alasmi8 1 Posted August 3, 2019 Share Posted August 3, 2019 Hi, if this wrong section , don’t deleted it just move it to correct section i’m a newbie in this forum I want to request new feature to ESET Smart Security Premium the feature is : Folder shield like this : + Protect all connected USB drivers if you accept my request , i will buy eset smart security for 1 PC (even if price reach 100$) thanks. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,704 Posted August 3, 2019 Administrators Share Posted August 3, 2019 There is a pinned topic "Future changes to..." in each product's forum where users can post proposals for improvements and changes. Regarding Folder Shield, this is not the way we would like to go since current competitive solutions are more-less trivial and unreliable.https://www.bleepingcomputer.com/news/security/researcher-bypasses-windows-controlled-folder-access-anti-ransomware-protection/ You can use HIPS rules to control which applications can write to specific folders, however, malware could inject into trusted processes and make changes in protected folders anyways. Or the same could be accomplished by macros in documents that are opened by trusted processes (Office applications). Link to comment Share on other sites More sharing options...
alasmi8 1 Posted August 3, 2019 Author Share Posted August 3, 2019 (edited) Folder sheild is best way to protect folders from ransomware i think ESET developers can prevent malware from inject to any trusted processes , prevent macros too then what i should do ? download this : https://qpdownload.com/folder-shield-extra-security/ or using trend micro anti virus folder sheild ? Edited August 3, 2019 by alasmi8 Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 359 Posted August 3, 2019 Most Valued Members Share Posted August 3, 2019 2 hours ago, alasmi8 said: Folder sheild is best way to protect folders from ransomware i think ESET developers can prevent malware from inject to any trusted processes , prevent macros too then what i should do ? download this : https://qpdownload.com/folder-shield-extra-security/ or using trend micro anti virus folder sheild ? The problem is what happens when that program gets hacked then infected. Best example of this is the ccleaner incident a few years back when someone managed to infect ccleaner. The problem is it is a well used and often respected program but if it was marked as trustworthy that could cause issues Link to comment Share on other sites More sharing options...
L0ckJaw 3 Posted August 10, 2019 Share Posted August 10, 2019 You can make custom HIPS rules to protect folders. Link to comment Share on other sites More sharing options...
itman 1,538 Posted August 12, 2019 Share Posted August 12, 2019 (edited) A penetration testing concern tested Windows Defender controlled folders for bypass capability last year: https://www.nyotron.com/wp-content/uploads/2018/04/Nyotron-Windows10-Report-April-2018.pdf . To dispel a few myths, WD controlled folders held its own against common code injection techniques against its default allowed processes, Such was not the case for any user created whitelisted processes. However and pointed out in the article, most users would probably not create any. Such was not the case however in regards to advanced code injection techniques such as APC based code injection, WMI based, and Word Macro based. The question is how Eset's HIPS mitigated protected folders would fare against the same. Then there is the case of malware based privileged escalation techniques. Well if employed and directed against WD controlled folders, assume all your files will be encrypted. Since this article was written prior to Win 10 1903 WD tamper protection feature, maybe the article noted system modifications would not be possible. I certainly hope so for users relying on WD controlled folders protection. Edited August 12, 2019 by itman Link to comment Share on other sites More sharing options...
Recommended Posts