Secure folders by promosoft (freeware) Now for download available at http://www.softpedia.com/get/Security/Security-Related/Secure-Folders.shtml (Norton DNS does warn when surfing to developer's site). 1. Whitelist trusted applications (allow to access your files) Typically you would include Windows Explorer, your office, media player and mail applications. 2. Protect your files with read only Simply set a read only on your documents, pictures, movies, music subfolders (and any additional data partitions you have created). Don't set it for all your user files, this would also include some protected folders (AppData) and folders your browser uses. Note. You can use Secure Folders also as SRP (actually an ACL) I have Applocker only allowing Administrators updates of signed applications from Microsoft and Google from my Temp folder. With secure folders I close down this "update" hole in AppLocker (only have to stop protection of Secure folders from tray when I want to update). Also I have a quick data backup on an old (laptop) hard disk for documents only (so I can do on-demand backups without fuzzing with security and at the same time secure my backup folder).
If I remember correctly, this is the same Secure Folders discussed previously: https://www.wilderssecurity.com/thre...ct-folders-and-use-as-anti-executable.369503/ Has anything changed with regards to ownership/development of this Secure Folders program? You're right, Norton ConnectSafe does still provide a pretty significant warning for the developers' site, so that concerns me. I remember in the previous thread there were problems with quota when downloading the program and also some questions regarding who or what company is behind this program and also what country it may originate from. I trust you, Kees. Do you have any concerns regarding Secure Folders currently?
Well what is changed: - last time I explained it to use as anti-executable, website of the author was down and some AV's reported it as malware site - now it is available as download from softpedia and usage explained as ransomware protection. I am using it again and VT says it is clean (0/57)
I have one question. Is it possible to prevent only certain app from accessing certain folders without putting all other applications on trusted applications list?
The page of SF is avaiable and downloaded installer is clean on VT (0/57)...few minutes ago -http://securefoldersfree.com/- Good idea WS I think mentioned feature of SF is similar to some advanced rules that we can make in ThreatFire ...we can point in it folder/disk that can't be (whitout our decision) modified except defined trusted apps. Hmmmm...it's good reason to try TF one more time
I think the problem is that these tools don't monitor child processes. So let's say your "word processor" gets exploited, and it's a trusted app. Then ransomware will still have full access to your files, am I correct?
A bit off topic, but I've just found a similar tool (link 1), I didn't test it myself yet. At the moment I'm using Hide Folders 5, which has been mentioned earlier. http://www.anvisoft.com/folder-locker.html http://fspro.net/hide-folders/
Salutations, What about if you sandbox, after too make sure that things do not change? With Sandboxie! Moose's World Kind regards,
Salutations, From anybody? What are specific folders that you are using/suggest to synchronize. To SyncBackFree that is where,I am confuse? Could you possible show how to setup the above with pictures and steps needed. So,that average joe can do the same setup. And so, that I will have the same protection again crypto ransomware? It would be truly appreicate! Moose's World Kind regards,
Probably an interesting YT movies about abilities of some apps against CTB-locker...link on the top connects to others results -https://safegroup.pl/testy/ctb-locker-vs-antiexe-video-t12069.html#p238090- Short info (because of Polish language on page) SpyShelter Premium/FW - failed/passed (it depends of system?...machine?...settings?) Zemana AL - failed HitmanPro Alert 3 RC build 143 - passed HitmanPro Alert v2.6.5.77 - failed Webroot (WSA) - passed NVT ERP - passed AppGuard - passed VoodooShield - passed ThreatFire - passed AVG Identity Protection - passed Comodo HIPS (sandbox, cloud - disabled) - failed
Seriously, do people still use WOT? I personally hate these baby sitting tools. I'm pretty sure these tools are both safe to use. Both sites are also not flagged on Virus Total.
I wonder why SpyShelter failed, probably because it can't stop "process hollowing", same goes for Zemana and Comodo. And ERP and VS only pass when you don't execute the malware, otherwise they will also fail of course.
The two latest version of SS (9.6.2 and 9.6.3) are still puzzle for me...I will ask Tommy/Tony (it's the same guy on SG and Malwaretips) to test v. 9.6.1 that was for more "sensitive". ERP and VS...it's not bad to successfully block danger action of malware...if you will block such action and next you will get an infection - that would be not good I think TF reached very good score...his heuristic even on default 3 level is very efficient.
I didn't say the tools were not safe. Maybe it has more to do with their business practices. You rarely ever see an Antivirus site with a bad rating. Someone did not have a good experience with them. WOT says misleading claims, or unethical. Also says malware or viruses. Someone probably flagged both after not having a good experience with them. Edit: they do have a support forum though. That's good. The best way to get to know their company would be to go through the forum to see what others have been posting about them.
Well, I wonder what type of behavior SS should block in order to stop this attack. And I'm not sure what you mean about ERP and VS, but I'm saying that they can only block execution, not the malicious behavior from the ransomware. For example, AppGuard does restrict this type of malware from modifying files.