Windows 10: Anti-ransomware protection in Fall Creators Update

Page 1 of 4 123 ... LastLast
  1. Stevekir's Avatar
    Posts : 304
    Windows 10 Home 64 bit (with Creators OS)
       13 Nov 2017 #1

    Anti-ransomware protection in Fall Creators Update

      My ComputerSystem Spec

  2. Bree's Avatar
    Posts : 8,847
    10 Home x64 (1809) (10 Pro on 2nd pc)
       13 Nov 2017 #2

    Stevekir said: View Post
    ...Should I do this?
    Up to you, it does help protect you. I have turned it on....

    ...Why didn't Microsoft make it activated by default?
    ...it also has disadvantages. You start getting notifications that some apps you've been using for ages are being blocked. Imagine suddenly finding out that you can't save to your user folder any more. Then imagine that you are not 'technically minded', don't know why it's happening or how to let an app through Controlled Folder Access.

    So far I've had to allow access for six executables, ranging from LibreOffice to Microsoft's own RoboCopy command.
      My ComputersSystem Spec

  3.    14 Nov 2017 #3

    I have Kaspersky anti-virus but might uninstall it. I have Defender periodic scanning on but I don't see the option for Controlled Folder Access. Is this because Kaspersky anti-virus is enabled?
      My ComputersSystem Spec

  4. Cliff S's Avatar
    Posts : 21,728
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       14 Nov 2017 #4

    Stevekir said: View Post
    Bree said: View Post
    Up to you, it does help protect you. I have turned it on....



    ...it also has disadvantages. You start getting notifications that some apps you've been using for ages are being blocked. Imagine suddenly finding out that you can't save to your user folder any more. Then imagine that you are not 'technically minded', don't know why it's happening or how to let an app through Controlled Folder Access.

    So far I've had to allow access for six executables, ranging from LibreOffice to Microsoft's own RoboCopy command.
    To expand on what Bree said, you will even have to add Windows own apps, programs, accessories, and tools to the list
    Here is the list I have so far, notice how many belong to Windows/Microsoft, even Office365
    (but for piece of mind, it's worth it, and you can always make a system image so you have a copy, and you can export the registry keys somewhere safe like OneDrive, for "just in case").

    Click image for larger version. 

Name:	image.png 
Views:	23 
Size:	703.2 KB 
ID:	163733

    See this tutorial and read all the posts in the thread: Change Windows Defender Controlled Folder Access Settings - Windows 10 Security System Tutorials

    I have created an Event Viewer Custom View make it easier to find the file you need to add to the allowed list, I also made a short video on how to use it to apply the file.
      My ComputersSystem Spec

  5.    14 Nov 2017 #5

    Steve C said: View Post
    I have Kaspersky anti-virus but might uninstall it. I have Defender periodic scanning on but I don't see the option for Controlled Folder Access. Is this because Kaspersky anti-virus is enabled?
    Quite probably- real-time scanning is required for the feature to work. See the notes immediately following Brink's tutorial- if he gets confirmation of this effect of a 3rd party AV, he will amend the tutorial on this point
      My ComputerSystem Spec

  6. Stevekir's Avatar
    Posts : 304
    Windows 10 Home 64 bit (with Creators OS)
    Thread Starter
       14 Nov 2017 #6

    Hmmmm. I think I will rely on my daily Macrium image of my C drive, stored on an external USB hard drive. The daily backup is quick - about 15 minutes - and doesn't slow the computer. My C drive contains only my OS and programs. I have several time-sequential backups of the rest of the files on the machine, on an internal hard drive and two USB hard drives.
      My ComputerSystem Spec

  7. Cliff S's Avatar
    Posts : 21,728
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       14 Nov 2017 #7

    It's not really that hard to use and setup, I know, as I tried it in the beginning then shut it off, as I was too busy to keep letting things through, but then a week or two ago, on a Sunday, I started setting it up again, and added all my programs executables, including the ones for office, and then went through system32 and added Paint, Notepad, WordPad, Regedit(for when I export a key), and so on.

    Now I's only a pain, when I'm in the middle of benchmarking and I get that popup, then I just let the benching software run through to get all the parts I need to add to the allowed list.

    Some times only the executables are not enough, and .bin files that run sub functions/programs with in a program need to be added.
    Like today when I ran PCMark 10, I needed to add C:\ProgramData\Futuremark\PCMark 10\chops\dlc\pcm10-libreoffice\program\soffice.bin for the LibreOffice portion of the benchmark.
      My ComputersSystem Spec

  8. Barman58's Avatar
    Posts : 2,787
    Windows 10 Pro x64 1803 - 17134.5 XP/Vista/Win7/Win8.1 in VM for testing
       14 Nov 2017 #8

    Antiransomware is designed to protect data not the OS a complete OS destruction is simple to solve, compared to a state where all your data held on a device is unreadable as it is encrypted by someone other than you..

    Always ensure that you have a copy of your actual data on at least one media that is NOT Connected in anyway to your operating system except for actual backup
      My ComputerSystem Spec

  9. Barman58's Avatar
    Posts : 2,787
    Windows 10 Pro x64 1803 - 17134.5 XP/Vista/Win7/Win8.1 in VM for testing
       14 Nov 2017 #9

    I forgot to add - Don't forget to add your backup folders to the protected list - just in case the ransomware attack occurs whilst the drive is attached

    BTW I do not use the free Windows AntiRansomware system but a paid one from BitDefender - It uses similar set-up of protected folders and whitelist of apps allowed access but has better controls
      My ComputerSystem Spec

  10. Stevekir's Avatar
    Posts : 304
    Windows 10 Home 64 bit (with Creators OS)
    Thread Starter
       14 Nov 2017 #10

    Barman58 said: View Post
    Antiransomware is designed to protect data not the OS a complete OS destruction is simple to solve, compared to a state where all your data held on a device is unreadable as it is encrypted by someone other than you..

    Always ensure that you have a copy of your actual data on at least one media that is NOT Connected in anyway to your operating system except for actual backup
    Yes. In addition to the two USB HDs which hold my backup data (they are usually connected and therefore at risk as you say) I make a manual backup of the data on my working data disc to another USB HD which is not otherwise connected and hidden where I hope a burglar would not find it. However, if the house burned down ....... There is a limit!
      My ComputerSystem Spec


 
Page 1 of 4 123 ... LastLast

Related Threads
Fall Creators Update in General Support
Has anyone installed it yet? If so did it break anything for you? Debating If I should update or not.
Solved Oct 17 Creators Fall update in Installation and Upgrade
Why is the Fall Creators update coming on Sunday instead of Tuesday? I still haven't received the April Creators update. Will Fall update skip the April update? Just curious.
Fall Creators Update in General Support
Anyone know what changes or improvements will be in the fall update?
Read more: Microsoft will call Windows 10's next update the 'Autumn Creators Update' in the UK | Windows Central Update: The Windows 10 Autumn Creators Update will be called 'Fall Creators Update' after all | Windows Central
Source: Windows 10 Creators Update provides next-gen ransomware protection Windows Security
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 01:37.
Find Us