Though the Windows thing was really funny 😂.

    • 0x4E4FOP
      link
      fedilink
      English
      arrow-up
      20
      arrow-down
      2
      ·
      edit-2
      8 months ago

      Not just every file deleted, every file written to disk as well (downloaded, extracted from an archive, whatever).

      It’s also how most AV software works, except Defender is slow AF.

      • voxel@sopuli.xyz
        link
        fedilink
        arrow-up
        8
        ·
        8 months ago

        also, defender is synchronous by default (e.g. nothing gets written until it gets scanned, and scanning parallelization is limited), and can only act asynchronously (aka write first, then queue check) on “trusted dev drives” (aka ReFS-based virtual vhdx partitions aimed at developers as a solution to horrible ntfs throughput, especially if defender is enabled)

        • 0x4E4FOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          8 months ago

          Not true, it does get written before it gets scanned. In fact, it doesn’t even always scan before the file is read by explorer (yes, it’s the worst AV ever). It’s easy to prove this, just extract FFF’s WinRAR keygen and you’ll see what I mean.

      • HStone32@lemmy.world
        link
        fedilink
        arrow-up
        8
        arrow-down
        1
        ·
        8 months ago

        Huh. All that security, and yet there are still so many viruses capable of infecting windows.

        • deur@feddit.nl
          link
          fedilink
          arrow-up
          9
          arrow-down
          2
          ·
          8 months ago

          Huh… all that immune system yet there are still so many viruses capable of infecting humans.

          • 0x4E4FOP
            link
            fedilink
            English
            arrow-up
            1
            ·
            8 months ago

            Humans are easy targets 😁… we’ve lived semi-isolated from nature at least the last few hundred years.

        • 0x4E4FOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          8 months ago

          No, it scans file headers when you do read/write operations on disk. Every AV works this way, except, as I said, Defender is slow AF.

          • uis@lemm.ee
            link
            fedilink
            arrow-up
            1
            ·
            8 months ago

            I can’t find talk I watched, but I found github issue it was based on.

            Short version: Defender is triggered not on open, not on read or write, but on CloseHandle.