Is it possible to obtain a list of programs that Windows has denied access to a protected folder? I recently enabled Ransomware protection in Windows Defender and added certain folders to the Controlled Folder Access list. I’ve added the legitimate versions of git.exe and syncthing.exe located in C:/Program Files to the Allowed App list, but I continue to receive notifications that Windows has blocked attempts to access files in protected folders by C:/Users/…/git.exe and C:/Users/…/syncthing.exe. The ellipsis in the file path obscures most of the information, making it difficult to determine which copy of git.exe is trying to access the files.

The user interface for Ransomware protection does not allow for efficient adding of each file individually, and this could potentially be exploited by attackers using malicious files named git.exe to gain access. Is there a way to view the full file path of the blocked program, especially after the notification has disappeared from the screen?

I have checked the Windows event log and did not find anything relevant.

Askify Moderator Edited question April 25, 2023