We have tried setting 'windows.advanced.ransomware.canary' to false but shortly after a new Windows workstation agent is enrolled we are still seeing the pair of canary directories created. We do not have a 'Platinum' account, so ransomware protection isn't even enabled. Is it possible to prevent the creation of these directories?
C:\aaAntiRansomElastic-DO-NOT-TOUCH-def...
C:\zzAntiRansomElastic-DO-NOT-TOUCH-def...