Q&A Windows 10 has a built-in ransomware block, you just need to enable it

Andy Ful

Level 72
Verified
Trusted
Content Creator
Dec 23, 2014
6,165
@Andy Ful Is it possible to get a pop-up window option for this rule which allows the user to make an exception on a case-by-case basis? Thanks.
qxcFbUl.png

I am not sure what do you mean by an exception on a case-by-case basis.:unsure:
How does this differ from making ASR exclusions?
You also can use the Warn setting and unblock the blocked executable for 24 hours. Most of the blocked executables are allowed by Microsoft after 48 hours.
 
Last edited:

Andy Ful

Level 72
Verified
Trusted
Content Creator
Dec 23, 2014
6,165
Last edited:

NormanF

Level 1
Jan 11, 2018
45
The "Controlled folder access" feature in Windows 10 (and 11) is useless, because it blocks even Microsoft services and programs. Besides, you have to manually add each folder/program to the exclusion list, but the most annoying part is that Windows doesn't specify precisely which process was blocked.

I hoped that in Windows 11 Microsoft would have improved the feature, but it's not happened.
Its better for home users to run a third party AR solution. Easier to set up and configure and there's no danger of locking you out of Windows.
 

Kees1958

Level 2
Verified
Sep 5, 2021
82
@NormanF Have you tried on Windows 11 also?

It might help to ignore low priority warnings in the Virus & Treat protection settings
1634646496159.png


Also when browsing the Protected Folders History of Windows 11, there was only one low priority warning since installing Windows 11 and updating it. It looks like the warnings for windows own processes are gone. Only one low priority block in 5 days for Rufus (burning ISO to USB)
1634646755549.png
 
Top