrusted” applications into the hands of the PC user, while PC Matic leaves it to the professionals.  This is concerning, because it simply takes one wrong override and you’re inviting ransomware into your system.  Is that a responsibility you want?

(Visited 3,210 times, 1 visits today)

10 thoughts on “RansomFree Vs. PC Matic – How They Stack Up

    • Larry – Did you contact our support team when this occurred? Assuming you had SuperShield enabled, you should not have gotten infected. If this did occur while SuperShield was enabled, we need to know immediately, so we are able to identify the malware that infected your computer. Please contact our support team on this, if you haven’t done so already. Thanks for your help!

  1. im not computer smart, and I have pcmatic , so I hope you keep my computer safe without blocking safe programs. I am not sure I know how to use pcmatic, I can see when it blocks something, do I need to do anything special when it does ?

    • After you receive a blocked notification, no you don’t need to do anything. However, after a scan, you’ll want to fix the issues by clicking “Fix Now”. Once this is complete you’ll want to reboot. If you have PC Matic set up to do automatic scans, then you won’t have to click “Fix All”, but once you receive the email explaining what has been done, you’ll want to reboot. Any other questions, don’t hesitate to ask!

    • Even though PC Matic cost I have had it for over 2 years and have found it to be the best investment I have made to protect my pc’s I have no complaints

Leave a Reply

Your email address will not be published. Required fields are marked *