Jump to content

Windows Defender technical question?

Mark Kaine
By Mark Kaine
in Programs, Apps and Websites
 Share
Go to solution Solved by Kilrah,

It puts the scan results somewhere since they're still in the history, and likely uses that in addition to the exclusion list

 

https://answers.microsoft.com/en-us/windows/forum/all/how-to-remove-a-protection-history-report-from/c73c5969-68fe-454e-833f-b602af0b175d

Posted

So i had to change two of my hard-drive(s) - not the OS drive... and first thing "windows defender found threats!"

 

--> checking it was "hack tool, blah, blah, blah sledgehammer"...

 

 

ok --> "restore" --> immediately run sledgehammer  --> everything good, windows updates  DISABLED as it should be.

 

no warnings since. so the question is why in the world doesn't defender see it as a threat now, i haven't put sledgehammer in an exclude list or anything,  literally all i did was "restore" the file...?

 

is it something that sledgehammer does, maybe? (my defender exclusion list is empty however) 

 

 

note, also defender said "severe" and PUM or PUP?  weird how its suddenly not an issue anymore, right?

The direction tells you... the direction

-Scott Manley, 2021

 

 

Link to comment
https://linustechtips.com/topic/1579988-windows-defender-technical-question/
Share on other sites
Link to post
Share on other sites
Posted
35 minutes ago, Mark Kaine said:

all i did was "restore" the file...?

If you restore it's pretty obvious you don't want it to be detected and blocked again 2 seconds later so it excludes it too...

F@H
Desktop: i9-13900K, ASUS Z790-E, 64GB DDR5-6000 CL36, RTX3080, 2TB MP600 Pro XT, 2TB SX8200Pro, 2x16TB Ironwolf RAID0, Corsair HX1200, Antec Vortex 360 AIO, Thermaltake Versa H25 TG, Samsung 4K curved 49" TV, 23" secondary, Mountain Everest Max

Mobile SFF rig: i9-9900K, Noctua NH-L9i, Asrock Z390 Phantom ITX-AC, 32GB, GTX1070, 2x1TB SX8200Pro RAID0, 2x5TB 2.5" HDD RAID0, Athena 500W Flex (Noctua fan), Custom 4.7l 3D printed case

 

Asus Zenbook UM325UA, Ryzen 7 5700u, 16GB, 1TB, OLED

 

GPD Win 2

Link to post
Share on other sites
Posted
  • Author
2 hours ago, Kilrah said:

If you restore it's pretty obvious you don't want it to be detected and blocked again 2 seconds later so it excludes it too...

i agree that's very logical and kinda what you'd expect,  but it's not in the list of excluded files... neither is Cheat Engine which also gets occasionally detected - so I'm just wondering how that works internally. 

 

ps: maybe PUP style "viruses" don't get into the excluded list, but there still has to be some kind of hidden list somewhere because as said if i do a *full* scan with defender for example it will see cheat engine at least (but probably not sledgehammer) and put it in quarantine.  

 

quick scan finds neither usually.  

 

btw malwarebytes does exactly the same thing, "sometimes" it'll find cheat engine,  but usually not and I've never excluded it either.  

The direction tells you... the direction

-Scott Manley, 2021

 

 

Link to post
Share on other sites
Posted
  • Solution

It puts the scan results somewhere since they're still in the history, and likely uses that in addition to the exclusion list

 

https://answers.microsoft.com/en-us/windows/forum/all/how-to-remove-a-protection-history-report-from/c73c5969-68fe-454e-833f-b602af0b175d

F@H
Desktop: i9-13900K, ASUS Z790-E, 64GB DDR5-6000 CL36, RTX3080, 2TB MP600 Pro XT, 2TB SX8200Pro, 2x16TB Ironwolf RAID0, Corsair HX1200, Antec Vortex 360 AIO, Thermaltake Versa H25 TG, Samsung 4K curved 49" TV, 23" secondary, Mountain Everest Max

Mobile SFF rig: i9-9900K, Noctua NH-L9i, Asrock Z390 Phantom ITX-AC, 32GB, GTX1070, 2x1TB SX8200Pro RAID0, 2x5TB 2.5" HDD RAID0, Athena 500W Flex (Noctua fan), Custom 4.7l 3D printed case

 

Asus Zenbook UM325UA, Ryzen 7 5700u, 16GB, 1TB, OLED

 

GPD Win 2

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Programs, Apps and Websites

×