[ooboe]

His comment in /r/sysadmin:

"Setting a Windows Defender exception to the folder does not prevent the quarantine from occurring. I re-ran this test three times trying exceptions and even the entire NAS drive as on the excluded list."

Windows Defender is overriding the user whitelist?

[hulitu]

Microsoft knows better. We are here to protect you.

[raverbashing]

People who ignored the AV exception requested by Kaseya didn't get a surprise ransomware in their systems

[sneak]

In addition, Windows also quarantines and deletes innocuous Windows activation crack tools that contain no malware whatsoever, but can be used to activate Windows independently of Microsoft.

It's really amazing the attitude Microsoft takes regarding hardware that isn't theirs, including the nonconsensual forced autoupdate.

[jeroenhd]

That's not just a Windows feature, though. My experience with _every other antivirus_ has always been that anything related to cracking or keygens is flagged as a virus.

In my opinion, Windows Defender is still the best antivirus software for consumers. That's not a compliment to Windows Defender, that's an insult to antivirus companies all over the world.

[tomc1985]

I'm pretty happy with ESET NOD32

[gogopuppygogo]

I was under the impression that with Windows 10 we shifted to the product being the users data. The customers are now advertisers.

[eurasiantiger]

From what I’ve understood, that is a correct impression.

[aardvarkr]

Oh no, they’re making the world safer by encouraging the adoption of the latest security patches and bug fixes? And giving away best-in-class security software that you can disable at any time? How evil. You must really have loved the days of Norton Antivirus.

[dexterhaslem]

you may have misread the parent comment? it is deleting things completely unrelated to malware

[cesarb]

For future reference, that comment seems to be at https://old.reddit.com/r/sysadmin/comments/oof29b/windows_de...

[dataflow]

I wonder if it's related to the tamper protection setting? I know that setting makes it ignore other settings like group policy, though I've never seen it ignore whitelists, but maybe they've changed that?

[RachelF]

from that forum it also seems like Windows Defender is deleting a .txt file containing the source code.

[ooboe]

Yes, if true, this would invalidate the "heuristics error on exe" argument.

[npteljes]

Absolutely it does. I had one problematic file that I had to add it to the whitelist every month or so, otherwise Defender removed it. Nevermind the fact that adding it to the whitelist was a PITA, I never figured out why the setting haven't stuck; the file in question wasn't changing at all.

[dexterhaslem]

ughhh this is why i ended up completely disabling it