Are you confused? I am. I'm not smarter than the average cat so I read the
Help for Windows Defender. For the most part, it is a good document (still
in progress). But the words ignore, allow, always allow, quarantine, remove
may not mean what I thought they meant. I know what quarantine means. Does
remove guarantee a quarantine action? When you talk about real time
protection, allow seems to mean ignore unless you use always allow. Is this
intuitive? Not for me. Go to the Tools menu and click General Settings.
Underr default actions, you have various alert levels. These are defined in
the Help. A drop down list of actions are signature default, remove, ignore.
I would certainly hope that if I am using signature default and the default
is to remove that a quarantine backup will occur. It would be nice to say so
there. By the way, the term signature appears in the HELP in one place - the
Microsoft agreement. Don't you mean definition file? And wouldn't it be
nice if you use the less cryptic phrase Let Windows Defender decide. Do
ignored items during the scan go into the allow list? Does remove imply
quarantine? When heuristics identifies a file, what alert level is used
(high, medium, low) and which alert action does it use - remove or ignore,
surely not signature default. Maybe you're a smart cat and I'm a dumb cat,
but I am still confused.
|
Similar Threads
