Tag Archives: Windows 10

The Windows 10 Fall Creators Update has a very useful new feature that can dramatically reduce the impact of ransomware: Controlled Folders. You should turn it on (Ed Bott’s article tells you how). Once it’s on, any attempt by an unauthorized program to modify files in controlled folders (including your OneDrive and OneDrive for Business folders and your Documents folder) will fail with an error message like this:

Controlled Folders doing their thing

The problem is, sometimes you want an application to have access to those folders. No problem: you can get there by opening the Windows Defender Security Center app, clicking “Virus and threat protection”, then clicking “Virus and threat protection settings,” and then finally selecting the “Allow an app through Controlled folder access.” It’s an easy enough process.

Unfortunately, you may find that the app you added to the list isn’t the app that actually runs when you try to do something. For example, when you run GitDesktop you’ll see a message like the one above because that app is actually a bundle that includes several binaries. You might think you can just add the binaries themselves, and you should be able to, but instead I got an error saying that the path I had entered wasn’t valid. That’s probably because I (lazily) installed the GitDesktop client on my… desktop… so its binaries are tucked away in my Users directory.

I spent some time scratching my head trying to figure out what to do, then discovered that you could enable Controlled Folder Access with the Set-MpPreference cmdlet. Of course, where there’s a Set- cmdlet, there’s usually a Get- cmdlet, and sure enough…

Get-MpPreference is your friend

A little more digging turned up the Add-MpPreference cmdlet and the associated ControlledFolderAccessAllowedApplications switch. A little digging to figure out which actual copy of git.exe  was being run and I was all set… until I started writing this post and found that SnagIt has the same problem!

Adding a new application

Thus I ended up solving two problems (“why doesn’t GitDesktop work?” and “why won’t SnagIt work?”), learning something new (*-MpPreference), and, at least hopefully, protecting myself and others against ransomware. Onwards!

I like to think I know my way around Windows after using it daily since Windows 3.1. Sometimes it still surprises me, though.

Today I was working on a blog post for the ENow blog (stay tuned, you’ll see it shortly). I went to copy a quote from a press release and, suddenly, this is what I saw:

Where’d my color go?

I couldn’t figure out what the hell had happened, but my screen was suddenly gray. It was at the correct resolution, and everything looked the same except it was gray. At first I thought I’d mistakenly turned on high contrast mode (which you do with left Alt+left Shift+PrtSc) but nope.

A little digging led me to the dialog shown in the image above. Apparently Windows has a “color filter” mode that, when invoked, makes it easier to see certain colors. It’s intended for people with color-vision deficiencies. For ease of use, Microsoft tied it to a key combination: the Windows key + Ctrl + C. I must have accidentally bumped the Windows key while copying my quote.

Now you know.