Why is Windows Defender Ransomware protection still so god damn worthless and broken?

RejZoR

Level 15
Thread author
Verified
Top Poster
Well-known
Nov 26, 2016
699
It's been ages since Microsoft introduced "Controlled folder access" as part of ransomware protection. It should at least in theory protect critical folders and data in them from modification (encryption). Sounds all nice and fancy in theory. In reality, this god damn thing still doesn't work and never has.

Not only you can't remove default protected folders if you'd desire to do so, it's whitelisting feature is NON EXISTENT. It says it'll allow whitelisted apps to modify files. Boy, if only that was even remotely close to truth. As soon as I enable this feature everything starts bitching that it's getting blocked. Paint.NET, Steam, games, you name it. And it has been EXACTLY the same since the launch of this stupid useless dumb feature.

avast! offers the same thing as part of paid versions. Except whitelist there actually works and you have absolute and total control over folders, even default ones. So, WTF Microsoft, are you dumb or something? Has anyone ever got this dumb feature to work?
 

Cortex

Level 26
Verified
Top Poster
Well-known
Aug 4, 2016
1,465
Despite using Windows 10 on several devices the less I use MS included programs the happier I am, that's why I avoid or remove what I safely can Defender, Office 365, Burning, Photo viewer, Media player Search, Disc fiddler, etc, etc & etc. They don't seem to be able to do most things right without it being overly complex or they bugger it up altogether - Given enough time it ends up that only God know how to use it. MAC Networking just works, MS don't, & if it does each update makes sure it don't. :):):)
 
F

ForgottenSeer 72227

Interestingly enough, I've hadn't has too much issues with it. I even have it on my gaming system and none of my steam games were being blocked. Typically the only time I get something from it is when I am installing a program that wants to put an icon on the desktop, other than that all my programs run fine.

That being said, it all depends where the files are being saved/accessed from. If it's from one of the "protected folders" then yes, you will get more notifications/blocks. In essence it's doing it's job, annoying as it is. Simple solution, move where those files are being saved, if possible, if they aren't something you want protected. While I do agree that it is clunky to use, in all honesty as long as you have proper back ups of your data, I don't see the need to be stressed out about ransomware. Furthermore, there are far better ways to block ransomware when using WD. You can disable/block scripting and things like Powershell manually, or just use something like Syshardener, OSA and/or H_C if you want to get the same effect without having to do this manually. In all honestly if you take away the avenue to ransomware to do it's thing (ie: blocking scripts/powershell), there's nothing it can do. So if you want more ransomware protection aside from proper backups and you find Controlled Folder access annoying, then just turn it off, and use one of these methods.
 

TheMalwareMaster

Level 21
Verified
Honorary Member
Top Poster
Well-known
Jan 4, 2016
1,022
It's been ages since Microsoft introduced "Controlled folder access" as part of ransomware protection. It should at least in theory protect critical folders and data in them from modification (encryption). Sounds all nice and fancy in theory. In reality, this god damn thing still doesn't work and never has.

Not only you can't remove default protected folders if you'd desire to do so, it's whitelisting feature is NON EXISTENT. It says it'll allow whitelisted apps to modify files. Boy, if only that was even remotely close to truth. As soon as I enable this feature everything starts bitching that it's getting blocked. Paint.NET, Steam, games, you name it. And it has been EXACTLY the same since the launch of this stupid useless dumb feature.

avast! offers the same thing as part of paid versions. Except whitelist there actually works and you have absolute and total control over folders, even default ones. So, WTF Microsoft, are you dumb or something? Has anyone ever got this dumb feature to work?
I use it regularly. Sometimes there is a bug and it doesn't load the application bar near the start button, or starts blocking legitimate things (example: explorer.exe, firefox when downloading files, or snippet tools when taking screenshots). I notice it happens on my HDD when you boot the system and immediatly login too fast (probably something fails to load in time and the application bar is not loaded, because explorer.exe was blocked).
Whitelisting works for me, I have whitelisting some python stuff that was constantly blocked and no issues
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top