New
#1
Anti-ransomware protection in Fall Creators Update
Please activate the anti-ransomware protection in your Windows 10 Fall Creators Update PC. Ta • The Register
Should I do this? Why didn't Microsoft make it activated by default?
Please activate the anti-ransomware protection in your Windows 10 Fall Creators Update PC. Ta • The Register
Should I do this? Why didn't Microsoft make it activated by default?
Up to you, it does help protect you. I have turned it on....
...it also has disadvantages. You start getting notifications that some apps you've been using for ages are being blocked. Imagine suddenly finding out that you can't save to your user folder any more. Then imagine that you are not 'technically minded', don't know why it's happening or how to let an app through Controlled Folder Access....Why didn't Microsoft make it activated by default?
So far I've had to allow access for six executables, ranging from LibreOffice to Microsoft's own RoboCopy command.
I have Kaspersky anti-virus but might uninstall it. I have Defender periodic scanning on but I don't see the option for Controlled Folder Access. Is this because Kaspersky anti-virus is enabled?
To expand on what Bree said, you will even have to add Windows own apps, programs, accessories, and tools to the list
Here is the list I have so far, notice how many belong to Windows/Microsoft, even Office365
(but for piece of mind, it's worth it, and you can always make a system image so you have a copy, and you can export the registry keys somewhere safe like OneDrive, for "just in case").
See this tutorial and read all the posts in the thread: Change Windows Defender Controlled Folder Access Settings - Windows 10 Security System Tutorials
I have created an Event Viewer Custom View make it easier to find the file you need to add to the allowed list, I also made a short video on how to use it to apply the file.
Hmmmm. I think I will rely on my daily Macrium image of my C drive, stored on an external USB hard drive. The daily backup is quick - about 15 minutes - and doesn't slow the computer. My C drive contains only my OS and programs. I have several time-sequential backups of the rest of the files on the machine, on an internal hard drive and two USB hard drives.
It's not really that hard to use and setup, I know, as I tried it in the beginning then shut it off, as I was too busy to keep letting things through, but then a week or two ago, on a Sunday, I started setting it up again, and added all my programs executables, including the ones for office, and then went through system32 and added Paint, Notepad, WordPad, Regedit(for when I export a key), and so on.
Now I's only a pain, when I'm in the middle of benchmarking and I get that popup, then I just let the benching software run through to get all the parts I need to add to the allowed list.
Some times only the executables are not enough, and .bin files that run sub functions/programs with in a program need to be added.
Like today when I ran PCMark 10, I needed to add C:\ProgramData\Futuremark\PCMark 10\chops\dlc\pcm10-libreoffice\program\soffice.bin for the LibreOffice portion of the benchmark.
Antiransomware is designed to protect data not the OS a complete OS destruction is simple to solve, compared to a state where all your data held on a device is unreadable as it is encrypted by someone other than you..
Always ensure that you have a copy of your actual data on at least one media that is NOT Connected in anyway to your operating system except for actual backup
I forgot to add - Don't forget to add your backup folders to the protected list - just in case the ransomware attack occurs whilst the drive is attached
BTW I do not use the free Windows AntiRansomware system but a paid one from BitDefender - It uses similar set-up of protected folders and whitelist of apps allowed access but has better controls
Yes. In addition to the two USB HDs which hold my backup data (they are usually connected and therefore at risk as you say) I make a manual backup of the data on my working data disc to another USB HD which is not otherwise connected and hidden where I hope a burglar would not find it. However, if the house burned down ....... There is a limit!