Have you enabled Win10’s ransomware protection?

Topic

New Reply

LANGALIST Have you enabled Win10’s ransomware protection? By Fred Langa This free, optional feature is disabled by default but, if enabled, can help p
[See the full post at: Have you enabled Win10’s ransomware protection?]

3 users thanked author for this post.

rexr, Wayne, abbodi86

Reply | Quote

Replies

This sounds like a good idea but my Ransomware protection page says “Controlled folder access requires turning on Real-time protection.” What’s that and how do I do it?

Is it related to my having Avira Antivirus (free version) installed and working?

If I don’t like it, what happens if I turn it off?

Thanks!

Reply | Quote

Many anti-virus programs turn off Defender real-time protection so as not to have a conflict and/or over-use resources (running 2 AVs at the same time).
That might be the case with your Avira installation.

2 users thanked author for this post.

rc primak, Wayne

Reply | Quote

I had Avira for awhile. That is indeed the case — it’s one of the third party AV programs which turn off Windows Defender. Ransomware protection would have to come from the Avira Premium version in this case.

-- rc primak

Reply | Quote

PK: We are talking about a different case: 3rd party AV uses Defender. In that case, how does one turn on Windows Security and enable Win 10 Ransomware protection?

Reply | Quote

If you’re using Malwarebytes Premium, it has to be unregistered.

See #2433120

Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge

Reply | Quote

In order to take advantage of the advanced security offering in Defender you can’t run a third party anti-virus too. It comes down to either you want Defender or you don’t.

8 users thanked author for this post.

JohnW, rc primak, analogkid, klang, wavy, Goldie Oldie, RockFox, iccohen1

Reply | Quote

Amy-

Clearly I missed where it said it was part of Defender. That explains it!

Thanks for the quick reply.

-Steve

1 user thanked author for this post.

rc primak

Reply | Quote

The one exception is Malwarebytes Premium. It will allow the Windows Security Center to continue to operate, but only if you do NOT check off the setting to “Integrate with the Windows Security Center”.

-- rc primak

Reply | Quote

Somewhere you had noted “…Malwarebytes is one of a very few AV programs (possibly also Immunet) which don’t have to take over the Windows Security Center…”

 

But I found that Immunet does take it over and doesn’t have an option to de-couple.

Cheers,

-Steve

1 user thanked author for this post.

rc primak

Reply | Quote

[rc primak]

I only said “possibly”. Immunet used to advertise that they’re compatible with Windows Defender and could run simultaneously. I guess that’s changed. This seems to have changed with more recent updates to Windows 10. It wasn’t a change in Immunet. See:

https://support.immunet.com/topic/6942-how-to-run-without-disable-windows-defender/

and

https://support.immunet.com/topic/6573-option-to-enabledisable-security-centre-integration/

Also, the term is “register with the Windows Security Center”. If a third-party program has an option not to do this,it will leave Windows Defender available. Usually not recommended.

 

-- rc primak

• This reply was modified 2 years, 3 months ago by rc primak.
• This reply was modified 2 years, 3 months ago by rc primak.

Reply | Quote

If I read the first ransomware protection advice correctly, it requires the use of One Drive and moving all data files to a central controlled folder. Am I correct? All my data are in an external drive, I never use One Drive as I do not really trust the cloud. Can the entire external drive be the “controlled folder”?

I have Malwarebytes which includes ransomware protection: is this not enough?

Reply | Quote

Ken wrote:

If I read the first ransomware protection advice correctly, it requires the use of One Drive and moving all data files to a central controlled folder. Am I correct?

No. Fred said;

If you use OneDrive, I think the ransomware data recovery option is nice to have — but it’s not a deciding factor in itself. The main protection — Controlled folder access — works just fine with or without OneDrive.

 

Ken wrote:

All my data are in an external drive, I never use One Drive as I do not really trust the cloud. Can the entire external drive be the “controlled folder”?

Yes:

You can also specify network shares and mapped drives.

Protect additional folders

 

Ken wrote:

I have Malwarebytes which includes ransomware protection: is this not enough?

Probably.

Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge

Reply | Quote

I have Malwarebytes which includes ransomware protection: is this not enough?

It is enough. As good as or better than Windows Security Center’s protections.

 

-- rc primak

Reply | Quote

Always enjoy reading Fred’s articles. But this one has thrown me for a loop. I have a Win 10 PC Home Edition, and went to enable the Ransomware settings. But when I do, I get the “Page not available – Your IT administrator has limited access to some areas…”.

Well, I didn’t recall seeing THAT message before. So first thing, I disabled the Immunet anti-virus I downloaded (per the suggestion from Deanna McElveen in the last issue of Woody’s), that didn’t work. Reviewed stuff on Google, they all said “Group Policy Settings,, blah blah blah” can’t do that, I have Home Edition.

 

I have Malwarebytes (Free Edition, passive) CryptoPrevent (which I also disabled) and Windows Defender Firewall, as well as the above-mentioned anti-virus. Should I try using the “hidden” Admin account as noted on this page? https://appuals.com/fix-your-it-administrator-has-limited-access/.

This is quite frustrating.

Cheers,

-Steve Cohen

1 user thanked author for this post.

stewagreen

Reply | Quote

You’ll probably have to uninstall those third party tools. Most of them disable Defender security so as to avoid conflicts.

1 user thanked author for this post.

rc primak

Reply | Quote

[Colorado_Hiker]

You might try looking at this post:

https://answers.microsoft.com/en-us/protect/forum/all/virus-threat-protection-is-missing-from-windows/15d32fa1-c5e8-453b-a9f6-22da0bb36eea

Plus what Amy and others said about running multiple AVs.

• This reply was modified 2 years, 3 months ago by Colorado_Hiker.

1 user thanked author for this post.

rc primak

Reply | Quote

Not to mention… many third-party anti-virus/security solutions, like Bitdefender (which I use), provide the same Controlled Folder Access method of protecting against ransomware.  So, turning on the feature in Windows Security at the same time would be a duplication of effort — and, basically overkill.  🙂

--
PBear.SF

3 users thanked author for this post.

oldfry, rc primak, analogkid

Reply | Quote

So, we can’t have a third-party AV solution in place if we want MS’s ransomware protection.  With all due respect to Fred who I enjoy reading above all else, perhaps that could have been stated in the article upfront.  And the Windows behavior itself in this respect sounds like another example of MS trying to make sure you use their products, and no one else’s.  That’s a real shame.  Oh well.  Many thanks for raising the topic nonetheless Fred.

6 users thanked author for this post.

oldfry, cmar6, MHCLV941, analogkid, stewagreen, Goldie Oldie

Reply | Quote

For what it’s worth, I have the impression that many if not all of the AskWoody gurus are happy enough with the most recent version of MS Defender to use it in place of their previous antivirus favourites. I recall several occasions and at least one forum discussion stating that MS has upped its antivirus game to match the third-party antivirus programs and therefore does an adequate job of defense—or even better than adequate according to comparison tests. Some gurus mentioned it might integrate better with Windows, causing fewer conflicts or problems and saving the space that third-party programs occupy.

On the other hand, Avira has served me well for years and years (as far as I know anyway) so I’m very reluctant to change horses . . .

 

3 users thanked author for this post.

oldfry, rc primak, Amy Babinchak

Reply | Quote

If you have Avira’s Premium product, you should have a ransomware protection option.

-- rc primak

Reply | Quote

Free version was mentioned in the first reply in this thread.

Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge

1 user thanked author for this post.

rc primak

Reply | Quote

I was making a distinction. I know the free product was the one mentioned, and that this version has no ransomware protections.

-- rc primak

Reply | Quote

RG:

Could you explain how you enabled Controlled Folder Access?

I have the same setup as you do with Windows Defender enabled but get error message. Unfortunately Fred does not explain this in his article. In fact, he implies one should be able to enable Controlled Folder Access as long as Windows Defender is enabled.

Reply | Quote

RetiredGeek wrote:

Malwarebytes Premium as secondary (non registered)

Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge

Reply | Quote

I just went to turn it on and had no issues (I am using Windows Defender, along with scheduled MalwareBytes manual scans).  I have several data storage drives on my pc, which weren’t protected by default at startup.  It turns out to be fairly simple to enable protection for these drives, as well.  Open Control Panel > (System Properties) System Protection.  Click on the drive of interest in the Protection Settings box to select it.  Then click on Configure and click the Turn on system protection radio button to enable it.  Next, set an amount of Disk Space Usage (say 5%), and finally, click on OK.  Repeat as necessary.  Done.

All the documention I found via Google referred to OneDrive, which is not what I needed.  The above procedure turned the trick for me.

DVH

Reply | Quote

dvhirst865 wrote:

I have several data storage drives on my pc, which weren’t protected by default at startup.  It turns out to be fairly simple to enable protection for these drives, as well.  Open Control Panel > (System Properties) System Protection.  Click on the drive of interest in the Protection Settings box to select it.  Then click on Configure and click the Turn on system protection radio button to enable it.  Next, set an amount of Disk Space Usage (say 5%), and finally, click on OK.  Repeat as necessary.  Done.

That’s to create System Restore points, which don’t include user data files, so it’s unconnected with ransomware protection.

Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge

1 user thanked author for this post.

rc primak

Reply | Quote

Malwarebytes is one of a very few AV programs (possibly also Immunet) which don’t have to take over the Windows Security Center and prevent using features like Protected Folders (anti-ransomware). Just don’t check the box which allows these programs to “Integrate with the Windows Security Center”.

-- rc primak

1 user thanked author for this post.

oldfry

Reply | Quote

Slight error in terminology. The term is “register with the Windows Security Center”. Thanks to Will Fastie for pointing that out to me in a different Lounge thread.

-- rc primak

Reply | Quote

Been using Windows 10’s ransomware protection for some time now.

I have to allow an exception to Paint Shop Pro 9 (which still works with Windows 10 after 15 years or so) or the program refuses to start, I get an error message. Probably because PSP9 needs access to the My PSP Files folder in Documents.

I also can’t save anything scanned with my Epson scanner/printer (the default save location is Documents) unless I allow an exception there (or temporarily disable the ransomware protection).

Also, downloading images with Firefox seems to be a bit of a “hit and miss affair” with W10’s ransomware protection enabled – sometimes it lets me download the image, sometimes it won’t and I get a similar error message to PSP9. I usually just temporarily disable it in these cases.

But, overall I believe the benefits of having the ransomware protection turned on definitely outweighs the possible inconveniences.

PC1: Gigabyte B560M D2V Motherboard, Intel i5 11400 CPU, 16GB RAM, NVIDIA GeForce GTX 1650 Graphics Card, 1x Samsung 870 EVO 250GB SSD, 1x Samsung 860 EVO 250GB SSD, Windows 10 Professional 22H2 64bit.
PC2: Asus H81M-PLUS Motherboard, Intel i3-4160 CPU, 16GB RAM, NVIDIA GeForce GTX 1050 Graphics Card, 1x Samsung 870 EVO 250GB SSD, 1x Samsung 860 EVO 250GB SSD, Windows 10 Home 22H2 64bit.

1 user thanked author for this post.

rc primak

Reply | Quote

I’ve even had issues when a version changes, like CCleaner updates. I have to allow the App all over again.

-- rc primak

Reply | Quote

I’ve noticed a problem with setting up this ransomware protection.  I don’t get notifications when something is blocked.  Various programs have just been silently failing in the background when they try to access one of the protected folders.  Is there a way to make sure that I actually get prompted to allow apps when they try to access a protected folder?

Reply | Quote

Open Defender, now called Security. Down at the bottom on the menu there’s a gear. Click that to go into settings. Make sure the slider for Get informational notifications is on. Under it also make sure that the box for Files or Activities are blocked is checked. That should do it.

1 user thanked author for this post.

rc primak

Reply | Quote

An alternative to using Controlled Folder Access is to buy one of the backup programs that include ransomware protection. They are less than $50 and you get a backup as well as protection.

cheers, Paul

Reply | Quote

To be fair, I am already backing up my system using Macrium for on-site backups to my NAS and BackBlaze for offsite cloud backups so, ransomware isn’t exactly at the top of my list of worries but, I thought that an extra layer of protection couldn’t hurt.

Reply | Quote

Are these drives ever connected to the computer(s) when it/they is/are connected to the Internet? Even if not, if a PC EVER connects to the Internet, it can download delayed malware which can encrypt all drives which get attached from then onward. But your scheme seems better than most home networks in preventing unrecoverable ransomware attacks.

-- rc primak

Reply | Quote

CardcaptorRLH85 wrote:

ransomware isn’t exactly at the top of my list of worries

If you have a dormant ransomware on your system, no restore will help as your backups will be contaminated as well.

1 user thanked author for this post.

rc primak

Reply | Quote

I read Fred Langa’s article on Ransomeware; I appreciated being informed of this security utility within Win10.

I turned on ransomeware. When I first tried running a program, as expected, it had issues with saving. I went into ransomeware and authorized it to read the directory it needed to. This happened to one other program as well. All fine and good.

I notice, however, that it didn’t have problems with Office 365 saving, nor Notepad++. Both of those programs seem to work fine, without any assistance.

I’m on Winver 1909.

Why would this be? Thank you.

1 user thanked author for this post.

rc primak

Reply | Quote

[rc primak]

Microsoft likely whitelists their own trusted programs. I don’t know about Notepad++, but my best guess is that it leverages Windows Notepad.

-- rc primak

• This reply was modified 2 years, 3 months ago by rc primak.

Reply | Quote

Notepad++ has nothing to do with Notepad and does not leverage it.
It is a long established quality product and is therefore safe to allow free access.

cheers, Paul

1 user thanked author for this post.

rc primak

Reply | Quote

Then it must be a program which hasn’t caused conflicts by pure chance.

-- rc primak

Reply | Quote

Amy Babinchak wrote:

It comes down to either you want Defender or you don’t.

I beg to disagree.

See my post

https://www.askwoody.com/forums/topic/more-on-win10s-ransomware-protection/#post-2341838

1 Desktop W11
1 Laptop W10
Both tweaked to look, behave and feel like Windows 95

Reply | Quote

I enabled protection per the instructions, so far so good.  It blocked access first time I ran a non MS program. So far so good. I received a notification.  NO ACTION BUTTON! How do I allow access if it has no button to do so?

 

Reply | Quote

Clicking anywhere in the notification takes you to Start, Settings, Update & Security, Windows Security, Virus & threat protection, Manage ransomware protection, Block history where you can click on the latest entry at the top and then Actions, Allow on device (after UAC prompt) as shown in the article: “Click on the popup, and you’re brought to the Protection history dialog (see Figure 2).“

Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge

1 user thanked author for this post.

rc primak

Reply | Quote

The most effective and cost efficient protection against Ransomware is knowledge.

"War is the remedy our enemies have chosen. And I say let us give them all they want" ----- William T. Sherman

4 users thanked author for this post.

Steve, rc primak, Microfix, RetiredGeek

Reply | Quote

Controlled Folder Access is free and protects your data files even when you’re not present.

Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge

1 user thanked author for this post.

rc primak

Reply | Quote

Wow! I had no idea so many ordinary folks had such extremely precious and dangerous to the world stuff on their computers!

Reply | Quote

I have well over 20,000 photos with the oldest going back to the 1850s. These are precious to me, so I would be distraught to lose them. They are of no value to anyone else. Similarly a lot of information that’s important to me. I don’t think I have anything that’s dangerous, but wouldn’t want anyone making use of my photos or information to scam other people.

I suspect many others will have similar stories to tell.

Eliminate spare time: start programming PowerShell

2 users thanked author for this post.

rexr, rc primak

Reply | Quote

Mele20 wrote:

dangerous

It has nothing to do with dangerous.
People have bank documents, stock documents, confidential lawyers documents, company documents…A lose / lockout could be disastrous.

2 users thanked author for this post.

rexr, rc primak

Reply | Quote

Don’t need to is my answer.
We have NO personal/sensitive files or docs on any of our PC’s
External Drives/ USB flash only connected when required to read/transfer for emailing later or updating them (offline) and having regular system image backups as a failsafe should anything happen. All that we’d lose is the OS with portable apps that can be restored in 20mins or so.
Our ransomware risk scenario is therefor minimised.

Keeping IT Lean, Clean and Mean!

Reply | Quote

[Alex5723]

Microfix wrote:

External Drives/ USB flash only connected when required to read/transfer for emailing later or updating them (offline) and having regular system image backups as a failsafe should anything happen

The moment you connect your USB drives/USB flash the data maybe encrypted by a dormant ransomware app. the dormant ransomware app can be found also on your backup drives/cloud..

• This reply was modified 2 years, 3 months ago by Alex5723.

4 users thanked author for this post.

oldfry, rexr, rc primak, Microfix

Reply | Quote

Thanks for the reminder, it’s minimised even more, we dont have such a thing as ‘dormant’ apps on Win7/ Win8.1/ XP Pro(offline/ transfer device) or Linux. NOTHING personal/sensitive gets anywhere near W10 when testing/using it

Keeping IT Lean, Clean and Mean!

Reply | Quote

And the backup drives you connect to image Windows 10 don’t contain anything you wouldn’t want to lose? (The dormant app would be the unknown ransomware which could wait for eternal drives to be connected.)

Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge

1 user thanked author for this post.

rc primak

Reply | Quote

I don’t backup W10 when testing/using it, W10 has inbuilt albeit prompted functionality to self heal hence foregoing backups. Which is one of the progressive improving things in W10, specifically DISM
Considering ransomware is primarily actioned against business, my train of thought is it’s scaremongering homeusers into a security frenzy where logic has left the building.

Keeping IT Lean, Clean and Mean!

Reply | Quote

No. This is simply not the case for anything not part of the Windows System itself. Most of what people would lose is not in that category.

-- rc primak

Reply | Quote

[rc primak]

(The dormant app would be the unknown ransomware which could wait for eternal drives to be connected.)

“eternal drives”? (Yeah, I know it’s a typo,  but I wonder just how slow your USB bus must be 🙂 !)

-- rc primak

• This reply was modified 2 years, 3 months ago by rc primak.

1 user thanked author for this post.

b

Reply | Quote

Alex5723 wrote:

Mele20 wrote:

dangerous

It has nothing to do with dangerous.
People have bank documents, stock documents, confidential lawyers documents, company documents…A lose / lockout could be disastrous.

Why would anyone do what you describe? That’s risky. Keep paper records only and keep copies of those that are irreplaceable in your safety deposit box…you do have one don’t you? If you have lots of photos on your computer surely you make backups to CD/DVD’s and surely you support Dell as one of the few (if not only major computer maker today) which still includes CD/DVD Rom drives on their desktops…you do have a desktop don’t you?

1 user thanked author for this post.

rc primak

Reply | Quote

Keeping your important stuff on your PC is very sensible.
Having proper backups is an absolute necessity.
Using one of the backup apps with ransomware protection is even more sensible.

cheers, Paul

5 users thanked author for this post.

oldfry, cmptrgy, rexr, rc primak, Alex5723

Reply | Quote

Equally sensible is to have hard copies and off-site backups if the stuff is that important. For photos, cloud storage is also a practical safeguard. Encrypt before uploading anything, even image files, if you don’t want prying eyes to see it.

-- rc primak

1 user thanked author for this post.

oldfry

Reply | Quote

Fred Langa wrote:

LANGALIST Have you enabled Win10’s ransomware protection? By Fred Langa This free, optional feature is disabled by default but, if enabled, can help p
[See the full post at: Have you enabled Win10’s ransomware protection?]

Yes, Ransomware protection enabled for a month or two. It asked to allow a few Controlled Folder Access’es and that’s it. A little more protection with no overhead that i notice.

Regular Backups of everything.

Win10 Pro 20H2,backups with Macrium Reflect home edition

1 user thanked author for this post.

b

Reply | Quote

Microfix wrote:

Considering ransomware is primarily actioned against business

Not so, ransomware targets anyone who can pay.
A home PC owner is likely to have photos, email etc that is as important to them as any business data.

cheers, Paul

Reply | Quote

I’ve enabled this and for the most part, no problem. I receive an notice from time to time referring to a known application, related to what I know is happening. So sweat. However, I also get odd ones that are a puzzle, such as:

Protected memory access blocked
App or process blocked: taskhostw.exe
Protected folder: \Device\CdRom0

Where the heck does this come from?

Reply | Quote

CFA must use a database of allowed actions, but some actions will have been missed, or are considered both good and bad.
I’m sure MS have a document on this, but I’m also sure you don’t want to wander through it to understand some minor technical detail.

If things are still working and you think you need the protection, ignore the errors.

Note: this is not a substitute for regular backups.

cheers, Paul

Reply | Quote

In Norton 360, their “Data Protection” feature is configured as shown here.
I’ve never heard a peep out of it, so not sure if it works.

I would think that somewhere along the line i would have used a web app that would not be in their whitelist that created a file that I saved to my docs folder.

Or maybe it just has a very comprehensive whitelist.

Or maybe it’s smart enough to know that if I am using the download/Save To function, that it is not a risk?

https://support.norton.com/sp/en/us/home/current/solutions/v130571264

 

1 user thanked author for this post.

oldfry

Reply | Quote

This has been such an interesting and very useful thread. Thanks, Fred, for starting it. Because of it I’ve discovered that I only have Windows Firewall With Advanced Security, which shows no option for ransomware protection, so I need to install something like Malwarebytes or Avira that will provide it.

I have an OEM refurb laptop that had Win 10 installed in 2016. Is that why I have Windows Firewall instead of Windows Security?

Thanks,

Hamsa

Reply | Quote

No, I think you are looking in the wrong place. The option about ransomware is under the security section, not the firewall section.

Susan Bradley Patch Lady

Reply | Quote

No Ransomware entry on my W10 Pro 21H1.

Running Kaspersky A/V

When I search for Ransomware Protection I get ‘page not available’ notice.

Reply | Quote

Amy Babinchak wrote:

In order to take advantage of the advanced security offering in Defender you can’t run a third party anti-virus too. It comes down to either you want Defender or you don’t.

Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge

Reply | Quote

“In order to take advantage of the advanced security offering in Defender you can’t run a third party anti-virus too. It comes down to either you want Defender or you don’t.”

Like many people, I have Defender with third party AV.

Fred is not clear on this issue: running Defender with third party AV–how does one turn on Windows Security?

Reply | Quote

It’s difficult to grasp what you didn’t understand about Amy’s clarification.

Fred’s article this week is about exactly that situation.

Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge

Reply | Quote

No, Fred’s article says you have to be running Windows Defender. I am looking for a solution to the problem, not an exegesis of Fred’s article.

Reply | Quote

Hey Y’all,

I’ve been running Defender as my main A/V and Malwarebytes Premium as secondary (non registered) for years w/o issue on multiple machines. I’ve just successfully enabled Controlled Folder Access with no issues on my main driver. I’ll report back if any problems arise.

HTH 😎

May the Forces of good computing be with you!

RG

PowerShell & VBA Rule!
Computer Specs

Reply | Quote

When I click on Ransomware Protection, I get the message “Your IT administrator has limited access to some areas of this app, and the item you tried to access is not available. Contact IT help desk for more information” even though I am using Windows Defender.

Reply | Quote

But you aren’t using only Defender.

Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge

Reply | Quote

“Win10’s optional ransomware protection is a part of Windows Security. which is on by default in new Win10 setups. (If you’ve turned it off, you’ll need to re-enable it before using ransomware protection.) ”

Fred, how does one turn on Windows Security?

Reply | Quote

In this week’s newsletter, Fred clearly recommends using only Defender if you want to use Controlled Folder Access.

Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge

Reply | Quote

So using third party AV in addition to Defender turns off Windows Security? I didn’t read that in Fred’s article.

Reply | Quote

anonymous wrote:

I am looking for a solution to the problem

The solution to the problem is to run Defender.
3rd party A/Vs usually disable Defender.

Reply | Quote

anonymous wrote:

So using third party AV in addition to Defender turns off Windows Security?

3rd party A/Vs usually disable Defender. I find some are better than Defender so no lost security.
Some A/Vs like Malwarebytes work with Defender ON so you have double security.

Reply | Quote

Does this security option work In Win 10 HOME version?

Reply | Quote

Yes.

Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge

Reply | Quote

I have Emsisoft AV and Windows Defender running but no Windows Security.

Reply | Quote

Where do you see that Microsoft Defender is running if not at Windows Security?

Nevertheless, if for some reason you really want to use Controlled Folder Access in conjunction with Emsisoft Anti-Malware, simply:

Open the Start Menu
Type “Emsisoft Anti-Malware”
Open the app
Click Settings
In the Windows Integration section, untick Activate Security Center Integration

This will reactivate Windows Defender and you will gain access to Controlled Folder Access. Emsisoft Anti-Malware will not be listed in the Windows Defender Security Center, but it will still be functioning and protecting you as usual. However, as mentioned, it is not necessary to have both activated and we recommend against doing so.

By default, Controlled Folder Access is disabled. If you wish to enable it, follow these steps:

Open the Start Menu
Type “Windows Defender Security Center” and open the app
Select Virus & threat protection
Click Virus & threat protection settings
Scroll down until you find the Controlled folder access section
Click the on/off toggle to enable the feature

Once Controlled Folder Access is enabled, you can use the Protected folders sub-option to select which folders you wish to protect (e.g. folders containing important photos, documents and other personal files). Windows system folders are protected by default. You can also use the Allow an app through Controlled folder access section to create a whitelist of trusted programs that are allowed to modify files in the protected folders.

EMSISOFT Blog: What does Windows’ new Ransomware protection actually do?

Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge

1 user thanked author for this post.

cmar6

Reply | Quote

b: Thanks for the detailed advice on using EAM with Controlled folder access.

However, this is what I read on Emsisoft forum from 11/2017

“Despite Microsoft making some improvements to its security software in recent years, Windows Defender remains far from a perfect solution. In fact, in a recent AV-Test assessment of 18 security Windows 10 security suites, Windows Defender tied for last place due to sub-par protection and performance. The vast majority of our users do not need to worry about activating Controlled Folder Access because Emsisoft Anti-Malware provides much better protection against ransomware. Controlled Folder Access also requires Windows Defender to be activated in order to work, and we generally recommend not using two antivirus products at the same time.”

This 2017 post is a bit out of date as EAM now uses Windows Defender as firewall.

Thanks, cma

Reply | Quote

cmar6 wrote:

This 2017 post is a bit out of date

but still true.
Defender isn’t up to the best 3rd party A/Vs.
https://www.askwoody.com/forums/topic/microsoft-defender-home-failed-av-test-best-anti-virus-2021/

Reply | Quote

Alex5723 wrote:

Defender isn’t up to the best 3rd party A/Vs.
https://www.askwoody.com/forums/topic/microsoft-defender-home-failed-av-test-best-anti-virus-2021/

From the first paragraph at your linked link:

However, AV-TEST had a somewhat different opinion as its report showed Microsoft Defender doing exceptionally well in the second half of the year reports, scoring full marks in both the October 2021 test and the December 2021 assessment.

… which includes links to:

AV-TEST confirms Windows Defender is amongst the very finest antiviruses you get in 2021

and

Microsoft Defender beats out several heavyweight rivals in the latest AV-TEST ranking

 

If AV-TEST rates Microsoft Defender as Outstanding (6/6) for Protection, Performance and Usability, with 100% detection of both 0-day and prevalent malware, which 3rd party A/V scores better?

 

Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge

Reply | Quote

I don’t use controlled folder access, I use a library of partition images (in triplicate, two offline) as well as a couple of sets of full drive images, also stored offline.

As for Microsoft Defender and Malwarebytes Premium, I have Malwarebytes Premium registered with Security Center Integration activated and it does NOT turn off Microsoft Defender in my setup, not in Windows 10 and not in Windows 11.

Always create a fresh drive image before making system changes/Windows updates; you may need to start over!

We were all once "Average Users". We all have our own reasons for doing the things that we do to our systems, we don't need anyone's approval, and we don't all have to do the same things.

Computer Specs

Reply | Quote