Advice Request Microsoft Defender exclusions

Please provide comments and solutions that are helpful to the author of this topic.

stolikat

Level 1
Thread author
Verified
Apr 11, 2018
26
I recently switched over to MS for AV protection. I just noticed that there are several exclusions, most are in Windows/system32 folder. Does MS automatically add those files to the list of exclusions? Should I remove them from the list?

Thanks for your help!
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,458
Normally, there are no such automatical exclusions.
There are a few types of Defender's exclusions that can be managed from Windows Security Center >> Virus & threat protection :
  1. Allowed threats
    Allowed threats that have been previously quarantined
  2. Manage settings >> Exclusions
    4 types are available: File, Folder, File type, Process
What are your exclusions and which executables are excluded?
 
Last edited:

stolikat

Level 1
Thread author
Verified
Apr 11, 2018
26
What are your exclusions and which executables are excluded?
RQrLxYN.jpg


I do not recall ever adding any of these.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,458
RQrLxYN.jpg


I do not recall ever adding any of these.

You have used illegal software activation tools that added these entries to Defender exclusions. Please note, that MalwareTips does not support people who use such tools.

Edit.
Sometimes people are forced to use such tools, but generally it is unethical and risky. The attackers can exploit the vulnerabilities in activation drivers to take control over the computer (even if the activation tool was not malicious).
 
Last edited:

stolikat

Level 1
Thread author
Verified
Apr 11, 2018
26
You have used illegal software activation tools that added these entries to Defender exclusions. Please note, that MalwareTips does not support people who use such tools.

Edit.
Sometimes people are forced to use such tools, but generally it is unethical and risky. The attackers can exploit the vulnerabilities in activation drivers to take control over the computer (even if the activation tool was not malicious).
Not possible. I only just started using Defender in the last week and it was disabled before. I have installed no software of any kind.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,458
Not possible. I only just started using Defender in the last week and it was disabled before. I have installed no software of any kind.
So another person did it. The illegal activator installed on your computer is for Microsoft products. You can have pirated Windows OS or MS Office.
 
Last edited:

struppigel

Super Moderator
Verified
Staff Member
Well-known
Apr 9, 2020
667
Not possible. I only just started using Defender in the last week and it was disabled before. I have installed no software of any kind.
I agree with @Andy Ful on this one. You have an activator on your system. It is typical for those to add exclusions to Defender as well as sometimes also being used to serve malware (because why not). If your OS was preinstalled when you bought the computer, it is possible that the person who sold it to you, installed the activator so they can get a better price.

Imho, you should get a proper Windows license and re-install the OS. The person who did this may have installed other stuff as well. Your system is not safe in its current state.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top