AdvizeIT
asked on
Windows Defender Accessing Excluded Drives
I'm trying to figure out what keeps on waking up my external USB drives. I've added them to the excluded list in Windows Defender but using Process Monitor I see entries like this attributed to the MsMpEng.exe process:
CreateFile
Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Requiring Oplock, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
FileSystemControl
Control: FSCTL_REQUEST_OPLOCK
FileSystemControl
Control: 0x902eb (Device:0x9 Function:186 Method: 3)
Why is Defender still accessing the drives? This is on a Windows 8.1 Pro machine
CreateFile
Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Requiring Oplock, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
FileSystemControl
Control: FSCTL_REQUEST_OPLOCK
FileSystemControl
Control: 0x902eb (Device:0x9 Function:186 Method: 3)
Why is Defender still accessing the drives? This is on a Windows 8.1 Pro machine
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Here's the issue with the "Free" Malwarebytes...it's REACTIVE and NOT PROACTIVE
The paid version is PROACTIVE
But it does not protect users against bad websites, etc. But if it works for your needs...great!!
The paid version is PROACTIVE
But it does not protect users against bad websites, etc. But if it works for your needs...great!!
ASKER
Hi Cris. Yes, I'll be getting the paid version (which protects against bad websites) after I verify it doesn't interfere with anything else and isn't too "heavy" for my work processes (I'm looking at you AVG and Avast). It's what we recommend to our more virus-prone clients when standard AV isn't enough and I like the new built in anti-ransomware feature. The reason why I was using Defender is because it doesn't go CPU or hard drive access crazy when I'm using an IDE.
ASKER