Protected files question

According to the Protected Files help topic at Protected Files, PC Files, Folders Protection From Malicious Software | COMODO adding a file or folder to the Protected Files list “protects files from other programs” but I’m having trouble getting this to work as expected.

I have a USB-attached drive that I use to write Macrium Reflect disk images on a daily schdule, the idea is that these will be my last line of defense against any kind of malware. Clearly I want to ensure that only Macrium Reflect can write to this disk (to protect against ransomware) so I’ve added the entire drive (H:*) to both the Protected Files list and the Protected Data Folders list. I’ve added Macrium Reflect to my HIPS entries with an exception to allow it to write to H:*.

My understanding is that only Macrium Reflect should now be able to write to H: (and indeed it can) yet I can use file explorer to add and delete files and folders to the disk and I expected that to fail. What am I doing wrong or what am I not understanding?

You’ll need to add block rules for other applications in the same way you allowed it for Macrium Reflect (I’d recommend adding block rules to the rulesets as well and for the application “All Applications”

It stops unknown applications from modifying the protected files but by default trusted applications can still modify them.

Perfect, many thanks.

One more question though, for the Windows Updater Applications rule it used a predefined rule ‘Installer or Updater’. It doesn’t appear to be possible to edit that ruleset to block access to my H: drive?

Sadly the installer and updater ruleset isn’t available to modify, there is a wish to allow it to be modified but so far it hasn’t been implemented.

P.s I’m drunk so done misspelling may occur, if I’m being offensive please report the post to a moderator and I apologize. Merry Christmas! <3

Many thanks!

If you weren’t a bit drunk at Christmas I’d be worried. Have a good one.