Request new feature to ESET Smart Security Premium

[alasmi8 1]

Hi,

if this wrong section , don’t deleted it just move it to correct section i’m a newbie in this forum

 

I want to request new feature to ESET Smart Security Premium 

the feature is : Folder shield 

like this :

 

+ Protect all connected USB drivers

if you accept my request , i will buy eset smart security for 1 PC (even if price reach 100$)

 

thanks.

[Marcos 5,070]

There is a pinned topic "Future changes to..." in each product's forum where users can post proposals for improvements and changes.

Regarding Folder Shield, this is not the way we would like to go since current competitive solutions are more-less trivial and unreliable.
https://www.bleepingcomputer.com/news/security/researcher-bypasses-windows-controlled-folder-access-anti-ransomware-protection/

You can use HIPS rules to control which applications can write to specific folders, however, malware could inject into trusted processes and make changes in protected folders anyways. Or the same could be accomplished by macros in documents that are opened by trusted processes (Office applications).

[alasmi8 1]

Folder sheild is best way to protect folders from ransomware

i think ESET developers can prevent malware from inject to any trusted processes , prevent macros too

then what i should do ?

 

download this : https://qpdownload.com/folder-shield-extra-security/

 

or using trend micro anti virus folder sheild ?

Edited August 3, 2019 by alasmi8

[peteyt 393]

2 hours ago, alasmi8 said:

Folder sheild is best way to protect folders from ransomware

i think ESET developers can prevent malware from inject to any trusted processes , prevent macros too

then what i should do ?

 

download this : https://qpdownload.com/folder-shield-extra-security/

 

or using trend micro anti virus folder sheild ?

The problem is what happens when that program gets hacked then infected. Best example of this is the ccleaner incident a few years back when someone managed to infect ccleaner. The problem is it is a well used and often respected program but if it was marked as trustworthy that could cause issues

[L0ckJaw 3]

You can make custom HIPS rules to protect folders.

 

[itman 1,659]

A penetration testing concern tested Windows Defender controlled folders for bypass capability last year: https://www.nyotron.com/wp-content/uploads/2018/04/Nyotron-Windows10-Report-April-2018.pdf .

To dispel a few myths, WD controlled folders held its own against common code injection techniques against its default allowed processes, Such was not the case for any user created whitelisted processes. However and pointed out in the article, most users would probably not create any. Such was not the case however in regards to advanced code injection techniques such as APC based code injection, WMI based, and Word Macro based. The question is how Eset's HIPS mitigated protected folders would fare against the same.

Then there is the case of malware based privileged escalation techniques. Well if employed and directed against WD controlled folders, assume all your files will be encrypted. Since this article was written prior to Win 10 1903 WD tamper protection feature, maybe the article noted system modifications would not be possible. I certainly hope so for users relying on WD controlled folders protection.

Edited August 12, 2019 by itman